Graphic Airlock Secure Acces Hub

Single sign-On (SSO) and identity federation

A gift for your users

Single Sign-On (SSO) means that the user gets access to all desired services with a single login. While SSO may look simple from the outside, it is often based on multifaceted processes. This may result from different applications with many internally or externally managed user bases or from a high heterogeneity of the supported technologies. The great advantage of the Secure Access Hub is that Airlock always has these requirements under control and leaves the user unaware of the internal complexity.

Decoupling authentication from identity propagation

Airlock ’s flexible SSO solution consistently decouples user authentication from identity propagation (see figure). The authentication technology is therefore independent of the standards with which users are represented to applications (identity propagation). It makes no difference whether a service understands OpenID Connect 1.0 or SAML 2.0, requires a Kerberos ticket or can only handle a BasicAuth header.

This consistent decoupling allows for many possible access scenarios. An authenticated user can be represented to each application in a compatible way without the need of a new login for the technology of the target application – a genuine ‘single sign-on’. Since Airlock adapts to the application, and not the other way around, rolling out a new authentication medium for legacy applications is like child's play.

Cross-domain SSO and identity federation

SSO is not limited to the internal IT infrastructure. Airlock supports cross-domain SSO with the common federation standards SAML 2.0, OAuth 2.0 and OpenID Connect 1.0. Thanks to these standards, popular cloud applications, such as Salesforce, Office 365 or Google Docs, can be seamlessly integrated into a company’s in-house SSO architecture.

A distinction is generally drawn between an identity provider and a service provider or relying party. The identity provider authenticates users and provides them with a ‘ticket’ for access to the services of the service provider. The Secure Access Hub can adopt both roles in these protocols. It is important for the role of the identity provider that various means of user authentication are available, since not every user should be authenticated in the same way for every application. With Airlock you can draw on the full range of authentication methods.

Airlock application portal

There is a lot of technology and complexity under the hood of a company-wide SSO. However, this should not affect the user. Once successfully signed in, the Airlock application portal presents users with an attractive overview of the applications available. The portal can be adapted to CI/CD templates and users enjoy direct access to self-service options that they can use to manage their user data and authentication options.

Single sign-On highlights

  • Cross-domain SSO and identity federation
     

  • Cloud SSO (e.g. Salesforce, Office 365, Google Docs)
     
  • SAML 2.0 as identity and service provider
     
  • OAuth 2.0 and OpenID Connect 1.0 as authorisation server and relying party
     

Further features

Authentification

The Secure Access Hub provides strong, adaptive and step-up authentication.

 

More about Authentication
Mobile Security

Airlock offers end-to-end protection - from the mobile device to the REST API interface on the server.

 

More about Mobile Security
User Self-Services

Increase user comfort and relieve your support by delegating administrative tasks to your users.

 

More about User Self Services
Social Logins (BYOI)

Increase usability by letting your customers use existing social media accounts to sign up for your services.

 

More about Social Logins
Filtering (attack blocking)

Prevent current and future attack attempts with consistent filtering of all data traffic.

 

More about Filtering
Fraud prevention

The Secure Access Hub stops fraudulent attacks before they reach an application or service.

 

More about Fraud Prevention
SIEM integration

Airlock makes safety visible! So you can evaluate every detail of accesses and events relevant to security.

 

More about SIEM Integration
Virtual patching

Secure now, fix later. Thanks to server virtualization, patches can be applied quickly.

 

More about Virtual Patching
MS applications

Airlock offers interfaces that ensure high accessibility and optimum safety at low operating costs.

 

More about MS applications
Airlock in the cloud

The Secure Access Hub is designed for the cloud and can be used as a secure foundation.

 

More about Airlock in the cloud

Ready for excellent IT security?

Contact us now.
Ergon Informatik AG+41 44 268 87 00
Consult expert for free

Information for you

-Our whitepapers-

Executive View: KuppingerCole - Airlock Secure Access Hub for applications and APIs

This KuppingerCole Executive View report provides an architectural and functional overview of the Airlock Secure Access Hub, an integrated platform for secure access management - a multicloud-native security tool for web applications, APIs and beyond.

 

Fill out the form now and receive Executive View!

Whitepaper: Security for cloud-native applications

You can read about how companies can ensure the security of web applications and APIs in Kubernetes in the white paper "Security for cloud-native applications", which was created in collaboration between heise and Airlock.

 

Request whitepaper

Whitepaper: Zero Trust is a journey

The ongoing digital transformation of the world is progressing and having a profound impact on our personal and professional lives in ways that were difficult to imagine just a few years ago.


This white paper discusses the effects of continuous digitalization and its impact.

Request free of charge

Off to DevSecOps

In this white paper, you will learn the most important insights into how you can implement DevSecOps successfully and efficiently, which security components are required for this and the advantages of a microgateway architecture.

 

Request free of charge

Airlock 2FA - Strong authentication. Simple.

Double security - this is what two-factor authentication offers in the field of IT security.


Find out more about strong authentication and the possibilities offered by Airlock in our white paper.

Download for free

Further whitepapers

We provide you with free white papers on these and other topics:

 

  • Successful IAM projects
  • compliance
  • Data protection (DSGVO)
  • Introduction of PSD2
  • PCI DSS requirementsPCI DSS requirements
Request free of charge