- This topic has 1 reply, 2 voices, and was last updated 9 years, 11 months ago by
.
-
Posts
-
Hi All,
I just wondering what members opinion is on the idea of the BAA user login became a federated SSO service. Thus members/local affiliated groups could make their data available to other BAA members without needing to manage their own autherication service.
It also adds a nice additional reason to be come and stay as a BAA member.
There are a number of FOSS solutions available to us (see link below), so it would not be technologcally challenging – it is more of a logistical problem.
So what do people think?
Mark
http://resources.infosecinstitute.com/saml-oauth-openid/
Mark,
Do we really need this level of sophisication? In my experience of this sort of system, it is the maintenance workload that can be onerus. Is enough of our sharing that sensitive that we need to add this burden to the system. Would PGP not be a simpler alternative?
Sorry if I sound negative. I see the need to protect so parts of the BAA business but I suggest some careful analysis of the costs/benefits before commiting to this solution.
David
- You must be logged in to reply to this topic.