Single Sign-On Feature for Customer Life-Cycle Management Application

Abstract

Signing into an application is the most critical part of any application, especially for an enterprise business application that needs to handle critical and highly sensitive user Information. An application like “SELFCARE”, which is the newest and most recent product from Tecnotree Corporation must guarantee information security to its customers before delivering the product.

However added security along with the immense complexity that comes with large-scale enterprise business applications can make signing into an application very cumbersome especially in this case because the project application depends on a number of other applications to get its data to work .The main goal of the thesis was to find the best way to implement an architecture for singing into the application without sacrificing any security.

The SSO feature was successfully implemented as an architecture for signing in to the project application. After implementation of the feature it showed strong evidence that it highly improved the usability of the application. A number of penetration tests were conducted by the security analyst to find any vulnerability of the implemented architecture. No security flaws were reported, which proves the architecture has excellent security. The project application was delivered as a product to its customer in Iran in July 2016. Currently the application is used by millions of users, with no complaints about the security and sign-on features. An initial report from the customer shows the product is a success