Reliable Insurance

D
Demands d SSO

A
AssureBridge
B id
B2B Single
g Sign-On
g ((SSO)) Made Easy
y

Oleg Cohen
Ol C h @
Oleg.Cohen@assurebridge.com
b id

Page  1
  Business Problem

 What is AssureBridge

 Value Proposition

AGENDA  Demo

 AssureBridge Difference

Page  2
Business Problem –
B2B Partner demands SSO

Users login to
use the site

Users need to be
seamlessly logged in

Reliable Insurance
Demands SSO

Page  3
Customer Need
Partner’s Your Site
Site
?

BUSINESS DRIVER:
To meet partner’s requirement for
Web
W b integration
i i with
i h your online
li offering
ff i

CUSTOMER PAINS:
 Risk of losing profitable business opportunity
 Company lacks ability to implement SSO quickly
 Partner insists on complex standard compliance
 Staff can’t provide adequate on-going support

CUSTOMER NEED:
Rapidly implement reliable Internet SSO functionality

Page  4
Customers See Internet SSO as High Risk

Client’s actual planning

notes flagging timely
SSO integration as
Risk++

Page  5
AssureBridge Offering – SSO Exchange

Fully-Managed Hosted
Single Sign-On Service
Connects to your business Web applications

Powers seamless SSO between your

web applications and your partners’

Provides professional setup,

setup configuration,
configuration
troubleshooting, and monitoring
by AssureBridge experts

Page  6
Value Proposition – Fastest Implementation
Customer Satisfaction

Our customers:

• Meet partner requirements

Fastest
in weeks vs. months in
Implementation

ion
HS

implementing g robust and

TRENGTH

Value Propositi
standards-compliant
Internet Single Sign-On
Expertise
OUR ST

Reliable
Hosting

Page  7
Value Proposition – Expertise
Customer Satisfaction

Our customers:
• Meet partner requirements in
Fastest weeks vs. months in
Implementation implementing robust and

ion
HS

standards-compliant Internet
TRENGTH

Value Propositi
Single Sign-On

 No longer required to
Expertise
invest into hiring and
OUR ST

P retaining expensive and

hard-to-find experts
Reliable
Hosting

Page  8
Value Proposition – Support
Customer Satisfaction

Our customers:
• Meet partner requirements in
Fastest weeks vs. months in
Implementation implementing robust and

ion
HS

standards-compliant Internet
TRENGTH

Value Propositi
Single Sign-On

 No longer required to invest into

Expertise hiring and retaining expensive
OUR ST

P
and hard-to-find
hard to find experts
e perts

 Leverage fault-tolerant
Reliable infrastructure and expert
Hosting
support to maximize the
service uptime

Page  9
Value Proposition –
Lowers Barrier to Adoption
p
Customer Satisfaction

Our customers:
• Meet partner requirements in
Fastest weeks vs. months in
Implementation implementing robust and

ion
HS

standards-compliant Internet
Benefit from a
TRENGTH

Value Propositi
Single Sign-On
reliable
 No longer and
required to invest into
Expertise affordable
hiring and retaining expensive
OUR ST

P
and hard-to-find
hard to find experts
e perts
Internet SSO
Reliable  Leverage
solution
g fault-tolerant
Hosting infrastructure and expert support
to maximize the service uptime

Page  10
AssureBridge Positioning

For small and medium businesses

who are under p
partner pressure
p
to rapidly implement complex Web Single Sign-On

SSO Exchange is an affordable

full-service hosted solution
that delivers the most reliable standards
standards-compliant
compliant
Internet SSO functionality in the least amount of time

To enable high level of

customer and partner satisfaction
and the g
growth of their business.

Page  11
 AssureBridge SSO Solution

DEMO*

* Demo Screenshots are available in the Appendix

Page  12
Secure Internet SSO is Highly Complex
Secure and reliable Internet SSO involves many
complex interactions among multiple
distributed parties. AssureBridge shields you
from these complexities.
Step 1a: User logs into 
Step 8:  Browser redirect 
1 Reliable Site Step 1b: User 
User to Speedy Rental site 
Clicks on Rent‐A‐Car Site 
with secure SAML token in  8 Link
request

Customer

Speedy Rent‐A‐Car  Domain  Reliable Insurance Domain 

(https://www.speedyrental.com) 7 (https://www.reliableinsurance.com)
3

Speedy Rentals  Reliable Insurance
Secure Partner Site Link to Rent a Car
Custom SSO Plug‐in
Step 9:  Decodes the token, 
User
extracts user info and binds 
Store 9 into Portal session context.
Step 3: IDP  Step 2a: Portal Sends 
Redirects to  Request to IDP 
Browser with a
Browser  with a  Step 2b: IDP gets 
Step 2b: IDP gets
Application Component SAML artifact  attributes, builds SAML 
token Assertion , signs with a 
2 Partner A’s Private Key
Step 7a: SP validates SAML Assertion 
Cryptographic signature
Step 5: SP 
Step 7b: SP  send s browser secure SAML 
requests SAML  User
token with encrypted user attributes IDM
assertion via a  Store
4 SOAP service

SAML  5 SAML Identity 
Service Provider (SP) Provider (IDP)
6
Step 4: User Browser redirects 
Step 6: IDP returns SAML 
artifact token to SAML SP
assertion via a SOAP service

Page  13
Key SSO Challenges

Expertise Time--To
Time To--Market
 True experts  Build,
Build implement
implement,
are hard to find and integrate
 Knowledge gaps  Negotiate and coordinate with
are risky partners

Security
y Operations
p
 Potential legal  SSO issues =
and audit relationship
exposure problems
 Data privacy protection  SSO issues require complex
issues troubleshooting

Page  14
Key SSO Challenges – Expertise

Expertise Time--To
Time To--Market
 True experts  Build,
Build implement
implement,
are hard to find and integrate
 Knowledge gaps  Negotiate and coordinate with
are risky partners

Security
y Operations
p
 Potential legal  SSO issues =
and audit relationship
exposure problems
p
 Data privacy protection  SSO issues require complex
issues troubleshooting

Page  15
AssureBridge Solution – Expertise

Expertise Time--To
Time To--Market
 SSO protocol  Build,
Build implement
implement,
configuration and integrate
 Web application  Negotiate and coordinate with
integration partners

Security
y Operations
p
 Potential legal  SSO issues =
and audit relationship
exposure problems
p
 Data privacy protection  SSO issues require complex
issues troubleshooting

Page  16
Key SSO Challenges – Time-To-Market

Expertise Time--To
Time To--Market
 SSO protocol  Build,
Build implement
implement,
configuration and integrate
 Web application  Negotiate and coordinate with
integration partners

Security
y Operations
p
 Potential legal  SSO issues =
and audit relationship
exposure problems
p
 Data privacy protection  SSO issues require complex
issues troubleshooting

Page  17
AssureBridge Solution – Time-To-Market

Expertise Time--To
Time To--Market
 SSO protocol  Rapid
configuration provisioning
 Web application  Lightweight SSO adapters
integration  Integration test harness

Security
y Operations
p
 Potential legal  SSO issues =
and audit relationship
exposure problems
p
 Data privacy protection  SSO issues require complex
issues troubleshooting

Page  18
Key SSO Challenges – Security

Expertise Time--To
Time To--Market
 SSO protocol  Rapid
configuration provisioning
 Web application  Lightweight SSO adapters
integration  Integration test harness

Security
y Operations
p
 Potential legal  SSO issues =
and audit relationship
exposure problems
p
 Data privacy protection  SSO issues require complex
issues troubleshooting

Page  19
AssureBridge Solution – Security

Expertise Time--To
Time To--Market
 SSO protocol  Rapid
configuration provisioning
 Web application  Lightweight SSO adapters
integration  Integration test harness

Security
y Operations
p
 Leverages  SSO issues =
industry relationship
standards problems
p
 Secure multi-tenant platform  SSO issues require complex
 Fully auditable system troubleshooting

Page  20
Key SSO Challenges – Operations

Expertise Time--To
Time To--Market
 SSO protocol  Rapid
configuration provisioning
 Web application  Lightweight SSO adapters
integration  Integration test harness

Security
y Operations
p
 Leverages  SSO issues =
industry relationship
standards problems
 Secure multi-tenant platform  SSO issues require complex
 Fully auditable system troubleshooting

Page  21
AssureBridge Solution – Operations

Expertise Time--To
Time To--Market
 SSO protocol  Rapid
configuration provisioning
 Web application  Lightweight SSO adapters
integration  Integration test harness

Security
y Operations
p
 Leverages  24x7 support
industry  Robust enterprise-
standards class platform
 Secure multi-tenant platform  Early warning system
 Fully auditable system  Triage

Page  22
Summary

AssureBridge rapidly delivers reliable

SSO empowering you to:
Connect to your partner in record time

Support
pp complex
p SSO standards without adding
g staff

Provide your end-users with reliable solution

Avoid an expensive product purchase and installation

Page  23
Q&A

What are your questions?

Page  24
 For additional
F dditi l information,
i f ti
including a personalized demo
please contact

Oleg Cohen
AssureBridge, Inc.
Oleg.Cohen@assurebridge.com
g @ g
617-455-7927

Visit our Web Site at:

http://www.assurebridge.com

Page  25
 APPENDIX

Page  26
How do we solve the problem?
Without AssureBridge

Partner A Partner B

Web Site A Web Site B

Integration ($$) Integration ($)

Commercial
C i l Home-Grown
H G
SSO Product SSO Product
($$$) ($$)

SSO Infrastructure SSO Infrastructure

+ Operations ($$) + Operations ($)

Page  27
How do we solve the problem
Using AssureBridge Services

Partner A Partner B

Web Site A Web Site B

Integration ($) Integration ($)

SSO Exchange:
g (($))
 Hosted AssureBridge SSO Services
 Robust & Reliable Infrastructure
 World-Class
W ld Cl O
Operations
ti
Page  28
 AssureBridge SSO Solution for Speedy Rental

DEMO

Page  29
Business Case
• Speedy Rental is a small regional provider
• Reliable Insurance is a large national company
• Speedy
S d hhas an opportunity
t it tot expand d its
it business
b i
by partnering with Reliable Insurance
• Reliable has implemented an expensive commercial
Internet SSO platform
• Reliable requires all its partners to support seamless
SAML-based logon for its customers
• Speedy lacks ability to develop and maintain its own
SSO solution and is under pressure to deliver
• Speedy chooses AssureBridge to help it quickly and
reliably
li bl connectt with
ith th
the demanding
d di partner
t
Page  30
 Demo

BEFORE SINGLE SIGN-ON

Page  31
No SSO Experience – Login Page

Log into
Your Site

Page  32
No SSO Experience – Partner Link

Click on
External Link

Page  33
No SSO Experience – Need to Log In Again

Prompted to Log
In Again
(Another User ID
and Password)

Page  34
No SSO Experience – Partner Site

Click on
Logout Link

Page  35
No SSO Experience – Logout

Logged Out
from Partner

Page  36
No SSO Experience – Still signed in

Remained
signed in with
Reliable

Page  37
 Demo

SINGLE SIGN-ON EXPERIENCE

Page  38
Desired SSO Experience – Login Page

Log into
Your Site

Page  39
Desired SSO Experience – Partner Link

Click on
Partner Link

Page  40
Desired SSO Experience – Partner Site

Seamlessly
taken to
Partner Site
Click on
Logout Link

User ID and Profile

Information
Transferred
Between Sites

Page  41
Desired SSO Experience – Logout

Logged Out
from Partner

Page  42
Desired SSO Experience – Logged Out from All

Signed out
from both
sites

Page  43