iOS 7 and Kerberos Single Sign-On (SSO)

As expected, some amazing news came out of Apple’s WWDC (World Wide Developer Conference) this week. And while much of it was consumer-oriented, there was one particular new feature revealed that is of extreme importance to the enterprise*.

Buried deep on the iOS 7 Features page (http://www.apple.com/ios/ios7/features/), Apple talks about “enterprise single sign-on support”. Now, I don’t know about you, but for several of Magenic’s enterprise clients, this is the holy grail that they’ve been waiting for.

I’ll take a stab and presume that Apple is talking about Kerberos single sign-on (SSO), as that is the industry standard. And, whether it’s API-based or configuration profile-based, it could be the answer to many an IT executive’s dreams.

SSO has been in the enterprise for over a decade, but hasn’t made an official appearance on iOS or Android mobile devices, yet, other than a technology preview for Android from 3rd parties (i.e., not as part of the OS itself). Kerberos, it turns out, was never originally designed for mobile devices. Microsoft was first to market with a mobile Kerberos solution, when it shipped Windows Phone 8 with Kerberos support. iOS and Android lagged in this respect, so it’s good for enterprises to hear that iOS 7 now supports Kerberos for SSO.

For the enterprise, this may be the single most important new feature in iOS 7. The flat new user interface is garnering the most media attention, but enterprises know that connectivity rules supreme. Any mobile solution, whether BYOD or corporate-provided devices, must have a simple, user-friendly way for employees to connect to multiple networks and servers with a single sign-on.

*Unfortunately, Apple’s NDA for the iOS 7 beta means I can only discuss publicly available information. (If you provide me evidence of an Apple Developer Account, I’ll be glad to discuss more with you via my employer, Magenic.com.)

Advertisements
Standard

One thought on “iOS 7 and Kerberos Single Sign-On (SSO)

  1. https://www.icloud.com/photostream/#A3Gf693ZMZsRR

    OSX server 2.x profile manager, a configuration profile, an encrypted link authenticating an appleID, the Device trust store certificate contents, and the initial evolution of allowing OSX server manage the device rights to network services and systems that the server administrator must define in the user and device profile of the profile manager.

    The developer hints that route. preview of server on mavericks sure

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s