Do not give up on security when using SSO
However, Jae-Guk Lee, Director of Global Technology at NETAND said “Unlike other PAM solutions, NETAND’s HIWARE has the strength to achieve both convenience and zero-trust security. The reasons for maintaining a higher security level when accessing the target system through HIWARE are as follows:
Firstly, the proxy server holds the credential key used for communication with the target device to be accessed. Secondly, when the user (client PC) attempts to access the target device through the relay server, a virtual credential key is generated and delivered to the user each session. Lastly, when attempting to communicate with a used credential key, the value of the key used in the communication changes every session, and when communicating with DATA, the existing credential key is invalidated because it is encrypted with the new credential key. Therefore, even if an attacker acquires a critical key from a user's PC, the target system cannot be accessed using that key again."