Forums for the Business Analyst

 
  Modern Analyst Forums  Business and Sy...  Requirements  How to conduct requirements for single sign on solution
Previous Previous
 
Next Next
New Post 2/26/2016 3:50 AM
User is offline Jayman21
28 posts
9th Level Poster


How to conduct requirements for single sign on solution 

Hello, I am currently working on a Single Sign On project. The project looks to use a single portal as access to several (15) services offered by a financial service body. The users to access this service via the single portal comprise of both internal and external users. This means there is need to define the users groups and also the security access level for the users and the services.

Question:

1.       How do you go about conducting requirements for this project? What areas to look into? E.g Portal component, Registration component, sign On component , Authentication and Authorisation component and Admin portal Component

2.       Can anyone advise on a generic infrastructure design / model which can be used / deployed in a complex organisation? And which will show how the solution works / will work and how data is requested and exchanges. 

3.       Any sample requirement document for SSO as a guide to what to look for, what component to research and gather information.

4.       How to handle Authentication and Authorisation

5.       How to go about defining the security access levels for the services and also for the user groups

6.       What technical challenges should I be looking out for

7.       Any advice / recommendations 

Thanks and look forward to your contributions.

 
New Post 3/8/2016 4:02 AM
User is offline Jayman21
28 posts
9th Level Poster


Re: How to conduct requirements for single sign on solution 

Hello All,

 

Still no response. Am thinking I may be asking the wrong questions. Any advice or pointing in the wright direction will do.

thanks

 
New Post 3/10/2016 10:01 AM
User is offline Chris Adams
307 posts
5th Level Poster






Re: How to conduct requirements for single sign on solution 

I think you have asked a pretty tough question for anyone who hasn't been involved in a Single Sign On project.  I would caution about mixing your business and technical requirements.

Start with the business requirements.  Think about the following.

  • Registration
  • Role assignment
  • Registration/Role Approval
  • System Access based on Role
  • Single Sign On/Login

Then you have the Architecture/Technical Requirements to consider.  Most of these will need to be determined by an Architect or whomever is managing the development side.  They will start to jump the chasm between requirements and solution design. These will include things like:

  • Authentication
  • Authorization
  • Security and Encryption

There are probably some best practices available but finding them could be difficult. Many companies have implemented a Single Sign On solution, so I wouldn't reinvent the wheel.


Chris Adams
Core Member – ModernAnalyst.com
LinkedIn Profile
 
New Post 4/9/2016 12:23 PM
User is offline L-Analyst
1 posts
No Ranking


Re: How to conduct requirements for single sign on solution 
Modified By Chris Adams  on 4/12/2016 11:18:10 AM)

If you require a comprehensive requirements specification template, outlining the business as well as functional requirements for a system, you can find it here: https://www.fiverr.com/liezlfive/write-a-system-requirement-specification-template. Also offering to create a comprehensive document based on your project/system. 

 
New Post 5/17/2016 10:14 PM
User is offline Jayman21
28 posts
9th Level Poster


Re: How to conduct requirements for single sign on solution 
 Chris Adams wrote

I think you have asked a pretty tough question for anyone who hasn't been involved in a Single Sign On project.  I would caution about mixing your business and technical requirements.

Start with the business requirements.  Think about the following.

  • Registration
  • Role assignment
  • Registration/Role Approval
  • System Access based on Role
  • Single Sign On/Login

Then you have the Architecture/Technical Requirements to consider.  Most of these will need to be determined by an Architect or whomever is managing the development side.  They will start to jump the chasm between requirements and solution design. These will include things like:

  • Authentication
  • Authorization
  • Security and Encryption

There are probably some best practices available but finding them could be difficult. Many companies have implemented a Single Sign On solution, so I wouldn't reinvent the wheel.


 

Thanks Chris Adams for your comment. I have been working on the project and as a team we came up with the key areas to capture requirements via user stories:

. Registration

. Log In & Authentication

. Identity

. Self-Service & Web Portal

. Assisted Digital & Trusted Helpers

For each one of the above we tried to capture the As Is situation and he To Be situation (user stories forming the requirements for the new solution). As you rightly said the technical architect will then be responsible for defining the solution options. We do not intend to build from scratch but use existing off the shelf solutions via a vendor. 

The approach is to capture common needs across the impacted business areas (at the minimum) level then work through each impacted business area one after the other literately and incrementally.

Any thoughts regarding the approach?

Kind regards


 
Previous Previous
 
Next Next
  Modern Analyst Forums  Business and Sy...  Requirements  How to conduct requirements for single sign on solution

Community Blog - Latest Posts

Limor Wainstein
Limor Wainstein
Business analysts typically gather and interpret data from many areas within an organization, finding solutions to business problems and improving business processes with all that data. A business analyst may measure and improve on such disparate things as warehouse efficiency and cloud software implementation. A marketing analyst, on the other...
0 Responses
EA Learning
EA Learning
My current, favourite question for Executives and Architects is “How do you see Architecture operating in an Agile environment.” This question usually elicits a wry smile and a response along the lines of “I will need to get back to you on that!” Many people are wondering how Architecture will fair in the world of Agile. My ...
0 Responses
Limor Wainstein
Limor Wainstein
The age of cloud computing is now so firmly established that research firm Gartner predicted by 2020, a corporate "no-cloud" policy will be as rare as a "no-internet" policy is today. In the same press release, Gartner went on to predict that spending on compute power sold by cloud providers will exceed that of compute power sold and deployed into ...
0 Responses


Upcoming Live Webinars



Latest Articles

5 Business Analysis Trends to Watch in 2018
Jan 14, 2018
0 Comments
Given the speed of change, it is really tricky to predict what trends will grow in popularity or relevance. I am sure whatever emerges will seem obvio...
Featured Digital Library Resources 
Copyright 2006-2015 by Modern Analyst Media LLC