What technology should a security team implement for federation and enabling Single Sign-On (SSO) capabilities across cloud applications?

The most suitable technology for implementing federation and enabling Single Sign-On (SSO) capabilities across cloud applications is SAML. Security Assertion Markup Language (SAML) is specifically designed for authentication and authorization between different domains, which is essential in a federated environment.

When users access a cloud application, SAML enables them to authenticate through a centralized identity provider, which in turn issues security tokens that grant access to various services without requiring multiple logins. This enhances the user experience by allowing seamless transitions between services while maintaining strong security protocols.

Other technologies listed serve different purposes; for example, LDAP (Lightweight Directory Access Protocol) is primarily used for directory services and doesn't inherently support the federation model utilized for SSO. OAuth is an authorization framework that allows third-party services to exchange tokens without sharing passwords, but it does not directly manage user identity for SSO. RADIUS (Remote Authentication Dial-In User Service) is often utilized for authentication but is not designed for the federated identity management needed for cloud applications.

Thus, SAML stands out as the correct choice for enabling SSO in a cloud-centric approach, ensuring a secure and user-friendly experience across various applications.