Cloud-Based Identity Services
|
|
|
- Gillian Sharleen Hodge
- 10 years ago
- Views:
Transcription
1 Cloud-Based Identity Services TrustX Technologies, Inc Random Hills Rd., Suite 650 Fairfax, VA 22030
2 TrustX Identity Services Affordable Identity Assurance TrustX is a cloud-based implementation of IdentityX s award winning identity assurance technology. It delivers the features and benefits of IdentityX in a secure, easily consumed and economical hosted service model. TrustX is ideally suited to any organization that has need for strong authentication (including biometrics), but, does not desire to stand-up, operate and maintain an on-premise solution. Our TrustX service was developed in accordance with the guiding principles of the National Strategy for Trusted Identities in Cyberspace (NSTIC) initiative: Secure and Resilient Privacy Enhancing Interoperable Cost Effective and Easy to Use TrustX Service Model 2
3 Flexibility TrustX was designed to provide Relying Parties the highest degree of flexibility possible in a multi-tenant, hosted environment. Multiple Trust Frameworks TrustX supports integration via: SAML2 (conformant to the Kantara Initiative) OpenID Connect IdentityX Proprietary Interface FICAM compliant Configurable Authentication Policies Relying Parties control which authentication factors to apply to transactions and can step up authentication to add additional factors for transactions involving higher risk. Authentication factors supported include: Device Possession (certificate based) PIN Face Voice Geolocation Federated and Non-Federated Models TrustX was designed as an integral component of the NSTIC Ecosystem supporting federated identity across a large segment of subscribers and relying parties. In this model, Subscribers can use the same credential with any participating Relying Party that chooses to accept it. However, TrustX performs equally well in a situation where a direct one-to-one relationship exists between subscriber and Relying Party and the associated credential is not shared outside the Relying Party organization. Privacy TrustX protects the privacy of Subscriber and Relying Party information. Our service has been subjected to independent audit of industry recognized privacy experts at Purdue University. We collect and maintain the minimum amount of Personally Identifiable Information (PII) needed to authenticate Subscribers to the RP. This information is never shared with any other organization or entity, except as required to deliver the Service. 3
4 TrustX is a multi-tenant environment where common infrastructure is used to support authentication of Subscribers to multiple Relying Parties. However, great precautions have been taken to ensure the total separation of RP data to ensure the privacy, security and integrity of RP and Subscriber information. Typical Usage Scenario 1. Subject tries to access a protected resource, account or transaction 2. RP sends authentication request to TrustX 3. TrustX authenticates the Subject via their mobile device and in accordance with RP policies for the type/level of access required 4. TrustX passes authentication response to RP 5. RP grants access to the resource, account or transaction 4
5 About TrustX and IdentityX Inc. TrustX is a wholly-owned subsidiary of IdentityX that provides hosted identity services based on IdentityX technology. IdentityX Inc. is an affiliate of Daon, a leading provider of identity assurance software products focused on meeting the needs of governments and commercial organizations worldwide. Daon supports customers and system integrators in building enterprise solutions requiring the highest level of security, performance, scalability, reliability and privacy. Daon s multi-modal authentication infrastructure, DaonEngine, integrates seamlessly with IT platforms and applications and manages the identity life-cycle of small and large populations. Daon s COTS products are scalable, flexible and proven in the most challenging real-world environments. Daon has been selected to secure more than 750 million identities around the globe, including providing the core backend platform for the Indian Unique ID (UID) project, which involves a multi-modal solution as part of the largest biometric initiative in the world. The Daon product suite covers every aspect of identity management from pre-enrollment and identity proofing to enrollment, multimodal capture, adjudication, credentialing and provisioning. Daon s offices are located in Washington DC, Canberra, and Dublin. For further information on IdentityX Inc., or to request a demo of IdentityX, please visit The X-Family of Companies Affiliate Application Identity Solutions for in- person applications: border control, national ID, law enforcement, immigration, trusted traveler Identity solutions for on- line and mobile applications 3 rd party identity solutions based on IdentityX Technology Cloud- based Identity Services based on IdentityX 5
NISTIC Pilot - Attribute Exchange Network. Biometric Consortium Conference - 2013
NISTIC Pilot - Attribute Exchange Network Biometric Consortium Conference - 2013 Market Development Startup (2011) Unrealized Large Market Potential Evolving Value Props & Use-Cases Evolving Tech/Policy
Biometrics in Identity as a Service
Daon - your trusted Identity Partner Biometrics in Identity as a Service What is BaaS and who is doing it? Catherine Tilton 28 September 2011 The Need As the world becomes more interdependent, as transactions
Attribute-Based Access Control Solutions: Federating Authoritative User Data to Support Relying Party Authorization Decisions and Requirements
Joint White Paper: Attribute-Based Access Control Solutions: Federating Authoritative User Data to Support Relying Party Authorization Decisions and Requirements Submitted Date: April 10, 2013 Submitted
Open Data Center Alliance Usage: Infrastructure as a Service (IaaS) Privileged User Access rev. 1.0
sm Open Data Center Alliance Usage: Infrastructure as a Service (IaaS) Privileged User Access rev. 1.0 Table of Contents Legal Notice... 3 Executive Summary... 4 Related Usage Models... 5 Reference Framework...
Open Data Center Alliance Usage: Single Sign On Authentication REv. 1.0
sm Open Data Center Alliance Usage: Single Sign On Authentication REv. 1.0 Table of Contents Legal Notice... 3 Executive Summary... 4 Reference Framework... 5 Applicability... 6 Related Usage Models...
Standards for Identity & Authentication. Catherine J. Tilton 17 September 2014
Standards for Identity & Authentication Catherine J. Tilton 17 September 2014 Purpose of these standards Wide deployment of authentication technologies that may be used in a global context is heavily dependent
Identity, Credential, and Access Management. Open Solutions for Open Government
Federal CIO Council Information Security and Identity Management Committee Identity, Credential, and Access Management www.idmanagement.gov Open Solutions for Open Government Judith Spencer Co-Chair, ICAM
Can We Reconstruct How Identity is Managed on the Internet?
Can We Reconstruct How Identity is Managed on the Internet? Merritt Maxim February 29, 2012 Session ID: STAR 202 Session Classification: Intermediate Session abstract Session Learning Objectives: Understand
ImageWare Systems, Inc.
ImageWare Systems, Inc. Delivering next-generation biometrics as an interactive and scalable cloud-based service SUMMARY Catalyst ImageWare Systems, Inc. (IWS) is a developer of leading-edge, identity-based,
Department of Veterans Affairs VA DIRECTIVE 6510 VA IDENTITY AND ACCESS MANAGEMENT
Department of Veterans Affairs VA DIRECTIVE 6510 Washington, DC 20420 Transmittal Sheet VA IDENTITY AND ACCESS MANAGEMENT 1. REASON FOR ISSUE: This Directive defines the policy and responsibilities to
Identity: The Key to the Future of Healthcare
Identity: The Key to the Future of Healthcare Chief Medical Officer Anakam Identity Services July 14, 2011 Why is Health Information Technology Critical? Avoids medical errors. Up to 98,000 avoidable hospital
IDaaS: Managed Credentials for Local & State Emergency Responders
IDaaS: Managed Credentials for Local & State Emergency Responders NextgenID ID*TRUST Platform NextgenID - Headquarters USA 10226 San Pedro, Suite 100 San Antonio, TX 78216 +1 (210) 530-9991 www.nextgenid.com
Ensuring the Security of Your Company s Data & Identities. a best practices guide
a best practices guide Ensuring the Security of Your Company s Data & Identities Symplified 1600 Pearl Street, Suite 200» Boulder, CO, 80302» www.symplified.com» @Symplified Safe and Secure Identity Management
National Cybersecurity Challenges and NIST. Donna F. Dodson Chief Cybersecurity Advisor ITL Associate Director for Cybersecurity
National Cybersecurity Challenges and NIST Donna F. Dodson Chief Cybersecurity Advisor ITL Associate Director for Cybersecurity Though no-one knows for sure, corporate America is believed to lose anything
Trust Elevation Using Risk-Based Multifactor Authentication. Cathy Tilton
Trust Elevation Using Risk-Based Multifactor Authentication Cathy Tilton 1 Caveat Intent is to present an approach for risk-based multifactor authentication and how it might be used in a trustelevation
RealMe. Technology Solution Overview. Version 1.0 Final September 2012. Authors: Mick Clarke & Steffen Sorensen
RealMe Technology Solution Overview Version 1.0 Final September 2012 Authors: Mick Clarke & Steffen Sorensen 1 What is RealMe? RealMe is a product that offers identity services for people to use and manage
esign Online Digital Signature Service
esign Online Digital Signature Service Government of India Ministry of Communications and Information Technology Department of Electronics and Information Technology Controller of Certifying Authorities
NCSU SSO. Case Study
NCSU SSO Case Study 2 2 NCSU Project Requirements and Goals NCSU Operating Environment Provide support for a number Apps and Programs Different vendors have their authentication databases End users must
Federal Identity, Credential, and Access Management Trust Framework Solutions. Overview
Federal Identity, Credential, and Access Management Trust Framework Solutions Overview Version 1.0 02/07/2014 Questions? Contact the FICAM TFS Program Manager at [email protected] 1 Table of Contents 1.
EXTENDING SINGLE SIGN-ON TO AMAZON WEB SERVICES
pingidentity.com EXTENDING SINGLE SIGN-ON TO AMAZON WEB SERVICES Best practices for identity federation in AWS Table of Contents Executive Overview 3 Introduction: Identity and Access Management in Amazon
Federal Identity, Credential, and Access Management Trust Framework Solutions. Relying Party Guidance For Accepting Externally-Issued Credentials
Federal Identity, Credential, and Access Management Trust Framework Solutions Relying Party Guidance For Accepting Externally-Issued Credentials Version 1.1.0 Questions? Contact the FICAM TFS Program Manager
Simplify and Secure Cloud Access to Critical Business Data
SAP Brief SAP Technology SAP Cloud Identity Objectives Simplify and Secure Cloud Access to Critical Business Data Gain simplicity and security in a single cloud solution Gain simplicity and security in
Easy, Trusted Online Service Access
SOLUTIONS BRIEF Easy, Trusted Online Service Access Making online services more convenient, secure and cost-effective. For many online services, forgotten passwords and new credential set up are the two
Extend and Enhance AD FS
Extend and Enhance AD FS December 2013 Sponsored By Contents Extend and Enhance AD FS By Sean Deuby Introduction...2 Web Service SSO Architecture...3 AD FS Overview...5 Ping Identity Solutions...7 Synergy
PRODUCT SHEET: CA Arcot Cloud Services Data Centers CA Arcot cloud services data centers. True multi-tenancy and scalability
PRODUCT SHEET: CA Arcot Cloud Services Data Centers CA Arcot cloud services data centers Delivering consistent quality of service, scalability and service level assurance When it comes to cloud-based online
FCCX Briefing. Information Security and Privacy Advisory Board. June 13, 2014
FCCX Briefing Information Security and Privacy Advisory Board June 13, 2014 1 Agenda Overview NSTIC FICAM Federal Cloud Credential Exchange Lessons Learned Enhancing Federation Privacy Questions 2 Challenge
Strong authentication. NetIQ - All Rights Reserved
Strong authentication NetIQ - All Rights Reserved Agenda Strong authentication Demo 2 Questions about Identification / Authentication What is authentication? Identity verification, are you who you say
IDENTITY INFORMATION MANAGMENT ARCHITECTURE SUMMARY Architecture and Standards Branch Office of the CIO Province of BC People Collaboration Innovation
IDENTITY INFORMATION MANAGMENT ARCHITECTURE SUMMARY Architecture and Standards Branch Author: Creation Date: Last Updated: Version: I. Bailey May 28, 2008 March 23, 2009 0.7 Reviewed By Name Organization
The Leading Provider of Identity Solutions and Services in the U.S.
THE IDENTITY COMPANY The Leading Provider of Identity Solutions and Services in the U.S. MorphoTrust USA MorphoTrust USA Our Value Uniquely Identifying Individuals: MorphoTrust is entrusted to ensure that
How To Use Netbackup For Business
Enterprise Cloud Backup and Recovery with Symantec NetBackup Data Sheet: Backup and Disaster Recovery Overview of Symantec NetBackup As the established market leader, Symantec NetBackup delivers reliable
SAP HANA Cloud Portal Overview and Scenarios
SAP HANA Cloud Portal Overview and Scenarios HERUG 2014 Conference - Montevideo April 2014 Twitter: @portal_sap / #hanacloudportal HERUG 2014 Conference Event Website Event overview Information and Agenda
The Top 5 Federated Single Sign-On Scenarios
The Top 5 Federated Single Sign-On Scenarios Table of Contents Executive Summary... 1 The Solution: Standards-Based Federation... 2 Service Provider Initiated SSO...3 Identity Provider Initiated SSO...3
Security Issues in Cloud Computing
Security Issues in Computing CSCI 454/554 Computing w Definition based on NIST: A model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources
APIs The Next Hacker Target Or a Business and Security Opportunity?
APIs The Next Hacker Target Or a Business and Security Opportunity? SESSION ID: SEC-T07 Tim Mather VP, CISO Cadence Design Systems @mather_tim Why Should You Care About APIs? Amazon Web Services EC2 alone
Addressing Cloud Computing Security Considerations
Addressing Cloud Computing Security Considerations with Microsoft Office 365 Protect more Contents 2 Introduction 3 Key Security Considerations 4 Office 365 Service Stack 5 ISO Certifications for the Microsoft
API-Security Gateway Dirk Krafzig
API-Security Gateway Dirk Krafzig Intro Digital transformation accelerates application integration needs Dramatically increasing number of integration points Speed Security Industrial robustness Increasing
Security Services. Benefits. The CA Advantage. Overview
PRODUCT BRIEF: CA SITEMINDER FEDERATION SECURITY SERVICES CA SiteMinder Federation Security Services CA SITEMINDER FEDERATION SECURITY SERVICES EXTENDS THE WEB SINGLE SIGN-ON EXPERIENCE PROVIDED BY CA
Identity & Access Management The Cloud Perspective. Andrea Themistou 08 October 2015
Identity & Management The Cloud Perspective Andrea Themistou 08 October 2015 Agenda Cloud Adoption Benefits & Risks Security Evolution for Cloud Adoption Securing Cloud Applications with IAM Securing Cloud
Auditing Cloud Computing. A Security and Privacy Guide. Wiley Corporate F&A
Brochure More information from http://www.researchandmarkets.com/reports/2213812/ Auditing Cloud Computing. A Security and Privacy Guide. Wiley Corporate F&A Description: The auditor's guide to ensuring
Identity and Access Management (IAM) Across Cloud and On-premise Environments: Best Practices for Maintaining Security and Control
Identity and Access Management (IAM) Across Cloud and On-premise Environments: Best Practices for Maintaining Security and Control agility made possible Enterprises Are Leveraging Both On-premise and Off-premise
Open Data Center Alliance Usage: Identity Management Interoperability Guide rev. 1.0
sm Open Data Center Alliance Usage: Identity Interoperability Guide rev. 1.0 Open Data Center Alliance Usage: Identity Interoperability Guide Rev. 1.0 Table of Contents Legal Notice... 3 Executive Summary...
WIPRO IDENTITY CLOUD UNLEASHING THE NEXT GENERATION OF IDENTITY AND ACCESS MANAGEMENT (IAM) www.wipro.com
WIPRO IDENTITY CLOUD UNLEASHING THE NEXT GENERATION OF IDENTITY AND ACCESS MANAGEMENT (IAM) www.wipro.com Table of Contents 03...Introduction 04...Wipro Cloud (WIC) as a Service Type 05...Wipro Cloud Capabilities
SAP HANA Cloud Platform
SAP HANA Cloud Platform Introduction Rui Nogueira, SAP AG - TIP CORE June 12 th, 2013 Building An Application For The Cloud 2013 SAP AG or an SAP affiliate company. All rights reserved. 2 Building an Enterprise-Ready
Biometrics and National Strategy for Trusted Identities in Cyberspace Improving the Security of the Identity Ecosystem September 19
Biometrics and National Strategy for Trusted Identities in Cyberspace Improving the Security of the Identity Ecosystem September 19 Andrew Sessions, Abel Sussman Biometrics Consortium Conference Agenda
HEDM and Integration. Michael Agnew Vice President, Localization Solutions
HEDM and Integration Michael Agnew Vice President, Localization Solutions Agenda 1 The challenges faced 2 The potential benefits 3 How the HeDM relates to the Irish HE sector 4 Q&A The challenges faced
White Paper. FFIEC Authentication Compliance Using SecureAuth IdP
White Paper FFIEC Authentication Compliance Using SecureAuth IdP September 2015 Introduction Financial institutions today face an important challenge: They need to comply with guidelines established by
The Next Generation of Security Leaders
The Next Generation of Security Leaders In an increasingly complex cyber world, there is a growing need for information security leaders who possess the breadth and depth of expertise necessary to establish
Digital Identity in Healthcare: What's Coming Down the Pike. Lisa Gallagher, BSEE, CISM, CPHIMS, FHIMSS VP, Technology Solutions, HIMSS
Digital Identity in Healthcare: What's Coming Down the Pike Lisa Gallagher, BSEE, CISM, CPHIMS, FHIMSS VP, Technology Solutions, HIMSS Discussion What is the Problem? What is Digital Identity and How Does
Protect Everything: Networks, Applications and Cloud Services
Protect Everything: Networks, Applications and Cloud Services Tokens & Users Cloud Applications Private Networks Corporate Network API LDAP / Active Directory SAML RADIUS Corporate Network LDAP / Active
The Imperative for High Assurance Credentials: State Identity Credential and Access Management (SICAM) Guidance and Roadmap
The Imperative for High Assurance Credentials: State Identity Credential and Access Management (SICAM) Guidance and Roadmap AAMVA Region I Conference E-ID, DLDV, and Privacy Conducting Business Securely
Good Afternoon! Since Yesterday we have been talking about threats and how to deal with those threats in order to protect ourselves from individuals
Good Afternoon! Since Yesterday we have been talking about threats and how to deal with those threats in order to protect ourselves from individuals and protect people, information, buildings, countries
Identity, Credential, and Access Management. An information exchange For Information Security and Privacy Advisory Board
Federal CIO Council Information Security and Identity Management Committee Identity, Credential, and Access Management An information exchange For Information Security and Privacy Advisory Board Deb Gallagher
Cloud Security Specialist Certification Self-Study Kit Bundle
Cloud Security Specialist Certification Bundle CloudSchool.com CLOUD CERTIFIED Technology Professional This certification bundle provides you with the self-study materials you need to prepare for the exams
Security MWC 2014. 2013 Nokia Solutions and Networks. All rights reserved.
Security MWC 2014 2013 Nokia Solutions and Networks. All rights reserved. Security Ecosystem overview Partners Network security demo + End-user security demo + + + + NSN end-to-end security solutions for
Accelerate Your Enterprise Private Cloud Initiative
Cisco Cloud Comprehensive, enterprise cloud enablement services help you realize a secure, agile, and highly automated infrastructure-as-a-service (IaaS) environment for cost-effective, rapid IT service
Biometrics and Cyber Security
Biometrics and Cyber Security Key Considerations in Protecting Critical Infrastructure Now and In The Future Conor White, Chief Technology Officer, Daon Copyright Daon, 2009 1 Why is Cyber Security Important
Course 20465C: Designing a Data Solution with Microsoft SQL Server
Course 20465C: Designing a Data Solution with Microsoft SQL Server Module 1: Introduction to Enterprise Data Architecture As organizations grow to enterprise scale, their IT infrastructure requirements
Federated single sign-on (SSO) and identity management. Secure mobile access. Social identity integration. Automated user provisioning.
PingFederate We went with PingFederate because it s based on standards like SAML, which are important for a secure implementation. John Davidson Senior Product Manager, Opower PingFederate is the leading
Digital Identity Management
Digital Identity Management Techniques and Policies E. Bertino CS Department and ECE School CERIAS Purdue University [email protected] Digital Identity Management What is DI? Digital identity (DI)
I D C S P O T L I G H T. Ac c e l e r a t i n g Cloud Ad o p t i o n w i t h Standard S e c u r i t y M e a s u r e s
I D C S P O T L I G H T Ac c e l e r a t i n g Cloud Ad o p t i o n w i t h Standard S e c u r i t y M e a s u r e s March 2012 Adapted from Worldwide Cloud Security 2011 2015 Forecast: A Comprehensive
CA Federation Manager
PRODUCT BRIEF: CA FEDERATION MANAGER CA FEDERATION MANAGER PROVIDES STANDARDS-BASED IDENTITY FEDERATION CAPABILITIES THAT ENABLE THE USERS OF ONE ORGANIZATION TO EASILY AND SECURELY ACCESS THE DATA AND
20465: Designing a Data Solution with Microsoft SQL Server
20465: Designing a Data Solution with Microsoft SQL Server Microsoft - Base de Dados Nível: Avançado Duração: 30h Sobre o curso The focus of this five-day instructor-led course is on planning and implementing
TRANSITIONING ENTERPRISE CUSTOMERS TO THE CLOUD WITH PULSE SECURE
White Paper TRANSITIONING ENTERPRISE CUSTOMERS TO THE CLOUD WITH PULSE SECURE Pulse Connect Secure Enables Service Providers to Deliver Scalable and On-Demand, Cloud-Based Deployments with Simplicity and
Identity & Privacy Protection
Identity & Privacy Protection An Essential Component for a Federated Access Ecosystem Dan Turissini - CTO, WidePoint Corporation [email protected] 703 246 8550 CyberSecurity One of the most serious economic
DEPARTMENTAL REGULATION
U.S. DEPARTMENT OF AGRICULTURE WASHINGTON, D.C. 20250 DEPARTMENTAL REGULATION SUBJECT: Identity, Credential, and Access Management Number: 3640-001 DATE: December 9, 2011 OPI: Office of the Chief Information
GOALS (2) The goal of this training module is to increase your awareness of HSPD-12 and the corresponding technical standard FIPS 201.
PERSONAL IDENTITY VERIFICATION (PIV) OVERVIEW INTRODUCTION (1) Welcome to the Homeland Security Presidential Directive 12 (HSPD-12) Personal Identity Verification (PIV) Overview module, designed to familiarize
HSPD-12 Implementation Architecture Working Group Concept Overview. Version 1.0 March 17, 2006
HSPD-12 Implementation Architecture Working Group Concept Overview Version 1.0 March 17, 2006 Table of Contents 1 PIV Lifecycle... 3 2 High Level Component Interaction Diagram... 4 3 PIV Infrastructure
State Identity, Credential, and Access Management (SICAM) Roadmap and Implementation Guidance Version 2.0 October 14, 2013
State Identity, Credential, and Access Management (SICAM) Roadmap and Implementation Guidance Version 2.0 October 14, 2013 Statewide Information Management Manual (SIMM) Section 158A Enterprise Architecture
Audio: This overview module contains an introduction, five lessons, and a conclusion.
Homeland Security Presidential Directive 12 (HSPD 12) Overview Audio: Welcome to the Homeland Security Presidential Directive 12 (HSPD 12) overview module, the first in a series of informational modules
THE QUEST FOR A CLOUD INTEGRATION STRATEGY
THE QUEST FOR A CLOUD INTEGRATION STRATEGY ENTERPRISE INTEGRATION Historically, enterprise-wide integration and its countless business benefits have only been available to large companies due to the high
Interoperate in Cloud with Federation
Interoperate in Cloud with Federation - Leveraging federation standards can accelerate Cloud computing adoption by resolving vendor lock-in issues and facilitate On Demand business requirements Neha Mehrotra
7 things to ask when upgrading your ERP solution
Industrial Manufacturing 7 things to ask when upgrading your ERP solution The capabilities gap between older versions of ERP designs and current designs can create a problem that many organizations are
Final Project Report December 9, 2012. Cloud-based Authentication with Native Client Server Applications. Nils Dussart 0961540
Final Project Report December 9, 2012 Cloud-based Authentication with Native Client Server Applications. Nils Dussart 0961540 CONTENTS Project Proposal... 4 Project title... 4 Faculty Advisor... 4 Introduction...
Two-Factor Authentication
Two-Factor Authentication A Total Cost of Ownership Viewpoint CONTENTS + Two-Factor Authentication 3 A Total Cost of Ownership Viewpoint + Introduction 3 + Defining Total Cost of Ownership 3 + VeriSign
CHECKLIST: Top 10 reasons to move to the cloud
CHECKLIST: Top 10 reasons to move to the cloud CHECKLIST: Top 10 reasons to move to the cloud There are many reasons to move to the cloud, including rapid deployment, reduced support, improved flexibility,
