BYE BYE PASSWORDS. The Future of Online Identity. Hans Zandbelt Sr. Technical Architect. CTO Office - Ping Identity

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "BYE BYE PASSWORDS. The Future of Online Identity. Hans Zandbelt Sr. Technical Architect. CTO Office - Ping Identity"

Transcription

1 BYE BYE PASSWORDS The Future of Online Identity Hans Zandbelt Sr. Technical Architect CTO Office - Ping Identity 2015 Copyright 2014 Ping Identity Corp. All rights reserved. 1

2 Agenda Cloud & Mobile: Trends & Challenges Next Gen Security & Identity Protocols Recommendations

3 Cloud & Mobile - Dimensions of Change Users Locations Devices Users Workforce Customers Partners Consumers/Social Devices Mobile/fixed Browser/app BYOD/E-owned Locations Applications Users

4 NEW PARADIGM Identity is perimeter OLD MODEL Proprietary On-premise Web only Single Domain NEW MODEL Open standards Hybrid datacenter and cloud Web, API and mobile Federated by default

5 Password anti-pattern Drawbacks 3 rd party client store user passwords Teaches users to be indiscriminate with passwords No multi-factor or federated authentication No granularity No differentiation No revocation

6 The Internet Scale Identity Concept Application verify User & Client Account Identity Provider Authoritative Scale Manageability UNIFORM across Web SSO & API Access Security, Convenience & Enablement How to extend enterprise security policies to the cloud: a MUST have

7 (Identity) Tokens Security Properties Tokens are Limited in: Scope Time Audience Consider a breach, or better, assume it Copyright 2014 Ping Identity Corp. All rights reserved. 7

8 Stitching it Together Standardized Solution Elements Externalized Authentication Issue derived tokens Next Gen protocols to transport tokens Use Tokens for SSO & API Access Confidential do not distribute Copyright 2014 Ping Identity Corp. All rights reserved. 8

9 STANDARDS

10 Today s Identity Protocol Landscape SAML X.509 LDAP

11 OAuth 2.0 Protocol Framework Characteristics Secure API authorization simple & standard, secureenough (Bearer) for desktop, mobile, web, IoT Delegated access mitigates password antipattern Issue tokens for granular access Without divulging your credentials

12 Modern Identity Protocol Stack OpenID Connect SCIM OAuth 2.0

13 Standards: the nice thing is SSO XML JSON SAML 1.x / 2.0 WS-Federation WS-Trust API Access SOAP REST WS-Security OpenID Connect OAuth 1.0 / 2.0 Standards Interoperability: with other stacks/ APIs cross-domain (Web/federated) SSO Enterprise/Customer/ Consumer Identity SAML -> OpenID Connect APIs SOAP -> REST OAuth 2.0 / OpenID Connect Simple RP, complex OP

14 [Presentation Title] AUTHENTICATION

15 Authentication Characteristics Single -> multi-factor Strong evolving into continous MF bootstrap, SF repetition & recognition Context is key Where, how (often), what, when location, behaviour, keystroke analytics, accelerometer, gyroscope, heartrate, etc Mobile Phone Personal, not likely to share Hardware (token) Something you have Secure Element Token (passwords...) Wallet Ubiquitous Sensors Context, continuous + watch

16 Stitching together Authentication, API Security & SSO STRATEGY

17 The Identity Layer Applications IDENTITY Network Scalable Identification Scalable Security Authentication, Privacy, Confidentiality, Integrity Issue & Use Tokens Scalable Trust

18 IDENTITY is Always On Identity becomes portable, enabled via an identity services layer that is leveraged by ALL applications much like databases and the network are today.

19 Next Gen IAM New Taxonomy Federated Access Management (FAM) Multi-Factor Authentication 1 Federated Sign-on Access Security 2 3 Continuous Authentication 4 Intelligence (risk/fraud/analytics) Governance User Administration A Orchestration B Federated Provisioning C Federated Identity Management (FIM) Confidential do not distribute Copyright 2015 Ping Identity Corp. All rights reserved. 19

20 Next Generation Identity Platform Consider Strong & Continuous Authentication Mobile Phone is key Derived Tokens For Identity and Access Federated by default Security, convenience & cost Simple & Scalable Next gen identity protocols Copyright 2014 Ping Identity Corp. All rights reserved. 21

21 ThankYou Questions? Hans Zandbelt

Federated single sign-on (SSO) and identity management. Secure mobile access. Social identity integration. Automated user provisioning.

Federated single sign-on (SSO) and identity management. Secure mobile access. Social identity integration. Automated user provisioning. PingFederate We went with PingFederate because it s based on standards like SAML, which are important for a secure implementation. John Davidson Senior Product Manager, Opower PingFederate is the leading

More information

The Role of Identity Enabled Web Services in Cloud Computing

The Role of Identity Enabled Web Services in Cloud Computing The Role of Identity Enabled Web Services in Cloud Computing April 20, 2009 Patrick Harding CTO Agenda Web Services and the Cloud Identity Enabled Web Services Some Use Cases and Case Studies Questions

More information

Ping Identity, Euro Cloud award entry

Ping Identity, Euro Cloud award entry Ping Identity, Euro Cloud award entry Category: Best Cloud Offering Product: PingFederate 6.6 About Ping Identity Ping Identity is the cloud identity security leader, specialising in cloud identity, security,

More information

Cloud Standards. Arlindo Dias IT Architect IBM Global Technology Services CLOSER 2102

Cloud Standards. Arlindo Dias IT Architect IBM Global Technology Services CLOSER 2102 Cloud Standards Arlindo Dias IT Architect IBM Global Technology Services CLOSER 2102 2011 IBM Corporation Agenda Overview on Cloud Standards Identity and Access Management Discussion 2 Overview on Cloud

More information

OPENIAM ACCESS MANAGER. Web Access Management made Easy

OPENIAM ACCESS MANAGER. Web Access Management made Easy OPENIAM ACCESS MANAGER Web Access Management made Easy TABLE OF CONTENTS Introduction... 3 OpenIAM Access Manager Overview... 4 Access Gateway... 4 Authentication... 5 Authorization... 5 Role Based Access

More information

USING FEDERATED AUTHENTICATION WITH M-FILES

USING FEDERATED AUTHENTICATION WITH M-FILES M-FILES CORPORATION USING FEDERATED AUTHENTICATION WITH M-FILES VERSION 1.0 Abstract This article provides an overview of federated identity management and an introduction on using federated authentication

More information

Flexible Identity Federation

Flexible Identity Federation Flexible Identity Federation Quick start guide version 1.0.1 Publication history Date Description Revision 2015.09.23 initial release 1.0.0 2015.12.11 minor updates 1.0.1 Copyright Orange Business Services

More information

Extend and Enhance AD FS

Extend and Enhance AD FS Extend and Enhance AD FS December 2013 Sponsored By Contents Extend and Enhance AD FS By Sean Deuby Introduction...2 Web Service SSO Architecture...3 AD FS Overview...5 Ping Identity Solutions...7 Synergy

More information

EXECUTIVE VIEW. EmpowerID 2013. KuppingerCole Report. By Peter Cummings October 2013. By Peter Cummings pc@kuppingercole.

EXECUTIVE VIEW. EmpowerID 2013. KuppingerCole Report. By Peter Cummings October 2013. By Peter Cummings pc@kuppingercole. KuppingerCole Report EXECUTIVE VIEW By Peter Cummings October 2013 EmpowerID 2013 By Peter Cummings pc@kuppingercole.com October 2013 Content 1 Vendor Profile... 3 2 Product Description... 4 2.1 Single

More information

Federated Identity and Single Sign-On using CA API Gateway

Federated Identity and Single Sign-On using CA API Gateway WHITE PAPER DECEMBER 2014 Federated Identity and Single Sign-On using Federation for websites, Web services, APIs and the Cloud K. Scott Morrison VP Engineering and Chief Architect 2 WHITE PAPER: FEDERATED

More information

Single Sign On. SSO & ID Management for Web and Mobile Applications

Single Sign On. SSO & ID Management for Web and Mobile Applications Single Sign On and ID Management Single Sign On SSO & ID Management for Web and Mobile Applications Presenter: Manish Harsh Program Manager for Developer Marketing Platforms of NVIDIA (Visual Computing

More information

The Essential OAuth Primer: Understanding OAuth for Securing Cloud APIs

The Essential OAuth Primer: Understanding OAuth for Securing Cloud APIs The Essential OAuth Primer: Understanding OAuth for Securing Cloud APIs Executive Overview A key technical underpinning of the Cloud is the Application Programming Interface (API). APIs provide consistent

More information

UNIVERSITY OF COLORADO Procurement Service Center INTENT TO SOLE SOURCE PROCUREMENT CU-JL39027649-SS. Single Sign-On (SSO) Solution

UNIVERSITY OF COLORADO Procurement Service Center INTENT TO SOLE SOURCE PROCUREMENT CU-JL39027649-SS. Single Sign-On (SSO) Solution UNIVERSITY OF COLORADO Procurement Service Center INTENT TO SOLE SOURCE PROCUREMENT CU-JL39027649-SS Single Sign-On (SSO) Solution For University Information Systems (UIS) May 9, 2013 2 University of Colorado

More information

OpenAM All-In-One solution to securely manage access to digital enterprise and customer services, anytime and anywhere.

OpenAM All-In-One solution to securely manage access to digital enterprise and customer services, anytime and anywhere. OpenAM All-In-One solution to securely manage access to digital enterprise and customer services, anytime and anywhere. OpenAM, the only all-in-one open source access management solution, provides the

More information

How to Extend Identity Security to Your APIs

How to Extend Identity Security to Your APIs How to Extend Identity Security to Your APIs Executive Overview The number of users and devices requesting access to applications is growing exponentially and enterprises are scrambling to adapt their

More information

EXTENDING SINGLE SIGN-ON TO AMAZON WEB SERVICES

EXTENDING SINGLE SIGN-ON TO AMAZON WEB SERVICES pingidentity.com EXTENDING SINGLE SIGN-ON TO AMAZON WEB SERVICES Best practices for identity federation in AWS Table of Contents Executive Overview 3 Introduction: Identity and Access Management in Amazon

More information

The Top 5 Federated Single Sign-On Scenarios

The Top 5 Federated Single Sign-On Scenarios The Top 5 Federated Single Sign-On Scenarios Table of Contents Executive Summary... 1 The Solution: Standards-Based Federation... 2 Service Provider Initiated SSO...3 Identity Provider Initiated SSO...3

More information

SINGLE & SAME SIGN-ON ASPECTS

SINGLE & SAME SIGN-ON ASPECTS SINGLE & SAME SIGN-ON ASPECTS OF AZURE ACTIVE DIRECTORY Harold Baele Senior ICT Trainer JULY 2, 2015 SLIDE 1 TRAINER INFO Harold Baele MCT at RealDolmen Education Harold.baele@realdolmen.com - @hbaele

More information

Identity. Provide. ...to Office 365 & Beyond

Identity. Provide. ...to Office 365 & Beyond Provide Identity...to Office 365 & Beyond Sponsored by shops around the world are increasingly turning to Office 365 Microsoft s cloud-based offering for email, instant messaging, and collaboration. A

More information

OpenID Connect 1.0 for Enterprise

OpenID Connect 1.0 for Enterprise OpenID Connect 1.0 for Enterprise By Paul Madsen Executive Overview In order to meet the challenges presented by the use of mobile apps and cloud services in the enterprise, a new generation of identity

More information

Easy as 1-2-3: The Steps to XE. Mark Hoye Services Portfolio Consultant

Easy as 1-2-3: The Steps to XE. Mark Hoye Services Portfolio Consultant Easy as 1-2-3: The Steps to XE Mark Hoye Services Portfolio Consultant September 25, 2015 Objective / Agenda Objective Provide relevant information about Banner XE Provide a framework for understanding

More information

Secure Your Enterprise with Usher Mobile Identity

Secure Your Enterprise with Usher Mobile Identity Secure Your Enterprise with Usher Mobile Identity Yong Qiao, Vice President of Software Engineering & Chief Security Architect, MicroStrategy Agenda Introduction to Usher Unlock the enterprise Dematerialize

More information

The Identity Defined Security Alliance

The Identity Defined Security Alliance The Identity Defined Security Alliance A combined solution for achieving Identity Defined Security Whether it s creation of an authentication ceremony, definition and enforcement of policy, enforcement

More information

Cloud Security: Is It Safe To Go In Yet?

Cloud Security: Is It Safe To Go In Yet? Cloud Security: Is It Safe To Go In Yet? Execu1ve Breakfast Roundtable June 22, 2011 Boston Chapter WAY TO GO BRUINS! Welcome, Introduc4ons AGENDA Legal Perspec4ve, Bingham McCutchen Break Featured Speakers

More information

Bringing Cloud Security Down to Earth. Andreas M Antonopoulos Senior Vice President & Founding Partner www.nemertes.com

Bringing Cloud Security Down to Earth. Andreas M Antonopoulos Senior Vice President & Founding Partner www.nemertes.com Bringing Cloud Security Down to Earth Andreas M Antonopoulos Senior Vice President & Founding Partner www.nemertes.com Agenda About Nemertes Cloud Dynamics and Adoption Assessing Risk of Cloud Services

More information

A Standards-based Mobile Application IdM Architecture

A Standards-based Mobile Application IdM Architecture A Standards-based Mobile Application IdM Architecture Abstract Mobile clients are an increasingly important channel for consumers accessing Web 2.0 and enterprise employees accessing on-premise and cloud-hosted

More information

The Role of Federation in Identity Management

The Role of Federation in Identity Management The Role of Federation in Identity Management August 19, 2008 Andrew Latham Solutions Architect Identity Management 1 The Role of Federation in Identity Management Agenda Federation Backgrounder Federation

More information

TrustedX: eidas Platform

TrustedX: eidas Platform TrustedX: eidas Platform Identification, authentication and electronic signature platform for Web environments. Guarantees identity via adaptive authentication and the recognition of either corporate,

More information

Customer Identity and Access Management (CIAM) Buyer s Guide

Customer Identity and Access Management (CIAM) Buyer s Guide Customer Identity and Access Management (CIAM) Buyer s Guide Shifting Marketplace Over the last five years, there has been a major shift in how enterprises need to look at and secure customer identities

More information

APIs The Next Hacker Target Or a Business and Security Opportunity?

APIs The Next Hacker Target Or a Business and Security Opportunity? APIs The Next Hacker Target Or a Business and Security Opportunity? SESSION ID: SEC-T07 Tim Mather VP, CISO Cadence Design Systems @mather_tim Why Should You Care About APIs? Amazon Web Services EC2 alone

More information

NCSU SSO. Case Study

NCSU SSO. Case Study NCSU SSO Case Study 2 2 NCSU Project Requirements and Goals NCSU Operating Environment Provide support for a number Apps and Programs Different vendors have their authentication databases End users must

More information

BOF2337 Open Source Identity and Access Management Expert Panel, Part II. 23 September 2013 5:30p Hilton - Golden Gate 6/7/8 San Francisco CA

BOF2337 Open Source Identity and Access Management Expert Panel, Part II. 23 September 2013 5:30p Hilton - Golden Gate 6/7/8 San Francisco CA Open Source Identity and Access Management Expert Panel, Part II 23 September 2013 5:30p Hilton - Golden Gate 6/7/8 San Francisco CA slide 2 Expert Panel Emmanuel Lécharny, Apache Software Foundation Howard

More information

Google Identity Services for work

Google Identity Services for work INTRODUCING Google Identity Services for work One account. All of Google Enter your email Next Online safety made easy We all care about keeping our data safe and private. Google Identity brings a new

More information

PRACTICAL IDENTITY AND ACCESS MANAGEMENT FOR CLOUD - A PRIMER ON THREE COMMON ADOPTION PATTERNS FOR CLOUD SECURITY

PRACTICAL IDENTITY AND ACCESS MANAGEMENT FOR CLOUD - A PRIMER ON THREE COMMON ADOPTION PATTERNS FOR CLOUD SECURITY PRACTICAL IDENTITY AND ACCESS MANAGEMENT FOR CLOUD - A PRIMER ON THREE COMMON ADOPTION PATTERNS FOR CLOUD SECURITY Shane Weeden IBM Session ID: CLD-W01 Session Classification: Advanced Agenda Cloud security

More information

Azure Active Directory

Azure Active Directory Azure Active Directory Your Cloud Identity Brian Mansure Azure Specialist bmansure@enpointe.com Agenda What Azure Active Directory is What Azure Active Directory is not Hybrid Identity Features Roadmap

More information

Mobile Identity and Edge Security Forum Sentry Security Gateway. Jason Macy CTO, Forum Systems jmacy@forumsys.com

Mobile Identity and Edge Security Forum Sentry Security Gateway. Jason Macy CTO, Forum Systems jmacy@forumsys.com Mobile Identity and Edge Security Forum Sentry Security Gateway Jason Macy CTO, Forum Systems jmacy@forumsys.com Evolution Evolution of Enterprise Identities Cloud Computing Iaas Infrastructure as a Service

More information

Simple Cloud Identity Management (SCIM)

Simple Cloud Identity Management (SCIM) Simple Cloud Identity Management (SCIM) Abstract The Simple Cloud Identity Management (SCIM) specification defines a simple, RESTful protocol for identity account management operations. SCIM s model is

More information

SAP API Management Power Digital Acceleration with APIs. Saad Syed

SAP API Management Power Digital Acceleration with APIs. Saad Syed SAP API Management Power Digital Acceleration with APIs Saad Syed new demands of the digital economy bigger scale broader range of devices more data faster speed 2015 SAP AG. All rights reserved. 2 2015

More information

Identity Management for the Cloud

Identity Management for the Cloud Identity Management for the Cloud New answers to old questions 10. Anwenderkonferenz Softwarequalität, Test und Innovationen 6. und 7. September 2012 Alpen-Adria-Universität Klagenfurt Dr. Horst Walther,

More information

managing SSO with shared credentials

managing SSO with shared credentials managing SSO with shared credentials Introduction to Single Sign On (SSO) All organizations, small and big alike, today have a bunch of applications that must be accessed by different employees throughout

More information

The Primer: Nuts and Bolts of Federated Identity Management

The Primer: Nuts and Bolts of Federated Identity Management The Primer: Nuts and Bolts of Federated Identity Management Executive Overview For any IT department, it is imperative to understand how your organization can securely manage and control users identities.

More information

Connecting Users with Identity as a Service

Connecting Users with Identity as a Service Ping Identity has demonstrated support for multiple workforce and external identity use cases, as well as strong service provider support. Gregg Kreizman Gartner 1 Connecting Users with Identity as a Service

More information

An Introduction to SCIM: System for Cross-Domain Identity Management

An Introduction to SCIM: System for Cross-Domain Identity Management An Introduction to SCIM: System for Cross-Domain Identity Management Nicholas Crown UnboundID Session ID: IAM-107A Session Classification: General Interest Agenda Why Standards-Based Provisioning? History

More information

Cloud Security/Access Control and Identity Management. Patrick McLaughlin, Oracle Fellow SAOUG: 14 November, 2011

Cloud Security/Access Control and Identity Management. Patrick McLaughlin, Oracle Fellow SAOUG: 14 November, 2011 Cloud Security/Access Control and Identity Management Patrick McLaughlin, Oracle Fellow SAOUG: 14 November, 2011 Agenda Evolution of IT and IdM Requirements Building and Securing Clouds Oracle Public Cloud

More information

Single-Sign-On between On-Premises and the Cloud: Leveraging Windows Azure Active Directory to authenticate custom solutions and Apps

Single-Sign-On between On-Premises and the Cloud: Leveraging Windows Azure Active Directory to authenticate custom solutions and Apps Sofia Event Center 14-15 May 2014 Single-Sign-On between On-Premises and the Cloud: Leveraging Windows Azure Active Directory to authenticate custom solutions and Apps Radi Atanassov SharePoint MCM & MVP

More information

CA Technologies Strategy and Vision for Cloud Identity and Access Management

CA Technologies Strategy and Vision for Cloud Identity and Access Management WHITE PAPER CLOUD IDENTITY AND ACCESS MANAGEMENT CA TECHNOLOGIES STRATEGY AND VISION FEBRUARY 2013 CA Technologies Strategy and Vision for Cloud Identity and Access Management Sumner Blount Merritt Maxim

More information

API-Security Gateway Dirk Krafzig

API-Security Gateway Dirk Krafzig API-Security Gateway Dirk Krafzig Intro Digital transformation accelerates application integration needs Dramatically increasing number of integration points Speed Security Industrial robustness Increasing

More information

Identity and Access Management (IAM) Across Cloud and On-premise Environments: Best Practices for Maintaining Security and Control

Identity and Access Management (IAM) Across Cloud and On-premise Environments: Best Practices for Maintaining Security and Control Identity and Access Management (IAM) Across Cloud and On-premise Environments: Best Practices for Maintaining Security and Control agility made possible Enterprises Are Leveraging Both On-premise and Off-premise

More information

IBM Tivoli Federated Identity Manager

IBM Tivoli Federated Identity Manager IBM Tivoli Federated Identity Manager Employ user-centric federated access management to enable secure online business collaboration Highlights Enhance business-to-business and business-to-consumer collaborations

More information

nexus Hybrid Access Gateway

nexus Hybrid Access Gateway Product Sheet nexus Hybrid Access Gateway nexus Hybrid Access Gateway nexus Hybrid Access Gateway uses the inherent simplicity of virtual appliances to create matchless security, even beyond the boundaries

More information

Secure Identity in Cloud Computing

Secure Identity in Cloud Computing Secure Identity in Cloud Computing Michelle Carter The Aerospace Corporation March 20, 2013 The Aerospace Corporation 2013 All trademarks, service marks, and trade names are the property of their respective

More information

Federated Identity for Cloud Computing and Cross-organization Collaboration

Federated Identity for Cloud Computing and Cross-organization Collaboration Federated Identity for Cloud Computing and Cross-organization Collaboration Steve Moitozo Strategy and Architecture SIL International 20110616.2 (ICCM) Follow me @SteveMoitozo2 2 Huge Claims You want federated

More information

WHITEPAPER. NAPPS: A Game-Changer for Mobile Single Sign-On (SSO)

WHITEPAPER. NAPPS: A Game-Changer for Mobile Single Sign-On (SSO) WHITEPAPER NAPPS: A Game-Changer for Mobile Single Sign-On (SSO) INTRODUCTION The proliferation of mobile applications, including mobile apps custom to an organization, makes the need for an SSO solution

More information

Software Requirement Specification Web Services Security

Software Requirement Specification Web Services Security Software Requirement Specification Web Services Security Federation Manager 7.5 Version 0.3 (Draft) Please send comments to: dev@opensso.dev.java.net This document is subject to the following license:

More information

Copyright Pivotal Software Inc, 2013-2015 1 of 10

Copyright Pivotal Software Inc, 2013-2015 1 of 10 Table of Contents Table of Contents Getting Started with Pivotal Single Sign-On Adding Users to a Single Sign-On Service Plan Administering Pivotal Single Sign-On Choosing an Application Type 1 2 5 7 10

More information

Mid-Project Report August 14 th, 2012. Nils Dussart 0961540

Mid-Project Report August 14 th, 2012. Nils Dussart 0961540 Mid-Project Report August 14 th, 2012 Nils Dussart 0961540 CONTENTS Project Proposal... 3 Project title... 3 Faculty Advisor... 3 Project Scope and Individual Student Learning Goals... 3 Proposed Product

More information

HEDM and Integration. Michael Agnew Vice President, Localization Solutions

HEDM and Integration. Michael Agnew Vice President, Localization Solutions HEDM and Integration Michael Agnew Vice President, Localization Solutions Agenda 1 The challenges faced 2 The potential benefits 3 How the HeDM relates to the Irish HE sector 4 Q&A The challenges faced

More information

Identity Management. Dave Romig, Sr Founder, CTO

Identity Management. Dave Romig, Sr Founder, CTO Identity Management Dave Romig, Sr Dave.Romig@TCSC.com Founder, CTO Identity Management What it is What it does What it means What it is Problem statement Connected apps must handle two functions Authenticate

More information

Masdar Institute Single Sign-On: Standards-based Identity Federation. John Mikhael ICT Department jmikhael@masdar.ac.ae

Masdar Institute Single Sign-On: Standards-based Identity Federation. John Mikhael ICT Department jmikhael@masdar.ac.ae Masdar Institute Single Sign-On: Standards-based Identity Federation John Mikhael ICT Department jmikhael@masdar.ac.ae Agenda The case for Single Sign-On (SSO) Types of SSO Standards-based Identity Federation

More information

MOBILITY. Transforming the mobile device from a security liability into a business asset. pingidentity.com

MOBILITY. Transforming the mobile device from a security liability into a business asset. pingidentity.com MOBILITY Transforming the mobile device from a security liability into a business asset. pingidentity.com Table of Contents Introduction 3 Three Technologies That Securely Unleash Mobile and BYOD 4 Three

More information

locuz.com Identity and Access Management Practice

locuz.com Identity and Access Management Practice locuz.com Identity and Access Management Practice Locuz has built a strong practice with field tested methodologies based on standards and proven frameworks, for providing Identity and Access Management

More information

MicroStrategy Enterprise Security. Secure your enterprise with MicroStrategy Usher, the revolutionary new enterprise security platform

MicroStrategy Enterprise Security. Secure your enterprise with MicroStrategy Usher, the revolutionary new enterprise security platform MicroStrategy Enterprise Security Secure your enterprise with MicroStrategy Usher, the revolutionary new enterprise security platform Nearly 90% of IT Security Professionals Are Concerned About A Data

More information

OpenID connect @ Deutsche telekom. Dr. Torsten Lodderstedt, Deutsche Telekom AG

OpenID connect @ Deutsche telekom. Dr. Torsten Lodderstedt, Deutsche Telekom AG OpenID connect @ Deutsche telekom Dr. Torsten Lodderstedt, Deutsche Telekom AG service ecosystem and Telekom Login Dr. Torsten Lodderstedt / OpenID Workshop @ IIW #18 2014-05-05 2 Open Standards: Our History

More information

Helping organizations secure and govern application services for SOA, Web and the Cloud

Helping organizations secure and govern application services for SOA, Web and the Cloud Helping organizations secure and govern application services for SOA, Web and the Cloud SOA WEB CLOUD layer7tech.com info@layer7tech.com @layer7 Layer 7 offers industry-leading XML security, runtime SOA

More information

Understanding Enterprise Cloud Governance

Understanding Enterprise Cloud Governance Understanding Enterprise Cloud Governance Maintaining control while delivering the agility of cloud computing Most large enterprises have a hybrid or multi-cloud environment comprised of a combination

More information

Final Project Report December 9, 2012. Cloud-based Authentication with Native Client Server Applications. Nils Dussart 0961540

Final Project Report December 9, 2012. Cloud-based Authentication with Native Client Server Applications. Nils Dussart 0961540 Final Project Report December 9, 2012 Cloud-based Authentication with Native Client Server Applications. Nils Dussart 0961540 CONTENTS Project Proposal... 4 Project title... 4 Faculty Advisor... 4 Introduction...

More information

Onegini Token server / Web API Platform

Onegini Token server / Web API Platform Onegini Token server / Web API Platform Companies and users interact securely by sharing data between different applications The Onegini Token server is a complete solution for managing your customer s

More information

Axway API Gateway. Version 7.4.1

Axway API Gateway. Version 7.4.1 O A U T H U S E R G U I D E Axway API Gateway Version 7.4.1 3 February 2016 Copyright 2016 Axway All rights reserved. This documentation describes the following Axway software: Axway API Gateway 7.4.1

More information

Trend of Federated Identity Management for Web Services

Trend of Federated Identity Management for Web Services 30 Trend of Federated Identity Management for Web Services Chulung Kim, Sangyong Han Abstract While Web service providers offer different approaches to implementing security, users of Web services demand

More information

Security of Cloud Computing for the Power Grid

Security of Cloud Computing for the Power Grid ANNUAL INDUSTRY WORKSHOP NOVEMBER 12-13, 2014 Security of Cloud Computing for the Power Grid Industry Panel November 12, 2014 UNIVERSITY OF ILLINOIS DARTMOUTH COLLEGE UC DAVIS WASHINGTON STATE UNIVERSITY

More information

SECURITY AND REGULATORY COMPLIANCE OVERVIEW

SECURITY AND REGULATORY COMPLIANCE OVERVIEW Powering Cloud IT SECURITY AND REGULATORY COMPLIANCE OVERVIEW BetterCloud for Office 365 Executive Summary BetterCloud provides critical insights, automated management, and intelligent data security for

More information

The increasing popularity of mobile devices is rapidly changing how and where we

The increasing popularity of mobile devices is rapidly changing how and where we Mobile Security BACKGROUND The increasing popularity of mobile devices is rapidly changing how and where we consume business related content. Mobile workforce expectations are forcing organizations to

More information

TrustedX - PKI Authentication. Whitepaper

TrustedX - PKI Authentication. Whitepaper TrustedX - PKI Authentication Whitepaper CONTENTS Introduction... 3 1... 4 Use Scenarios... 5 Operation... 5 Architecture and Integration... 6 SAML and OAuth 7 RESTful Web Services 8 Monitoring and Auditing...

More information

Enabling SSO for native applications

Enabling SSO for native applications Enabling SSO for native applications Paul Madsen Ping Identity Session ID: IAM F42B Session Classification: Intermediate Mobile Modes Source - 'How to Connect with Mobile Consumers' Yahoo! Overview Enterprise

More information

pingidentity.com IDENTITY SECURITY TRENDS IN THE MOBILE ERA

pingidentity.com IDENTITY SECURITY TRENDS IN THE MOBILE ERA pingidentity.com IDENTITY SECURITY TRENDS IN THE MOBILE ERA CONTENTS TRENDS IN IDENTITY SECURITY 3 INSIGHT #1 4 PRODUCTIVITY AND USER EXPERIENCE TRUMP EVERYTHING ELSE INSIGHT #2 5 SECURITY IS BOTH A LEADING

More information

How to Provide Secure Single Sign-On and Identity-Based Access Control for Cloud Applications

How to Provide Secure Single Sign-On and Identity-Based Access Control for Cloud Applications SOLUTION BRIEF: PROTECTING ACCESS TO THE CLOUD........................................ How to Provide Secure Single Sign-On and Identity-Based Access Control for Cloud Applications Who should read this

More information

SAML and OAUTH comparison

SAML and OAUTH comparison SAML and OAUTH comparison DevConf 2014, Brno JBoss by Red Hat Peter Škopek, pskopek@redhat.com, twitter: @pskopek Feb 7, 2014 Abstract SAML and OAuth are one of the most used protocols/standards for single

More information

HOL9449 Access Management: Secure web, mobile and cloud access

HOL9449 Access Management: Secure web, mobile and cloud access HOL9449 Access Management: Secure web, mobile and cloud access Kanishk Mahajan Principal Product Manager, Oracle September, 2014 Copyright 2014, Oracle and/or its affiliates. All rights reserved. Oracle

More information

Interoperate in Cloud with Federation

Interoperate in Cloud with Federation Interoperate in Cloud with Federation - Leveraging federation standards can accelerate Cloud computing adoption by resolving vendor lock-in issues and facilitate On Demand business requirements Neha Mehrotra

More information

Cloud SSO and Federated Identity Management Solutions and Services

Cloud SSO and Federated Identity Management Solutions and Services Cloud SSO and Federated Identity Management Solutions and Services Achieving Balance Between Availability and Protection Discussion Points What is Cloud Single Sign-On (SSO) What is Federated Identity

More information

Identity Management with Spring Security. Dave Syer, VMware, SpringOne 2011

Identity Management with Spring Security. Dave Syer, VMware, SpringOne 2011 Identity Management with Spring Security Dave Syer, VMware, SpringOne 2011 Overview What is Identity Management? Is it anything to do with Security? Some existing and emerging standards Relevant features

More information

SAML Security Option White Paper

SAML Security Option White Paper Fujitsu mpollux SAML Security Option White Paper Fujitsu mpollux Version 2.1 February 2009 First Edition February 2009 The programs described in this document may only be used in accordance with the conditions

More information

From the Intranet to Mobile. By Divya Mehra and Stian Thorgersen

From the Intranet to Mobile. By Divya Mehra and Stian Thorgersen ENTERPRISE SECURITY WITH KEYCLOAK From the Intranet to Mobile By Divya Mehra and Stian Thorgersen PROJECT TIMELINE AGENDA THE OLD WAY Securing monolithic web app relatively easy Username and password

More information

Pick an Identity and Access Management Standard, Any

Pick an Identity and Access Management Standard, Any Pick an Identity and Access Management Standard, Any Standard Andras Cser Principal Analyst Forrester Research, Inc. O l F d ti I C bl f Only Federation Is Capable of Meeting the Identity and Access Management

More information

Enable Your Applications for CAC and PIV Smart Cards

Enable Your Applications for CAC and PIV Smart Cards Enable Your Applications for CAC and PIV Smart Cards Executive Summary Since HSPD-2 was signed in 2004, government agencies have issued over 5 million identity badges. About 90% of government workers and

More information

CA Single Sign-On Migration Guide

CA Single Sign-On Migration Guide CA Single Sign-On Migration Guide Web access management (WAM) systems have been a part of enterprises for decades. It is critical to control access and audit applications while reducing the friction for

More information

SAML AS AN SSO STANDARD FOR CUSTOMER IDENTITY MANAGEMENT. How to Create a Frictionless, Secure Customer Identity Management Strategy

SAML AS AN SSO STANDARD FOR CUSTOMER IDENTITY MANAGEMENT. How to Create a Frictionless, Secure Customer Identity Management Strategy SAML AS AN SSO STANDARD FOR CUSTOMER IDENTITY MANAGEMENT How to Create a Frictionless, Secure Customer Identity Management Strategy PART 1: WHAT IS SAML? SAML in Context Security Assertion Markup Language

More information

People-Focused Access Management. Software Consulting Support Services

People-Focused Access Management. Software Consulting Support Services People-Focused Access Management Software Consulting Support Services A beautiful experience. Anytime, anywhere. Access: One is an industry-leading Access Management platform that provides you with versatile

More information

Biometric Single Sign-on using SAML Architecture & Design Strategies

Biometric Single Sign-on using SAML Architecture & Design Strategies Biometric Single Sign-on using SAML Architecture & Design Strategies Ramesh Nagappan Java Technology Architect Sun Microsystems Ramesh.Nagappan@sun.com 1 Setting Expectations What you can take away! Understand

More information

WHITEPAPER. 13 Questions You Must Ask When Integrating Office 365 With Active Directory

WHITEPAPER. 13 Questions You Must Ask When Integrating Office 365 With Active Directory WHITEPAPER 13 Questions You Must Ask When Integrating Office 365 With Active Directory Many organizations have begun their push to the cloud with a handful of applications. Microsoft s Office 365 offering

More information

Introduction to Identity Management. Sam Lee, Outblaze Ltd.

Introduction to Identity Management. Sam Lee, Outblaze Ltd. Introduction to Identity Management Sam Lee, Outblaze Ltd. Agenda Background Identity Management Single Sign-On Federation Future s Identity management Conclusions 2 Background Why identity management?

More information

ALF SSO: Security Framework for Tool Integration. Brian Carroll, Eclipse ALF Project Lead bcarroll@serena.com

ALF SSO: Security Framework for Tool Integration. Brian Carroll, Eclipse ALF Project Lead bcarroll@serena.com ALF SSO: Security Framework for Tool Integration Brian Carroll, Eclipse ALF Project Lead bcarroll@serena.com 2008 by Brian Carroll, Serena; made available under the EPL v1.0 March 2008 ALF: Is About Process

More information

White Paper. FFIEC Authentication Compliance Using SecureAuth IdP

White Paper. FFIEC Authentication Compliance Using SecureAuth IdP White Paper FFIEC Authentication Compliance Using SecureAuth IdP September 2015 Introduction Financial institutions today face an important challenge: They need to comply with guidelines established by

More information

Cloud-based Identity and Access Control for Diagnostic Imaging Systems

Cloud-based Identity and Access Control for Diagnostic Imaging Systems Cloud-based Identity and Access Control for Diagnostic Imaging Systems Weina Ma and Kamran Sartipi Department of Electrical, Computer and Software Engineering University of Ontario Institute of Technology

More information

Mobile Identity: Improved Cybersecurity, Easier to Use and Manage than Passwords. Mika Devonshire Associate Product Manager

Mobile Identity: Improved Cybersecurity, Easier to Use and Manage than Passwords. Mika Devonshire Associate Product Manager Mobile Identity: Improved Cybersecurity, Easier to Use and Manage than Passwords Mika Devonshire Associate Product Manager 1 Agenda 2 What is Cybersecurity? Quick overview of the core concepts 3 Cybercrime

More information

UAF Architectural Overview

UAF Architectural Overview 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 UAF Architectural Overview Specification Set: fido-uaf-v1.0-rd-20140209 REVIEW DRAFT Editors: Rob Philpott, RSA, the Security Division of EMC Sampath

More information

Authentication Strategy: Balancing Security and Convenience

Authentication Strategy: Balancing Security and Convenience Authentication Strategy: Balancing Security and Convenience Today s Identity and Access Security Strategies Are Being Driven by Two Critical Imperatives: Enable business growth by: Quickly deploying new

More information

Agenda. How to configure

Agenda. How to configure dlaw@esri.com Agenda Strongly Recommend: Knowledge of ArcGIS Server and Portal for ArcGIS Security in the context of ArcGIS Server/Portal for ArcGIS Access Authentication Authorization: securing web services

More information

IDC MarketScape: Worldwide Federated Identity Management and Single Sign-On 2014 Vendor Assessment

IDC MarketScape: Worldwide Federated Identity Management and Single Sign-On 2014 Vendor Assessment IDC MARKETSCAPE IDC MarketScape: Worldwide Federated Identity Management and Single Sign-On 2014 Vendor Assessment Sally Hudson Terry Frazier This IDC MarketScape Excerpt features: Ping Identity IDC MARKETSCAPE

More information

SAML SSO Configuration

SAML SSO Configuration SAML SSO Configuration Overview of Single Sign-, page 1 Benefits of Single Sign-, page 2 Overview of Setting Up SAML 2.0 Single Sign-, page 3 SAML 2.0 Single Sign- Differences Between Cloud-Based Meeting

More information