Federated Identity and Single Sign-On using CA API Gateway

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Federated Identity and Single Sign-On using CA API Gateway"

Transcription

1 WHITE PAPER DECEMBER 2014 Federated Identity and Single Sign-On using Federation for websites, Web services, APIs and the Cloud K. Scott Morrison VP Engineering and Chief Architect

2 2 WHITE PAPER: FEDERATED IDENTITY AND SINGLE SIGN-ON (SSO) USING CA TECHNOLOGIES ca.com Table of Contents Why do I need to federate identity? 3 Is federation the same as single sign-on (SSO)? 3 What standards address federated identity and SSO? 4 How does CA Technologies help me to federate SOAP Web Services? 5 STS 5 for Service Protection 7 XML VPN for Federating Applications 9 Can help me federate APIs? 10 Can you describe drop-in federation solution? 11 How do I use to provide single sign-on to my websites? 12 Why should I use for attribute-based access control? 12 How can federate existing LDAP and IAM systems with cloud-based SaaS services like Salesforce.com and Google Docs? 12 How does OAuth relate to federation and SSO? 14

3 3 WHITE PAPER: FEDERATED IDENTITY AND SINGLE SIGN-ON (SSO) USING CA TECHNOLOGIES ca.com Why do I need to federate identity? You need a federated identity solution if you have any of the following problems: Your organization has different division or branch offices that have their own directories and remote users need access to central IT resources. You have users with multiple passwords or other credentials that need to be mapped across applications. Your organization is merging with another that already has its own identity management system and you need to provide new users with access to existing applications. You need to provide internal users with single sign-on (SSO) services across various different Web applications. You are developing a mobile device strategy and need to manage access from a wide variety of remote applications. You need to provide local users with access to cloud services such as Salesforce.com and Google Docs. All these problems relate to different parts of federated identity. CA Technologies provides solutions that federate identity and provide SSO services for Web applications, Web services, APIs, mobile applications and the cloud. Is federation the same as single sign-on (SSO)? It is a common misconception that federation and SSO are simply different names for the same practice. While there is certainly overlap between the terms, SSO should be considered a subset of the larger category of identity federation. Identity federation addresses the problem of how to integrate separate identity silos. Identity silos (or islands) are very common occurrence in organizations. They occur when new applications introduce their own identity stores, such as directories or identity databases, instead of leveraging a centralized identity management system. They will also commonly occur during a merger or acquisition entrenched practices and technologies may make it difficult to merge existing identity stores into a single unified, authoritative source. The problem of siloed identity also extends beyond the boundaries of the enterprise. As partnerships and supply chains become increasingly interconnected, the need arises to manage applications and users that are not under direct control of any centralized authority but instead exist in autonomous security domains. Such inter-company connections are particularly difficult to manage because identity in both organizations may be changing continuously as people come and go, with no coordination between business partners.

4 4 WHITE PAPER: FEDERATED IDENTITY AND SINGLE SIGN-ON (SSO) USING CA TECHNOLOGIES ca.com Federated identity management is about the process and technology behind managing siloed identity. It describes the policies and procedures that govern access to applications and data from entities residing in another distinct security domain. This includes the overall management of trust relationships, access control strategies, identity mapping mechanics, policies and common protocols. SSO is subset of federation that deals specifically with reusing a single identity to authenticate across multiple domains. Federation is largely about architectural concepts, process and procedures. SSO, in contrast, is more concerned with technological approaches to solving the problem of individual users having to manage different identities for different applications. What standards address federated identity and SSO? There are a number of standards associated with federated identity management and SSO. One of the most important is the Security Assertion Markup Language or SAML for short. SAML provides a cryptographically secure mechanism for communicating acts of authentication, entitlements and attributes between security domains. It defines both the protocol and the process to enact SSO across domains and to implement components of an overall federation strategy. SAML includes profiles for both browser-based (passive) and service/api-based (active) communication scenarios. The passive profile, in particular, is the basis of most cloud-based SSO solutions, such as those offered by leading SaaS vendors Salesforce.com and Google Docs. It is also the most common SSO solution deployed within the enterprise. The active profiles are augmented by additional standards such as WS-Trust and WS-Federation. The WS-Trust standard defines a SOAP-based protocol for token interaction with a Security Token Service (STS), which can include validation and exchange of tokens, as well as trust brokerage between parties. For example, it describes how to exchange local credentials in return for issuance of a SAML token. WS- Federation builds on WS-Trust, defining typical federation scenarios and solutions for identity mapping, augmentation, token management, etc. It covers both active and passive profiles.

5 5 WHITE PAPER: FEDERATED IDENTITY AND SINGLE SIGN-ON (SSO) USING CA TECHNOLOGIES ca.com How does CA Technologies help me to federate SOAP Web Services? CA Technologies provides infrastructure that allows organizations to federate their Web services simply and easily, with no changes to code. CA Technologies provides federation solutions as deployment patterns of existing product lines, rather than single-purpose solutions. This has the advantage that the technology can also be applied to address general Web services security and management challenges. Figure 1: covers all aspects of federation and SSO, using general gateway solutions. Each component can work independently, with other vendor components or with other CA API Gateway components. For Federation and Single Sign-On (SSO) Directory STS XML VPN Services Service Gateway can be deployed to provide Security Token Services for a range of clients and to provide federated access control for individual services. also offers client-side federation support using its XML VPN product. Each of these deployment patterns is outlined below. The STS is the foundation infrastructure component of any federation or SSO strategy. It provides the ability to validate tokens or exchange tokens from one form to another (e.g. the exchange of username and password for a SAML token). Any can be deployed as a WS-Trust-compliant STS. The gateway provides both a native WS-Trust endpoint for drop-in federation solutions (described below) and a WS-Trust policy template that can easily be customized to meet any local integration challenges that a customer may be faced with. STS can be used for local SSO in the enterprise and to support federation scenarios between different organizations. Cloud Integration with (described in detail below) is an STS deployment for connecting to SaaS applications such as Salesforce.com or Google Docs.

6 6 WHITE PAPER: FEDERATED IDENTITY AND SINGLE SIGN-ON (SSO) USING CA TECHNOLOGIES ca.com Figure 2: line supports the most common enterprise federation and SSO scenarios. STS Scenario #1: Internal Enterprise SSO Securely connect enterprises applications: Leverage existing IAM infrastructure May identities Track and monitor usage STS Scenario #2: Enterprise-to-Enterprise Federation Securely connect two enterprises: Leverage existing IAM infrastructure May domains Adapt tokens Track and monitor usage Applications Applications Existing IAM Enterprise Enterprise B STS Existing IAM Application Enterprise A STS This solution is able to leverage the existing identity provider framework. This offers direct connection into most directory and Identity and Access Management (IAM) products, including: Generic LDAP Generic database Microsoft Active Directory Tivoli Access Manager Oracle Access Manager OpenSSO CA Single Sign-On (formerly CA SiteMinder) RSA ClearTrust These connectors allow organizations to preserve investments and leverage expertise in existing IAM infrastructure, extending it into the SSO space. STS deployment acts as a minimallyintrusive layer over an organization s identity stores and can leverage existing groups, roles and access control rule sets. This is a far more cost-effective and flexible solution than vendor-specific STS add-ons, which are typically very expensive and limited in the federation scenarios they support. includes a template-driven approach to providing STS means token exchange can be entirely customized to meet an organization s federation challenges. The WS-Trust templates constitute a script that validates identity, interacts with identity stores and generates return tokens. It works out-of-the-box for common federation and SSO scenarios but can easily be augmented to meet the most demanding specialized requirements.

7 7 WHITE PAPER: FEDERATED IDENTITY AND SINGLE SIGN-ON (SSO) USING CA TECHNOLOGIES ca.com This template-based approach promotes customized identity mapping functions within the context of a WS-Trust transaction. For example, formulaic mappings, such as string transformations of names, can easily be integrated within the policy and used as input into generated SAML assertions. This is invaluable for federation challenges where naming conventions differ between security domains and need to be reconciled at run time. also provides full access to directory attributes associated with identities. This allows custom tokens to be constructed with authoritative attribute declarations an essential feature in Attribute- Based Access Control (ABAC) regimes. The WS-Trust policy in policy can leverage the full range of potential incoming security tokens, including: HTTP basic authentication HTTP digest SSL -side certificate authentication X.509 signatures in SOAP messages SAML token in HTTP headers SAML Token Profile in WS-Security Kerberos (Windows Integrated Authentication) Kerberos binding to SOAP messages WS-Trust is not limited to SAML token issuance. STS can alternatively return most of the credential types listed above, providing absolute flexibility in complex federation scenarios. for Service Protection can also be deployed in front of Web services servers to provide access control for federated services. This removes the complexity of token processing, administration of trust relationships and audit from the application and centralizes this for all services. This logical shift to a more declarative style of security management means that dedicated security administrators can assume responsibility to all application access control, ensuring that the security policy is consistent with corporate requirements.

8 8 WHITE PAPER: FEDERATED IDENTITY AND SINGLE SIGN-ON (SSO) USING CA TECHNOLOGIES ca.com Figure 3: deployed to federate and protect services and APIs. Service Gateway Protect Services and APIs: Evaluate tokens against trust relationships Broad token support Manage trust Audit all usage Web Service Server Federated Message with Security Token Administer The policy-based access control system in can accommodate most security token types. Also, it integrates with existing infrastructure such as directories and IAM. The internal STS capabilities of the gateway can be leveraged for identity mapping functions or strict token validation. additionally provides a rich trust-management interface that simplifies management of federated partners. This features integral CRL and OCSP support, to ensure that the integrity of the Web of trust is maintained. All cryptographic functions are FIPS-compliant and hardware gateway instances feature available integration with leading Hardware Security Modules (HSMs) from Thales and SafeNet. can also incorporate XACML access control rules directly into policy or communicate with remote XACML Policy Decision Points (PDPs) using the XACML protocol. Integration with other external PDPs is possible using SAMLP and WS-Trust protocols. features very rich and configurable SAML token processing, allowing support for virtually any federation or SSO scenario. SAML tokens can be extracted from transport headers (such as HTTP) or isolated in SOAP messages under the WS-Security SAML token profile standard. It supports both SAML bearer tokens protected with SSL and more sophisticated WS-Security-based bindings for SAML, including holder-of-key and sender-vouches-style tokens cryptographically bound into messages. Token evaluation is completely flexible, allowing simple access control based on trust relationship or adoption of more sophisticated methods such as ABAC using SAML attribute assertions. Finally, all other aspects of security supported by are available to ensure that services are fully protected in one place. This includes features such as message content validation, automated threat detection, audit, transformation, throttling, traffic shaping and content or state-based routing.

9 9 WHITE PAPER: FEDERATED IDENTITY AND SINGLE SIGN-ON (SSO) USING CA TECHNOLOGIES ca.com XML VPN for Federating Applications XML VPN is a small-footprint, client-side application that helps to rapidly on-board clients in Web services federation scenarios. This eliminates the burden of implementing federation and SSO functions in code, thus ensuring that federation is done right the first time. The XML VPN interacts with a remote a remote to load the most up-to-date policy in effect. It then automatically coordinates SAML security token acquisition with a local STS, buffering the token for all transactions across the token s lifetime and automatically inserting it into transactions destined for a remote service. The XML VPN integrates with local STS using the standards-based WS-Trust protocol. It can integrate with either a either a STS or a third-party STS such as Microsoft s ADFS. Figure 4: The XML VPN can federate client applications without requiring any changes to code. Rapid -Side Federation Using the XML VPN Securely connect enterprises applications: Leverage existing IAM infrastructure Automatically aquite and use tokens Automatically secure messages according to policy Track and monitor usage Web Service Endpoints CA API Gateway Enterprise A Local STS XML VPN Standalone Federated Web Service Endpoint Application Remote Branch of Enterprise A

10 10 WHITE PAPER: FEDERATED IDENTITY AND SINGLE SIGN-ON (SSO) USING CA TECHNOLOGIES ca.com The XML VPN solution is particularly well suited to federating branch office applications and to rapidly federating applications during organizational mergers and acquisitions. Can help me federate APIs? The emerging API paradigm is based on RESTful design, JSON data structures and OAuth security tokens. has always supported REST-style messaging. The policy language treats JSON as a firstclass citizen beside XML. The OAuth toolkit provides rich OAuth integration capabilities 1. The SAML capabilities in are entirely applicable to SAML bearer tokens carried as transport payload. This allows sophisticated federation models including access control paradigms such as ABAC to be applied to APIs, not just SOAP endpoints. can also be used to bridge between existing SAML SSO systems and newer OAuth-based API interactions. policy language provides the perfect vehicle for articulating rules designed to bridge between these two important token formats. Figure 5: Federating APIs using OAuth and SAML enforcement uses CA API Gateway to enact access control policies. API Federation -side Federation without code: Leverage existing IAM infrastructure Automatically aquite and use tokens Automatically secure messages according to policy Track and monitor usage API Servers Mobile OAuth Gateway Enterprise A Message bearer SAML token in transport header, protected by SSL JavaScript App Mashup Web App

11 11 WHITE PAPER: FEDERATED IDENTITY AND SINGLE SIGN-ON (SSO) USING CA TECHNOLOGIES ca.com Can you describe drop-in federation solution? can provide a complete, turnkey federation solution that is able to federate SOAP Web services with no modifications to client or server code. The solution consists of: A service-access gateway deployed in the enterprise, to manage secure service access A gateway deployed as an STS at the client site The XML VPN, to coordinate token acquisition and securing of messages for the client This is depicted in the figure below: Figure 6: Drop-in federation for Web services, using CA API Gateway Drop-In Federation Using Complete federation solution without code: Leverage existing IAM infrastructure Automatically aquite and use tokens Automatically secure messages according to policy Track and monitor usage Applications CA API Gateway Enterprise A CA API Gateway STS XML VPN Application Remote Branch of Enterprise A

12 12 WHITE PAPER: FEDERATED IDENTITY AND SINGLE SIGN-ON (SSO) USING CA TECHNOLOGIES ca.com How do I use to provide single sign-on to my websites? can provide Security Token Services that allow browser-based clients to perform SSO with internal or partner Web applications. This deployment pattern for is described above. It makes use of standards-based SAML profiles to allow a single credential to be used once in order to access any number of local Web sites. The Web applications must be configured to locally perform access control based on standard SAML SSO profiles. Most modern Web application servers can easily be configured to consume SAML tokens and enforce trust relationships. Why should I use for attribute-based access control? provides an excellent solution for implementing ABAC schemes. policy language can easily be configured to evaluate rules based on any combination of attributes associated with a transaction. Attributes can be mined from SAML assertions, extracted from X.509 certificate fields or dynamically queried from directory or proprietary attribute services. Rule sets can easily be expressed using the policy language. The gateway also incorporates an on-board XACML engine, allowing attribute evaluation rules to be expressed in a standards-based way. Additionally, the gateway can integrate with external, standalone XACML policy servers, using the XACML PDP query language, as well any other PDPs that support the SAMLP protocol. How can federate existing LDAP and IAM systems with cloud-based SaaS services like Salesforce.com and Google Docs? Cloud integration with includes templates that enable SSO to any cloud-based SaaS applications that use SAML as a means of access. It is deployed as an STS overlay on the user s existing Identity and Access Management (IAM) infrastructure, thus extending existing identity assets into the cloud.

13 13 WHITE PAPER: FEDERATED IDENTITY AND SINGLE SIGN-ON (SSO) USING CA TECHNOLOGIES ca.com Figure 7: Cloud Single Sign-On using STS Scenario #3: SaaS Cloud SSO Securely connect to the cloud: Leverage existing IAM infrastructure Track usage Existing IAM STS Enterprise supports standardized SAML browser profiles. Because there is considerable variation between different SaaS implementations, has provided SaaS SSO templates that can easily be adapted to accommodate local differences. The rich policy language can easily be used to build custom authorization schemes, exchange tokens or integrate with local IAM infrastructure.

14 14 WHITE PAPER: FEDERATED IDENTITY AND SINGLE SIGN-ON (SSO) USING CA TECHNOLOGIES ca.com Figure 8: Administrators have full access to SaaS SSO templates, allowing simple customization to accommodate local How does OAuth relate to federation and SSO? OAuth is primarily a means of authentication and limited, delegated federation, rather than a full-blown federation or SSO model. It was developed as a solution to the password anti-pattern, a bad practice that multi-site Web applications sometimes resorted to as a means of lightweight, user-driven federation. OAuth allows a user who has separate accounts on two sites to effectively federate these for certain functions. For example, a user of Twitter might want to post tweets on his or her Facebook wall (thus federating the accounts). OAuth provides a means to do this without forcing the user to share credentials between sites. There are interesting overlaps between what can be accomplished with SAML and what can be done with the emerging OAuth specifications (particularly the OAuth 2.0 spec). These are beyond the scope of this white paper. At present, OAuth is mainly finding application in user-delegated account federation on Web sites, with an emphasis on social networking sites (largely because of the developer culture at these organizations). In these cases, OAuth is used as the security token in API calls. SAML appears more commonly in enterprise or cloud-based SaaS applications. There are some interesting emerging approaches for exchanging SAML tokens acquired using a browser-based profile for OAuth tokens that can be used by APIs running within the context of a browser user agent. has policy templates available that implement some of these scenarios. However, this is presently very much a moving target with little standardization between implementations. provides an OAuth toolkit, consisting of several policy assertions that constitute the building blocks of OAuth applications. The Toolkit also includes policy templates that leverage these assertions to provide basic OAuth functions such as distributed authorization services, user access management and API access control.

15 15 WHITE PAPER: FEDERATED IDENTITY AND SINGLE SIGN-ON (SSO) USING CA TECHNOLOGIES Figure 9: s deployed as an OAuth Authorization Server (AS) and protecting a Resource Server (RS) Enterprise OAuth Using Authorization Server (AS) Enterprise Resources Owner (RO) The AS and RS functions can be combined into a single gateway, or distributed across the network. Resources Server (RS) Learn more at ca.com/api Connect with CA Technologies at ca.com CA Technologies (NASDAQ: CA) creates software that fuels transformation for companies and enables them to seize the opportunities of the application economy. Software is at the heart of every business, in every industry. From planning to development to management and security, CA is working with companies worldwide to change the way we live, transact and communicate across mobile, private and public cloud, distributed and mainframe environments. Learn more at ca.com. 1 OAuth support in is described in a dedicated white paper. Copyright 2014 CA. All rights reserved. All trademarks, trade names, service marks and logos referenced herein belong to their respective companies. This document is for your informational purposes only and to the extent permitted by applicable law, CA provides it as is without warranty of any kind, including, without limitation, any implied warranties of merchantability, fitness for a particular purpose, or noninfringement. The information in this document is based upon CA s experiences with the referenced software products in a variety of development and customer environments. Past performance of the software products in such development and customer environments is not indicative of the future performance of such software products in identical, similar or different environments. In no event will CA be liable for any loss or damage, direct or indirect, from the use of this document, including, without limitation, lost profits, business interruption, goodwill or lost data, even if CA is expressly advised in advance of the possibility of such damages. CS200_87497_1214

Federated single sign-on (SSO) and identity management. Secure mobile access. Social identity integration. Automated user provisioning.

Federated single sign-on (SSO) and identity management. Secure mobile access. Social identity integration. Automated user provisioning. PingFederate We went with PingFederate because it s based on standards like SAML, which are important for a secure implementation. John Davidson Senior Product Manager, Opower PingFederate is the leading

More information

5 Pillars of API Management with CA Technologies

5 Pillars of API Management with CA Technologies 5 Pillars of API Management with CA Technologies Introduction: Managing the new open enterprise Realizing the Opportunities of the API Economy Across industry sectors, the boundaries of the traditional

More information

Identity and Access Management (IAM) Across Cloud and On-premise Environments: Best Practices for Maintaining Security and Control

Identity and Access Management (IAM) Across Cloud and On-premise Environments: Best Practices for Maintaining Security and Control Identity and Access Management (IAM) Across Cloud and On-premise Environments: Best Practices for Maintaining Security and Control agility made possible Enterprises Are Leveraging Both On-premise and Off-premise

More information

OPENIAM ACCESS MANAGER. Web Access Management made Easy

OPENIAM ACCESS MANAGER. Web Access Management made Easy OPENIAM ACCESS MANAGER Web Access Management made Easy TABLE OF CONTENTS Introduction... 3 OpenIAM Access Manager Overview... 4 Access Gateway... 4 Authentication... 5 Authorization... 5 Role Based Access

More information

CA Federation Manager

CA Federation Manager PRODUCT BRIEF: CA FEDERATION MANAGER CA FEDERATION MANAGER PROVIDES STANDARDS-BASED IDENTITY FEDERATION CAPABILITIES THAT ENABLE THE USERS OF ONE ORGANIZATION TO EASILY AND SECURELY ACCESS THE DATA AND

More information

identity as the new perimeter: securely embracing cloud, mobile and social media agility made possible

identity as the new perimeter: securely embracing cloud, mobile and social media agility made possible identity as the new perimeter: securely embracing cloud, mobile and social media agility made possible IT transformation and evolving identities A number of technology trends, including cloud, mobility,

More information

TECHNOLOGY BRIEF: INTEGRATED IDENTITY AND ACCESS MANAGEMENT (IAM) An Integrated Architecture for Identity and Access Management

TECHNOLOGY BRIEF: INTEGRATED IDENTITY AND ACCESS MANAGEMENT (IAM) An Integrated Architecture for Identity and Access Management TECHNOLOGY BRIEF: INTEGRATED IDENTITY AND ACCESS MANAGEMENT (IAM) An Integrated Architecture for Identity and Access Management Table of Contents Executive Summary 1 SECTION 1: CHALLENGE 2 The Need for

More information

The Top 5 Federated Single Sign-On Scenarios

The Top 5 Federated Single Sign-On Scenarios The Top 5 Federated Single Sign-On Scenarios Table of Contents Executive Summary... 1 The Solution: Standards-Based Federation... 2 Service Provider Initiated SSO...3 Identity Provider Initiated SSO...3

More information

An Enterprise Architect s Guide to API Integration for ESB and SOA

An Enterprise Architect s Guide to API Integration for ESB and SOA An Enterprise Architect s Guide to API Integration for ESB and SOA The New Digital Imperative While some are still adjusting to the idea, you re well aware that we re living in an application economy.

More information

Product overview. CA SiteMinder lets you manage and deploy secure web applications to: Increase new business opportunities

Product overview. CA SiteMinder lets you manage and deploy secure web applications to: Increase new business opportunities PRODUCT SHEET: CA SiteMinder CA SiteMinder we can CA SiteMinder provides a centralized security management foundation that enables the secure use of the web to deliver applications and cloud services to

More information

An Oracle White Paper Dec 2013. Oracle Access Management Security Token Service

An Oracle White Paper Dec 2013. Oracle Access Management Security Token Service An Oracle White Paper Dec 2013 Oracle Access Management Security Token Service Disclaimer The following is intended to outline our general product direction. It is intended for information purposes only,

More information

expanding web single sign-on to cloud and mobile environments agility made possible

expanding web single sign-on to cloud and mobile environments agility made possible expanding web single sign-on to cloud and mobile environments agility made possible the world of online business is rapidly evolving In years past, customers once tiptoed cautiously into the realm of online

More information

EXTENDING SINGLE SIGN-ON TO AMAZON WEB SERVICES

EXTENDING SINGLE SIGN-ON TO AMAZON WEB SERVICES pingidentity.com EXTENDING SINGLE SIGN-ON TO AMAZON WEB SERVICES Best practices for identity federation in AWS Table of Contents Executive Overview 3 Introduction: Identity and Access Management in Amazon

More information

CA Single Sign-On r12.x (CA SiteMinder) Implementation Proven Professional Exam

CA Single Sign-On r12.x (CA SiteMinder) Implementation Proven Professional Exam CA Single Sign-On r12.x (CA SiteMinder) Implementation Proven Professional Exam (CAT-140) Version 1.4 - PROPRIETARY AND CONFIDENTIAL INFORMATION - These educational materials (hereinafter referred to as

More information

Closing the Biggest Security Hole in Web Application Delivery

Closing the Biggest Security Hole in Web Application Delivery WHITE PAPER DECEMBER 2014 Closing the Biggest Security Hole in Web Application Delivery Addressing Session Hijacking with CA Single Sign-On Enhanced Session Assurance with DeviceDNA Martin Yam CA Security

More information

Designing a CA Single Sign-On Architecture for Enhanced Security

Designing a CA Single Sign-On Architecture for Enhanced Security WHITE PAPER FEBRUARY 2015 Designing a CA Single Sign-On Architecture for Enhanced Security Using existing settings for a higher-security architecture 2 WHITE PAPER: DESIGNING A CA SSO ARCHITECTURE FOR

More information

Flexible Identity Federation

Flexible Identity Federation Flexible Identity Federation Quick start guide version 1.0.1 Publication history Date Description Revision 2015.09.23 initial release 1.0.0 2015.12.11 minor updates 1.0.1 Copyright Orange Business Services

More information

Single Sign-on to Salesforce.com with CA Federation Manager

Single Sign-on to Salesforce.com with CA Federation Manager TECHNOLOGY BRIEF: SINGLE SIGN-ON TO SALESFORCE.COM WITH CA FEDERATION MANAGER Single Sign-on to Salesforce.com with CA Federation Manager TOMMY CHENG, PRINCIPAL ENGINEERING SERVICES ARCHITECT, CA PETER

More information

IBM Tivoli Federated Identity Manager

IBM Tivoli Federated Identity Manager IBM Tivoli Federated Identity Manager Employ user-centric federated access management to enable secure online business collaboration Highlights Enhance business-to-business and business-to-consumer collaborations

More information

1 CA SECURITY SAAS VALIDATION PROGRAM 2015 ca.com. CA Security SaaS Validation Program. Copyright 2015 CA. All Rights Reserved.

1 CA SECURITY SAAS VALIDATION PROGRAM 2015 ca.com. CA Security SaaS Validation Program. Copyright 2015 CA. All Rights Reserved. 1 CA SECURITY SAAS VALIDATION PROGRAM 2015 ca.com CA Security SaaS Validation Program 2 CA SECURITY SAAS VALIDATION PROGRAM 2015 ca.com At a Glance KEY BENEFITS/ RESULTS The CA Security SaaS Validation

More information

PingFederate. SSO Integration Overview

PingFederate. SSO Integration Overview PingFederate SSO Integration Overview 2006-2012 Ping Identity Corporation. All rights reserved. PingFederate SSO Integration Overview Version 6.6 January, 2012 Ping Identity Corporation 1001 17th Street,

More information

Managing SOA Security and Operations with SecureSpan

Managing SOA Security and Operations with SecureSpan Managing SOA Security and Operations with SecureSpan Francois Lascelles Technical Director, Layer 7 Technologies 1 Customers Revenue About Layer 7 Layer 7 is the leading vendor of security and governance

More information

solution brief February 2012 How Can I Obtain Identity And Access Management as a Cloud Service?

solution brief February 2012 How Can I Obtain Identity And Access Management as a Cloud Service? solution brief February 2012 How Can I Obtain Identity And Access Management as a Cloud Service? provides identity and access management capabilities as a hosted cloud service. This allows you to quickly

More information

Can I customize my identity management deployment without extensive coding and services?

Can I customize my identity management deployment without extensive coding and services? SOLUTION BRIEF CONNECTOR XPRESS AND POLICY XPRESS UTILITIES IN CA IDENTITY MANAGER Can I customize my identity management deployment without extensive coding and services? SOLUTION BRIEF CA DATABASE MANAGEMENT

More information

The Primer: Nuts and Bolts of Federated Identity Management

The Primer: Nuts and Bolts of Federated Identity Management The Primer: Nuts and Bolts of Federated Identity Management Executive Overview For any IT department, it is imperative to understand how your organization can securely manage and control users identities.

More information

CA SiteMinder SSO Agents for ERP Systems

CA SiteMinder SSO Agents for ERP Systems PRODUCT SHEET: CA SITEMINDER SSO AGENTS FOR ERP SYSTEMS CA SiteMinder SSO Agents for ERP Systems CA SiteMinder SSO Agents for ERP Systems help organizations minimize sign-on requirements and increase security

More information

Identity. Provide. ...to Office 365 & Beyond

Identity. Provide. ...to Office 365 & Beyond Provide Identity...to Office 365 & Beyond Sponsored by shops around the world are increasingly turning to Office 365 Microsoft s cloud-based offering for email, instant messaging, and collaboration. A

More information

Introduction to SAML

Introduction to SAML Introduction to THE LEADER IN API AND CLOUD GATEWAY TECHNOLOGY Introduction to Introduction In today s world of rapidly expanding and growing software development; organizations, enterprises and governments

More information

Authentication Strategy: Balancing Security and Convenience

Authentication Strategy: Balancing Security and Convenience Authentication Strategy: Balancing Security and Convenience Today s Identity and Access Security Strategies Are Being Driven by Two Critical Imperatives: Enable business growth by: Quickly deploying new

More information

can I customize my identity management deployment without extensive coding and services?

can I customize my identity management deployment without extensive coding and services? SOLUTION BRIEF Connector Xpress and Policy Xpress Utilities in CA IdentityMinder can I customize my identity management deployment without extensive coding and services? agility made possible You can.

More information

Securely Managing and Exposing Web Services & Applications

Securely Managing and Exposing Web Services & Applications Securely Managing and Exposing Web Services & Applications Philip M Walston VP Product Management Layer 7 Technologies Layer 7 SecureSpan Products Suite of security and networking products to address the

More information

Architecture in the API Era

Architecture in the API Era Architecture in the API Era Mark Sigda Senior Principal Consultant, CA Technologies May 21, 2015 ITARC Stockholm, Sweden Mark Sigda Fort Collins, Colorado, USA IASA member since 2007 CITA-F Certified MCAD

More information

White Paper Cybercom & Axiomatics Joint Identity & Access Management (R)evolution

White Paper Cybercom & Axiomatics Joint Identity & Access Management (R)evolution White Paper Cybercom & Axiomatics Joint Identity & Access Management (R)evolution Federation and Attribute Based Access Control Page 2 Realization of the IAM (R)evolution Executive Summary Many organizations

More information

Security Services. Benefits. The CA Advantage. Overview

Security Services. Benefits. The CA Advantage. Overview PRODUCT BRIEF: CA SITEMINDER FEDERATION SECURITY SERVICES CA SiteMinder Federation Security Services CA SITEMINDER FEDERATION SECURITY SERVICES EXTENDS THE WEB SINGLE SIGN-ON EXPERIENCE PROVIDED BY CA

More information

CA Performance Center

CA Performance Center CA Performance Center Single Sign-On User Guide 2.4 This Documentation, which includes embedded help systems and electronically distributed materials, (hereinafter referred to as the Documentation ) is

More information

How to Provide Secure Single Sign-On and Identity-Based Access Control for Cloud Applications

How to Provide Secure Single Sign-On and Identity-Based Access Control for Cloud Applications SOLUTION BRIEF: PROTECTING ACCESS TO THE CLOUD........................................ How to Provide Secure Single Sign-On and Identity-Based Access Control for Cloud Applications Who should read this

More information

OpenAM All-In-One solution to securely manage access to digital enterprise and customer services, anytime and anywhere.

OpenAM All-In-One solution to securely manage access to digital enterprise and customer services, anytime and anywhere. OpenAM All-In-One solution to securely manage access to digital enterprise and customer services, anytime and anywhere. OpenAM, the only all-in-one open source access management solution, provides the

More information

SOLUTION BRIEF Enterprise Mobility Management. Critical Elements of an Enterprise Mobility Management Suite

SOLUTION BRIEF Enterprise Mobility Management. Critical Elements of an Enterprise Mobility Management Suite SOLUTION BRIEF Enterprise Mobility Management Critical Elements of an Enterprise Mobility Management Suite CA Technologies is unique in delivering Enterprise Mobility Management: the integration of the

More information

Secure Identity in Cloud Computing

Secure Identity in Cloud Computing Secure Identity in Cloud Computing Michelle Carter The Aerospace Corporation March 20, 2013 The Aerospace Corporation 2013 All trademarks, service marks, and trade names are the property of their respective

More information

Single Sign On. SSO & ID Management for Web and Mobile Applications

Single Sign On. SSO & ID Management for Web and Mobile Applications Single Sign On and ID Management Single Sign On SSO & ID Management for Web and Mobile Applications Presenter: Manish Harsh Program Manager for Developer Marketing Platforms of NVIDIA (Visual Computing

More information

agility made possible

agility made possible SOLUTION BRIEF CA Technologies and NetApp Integrated Service Automation Across the Data Center can you automate the provisioning and management of both virtual and physical resources across your data center

More information

CA Nimsoft Service Desk

CA Nimsoft Service Desk CA Nimsoft Service Desk Single Sign-On Configuration Guide 6.2.6 This Documentation, which includes embedded help systems and electronically distributed materials, (hereinafter referred to as the Documentation

More information

USING FEDERATED AUTHENTICATION WITH M-FILES

USING FEDERATED AUTHENTICATION WITH M-FILES M-FILES CORPORATION USING FEDERATED AUTHENTICATION WITH M-FILES VERSION 1.0 Abstract This article provides an overview of federated identity management and an introduction on using federated authentication

More information

CA Process Automation

CA Process Automation PRODUCT SHEET: CA Process Automation we can CA Process Automation CA Process Automation enables enterprise organizations to design, deploy and administer automation of manual, resource-intensive and often

More information

Extend and Enhance AD FS

Extend and Enhance AD FS Extend and Enhance AD FS December 2013 Sponsored By Contents Extend and Enhance AD FS By Sean Deuby Introduction...2 Web Service SSO Architecture...3 AD FS Overview...5 Ping Identity Solutions...7 Synergy

More information

Helping organizations secure and govern application services for SOA, Web and the Cloud

Helping organizations secure and govern application services for SOA, Web and the Cloud Helping organizations secure and govern application services for SOA, Web and the Cloud SOA WEB CLOUD layer7tech.com info@layer7tech.com @layer7 Layer 7 offers industry-leading XML security, runtime SOA

More information

Enterprise On The Go: 5 Essentials For BYOD & Mobile Enablement

Enterprise On The Go: 5 Essentials For BYOD & Mobile Enablement Enterprise On The Go: 5 Essentials For BYOD & Mobile Enablement Introduction: The Opportunities & Challenges of Enterprise Mobility Apps & the Enterprise The existence of smartphones and tablets able to

More information

The Essential OAuth Primer: Understanding OAuth for Securing Cloud APIs

The Essential OAuth Primer: Understanding OAuth for Securing Cloud APIs The Essential OAuth Primer: Understanding OAuth for Securing Cloud APIs Executive Overview A key technical underpinning of the Cloud is the Application Programming Interface (API). APIs provide consistent

More information

managing SSO with shared credentials

managing SSO with shared credentials managing SSO with shared credentials Introduction to Single Sign On (SSO) All organizations, small and big alike, today have a bunch of applications that must be accessed by different employees throughout

More information

Using Layer 7 s API Gateway for vcloud Architectures How to achieve abstraction, security and management of vcloud APIs.

Using Layer 7 s API Gateway for vcloud Architectures How to achieve abstraction, security and management of vcloud APIs. Using Layer 7 s API Gateway for vcloud Architectures How to achieve abstraction, security and management of vcloud APIs White Paper Contents Executive Summary... 3 Why Use an API Gateway with vcloud...

More information

TrustedX - PKI Authentication. Whitepaper

TrustedX - PKI Authentication. Whitepaper TrustedX - PKI Authentication Whitepaper CONTENTS Introduction... 3 1... 4 Use Scenarios... 5 Operation... 5 Architecture and Integration... 6 SAML and OAuth 7 RESTful Web Services 8 Monitoring and Auditing...

More information

SAP NetWeaver Single Sign-On. Product Management SAP NetWeaver Identity Management & Security June 2011

SAP NetWeaver Single Sign-On. Product Management SAP NetWeaver Identity Management & Security June 2011 NetWeaver Single Sign-On Product Management NetWeaver Identity Management & Security June 2011 Agenda NetWeaver Single Sign-On: Solution overview Key benefits of single sign-on Solution positioning Identity

More information

White paper December 2008. Addressing single sign-on inside, outside, and between organizations

White paper December 2008. Addressing single sign-on inside, outside, and between organizations White paper December 2008 Addressing single sign-on inside, outside, and between organizations Page 2 Contents 2 Overview 4 IBM Tivoli Unified Single Sign-On: Comprehensively addressing SSO 5 IBM Tivoli

More information

The Role of Identity Enabled Web Services in Cloud Computing

The Role of Identity Enabled Web Services in Cloud Computing The Role of Identity Enabled Web Services in Cloud Computing April 20, 2009 Patrick Harding CTO Agenda Web Services and the Cloud Identity Enabled Web Services Some Use Cases and Case Studies Questions

More information

SAML SSO Configuration

SAML SSO Configuration SAML SSO Configuration Overview of Single Sign-, page 1 Benefits of Single Sign-, page 2 Overview of Setting Up SAML 2.0 Single Sign-, page 3 SAML 2.0 Single Sign- Differences Between Cloud-Based Meeting

More information

A Standards-based Mobile Application IdM Architecture

A Standards-based Mobile Application IdM Architecture A Standards-based Mobile Application IdM Architecture Abstract Mobile clients are an increasingly important channel for consumers accessing Web 2.0 and enterprise employees accessing on-premise and cloud-hosted

More information

Can My Identity Management Solution Quickly Adapt to Changing Business Requirements and Processes?

Can My Identity Management Solution Quickly Adapt to Changing Business Requirements and Processes? SOLUTION BRIEF CONFIG XPRESS UTILITY IN CA IDENTITY MANAGER Can My Identity Management Solution Quickly Adapt to Changing Business Requirements and Processes? SOLUTION BRIEF CA DATABASE MANAGEMENT FOR

More information

Boosting interoperability and collaboration across mixedtechnology

Boosting interoperability and collaboration across mixedtechnology Boosting interoperability and collaboration across mixedtechnology environments Standards-based identity federation solutions from Microsoft and Novell May 2009 Executive summary Despite remarkable gains

More information

Core Feature Comparison between. XML / SOA Gateways. and. Web Application Firewalls. Jason Macy jmacy@forumsys.com CTO, Forum Systems

Core Feature Comparison between. XML / SOA Gateways. and. Web Application Firewalls. Jason Macy jmacy@forumsys.com CTO, Forum Systems Core Feature Comparison between XML / SOA Gateways and Web Application Firewalls Jason Macy jmacy@forumsys.com CTO, Forum Systems XML Gateway vs Competitive XML Gateways or Complementary? and s are Complementary

More information

SOLUTION BRIEF CA TECHNOLOGIES IDENTITY-CENTRIC SECURITY. How Can I Both Enable and Protect My Organization in the New Application Economy?

SOLUTION BRIEF CA TECHNOLOGIES IDENTITY-CENTRIC SECURITY. How Can I Both Enable and Protect My Organization in the New Application Economy? SOLUTION BRIEF CA TECHNOLOGIES IDENTITY-CENTRIC SECURITY How Can I Both Enable and Protect My Organization in the New Application Economy? CA Security solutions can help you enable and protect your business

More information

PROVIDING SINGLE SIGN-ON TO AMAZON EC2 APPLICATIONS FROM AN ON-PREMISES WINDOWS DOMAIN

PROVIDING SINGLE SIGN-ON TO AMAZON EC2 APPLICATIONS FROM AN ON-PREMISES WINDOWS DOMAIN PROVIDING SINGLE SIGN-ON TO AMAZON EC2 APPLICATIONS FROM AN ON-PREMISES WINDOWS DOMAIN CONNECTING TO THE CLOUD DAVID CHAPPELL DECEMBER 2009 SPONSORED BY AMAZON AND MICROSOFT CORPORATION CONTENTS The Challenge:

More information

Web Services Security: OpenSSO and Access Management for SOA. Sang Shin Java Technology Evangelist Sun Microsystems, Inc. javapassion.

Web Services Security: OpenSSO and Access Management for SOA. Sang Shin Java Technology Evangelist Sun Microsystems, Inc. javapassion. Web Services Security: OpenSSO and Access Management for SOA Sang Shin Java Technology Evangelist Sun Microsystems, Inc. javapassion.com 1 Agenda Need for Identity-based Web services security Single Sign-On

More information

Interoperate in Cloud with Federation

Interoperate in Cloud with Federation Interoperate in Cloud with Federation - Leveraging federation standards can accelerate Cloud computing adoption by resolving vendor lock-in issues and facilitate On Demand business requirements Neha Mehrotra

More information

IT@Intel. Improving Security and Productivity through Federation and Single Sign-on

IT@Intel. Improving Security and Productivity through Federation and Single Sign-on White Paper Intel Information Technology Computer Manufacturing Security Improving Security and Productivity through Federation and Single Sign-on Intel IT has developed a strategy and process for providing

More information

CA Technologies Strategy and Vision for Cloud Identity and Access Management

CA Technologies Strategy and Vision for Cloud Identity and Access Management WHITE PAPER CLOUD IDENTITY AND ACCESS MANAGEMENT CA TECHNOLOGIES STRATEGY AND VISION FEBRUARY 2013 CA Technologies Strategy and Vision for Cloud Identity and Access Management Sumner Blount Merritt Maxim

More information

Connecting Users with Identity as a Service

Connecting Users with Identity as a Service Ping Identity has demonstrated support for multiple workforce and external identity use cases, as well as strong service provider support. Gregg Kreizman Gartner 1 Connecting Users with Identity as a Service

More information

The Primer: Nuts and Bolts of Federated Identity Management

The Primer: Nuts and Bolts of Federated Identity Management The Primer: Nuts and Bolts of Federated Identity Management Overview For any IT department, it is imperative to understand how your organization can securely manage and control users identities. With so

More information

CA Technologies Solutions for Criminal Justice Information Security Compliance

CA Technologies Solutions for Criminal Justice Information Security Compliance WHITE PAPER OCTOBER 2014 CA Technologies Solutions for Criminal Justice Information Security Compliance William Harrod Advisor, Public Sector Cyber-Security Strategy 2 WHITE PAPER: SOLUTIONS FOR CRIMINAL

More information

SAML-Based SSO Solution

SAML-Based SSO Solution About SAML SSO Solution, page 1 SAML-Based SSO Features, page 2 Basic Elements of a SAML SSO Solution, page 2 SAML SSO Web Browsers, page 3 Cisco Unified Communications Applications that Support SAML SSO,

More information

EXECUTIVE VIEW. EmpowerID 2013. KuppingerCole Report. By Peter Cummings October 2013. By Peter Cummings pc@kuppingercole.

EXECUTIVE VIEW. EmpowerID 2013. KuppingerCole Report. By Peter Cummings October 2013. By Peter Cummings pc@kuppingercole. KuppingerCole Report EXECUTIVE VIEW By Peter Cummings October 2013 EmpowerID 2013 By Peter Cummings pc@kuppingercole.com October 2013 Content 1 Vendor Profile... 3 2 Product Description... 4 2.1 Single

More information

Cloud Standards. Arlindo Dias IT Architect IBM Global Technology Services CLOSER 2102

Cloud Standards. Arlindo Dias IT Architect IBM Global Technology Services CLOSER 2102 Cloud Standards Arlindo Dias IT Architect IBM Global Technology Services CLOSER 2102 2011 IBM Corporation Agenda Overview on Cloud Standards Identity and Access Management Discussion 2 Overview on Cloud

More information

NCSU SSO. Case Study

NCSU SSO. Case Study NCSU SSO Case Study 2 2 NCSU Project Requirements and Goals NCSU Operating Environment Provide support for a number Apps and Programs Different vendors have their authentication databases End users must

More information

The increasing popularity of mobile devices is rapidly changing how and where we

The increasing popularity of mobile devices is rapidly changing how and where we Mobile Security BACKGROUND The increasing popularity of mobile devices is rapidly changing how and where we consume business related content. Mobile workforce expectations are forcing organizations to

More information

CA Spectrum and CA Embedded Entitlements Manager

CA Spectrum and CA Embedded Entitlements Manager CA Spectrum and CA Embedded Entitlements Manager Integration Guide CA Spectrum Release 9.4 - CA Embedded Entitlements Manager This Documentation, which includes embedded help systems and electronically

More information

Web Services Security: What s Required To Secure A Service-Oriented Architecture. An Oracle White Paper January 2008

Web Services Security: What s Required To Secure A Service-Oriented Architecture. An Oracle White Paper January 2008 Web Services Security: What s Required To Secure A Service-Oriented Architecture An Oracle White Paper January 2008 Web Services Security: What s Required To Secure A Service-Oriented Architecture. INTRODUCTION

More information

An Oracle White Paper August 2010. Oracle OpenSSO Fedlet

An Oracle White Paper August 2010. Oracle OpenSSO Fedlet An Oracle White Paper August 2010 Oracle OpenSSO Fedlet Disclaimer The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated

More information

INTEGRATION GUIDE. IDENTIKEY Federation Server for Juniper SSL-VPN

INTEGRATION GUIDE. IDENTIKEY Federation Server for Juniper SSL-VPN INTEGRATION GUIDE IDENTIKEY Federation Server for Juniper SSL-VPN Disclaimer Disclaimer of Warranties and Limitation of Liabilities All information contained in this document is provided 'as is'; VASCO

More information

Government of Canada Directory Services Architecture. Presentation to the Architecture Framework Advisory Committee November 4, 2013

Government of Canada Directory Services Architecture. Presentation to the Architecture Framework Advisory Committee November 4, 2013 Government of Canada Directory Services Architecture Presentation to the Architecture Framework Advisory Committee November 4, 2013 1 Agenda TIME TOPICS PRESENTERS 9:00 9:15 Opening Remarks Objective for

More information

CA Single Sign-On Migration Guide

CA Single Sign-On Migration Guide CA Single Sign-On Migration Guide Web access management (WAM) systems have been a part of enterprises for decades. It is critical to control access and audit applications while reducing the friction for

More information

The Challenges of Web single sign-on

The Challenges of Web single sign-on Serge Vereecke Security Architect IBM Security Services serge_vereecke@be.ibm.com The Challenges of Web single sign-on GSE Event September 7, 2012 Agenda Single sign-on technology Why single sign-on Challenges

More information

CA CloudMinder. Getting Started with SSO 1.5

CA CloudMinder. Getting Started with SSO 1.5 CA CloudMinder Getting Started with SSO 1.5 This Documentation, which includes embedded help systems and electronically distributed materials, (hereinafter referred to as the Documentation ) is for your

More information

Optimizing Service Levels in Public Cloud Deployments

Optimizing Service Levels in Public Cloud Deployments WHITE PAPER OCTOBER 2014 Optimizing Service Levels in Public Cloud Deployments Keys to Effective Service Management 2 WHITE PAPER: OPTIMIZING SERVICE LEVELS IN PUBLIC CLOUD DEPLOYMENTS ca.com Table of

More information

nexus Hybrid Access Gateway

nexus Hybrid Access Gateway Product Sheet nexus Hybrid Access Gateway nexus Hybrid Access Gateway nexus Hybrid Access Gateway uses the inherent simplicity of virtual appliances to create matchless security, even beyond the boundaries

More information

IBM Tivoli Directory Integrator

IBM Tivoli Directory Integrator IBM Tivoli Directory Integrator Synchronize data across multiple repositories Highlights Transforms, moves and synchronizes generic as well as identity data residing in heterogeneous directories, databases,

More information

SOLUTION BRIEF MOBILE SECURITY. Securely Accelerate Your Mobile Business

SOLUTION BRIEF MOBILE SECURITY. Securely Accelerate Your Mobile Business SOLUTION BRIEF MOBILE SECURITY Securely Accelerate Your Mobile Business CA Technologies allows you to accelerate mobile innovation for customers and employees without risking your enterprise data or applications.

More information

agility made possible

agility made possible SOLUTION BRIEF ConfigXpress Utility in CA IdentityMinder can my identity management solution quickly adapt to changing business requirements and processes? agility made possible With the ConfigXpress tool

More information

CA Mobile Device Management 2014 Q1 Getting Started

CA Mobile Device Management 2014 Q1 Getting Started CA Mobile Device Management 2014 Q1 Getting Started This Documentation, which includes embedded help systems and electronically distributed materials, (hereinafter referred to as the Documentation ) is

More information

SOLUTION BRIEF SEPTEMBER 2014. Healthcare Security Solutions: Protecting your Organization, Patients, and Information

SOLUTION BRIEF SEPTEMBER 2014. Healthcare Security Solutions: Protecting your Organization, Patients, and Information SOLUTION BRIEF SEPTEMBER 2014 Healthcare Security Solutions: Protecting your Organization, Patients, and Information SOLUTION BRIEF CA DATABASE MANAGEMENT FOR DB2 FOR z/os DRAFT 94% of healthcare organizations

More information

CA Identity Manager. Glossary. r12.5 SP8

CA Identity Manager. Glossary. r12.5 SP8 CA Identity Manager Glossary r12.5 SP8 This documentation, which includes embedded help systems and electronically distributed materials, (hereinafter referred to as the Documentation ) is for your informational

More information

An Overview of Samsung KNOX Active Directory and Group Policy Features

An Overview of Samsung KNOX Active Directory and Group Policy Features C E N T R I F Y W H I T E P A P E R. N O V E M B E R 2013 An Overview of Samsung KNOX Active Directory and Group Policy Features Abstract Samsung KNOX is a set of business-focused enhancements to the Android

More information

This Working Paper provides an introduction to the web services security standards.

This Working Paper provides an introduction to the web services security standards. International Civil Aviation Organization ATNICG WG/8-WP/12 AERONAUTICAL TELECOMMUNICATION NETWORK IMPLEMENTATION COORDINATION GROUP EIGHTH WORKING GROUP MEETING (ATNICG WG/8) Christchurch New Zealand

More information

TRANSITIONING ENTERPRISE CUSTOMERS TO THE CLOUD WITH PULSE SECURE

TRANSITIONING ENTERPRISE CUSTOMERS TO THE CLOUD WITH PULSE SECURE White Paper TRANSITIONING ENTERPRISE CUSTOMERS TO THE CLOUD WITH PULSE SECURE Pulse Connect Secure Enables Service Providers to Deliver Scalable and On-Demand, Cloud-Based Deployments with Simplicity and

More information

CA Arcot RiskFort. Overview. Benefits

CA Arcot RiskFort. Overview. Benefits PRODUCT SHEET: CA Arcot RiskFort CA Arcot RiskFort CA Arcot RiskFort provides real-time protection against identity theft and online fraud via risk based, adaptive authentication. It evaluates the fraud

More information

NetworkingPS Federated Identity Solution Solutions Overview

NetworkingPS Federated Identity Solution Solutions Overview NetworkingPS Federated Identity Solution Solutions Overview OVERVIEW As the global marketplace continues to expand, new and innovating ways of conducting business are becoming a necessity in order for

More information

VMware Identity Manager Integration with Active Directory Federation Services 2.0

VMware Identity Manager Integration with Active Directory Federation Services 2.0 VMware Identity Manager Integration with Active Directory Federation Services 2.0 VMware Identity Manager J ULY 2015 V 2 Table of Contents Active Directory Federation Services... 2 Configuring AD FS Instance

More information

Pick Your Identity Bridge

Pick Your Identity Bridge Pick Your Identity Bridge Options for connecting users and resources across the hybrid cloud Executive Overview Enterprises are increasing their use of software as a service (SaaS) for two principal reasons:

More information

Identity, Privacy, and Data Protection in the Cloud XACML. David Brossard Product Manager, Axiomatics

Identity, Privacy, and Data Protection in the Cloud XACML. David Brossard Product Manager, Axiomatics Identity, Privacy, and Data Protection in the Cloud XACML David Brossard Product Manager, Axiomatics 1 What you will learn The issue with authorization in the cloud Quick background on XACML 3 strategies

More information

Out-of-Band Multi-Factor Authentication Cloud Services Whitepaper

Out-of-Band Multi-Factor Authentication Cloud Services Whitepaper Out-of-Band Multi-Factor Authentication Cloud Services Whitepaper StrikeForce Technologies, Inc. 1090 King Georges Post Rd. Edison, NJ 08837, USA Tel: 732 661-9641 Fax: 732 661-9647 http://www.sftnj.com

More information

SOLUTION BRIEF CA SERVICE MANAGEMENT - SERVICE CATALOG. Can We Manage and Deliver the Services Needed Where, When and How Our Users Need Them?

SOLUTION BRIEF CA SERVICE MANAGEMENT - SERVICE CATALOG. Can We Manage and Deliver the Services Needed Where, When and How Our Users Need Them? SOLUTION BRIEF CA SERVICE MANAGEMENT - SERVICE CATALOG Can We Manage and Deliver the Services Needed Where, When and How Our Users Need Them? SOLUTION BRIEF CA DATABASE MANAGEMENT FOR DB2 FOR z/os DRAFT

More information

OpenID Connect 1.0 for Enterprise

OpenID Connect 1.0 for Enterprise OpenID Connect 1.0 for Enterprise By Paul Madsen Executive Overview In order to meet the challenges presented by the use of mobile apps and cloud services in the enterprise, a new generation of identity

More information