Cloud-Based Identity Services



Similar documents
NISTIC Pilot - Attribute Exchange Network. Biometric Consortium Conference

Biometrics in Identity as a Service

Attribute-Based Access Control Solutions: Federating Authoritative User Data to Support Relying Party Authorization Decisions and Requirements

Open Data Center Alliance Usage: Infrastructure as a Service (IaaS) Privileged User Access rev. 1.0

Open Data Center Alliance Usage: Single Sign On Authentication REv. 1.0

Standards for Identity & Authentication. Catherine J. Tilton 17 September 2014

Identity, Credential, and Access Management. Open Solutions for Open Government

Can We Reconstruct How Identity is Managed on the Internet?

ImageWare Systems, Inc.

Department of Veterans Affairs VA DIRECTIVE 6510 VA IDENTITY AND ACCESS MANAGEMENT

Identity: The Key to the Future of Healthcare

IDaaS: Managed Credentials for Local & State Emergency Responders

Ensuring the Security of Your Company s Data & Identities. a best practices guide

National Cybersecurity Challenges and NIST. Donna F. Dodson Chief Cybersecurity Advisor ITL Associate Director for Cybersecurity

Trust Elevation Using Risk-Based Multifactor Authentication. Cathy Tilton

RealMe. Technology Solution Overview. Version 1.0 Final September Authors: Mick Clarke & Steffen Sorensen

esign Online Digital Signature Service

NCSU SSO. Case Study

Federal Identity, Credential, and Access Management Trust Framework Solutions. Overview

EXTENDING SINGLE SIGN-ON TO AMAZON WEB SERVICES

Federal Identity, Credential, and Access Management Trust Framework Solutions. Relying Party Guidance For Accepting Externally-Issued Credentials

Simplify and Secure Cloud Access to Critical Business Data

Easy, Trusted Online Service Access

Extend and Enhance AD FS

PRODUCT SHEET: CA Arcot Cloud Services Data Centers CA Arcot cloud services data centers. True multi-tenancy and scalability

FCCX Briefing. Information Security and Privacy Advisory Board. June 13, 2014

Strong authentication. NetIQ - All Rights Reserved

IDENTITY INFORMATION MANAGMENT ARCHITECTURE SUMMARY Architecture and Standards Branch Office of the CIO Province of BC People Collaboration Innovation

The Leading Provider of Identity Solutions and Services in the U.S.

How To Use Netbackup For Business

SAP HANA Cloud Portal Overview and Scenarios

The Top 5 Federated Single Sign-On Scenarios

Security Issues in Cloud Computing

APIs The Next Hacker Target Or a Business and Security Opportunity?

Addressing Cloud Computing Security Considerations

API-Security Gateway Dirk Krafzig

Security Services. Benefits. The CA Advantage. Overview

Identity & Access Management The Cloud Perspective. Andrea Themistou 08 October 2015

Auditing Cloud Computing. A Security and Privacy Guide. Wiley Corporate F&A

Identity and Access Management (IAM) Across Cloud and On-premise Environments: Best Practices for Maintaining Security and Control

Open Data Center Alliance Usage: Identity Management Interoperability Guide rev. 1.0

WIPRO IDENTITY CLOUD UNLEASHING THE NEXT GENERATION OF IDENTITY AND ACCESS MANAGEMENT (IAM)

SAP HANA Cloud Platform

Biometrics and National Strategy for Trusted Identities in Cyberspace Improving the Security of the Identity Ecosystem September 19

HEDM and Integration. Michael Agnew Vice President, Localization Solutions

White Paper. FFIEC Authentication Compliance Using SecureAuth IdP

The Next Generation of Security Leaders

Digital Identity in Healthcare: What's Coming Down the Pike. Lisa Gallagher, BSEE, CISM, CPHIMS, FHIMSS VP, Technology Solutions, HIMSS

Protect Everything: Networks, Applications and Cloud Services

The Imperative for High Assurance Credentials: State Identity Credential and Access Management (SICAM) Guidance and Roadmap

Good Afternoon! Since Yesterday we have been talking about threats and how to deal with those threats in order to protect ourselves from individuals

Identity, Credential, and Access Management. An information exchange For Information Security and Privacy Advisory Board

Cloud Security Specialist Certification Self-Study Kit Bundle

Security MWC Nokia Solutions and Networks. All rights reserved.

Accelerate Your Enterprise Private Cloud Initiative

Biometrics and Cyber Security

Course 20465C: Designing a Data Solution with Microsoft SQL Server

Federated single sign-on (SSO) and identity management. Secure mobile access. Social identity integration. Automated user provisioning.

Digital Identity Management

I D C S P O T L I G H T. Ac c e l e r a t i n g Cloud Ad o p t i o n w i t h Standard S e c u r i t y M e a s u r e s

CA Federation Manager

20465: Designing a Data Solution with Microsoft SQL Server

TRANSITIONING ENTERPRISE CUSTOMERS TO THE CLOUD WITH PULSE SECURE

Identity & Privacy Protection

DEPARTMENTAL REGULATION

GOALS (2) The goal of this training module is to increase your awareness of HSPD-12 and the corresponding technical standard FIPS 201.

HSPD-12 Implementation Architecture Working Group Concept Overview. Version 1.0 March 17, 2006

State Identity, Credential, and Access Management (SICAM) Roadmap and Implementation Guidance Version 2.0 October 14, 2013

Audio: This overview module contains an introduction, five lessons, and a conclusion.

THE QUEST FOR A CLOUD INTEGRATION STRATEGY

Interoperate in Cloud with Federation

7 things to ask when upgrading your ERP solution

Final Project Report December 9, Cloud-based Authentication with Native Client Server Applications. Nils Dussart

Two-Factor Authentication

CHECKLIST: Top 10 reasons to move to the cloud

Transcription:

Cloud-Based Identity Services TrustX Technologies, Inc. 11325 Random Hills Rd., Suite 650 Fairfax, VA 22030

TrustX Identity Services Affordable Identity Assurance TrustX is a cloud-based implementation of IdentityX s award winning identity assurance technology. It delivers the features and benefits of IdentityX in a secure, easily consumed and economical hosted service model. TrustX is ideally suited to any organization that has need for strong authentication (including biometrics), but, does not desire to stand-up, operate and maintain an on-premise solution. Our TrustX service was developed in accordance with the guiding principles of the National Strategy for Trusted Identities in Cyberspace (NSTIC) initiative: Secure and Resilient Privacy Enhancing Interoperable Cost Effective and Easy to Use TrustX Service Model 2

Flexibility TrustX was designed to provide Relying Parties the highest degree of flexibility possible in a multi-tenant, hosted environment. Multiple Trust Frameworks TrustX supports integration via: SAML2 (conformant to the Kantara Initiative) OpenID Connect IdentityX Proprietary Interface FICAM compliant Configurable Authentication Policies Relying Parties control which authentication factors to apply to transactions and can step up authentication to add additional factors for transactions involving higher risk. Authentication factors supported include: Device Possession (certificate based) PIN Face Voice Geolocation Federated and Non-Federated Models TrustX was designed as an integral component of the NSTIC Ecosystem supporting federated identity across a large segment of subscribers and relying parties. In this model, Subscribers can use the same credential with any participating Relying Party that chooses to accept it. However, TrustX performs equally well in a situation where a direct one-to-one relationship exists between subscriber and Relying Party and the associated credential is not shared outside the Relying Party organization. Privacy TrustX protects the privacy of Subscriber and Relying Party information. Our service has been subjected to independent audit of industry recognized privacy experts at Purdue University. We collect and maintain the minimum amount of Personally Identifiable Information (PII) needed to authenticate Subscribers to the RP. This information is never shared with any other organization or entity, except as required to deliver the Service. 3

TrustX is a multi-tenant environment where common infrastructure is used to support authentication of Subscribers to multiple Relying Parties. However, great precautions have been taken to ensure the total separation of RP data to ensure the privacy, security and integrity of RP and Subscriber information. Typical Usage Scenario 1. Subject tries to access a protected resource, account or transaction 2. RP sends authentication request to TrustX 3. TrustX authenticates the Subject via their mobile device and in accordance with RP policies for the type/level of access required 4. TrustX passes authentication response to RP 5. RP grants access to the resource, account or transaction 4

About TrustX and IdentityX Inc. TrustX is a wholly-owned subsidiary of IdentityX that provides hosted identity services based on IdentityX technology. IdentityX Inc. is an affiliate of Daon, a leading provider of identity assurance software products focused on meeting the needs of governments and commercial organizations worldwide. Daon supports customers and system integrators in building enterprise solutions requiring the highest level of security, performance, scalability, reliability and privacy. Daon s multi-modal authentication infrastructure, DaonEngine, integrates seamlessly with IT platforms and applications and manages the identity life-cycle of small and large populations. Daon s COTS products are scalable, flexible and proven in the most challenging real-world environments. Daon has been selected to secure more than 750 million identities around the globe, including providing the core backend platform for the Indian Unique ID (UID) project, which involves a multi-modal solution as part of the largest biometric initiative in the world. The Daon product suite covers every aspect of identity management from pre-enrollment and identity proofing to enrollment, multimodal capture, adjudication, credentialing and provisioning. Daon s offices are located in Washington DC, Canberra, and Dublin. For further information on IdentityX Inc., or to request a demo of IdentityX, please visit www.identityx.com. The X-Family of Companies Affiliate Application Identity Solutions for in- person applications: border control, national ID, law enforcement, immigration, trusted traveler Identity solutions for on- line and mobile applications 3 rd party identity solutions based on IdentityX Technology Cloud- based Identity Services based on IdentityX 5