Identity Management Requirements



Similar documents
Introduction. Connection security

CERN, Information Technology Department

STEP BY STEP GUIDE TO USING LARGE BUSINESS TOKENS. Large Token (Vasco DP250) Activation on Account. Activate Token Once Obtained

Entrust IdentityGuard Comprehensive

Oracle Identity Management for SAP in Heterogeneous IT Environments. An Oracle White Paper January 2007

Current Environment Assessment Specification. Single Sign On Customer Relation Management Workstation Support

CA SiteMinder SSO Agents for ERP Systems

External Authentication with Checkpoint R75.40 Authenticating Users Using SecurAccess Server by SecurEnvoy

How to leverage SAP NetWeaver Identity Management and SAP Access Control combined solutions

ClockWork Enterprise 5

External Authentication with Juniper SSL VPN appliance Authenticating Users Using SecurAccess Server by SecurEnvoy

Remedy ITSM Service Request Management Quick Start Guide

How To Deploy Cisco Jabber For Windows On A Server Or A Network (For A Non-Profit) For A Corporate Network (A.Net) For Free (For Non Profit) For An Enterprise) Or

CA SiteMinder. Implementation Guide. r12.0 SP2

Safewhere*Identify 3.4. Release Notes

External Authentication with Windows 2003 Server with Routing and Remote Access service Authenticating Users Using SecurAccess Server by SecurEnvoy

How To Integrate Watchguard Xtm With Secur Access With Watchguard And Safepower 2Factor Authentication On A Watchguard 2T (V2) On A 2Tv 2Tm (V1.2) With A 2F

Biometric SSO Authentication Using Java Enterprise System

Acunetix Web Vulnerability Scanner. Getting Started. By Acunetix Ltd.

GlobalSign Enterprise Solutions

External Authentication with Windows 2008 Server with Routing and Remote Access Service Authenticating Users Using SecurAccess Server by SecurEnvoy

MICROSOFT OFFICE 365 MIGRATION 2013/05/13

ipad or iphone with Junos Pulse and Juniper SSL VPN appliance Authenticating Users Using SecurAccess Server by SecurEnvoy

Deploying Single-sign On with RDC 46 OnSite: An examination of methods to allow Single-Sign-On for existing RDC 46 OnSite environments

Business Banking Customer Login Experience for Enhanced Login Security

Introduction to Identity and Access Management for the engineers. Radovan Semančík April 2014

External Authentication with CiscoSecure ACS. Authenticating Users Using. SecurAccess Server. by SecurEnvoy

External authentication with Fortinet Fortigate UTM appliances Authenticating Users Using SecurAccess Server by SecurEnvoy

5 Day Imprivata Certification Course Agenda

Oracle Access Manager

Copyright: WhosOnLocation Limited

User Roles & Adding Domains & Users

Brivo Directory Agent. User Guide

NETASQ ACTIVE DIRECTORY INTEGRATION

Stonesoft Corp. Stonegate Firewall and VPN

Chapter 3 Authenticating Users

How to Resolve Login Errors with Business Objects XI

Novell to Microsoft Conversion: Identity Management Design & Plan

AskCody Connect Connect your Outlook or AD to AskCody s solutions seamlessly. Everything included!

HOTPin Integration Guide: Microsoft Office 365 with Active Directory Federated Services

Highmark Unifies Identity Data With Oracle Virtual Directory. An Oracle White Paper January 2009

Strategic Identity Management for Industrial Control Systems

WHITE PAPER. Active Directory and the Cloud

Architecture Guidelines Application Security

e-gateway SOLUTION OVERVIEW Financials HCM ERP e-gateway Web Applications Mobile Devices SharePoint Portal

External authentication with Astaro AG Astaro Security Gateway UTM appliances Authenticating Users Using SecurAccess Server by SecurEnvoy

Directory Integration in LANDesk Management Suite

External Authentication with Citrix Secure Gateway - Presentation server Authenticating Users Using SecurAccess Server by SecurEnvoy

Synchronizing ProCurve IDM and Windows Active Directory

User Guide. Voice Services Self Care Portal. Logging In. Welcome to the Self Care Portal

Alcatel-Lucent Extended Communication Server Active directory synchronization : installation and administration

GET IN NOW Step 2: Add Users

Single Sign On. Configuration Checklist for Single Sign On CHAPTER

White Paper March 1, Integrating AR System with Single Sign-On (SSO) authentication systems

Government of Canada Directory Services Architecture. Presentation to the Architecture Framework Advisory Committee November 4, 2013

Using Foundstone CookieDigger to Analyze Web Session Management

FILEHOLD DOCUMENT MANAGEMENT SYSTEM 21 CFR PART 11 COMPLIANCE WHITE PAPER

WHITE PAPER. Support for the HIPAA Security Rule RadWhere 3.0

Twinfield Single Sign On

TIBCO Spotfire Platform IT Brief

External Authentication with Cisco VPN 3000 Concentrator Authenticating Users Using SecurAccess Server by SecurEnvoy

SAML Security Option White Paper

A Nemaris Company. Formal Privacy & Security Assessment For Surgimap version and higher


nexus Hybrid Access Gateway

White Paper. Support for the HIPAA Security Rule PowerScribe 360

IDENTITY & ACCESS. Privileged Identity Management. controlling access without compromising convenience

Integrating Webalo with LDAP or Active Directory

Sophos Mobile Control Technical guide

SchoolBooking SSO Integration Guide

Open-Xchange Hosted Edition Directory Integration

Authentication Methods

Documentation. CloudAnywhere. Page 1

Sync your schedule and work orders with SME & Microsoft Outlook

Entrust. Entrust IdentityGuard 8.1. Deployment Guide. Document issue: 2.0. Date of Issue: April 2007

External Authentication with Cisco ASA Authenticating Users Using SecurAccess Server by SecurEnvoy

OpenHRE Security Architecture. (DRAFT v0.5)

Protect Everything: Networks, Applications and Cloud Services

InfoRouter LDAP Authentication Web Service documentation for inforouter Versions 7.5.x & 8.x

Oracle WebCenter Content

Active Directory LDAP

Quality Center LDAP Guide

Single Sign-On. Security and comfort can be friend. Arnd Langguth. September, 2006

Identity Management with midpoint. Radovan Semančík FOSDEM, January 2016

Oracle Identity Management: Integration with Windows. An Oracle White Paper December. 2004

CA Nimsoft Service Desk

Windows NT Server Operating System Security Features Carol A. Siegel Payoff

Access Management Analysis of some available solutions

Transcription:

Identity Management Requirements

Table of Contents 1 OVERVIEW... 3 1.1 Approach... 3 1.2 Architectural Goals and Constraints... 3 1.3 Business Requirements... 3 1.4 High Level Business Requirements Overview... 3 1.4.1 Architecturally Significant Requirements... 3 Version x.xx Draft Page ii of 5 Effective Date: Not Approved

1 Overview Identity Management requirements for a large non-profit organization are presented in this document. This non-profit has two business units called chapter and biomedical. Chapter is mainly responsible for disaster relief and biomedical is mainly responsible for blood collection, storage and supply. 1.1 Approach Architecture and design should include component model, sequence diagrams and any other appropriate models. 1.2 Architectural Goals and Constraints Enterprise has already invested in many of the components of identity management like LDAP, which will be reused where possible. Biomedical side uses mainly LDAP for authentication/authorization. Active Directory is being used on chapter side and will continue to be primary source of user data. Architectural solution proposed should account for integration with active directory. ERP systems are also being used on chapter side to handle user authentication and authorization. Architectural solution must integrate with ERP A J2EE product is being used for training. Identity management solution must also integrate with training product. Architecture has to be generic and flexible 1.3 Business Requirements The business requirements for reference architecture are generic in nature. The following are the typical requirements for any project that wants to implement identity solution. Individual project must build on the following requirement/use cases to make the requirement more specific to that project. 1.4 High Level Business Requirements Overview Business requirements consist of providing user authentication and authorization based on Active Directory, LDAP and single sign on technologies. Different business units in ARC do authentication and authorization differently right now. There needs to be a common authentication and authorization model. Microsoft Active directory will act as a primary source of user data. User authentication needs to be reconciled across business units that use peoplesoft, siebel and learning management system called plateau (J2EE Application). 1.4.1 Architecturally Significant Requirements The following use cases have been identified for identity management UseCaseName LogIn LogOut SingleSignOn Password Synchronization AddUser DeleteUser UpdateUser Description User chooses to log into the system User logs out of the system User log into one system and is granted access to all the systems Password is synchronized across all the systems User is added to different systems User is deleted in different systems User information is updated between LDAP and active directory Version 1.0 Page 3 of 5 Effective Date: Not Approved

Authorization Two factor Authentication Audit/Reporting System checks if the user has needed permissions to access the services requested Token based authentication where the user enters the token and pin. Token is usually generated by a token card in possession of the user Auditing and reporting on user activity Use cases will be identified for specific projects as decisions are made to implement identity management. The following is the use case diagram. Version 1.0 Page 4 of 5 Effective Date: Not Approved

Version 1.0 Page 5 of 5 Effective Date: Not Approved

Identity management Addendum to problem 3 for the 2005 DesignFest This addendum was written by the DesignFest committee after problem submission had closed. Responsibility is with the committee not with the problem author. The committee wants to add some complexity to the problem in the form of some restrictions, to be added to the types of information specific users can access. This adds to the complexity of the design, but we feel it is more attuned to typical security needs of organizations. Also it was the feeling of the committee that it would prevent groups building a system out of of the shelf components to easily. Groups are free to add or ignore these additions. The additions for this would be: 1.2: Data available is restricted to authorized users. Users are granted access to specific types of data, and data repositories not matching any of a user's authorization codes will not be displayed to that user. 1.4.1: UseCaseName AddAuthorizationType RemoveAuthorizationType DisplayAuthorizedData Description Authorization to access a specific type of data is added to the user's User Authorizations List Authorization to access a specific type of data is removed from the user's User Authorizations List User who has successfully logged in is shown the data repositories available to their authorization type(s) luminis - addendum problem 3.sxw 1

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information