We think you have liked this presentation. If you wish to download it, please recommend it to your friends in any social system. Share buttons are a little bit lower. Thank you!
Presentation is loading. Please wait.
Published byEdwina Sparks
Modified about 1 year ago
SAP checks if USER ID & Password combination is valid. No identification. User requests Log-on, enters USER ID & Password, (not necessarily their own)! Log-on Denied Standard SAP® Log-on © 2013 realtime North America Inc., Tampa, FL. All Rights Reserved. No biometric authentication, identity management or accountability. Password Sharing not prevented, no fraud attempt alerts. Whatever system capabilities are associated with the User ID, even SAP_ALL, are now available, even if the password was stolen. SAP Security & Authorizations Log-on Allowed
User requests Log-on from SSO Software SSO prompts user for biometric scan Access Allowed Access Denied Typical Biometric “Single Sign-On” Systems (SSO) © 2013 realtime North America Inc., Tampa, FL. All Rights Reserved. Normal Logon with SAP USER ID and Password still possible, circumventing the biometric SSO! SAP USER ID and Password are retrieved by SSO, passed on to SAP. No biometric verification. No identification of user. Fingerprint template extracted, compared with reference template in SSO system - outside SAP Reference templates SAP Username & Passwords SSO Password Sharing is not prevented!
bioLock matches SAP USER ID and Password to user’s biometric credentials User requests SAP Log-on. User enters SAP USER ID and Password. bioLock prompts user for biometric scan Biometric template extracted, encrypted, compared with reference template in bioLock/SAP Log-on Allowed Log-on Denied SAP dedicated name space: /realtime How bioLock ™ Log-on works © 2013 realtime North America Inc., Tampa, FL. All Rights Reserved. Reference templates Activity logged alert Password Sharing is prevented, fraud attempts logged!
Summary © 2013 realtime North America Inc., Tampa, FL. All Rights Reserved. SAP and its logos are trademarks or registered trademarks of SAP AG in Germany and in other countries. All other trademarks mentioned herein are the property of their respective owners.
© 2012 YP Intellectual Property LLC. All rights reserved. YP, the YP logo and all other YP marks contained herein are trademarks of YP Intellectual Property.
1 Identification Who are you? How do I know you are who you say you are?
SAML CCOW Work Item: Task 2 HL7 Working Group Meeting Phoenix – May Presented by: David Staggs, JD CISSP VHA Office of Information Standards.
Access & Identity Management “An integrated set of policies, processes and systems that allow an enterprise to facilitate and control access to online.
Share Your PC Get Started. Sharing a computer used to mean that others could see your private files, install software you didn't want, or change your.
Member Access Registration & Login. 2 Registration Next, click on the Register Now button. To register for Member Access users should navigate to
Smart Identity Protection That Works for You and Your Users 2 Petri Ala-Annala Senior Principal, CISSP-ISSAP, CISA, CISM.
VOStore meetings, Slide 1 Ticket-based access control for VOStore? Guy Rixon March 2005.
Managing User, Computer and Group Accounts Lecture 5.
The CA MDB Revised May © 2005 Computer Associates International, Inc. (CA). All trademarks, trade names, services marks and logos referenced.
Students can gain access to and use programs offered on the computers in the Instructional Support labs via an online network.
E-Procurement for Improving Governance Session 5: Integrity Protection of eProcurement systems A World Bank live e-learning event addressing the design.
© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Fundamentals of Information Systems Security.
MFA for Business Banking – Security Code Multifactor Authentication: Quick Tip Sheets Note to Financial Institutions: We are providing these QT sheets.
© 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or.
Authentication. TOPICS Objectives Legacy Authentication Protocols IEEE 802.1X Authentication Extensible Authentication Protocol (EAP) Authentication Servers.
Application Security Best Practices At Microsoft Ensuring the lowest possible exposure and vulnerability to attacks Published: January 2003.
All rights reserved. © 2009 Tableau Software Inc. Implementing Tableau Server in an Enterprise Environment Andrew Beers and Jeff Solomon Tableau Software.
© 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered.
Inventory Valuation for Year End Closing SAP Best Practices.
KCPS Staff are now able to submit their own work orders for technology assistance as needed.
MOSS 2007 Document Management Adam McCarthy 1 st April 2009.
CPSC 333: Foundations of Software EngineeringJ. Denzinger 2.2. Use Cases: Scenario based requirements modeling Recommended: Booch, Rumbaugh, Jacobson:
© 2005 Avaya Inc. All rights reserved. Avaya EMEA Online Order Status Report https://enterpriseportal.avaya.com/ptlWeb/bp/ orderstatus.
A Federated Single Sign-On architecture with multi factor authentication A high level yet somewhat technical presentation.
MFA for Business Banking – Security Questions with Reset Multifactor Authentication: Quick Tip Sheets Note to Financial Institutions: We are providing.
HOW TO SET UP AND ACCESS YOUR LEGAL FRAMEWORK ACCOUNT Exit at Service Road: https://framework.esc18.net.
AmeriCorps Online Payment System Introduction Corporation for National & Community Service (CNCS) AmeriCorps Online Payment System Introduction.
Indiana Death Registration System (IDRS) Funeral Director Information Package.
© 2016 SlidePlayer.com Inc. All rights reserved.