Presentation is loading. Please wait.

Presentation is loading. Please wait.

Prepared by Dept. of Information Technology & Telecommunication, October 24, 2005 Enterprise Directory Services and Identity Management.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Prepared by Dept. of Information Technology & Telecommunication, October 24, 2005 Enterprise Directory Services and Identity Management."— Presentation transcript:

1 Prepared by Dept. of Information Technology & Telecommunication, October 24, 2005 Enterprise Directory Services and Identity Management

2 Prepared by Dept. of Information Technology & Telecommunication, October 24, 2005 Enterprise Directory Services/IT Security Enterprise Directory Services Enterprise Directory Services Password Self-Service Single Sign-On City Directory – City-Wide White Pages Employee Life-Cycle Management Authentication and Authorization for City-wide Applications Centralized and Distributed Authorization for Applications Dedicated directory space for applications requiring full control of data DoITT VPN, DoITT Remote Access, Cityshare Datashare, DNAHits, Remedy, COIB, DoITT Network Devices Numerous applications under development Agency Directories

3 Prepared by Dept. of Information Technology & Telecommunication, October 24, 2005 Enterprise Directory Services/IT Security Password Self-Service  Registration – User selects questions, provides answers  Forgot Password – User answers questions, resets password  Change Profile – User can change questions/answers after normal authentication.  Change Password – User can change their password Enterprise Directory Services Web Based Access from Cityshare https://cityshare.nycnet/pss Agency Directory

4 Prepared by Dept. of Information Technology & Telecommunication, October 24, 2005 Enterprise Directory Services/IT Security Single Sign-On – Securely stores passwords in Enterprise Directory. User enters password for application once and SSO client enters it for the user every time they launch the application. SSO client monitors for application password changes if applicable. Wide variety of web, terminal and windows applications supported. Enterprise Directory Services Agency Desktop Windows Client Applications

5 Prepared by Dept. of Information Technology & Telecommunication, October 24, 2005 Enterprise Directory Services/IT Security City-wide Whitepages – Accessible from Cityshare Portal and http://citydirectory.nycnet. Agencies can configure Outlook or other mail client to query City-wide directory using LDAP addressbook support.http://citydirectory.nycnet Enterprise Directory Services Agency Desktop – Outlook Client Cityshare Portal and http://citydirectory.nycnet

6 Prepared by Dept. of Information Technology & Telecommunication, October 24, 2005 Enterprise Directory Services/IT Security Application use of Enterprise Directory – Applications can use standard LDAP protocol to search for and authenticate users from multiple agencies. Users are authenticated using their LAN credentials, simplifying user authentication. The Enterprise Directory also supports a “hosted” directory space model, where an application can be given its own area to manage with basic schema extensions. Distributed authorization is also supported through use of agency defined groups that can be leveraged by applications through the Enterprise Directory. Enterprise Directory Services Cityshare Portal Password Self-Service Single Sign-On Criminal Justice Datashare DNAHits Outlook/Email Clients Conflict of Interest Board DoITT VPN Services DoITT SSL/VPN Remote Access Many applications under development

7 Prepared by Dept. of Information Technology & Telecommunication, October 24, 2005 Enterprise Directory Services/IT Security Employee Life Cycle Management– The support of complete Employee Life Cycle management in co-operation with other agencies is a key goal if identity management. Currently, we are deploying automated de-provisioning for DoITT. The goal is to integrate with NYCAPS/PeopleSoft to provide full provisioning and de-provisioning for complete Employee Life Cycle Management. Enterprise Directory Services Agency Directories HR/Payroll Data (NYCAPS/PMS)

8 Prepared by Dept. of Information Technology & Telecommunication, October 24, 2005 Enterprise Directory Services/IT Security Future activities –  Provide automated provisioning/de-provisioning for active Employee Life-Cycle Management  PKI – leverage existing infrastructure to deliver central PKI infrastructure that can support diverse needs across city agencies to provide strong authentication, digital signatures and encryption for multiple purposes.  Integrate with key city-wide applications to synchronize passwords or identities where those applications may not support direct authentication to the Enterprise Directory.  Complete connectivity with key city agencies for multiple application needs.  Support WebSSO using SAML with support for federation with state and other external identity and/or service providers.  Support for non-Employee Identity Management  Synchronization of passwords/identities to key city-wide applications/systems (City Time, legacy RACF/ACF2 environments, UNIX account management)

Download ppt "Prepared by Dept. of Information Technology & Telecommunication, October 24, 2005 Enterprise Directory Services and Identity Management."

Similar presentations

Agenda 2 factor authentication Smart cards Virtual smart cards FIM CM

Agenda 2 factor authentication Smart cards Virtual smart cards FIM CM
Prepared by Dept. of Information Technology & Telecommunication, May 1, 2015 DoITT Identity Management Security, Provisioning, Authentication.

Prepared by Dept. of Information Technology & Telecommunication, May 1, 2015 DoITT Identity Management Security, Provisioning, Authentication.
Meraki Mobile Device Management

Meraki Mobile Device Management
Microsoft Identity Solutions

Microsoft Identity Solutions
Digital DNA Server Login People ®. Login People ˃ IT security vendor ˃ Patented Digital DNA ® technology innovation Digital DNA Server Multi-factor Authentication.

Digital DNA Server Login People ®. Login People ˃ IT security vendor ˃ Patented Digital DNA ® technology innovation Digital DNA Server Multi-factor Authentication.
Lecture 23 Internet Authentication Applications

Lecture 23 Internet Authentication Applications
Federated sign-in WS-Federation WS-Trust SAML 2.0 Metadata Shibboleth Graph API Synchronize accounts Authentication.

Federated sign-in WS-Federation WS-Trust SAML 2.0 Metadata Shibboleth Graph API Synchronize accounts Authentication.
Security and Policy Enforcement Mark Gibson Dave Northey

Security and Policy Enforcement Mark Gibson Dave Northey
Identity and Access Management: Strategy and Solution Sandeep Sinha Lead Product Manager Windows Server Product Management Redmond,

Identity and Access Management: Strategy and Solution Sandeep Sinha Lead Product Manager Windows Server Product Management Redmond,
Empower Enterprise Mobility. of employees use personal devices for work purposes.* of employees that typically work on employer premises, also frequently.

Empower Enterprise Mobility. of employees use personal devices for work purposes.* of employees that typically work on employer premises, also frequently.
Identity and Access Management

Identity and Access Management
Access and Identity Management for Enterprise Portals Rohit Gupta Director, Identity Management Product Management Oracle Corporation.

Access and Identity Management for Enterprise Portals Rohit Gupta Director, Identity Management Product Management Oracle Corporation.
Enterprise Single Sign On Identity management for web applications.

Enterprise Single Sign On Identity management for web applications.
Windows Server 2012 R2 Capabilities for BYOD Scenario Yuri Diogenes Senior Knowledge Engineer Data Center, Devices & Enterprise Client – CSI Team’s Page:

Windows Server 2012 R2 Capabilities for BYOD Scenario Yuri Diogenes Senior Knowledge Engineer Data Center, Devices & Enterprise Client – CSI Team’s Page:
PKI-Enabled Applications That work! Linda Pruss Office of Campus Information Security

PKI-Enabled Applications That work! Linda Pruss Office of Campus Information Security
LDAP Management at Stony Brook Making Active Directory and PeopleSoft Work Together SUNY Technology Conference Rochester, New York Monday June 12, 2006.

LDAP Management at Stony Brook Making Active Directory and PeopleSoft Work Together SUNY Technology Conference Rochester, New York Monday June 12, 2006.
© 2008 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. HP Automates Infrastructure Outsourcing.

© 2008 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. HP Automates Infrastructure Outsourcing.
Microsoft Identity and Access Solutions Market Trends and Futures

Microsoft Identity and Access Solutions Market Trends and Futures
Empower Enterprise Mobility Jasbir Gill Azure Mobility.

Empower Enterprise Mobility Jasbir Gill Azure Mobility.
Cognizance Identity and Access Management Identity Management ● Authentication ● Authorization ● Administration The next generation security solution www.cognizancesecurity.com.

Cognizance Identity and Access Management Identity Management ● Authentication ● Authorization ● Administration The next generation security solution

Similar presentations

Ads by Google