Presentation is loading. Please wait.

Presentation is loading. Please wait.

All Rights Reserved 2014 © CMG Consulting LLC Federated Identity Management and Access Andres Carvallo Dwight Moore CMG Consulting, LLC October 2015 1.

Published bySamson Cameron Modified over 8 years ago

Similar presentations

Presentation on theme: "All Rights Reserved 2014 © CMG Consulting LLC Federated Identity Management and Access Andres Carvallo Dwight Moore CMG Consulting, LLC October 2015 1."— Presentation transcript:

1 All Rights Reserved 2014 © CMG Consulting LLC Federated Identity Management and Access Andres Carvallo Dwight Moore CMG Consulting, LLC October 2015 1

2 All Rights Reserved 2014 © CMG Consulting LLC Who is CMG? 2 CMG is a strategy consulting and advisory company focus on enabling smarter Cities, Enterprises, Utilities, Vendors, and Startups. CMG’s mission is to help define and accelerate the digitalization and transformation of the energy industry. CMG builds ecosystems for its clients. Our consulting services include the development of Strategy, White Papers, Reports, Assessments, Gap Analysis, Benchmarking, Designs, Architectures, Road Maps, Business Models, Business Cases, Go-to-Market Plans, IT/OT Management, Product Innovation, Funding, and M&A. We are experts in Energy, Telecommunications and Software. http://www.512cmg.com

3 All Rights Reserved 2014 © CMG Consulting LLC What is FIM? 3 Federated Identity Management is the methodology for linking a person's electronic identity and attributes which can be stored across multiple distinct identity management systems. A key element of delivering federated identity management is single sign-on (SSO), in which a user's single authentication ticket, or token, is trusted across multiple IT systems or even organizations. SSO is an authentication technology and methodology enabling technical interoperability of customer credentials and ultimately allowing controlled access to a desired destination.

4 All Rights Reserved 2014 © CMG Consulting LLC How Does FIM Work? Federated Identity Management (FIM)Federated Identity Management (FIM) refers to where the user stores their credentials. Alternatively, FIM can be viewed as a way to connect Identity Management systems together. In FIM, a user's credentials are always stored with the "home" organization (the "identity provider"). When the user logs into a service, instead of providing credentials to the service provider, the service provider trusts the identity provider to validate the credentials. So the user never provides credentials directly to anybody but the identity provider. Single Sign-on (SSO)Single Sign-on (SSO) allows users to access multiple services with a single login. SSO can mean that the user only has to provide credentials a single time per session, and then gains access to multiple services without having to sign in again during that session. But it can also mean that the same credentials are used for multiple services. 4

5 All Rights Reserved 2014 © CMG Consulting LLC FIM Technologies 5 Some of the technologies used for Federated Identity Management include: SAML (Security Assertion Markup Language) OAuth OpenID Security Tokens (Simple Web Tokens, JSON Web Tokens, and SAML Tokens) Web Service Specifications Microsoft Azure Cloud Services (Windows Identity Foundation)

6 All Rights Reserved 2014 © CMG Consulting LLC FIM Example 6 A client application needs to access a service that requires authentication. The authentication is performed by an identity provider (IdP), which works in concert with a security token service (STS). The IdP issues security tokens that assert information about the authenticated user. This information, includes the user’s identity, and may also include other information such as role membership and more granular access rights.

7 All Rights Reserved 2014 © CMG Consulting LLC Why FIM? 7 There are many Digital identity platforms that allow users to log onto third-party websites, applications, mobile devices and gaming systems with their existing identity to simplify customer authentication while maintaining robust security. One example would to enable social login. In many cases there is also the possibility to exchange profile information about the user with the third-party site. For example name, address, email, photo, etc. Nowadays there are 3 rd party service providers that have simplified the implementation of customer login. Along with customer login, they provide additional features like Single Sign-on and others.

8 All Rights Reserved 2014 © CMG Consulting LLC Example of Identity Providers 8 The trusted identity providers may include: Corporate Directories: Microsoft Active Directory, Open LDAP On-Premises Federation Services: IBM, Intel, CA, Oracle, SAP, EMC (RSA), Radiant Logic, OpenAM, Verizon Cloud/SaaS Federation Services: Axway, OneLogin, OpenID, OpenLogic, Capterra, Networkworld, Ping Identity, Gigya, Janrain or Loginradius Financial Services providers: Paypal, Square, Intuit, others Social Identity providers that can authenticate users: AOL, Amazon, Microsoft, Google, Linkedin, Yahoo!, Twitter, Facebook, others. User is required to have provider user ID and password.

9 All Rights Reserved 2014 © CMG Consulting LLC CMG Contact CMG is headquartered in Austin, Texas and has partner offices in Boston, Chicago, Denver, Durham, Kansas City, Minneapolis, New York City, Seattle, and Toronto. Website: http://www.512cmg.comhttp://www.512cmg.com Andres Carvallo, CEO & Founder, CMG Email: andres@512cmg.comandres@512cmg.com Tel: 512-215-9080 9

Download ppt "All Rights Reserved 2014 © CMG Consulting LLC Federated Identity Management and Access Andres Carvallo Dwight Moore CMG Consulting, LLC October 2015 1."

Similar presentations

Suchin Rengan Principal Technical Architect Salesforce.com

Suchin Rengan Principal Technical Architect Salesforce.com
Secure Single Sign-On Across Security Domains

Secure Single Sign-On Across Security Domains
© 2012 SecureAuth. All rights reserved. 2-Factor Authentication and Single Sign-On in a Mobile World Thursday, December 5, 2013 www.secureauth.com.

© 2012 SecureAuth. All rights reserved. 2-Factor Authentication and Single Sign-On in a Mobile World Thursday, December 5,
Office 365 Identity June 2013 Microsoft Office365 4/2/2017

Office 365 Identity June 2013 Microsoft Office365 4/2/2017
Agenda AD to Windows Azure AD Sync Options Federation Architecture

Agenda AD to Windows Azure AD Sync Options Federation Architecture
Oracle IDM at First National Bank

Oracle IDM at First National Bank
Authentication solutions for Outlook and Office 365 Multi-factor authentication for Office 365 Outlook client futures.

Authentication solutions for Outlook and Office 365 Multi-factor authentication for Office 365 Outlook client futures.
Trusted 3 rd Party Authentication & Friends: SSO and IdM NWACC Security Workshop 2013 Portland.

Trusted 3 rd Party Authentication & Friends: SSO and IdM NWACC Security Workshop 2013 Portland.
Eric Raff. Usergroup up

Eric Raff. Usergroup up
Securing Insecure Prabath Siriwardena, WSO2 Twitter

Securing Insecure Prabath Siriwardena, WSO2 Twitter
Don’t Let Anybody Slip into Your Network! Using the Login People Multi-Factor Authentication Server Means No Tokens, No OTP, No SMS, No Certificates MICROSOFT.

Don’t Let Anybody Slip into Your Network! Using the Login People Multi-Factor Authentication Server Means No Tokens, No OTP, No SMS, No Certificates MICROSOFT.
WSO2 Identity Server Road Map

WSO2 Identity Server Road Map
By: Ansuya Chauhan.

By: Ansuya Chauhan.
1 Higgins 1: a species of Tasmanian long-tailed mouse 2: the name of an open source collaboration of IBM, Novell, Oracle, Parity…

1 Higgins 1: a species of Tasmanian long-tailed mouse 2: the name of an open source collaboration of IBM, Novell, Oracle, Parity…
Microsoft Ignite /16/2017 4:55 PM

Microsoft Ignite /16/2017 4:55 PM
Understanding Active Directory

Understanding Active Directory
Identity & Access Control in the Cloud Sachin Vinod Rathi Architect Advisor, Microsoft Corporation Niraj Bhatt Enterprise Architect, Windows Azure MVP.

Identity & Access Control in the Cloud Sachin Vinod Rathi Architect Advisor, Microsoft Corporation Niraj Bhatt Enterprise Architect, Windows Azure MVP.
Architecting a Complete Solution for the Cloud Economy Delivering Standards-Based Access Control Marc Chanliau Oracle Identity Management Bernard Diwakar.

Architecting a Complete Solution for the Cloud Economy Delivering Standards-Based Access Control Marc Chanliau Oracle Identity Management Bernard Diwakar.
GRDevDay March 21, 2015 Cloud-based Identity for Applications.

GRDevDay March 21, 2015 Cloud-based Identity for Applications.
Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Single-Sign On and Federated Identity.

Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Single-Sign On and Federated Identity.

Similar presentations

Ads by Google