Prepared by Dept. of Information Technology & Telecommunication, October 24, 2005 Enterprise Directory Services and Identity Management.

Slides:

Advertisements

Similar presentations

Agenda 2 factor authentication Smart cards Virtual smart cards FIM CM

Advertisements

Prepared by Dept. of Information Technology & Telecommunication, May 1, 2015 DoITT Identity Management Security, Provisioning, Authentication.

Meraki Mobile Device Management

Microsoft Identity Solutions

Digital DNA Server Login People ®. Login People ˃ IT security vendor ˃ Patented Digital DNA ® technology innovation Digital DNA Server Multi-factor Authentication.

Lecture 23 Internet Authentication Applications

Federated sign-in WS-Federation WS-Trust SAML 2.0 Metadata Shibboleth Graph API Synchronize accounts Authentication.

Security and Policy Enforcement Mark Gibson Dave Northey

Identity and Access Management: Strategy and Solution Sandeep Sinha Lead Product Manager Windows Server Product Management Redmond,

Empower Enterprise Mobility. of employees use personal devices for work purposes.* of employees that typically work on employer premises, also frequently.

Identity and Access Management

Access and Identity Management for Enterprise Portals Rohit Gupta Director, Identity Management Product Management Oracle Corporation.

Enterprise Single Sign On Identity management for web applications.

Windows Server 2012 R2 Capabilities for BYOD Scenario Yuri Diogenes Senior Knowledge Engineer Data Center, Devices & Enterprise Client – CSI Team’s Page:

PKI-Enabled Applications That work! Linda Pruss Office of Campus Information Security

LDAP Management at Stony Brook Making Active Directory and PeopleSoft Work Together SUNY Technology Conference Rochester, New York Monday June 12, 2006.

© 2008 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. HP Automates Infrastructure Outsourcing.

Microsoft Identity and Access Solutions Market Trends and Futures

Empower Enterprise Mobility Jasbir Gill Azure Mobility.

Cognizance Identity and Access Management Identity Management ● Authentication ● Authorization ● Administration The next generation security solution

Identity and Access Management Business Ready Security Solutions.

Directory and File Transfer Services Chapter 7. Learning Objectives Explain benefits offered by centralized enterprise directory services such as LDAP.

May 30 th – 31 st, 2006 Sheraton Ottawa. Microsoft Certificate Lifecycle Manager Saleem Kanji Technology Solutions Professional - Windows Server Microsoft.

Overview of Access and Information Protection

Energy Ecosystem Overview David Miller Chief Security Officer.

ARC312. Security Policy Governance Audit Reporting Analysis Data Quality Directory Logon Mobility Provisioning Development Access Control Authentication.

Chapter 7: Using Windows Servers to Share Information.

Module 12: Designing an AD LDS Implementation. AD LDS Usage AD LDS is most commonly used as a solution to the following requirements: Providing an LDAP-based.

© Aladdin Knowledge Systems 2006 Aladdin eToken Overview April 2006 ®

Lecture 23 Internet Authentication Applications modified from slides of Lawrie Brown.

Using Novell iChain ® 2 to Deliver Internal Network Access without a VPN Brian Six Technical Account Manager Novell, Inc.

Philadelphia Area SharePoint User Group Building Customer/Partner Extranets Designing a Secure Extranet with Sharepoint 2007 Russ Basiura RJB Technical.

Module 5: Designing a Terminal Services Infrastructure.

Using AS 10g with EBS What are the Benefits of Integrating AS 10g with Oracle Applications?

Identity on Force.com & Benefits of SSO Nick Simha.

Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 22 – Internet Authentication.

Citrix Solutions in Financial Services Joseph Alexander Delgado Business Development Manager, Citrix Wordtext Systems, Inc.

Hands-On Microsoft Windows Server Introduction to Remote Access Routing and Remote Access Services (RRAS) –Enable routing and remote access through.

Simplify and Strengthen Security with Oracle Application Server Allan L Haensgen Senior Principal Instructor Oracle Corporation Session id:

Sudha Iyer Principal Product Manager Oracle Corporation.

Identity Solution in Baltic Theory and Practice Viktors Kozlovs Infrastructure Consultant Microsoft Latvia.

Empowering people-centric IT Unified device management Access and information protection Desktop Virtualization Hybrid Identity.

One Platform, One Solution: eToken TMS 5.1 Customer Presentation November 2009.

Identity and Access Management Siddharth Karnik. Identity Management -> Oracle Identity Management is a product set that allows enterprises to manage.

Access and Information Protection Product Overview Andrew McMurray Technical Evangelist – Windows

- NCSU project goals and requirements - Adoption Drivers - Current challenges and pain points - Identacor at NCSU - Identacor Features - NCSU Key Benefits.

The State of Identity Management on Your Campus Session Moderators Jacob Farmer, Indiana University Theresa Semmens, North Dakota State University November.

Access resources in a federation partner organization.

1 Active Directory Service in Windows 2000 Li Yang SID: November 2000.

User and Device Management

Active Directory. Computers in organizations Computers are linked together for communication and sharing of resources There is always a need to administer.

Active Directory Domain Services (AD DS). Identity and Access (IDA) – An IDA infrastructure should: Store information about users, groups, computers and.

ADFS - Does it Still have a Place? Fitting into the EMS puzzle Frank C. Drewes III 2016 Redmond Summit | Identity.

Azure Active Directory Uday Hegde 2016 Redmond Summit | Identity Without Boundaries May 26, 2016 Group Program Manager, Azure AD

The FederID project The First Identity Management and Federation Free Software.

Protect your data Enable your users Desktop Virtualization Information protection Mobile device & application management Identity and Access Management.

Chapter 7: Using Windows Servers

Secure Connected Infrastructure

Radius, LDAP, Radius used in Authenticating Users

9/13/2018 4:54 PM BRK How to get Office 365 to the next level with Azure Active Directory Premium Brjann Brekkan Program Manager Lead – Customer.

Cloud Connect Seamlessly

Managing Digital Identity

NAAS 2.0 Features and Enhancements

Access and Information Protection Product Overview October 2013

Public Key Infrastructure from the Most Trusted Name in e-Security

K!M SAA LOGICAL SECURITY Strong Adaptive Authentication

Install AD Certificate Services

Device Registration and Multi-Factor Authentication

System Center Marketing

Presentation transcript:

Prepared by Dept. of Information Technology & Telecommunication, October 24, 2005 Enterprise Directory Services and Identity Management

Prepared by Dept. of Information Technology & Telecommunication, October 24, 2005 Enterprise Directory Services/IT Security Enterprise Directory Services Enterprise Directory Services Password Self-Service Single Sign-On City Directory – City-Wide White Pages Employee Life-Cycle Management Authentication and Authorization for City-wide Applications Centralized and Distributed Authorization for Applications Dedicated directory space for applications requiring full control of data DoITT VPN, DoITT Remote Access, Cityshare Datashare, DNAHits, Remedy, COIB, DoITT Network Devices Numerous applications under development Agency Directories

Prepared by Dept. of Information Technology & Telecommunication, October 24, 2005 Enterprise Directory Services/IT Security Password Self-Service  Registration – User selects questions, provides answers  Forgot Password – User answers questions, resets password  Change Profile – User can change questions/answers after normal authentication.  Change Password – User can change their password Enterprise Directory Services Web Based Access from Cityshare Agency Directory

Prepared by Dept. of Information Technology & Telecommunication, October 24, 2005 Enterprise Directory Services/IT Security Single Sign-On – Securely stores passwords in Enterprise Directory. User enters password for application once and SSO client enters it for the user every time they launch the application. SSO client monitors for application password changes if applicable. Wide variety of web, terminal and windows applications supported. Enterprise Directory Services Agency Desktop Windows Client Applications

Prepared by Dept. of Information Technology & Telecommunication, October 24, 2005 Enterprise Directory Services/IT Security City-wide Whitepages – Accessible from Cityshare Portal and Agencies can configure Outlook or other mail client to query City-wide directory using LDAP addressbook support. Enterprise Directory Services Agency Desktop – Outlook Client Cityshare Portal and

Prepared by Dept. of Information Technology & Telecommunication, October 24, 2005 Enterprise Directory Services/IT Security Application use of Enterprise Directory – Applications can use standard LDAP protocol to search for and authenticate users from multiple agencies. Users are authenticated using their LAN credentials, simplifying user authentication. The Enterprise Directory also supports a “hosted” directory space model, where an application can be given its own area to manage with basic schema extensions. Distributed authorization is also supported through use of agency defined groups that can be leveraged by applications through the Enterprise Directory. Enterprise Directory Services Cityshare Portal Password Self-Service Single Sign-On Criminal Justice Datashare DNAHits Outlook/ Clients Conflict of Interest Board DoITT VPN Services DoITT SSL/VPN Remote Access Many applications under development

Prepared by Dept. of Information Technology & Telecommunication, October 24, 2005 Enterprise Directory Services/IT Security Employee Life Cycle Management– The support of complete Employee Life Cycle management in co-operation with other agencies is a key goal if identity management. Currently, we are deploying automated de-provisioning for DoITT. The goal is to integrate with NYCAPS/PeopleSoft to provide full provisioning and de-provisioning for complete Employee Life Cycle Management. Enterprise Directory Services Agency Directories HR/Payroll Data (NYCAPS/PMS)

Prepared by Dept. of Information Technology & Telecommunication, October 24, 2005 Enterprise Directory Services/IT Security Future activities –  Provide automated provisioning/de-provisioning for active Employee Life-Cycle Management  PKI – leverage existing infrastructure to deliver central PKI infrastructure that can support diverse needs across city agencies to provide strong authentication, digital signatures and encryption for multiple purposes.  Integrate with key city-wide applications to synchronize passwords or identities where those applications may not support direct authentication to the Enterprise Directory.  Complete connectivity with key city agencies for multiple application needs.  Support WebSSO using SAML with support for federation with state and other external identity and/or service providers.  Support for non-Employee Identity Management  Synchronization of passwords/identities to key city-wide applications/systems (City Time, legacy RACF/ACF2 environments, UNIX account management)