Authority of Information Technology Application National Center of Digital Signature Authentication Ninh Binh, June 25, 2010.

Slides:

Advertisements

Similar presentations

22 May 2008IVOA Trieste: Grid & Web Services1 Alternate security mechanisms Matthew J. Graham (Caltech, NVO) T HE US N ATIONAL V IRTUAL O BSERVATORY.

Advertisements

Yammer Technical Solutions Overview

SINGLE SIGN-ON. Definition - SSO Single sign-on (SSO) is a session/user authentication process that permits a user to enter one name and password in order.

Digital DNA Server Login People ®. Login People ˃ IT security vendor ˃ Patented Digital DNA ® technology innovation Digital DNA Server Multi-factor Authentication.

Don’t Let Anybody Slip into Your Network! Using the Login People Multi-Factor Authentication Server Means No Tokens, No OTP, No SMS, No Certificates MICROSOFT.

 61% of people reuse the same password on multiple sites.  44% change their password only once a year or less.  Password theft increased by 300% in.

‘Lord’ was a click away from £229m “They installed software on the company computers allowing them to steal [Sumitomo bank] staff user names and passwords”

By: Ansuya Chauhan.

Network Identity Kai Kang 27 th October Outline Introduction –Definition –Five drivers –Basic services –Roadmap Network Identity management approaches.

IdM & OpenID Present by Fangli cai Prantap Bedi. The need for IdM &OpenID As the world of e-business gains global acceptance, the traditional processes.

December 19, 2006 Solving Web Single Sign-on with Standards and Open Source Solutions Trey Drake AssetWorld 2007 Albuquerque, New Mexico November 2007.

Introduction to OpenID Huanxing Shen WHIM 2009Spring.

CS795/895.NET Passport1. NET PASSPORT &TRUSTBRIDGE SHRIPAD PATIL CS795/895 SECURITY IN DISTRIBUTED SYSTEMS.

OpenID And the Future of Digital Identity Alicia Bozyk April 1, 2008.

INF 123 SW ARCH, DIST SYS & INTEROP LECTURE 16 Prof. Crista Lopes.

Microsoft Identity and Access Solutions Market Trends and Futures

Cognizance Identity and Access Management Identity Management ● Authentication ● Authorization ● Administration The next generation security solution

IDENTITY MANAGEMENT Hoang Huu Hanh (PhD), OST – Hue University hanh-at-hueuni.edu.vn.

Single Sign-On -Mayuresh Pardeshi M.Tech CSE - I.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Single Sign-On Multiple Benefits via Alaska K20 Identity Federation 20 May 2011 BTOP Partner Meeting Anchorage, Alaska 20 May 2011 BTOP Partner Meeting.

X-Road – Estonian Interoperability Platform

Identity on Force.com & Benefits of SSO Nick Simha.

OpenDSN Revisited: The Open, Distributed Social Networking Protocol By Zach Broderick and Tim Hickey.

Protect Manage Optimize Why LastPass Enterprise?

An Overview of Single Sign-On, Federation, Its Benefits, and Basic Procedures for Integrating Applications.

Shibboleth: An Introduction

© 2008 by Matt Flaherty & Mary Ruddy; made available under the EPL v1.0 Security & Identity : From present to future Matt Flaherty, IBM Mary Ruddy, Meristic.

All Rights Reserved 2014 © CMG Consulting LLC Federated Identity Management and Access Andres Carvallo Dwight Moore CMG Consulting, LLC October

- NCSU project goals and requirements - Adoption Drivers - Current challenges and pain points - Identacor at NCSU - Identacor Features - NCSU Key Benefits.

X2VOL Student Login JUNE Access x2VOL through Family Connection 1.Sign into Family Connection. If you need your Family Connection login information.

Module 9 User Profiles and Social Networking. Module Overview Configuring User Profiles Implementing SharePoint 2010 Social Networking Features.

X2VOL.com Katy HS Student First-Time Login August 2012.

Power LogOn® Adds Card-Based, Multi- Factor Authentication to Microsoft Azure Logon, Plus Password Management for All Other Logons MICROSOFT AZURE ISV.

1 ❖ Key Points ❖ Overview ❖ Applications ❖ Webinar ❖ IAM Website ❖ Demos ❖ LEA Planning ❖ Questions?/Contacts The Identity and Access Management (IAM)

CERN IT Department CH-1211 Genève 23 Switzerland t Single Sign On, Identity and Access management at CERN Alex Lossent Emmanuel Ormancey,

BOPS – Biometric Open Protocol Standard Emilio J. Sanchez-Sierra.

© 2014 IBM Corporation Mobile Customization & Administration IBM Connections 5.0 Workshop Author: Paul Godby IBM Ecosystem Development Duration: 30 minutes.

Business Objects XIr2 Windows NT Authentication Single Sign-on 18 August 2006.

General Overview of Various SSO Systems: Active Directory, Google & Facebook Antti Pyykkö Mikko Malinen Oskari Miettinen.

1 Oxford Identity Summit May, 25 th 2016 CREATING A CITIZEN IDENTITY.

OpenID Connect: An Overview Pat Patterson Developer Evangelist Architect

Office of Information Technology GT Identity and Access Management JA-SIG CAS project (introducing login.gatech.edu) April 29th,

The FederID project The First Identity Management and Federation Free Software.

11 | Managing User Info Jeremy Foster Michael Palermo

Application Authentication using Azure AD

Access Policy - Federation March 23, 2016

Using Your Own Authentication System with ArcGIS Online

Protect Manage Optimize Why LastPass Enterprise? Protect Manage Optimize.

Earthdata Login and Open ID A Look at Federated User Identities

Federation made simple

511NY Rideshare Technical

AIM/education directory (Ed dir)

CAS and Web Single Sign-on at UConn

Data and Applications Security Developments and Directions

SaaS Application Deep Dive

Prime Service Catalog 12.0 SAML 2.0 Single Sign-On Support

Hosted on Azure, LoginRadius’ Customer Identity

SSOScan: Automated Testing of Web Applications for Single Sign-On Vulnerabilities Yuchen Zhou, and David Evans 23rd USENIX Security Symposium, August,

Cloud Connect Seamlessly

Multifactor Authentication & First Time Login

Access x2VOL via Naviance Student.

X-Road as a Platform to Exchange MyData

ACS Deployment Scenarios

Vittorio Bertocci Principal Technical Evangelist Microsoft

Access x2VOL via Naviance Student.

X2VOL Student Login JUNE 2013.

07 | Introduction to Authentication

Presentation transcript:

Authority of Information Technology Application National Center of Digital Signature Authentication Ninh Binh, June 25, 2010

Main ContentsMain Contents  SSO Overview  Introduce and demo OpenSSO  Introduce and demo OpenID

SSO OverviewSSO Overview  Single Sign On is a property of access control of multiple, related but independent systems. This property allows an user to login and gain access to all systems without logging in in each of them  A group of those linked systems is called a Federation.  A Federated Identity Management provides a standardized central system to manage users’ identities

Roles in a federationRoles in a federation  End User  Identity Provider:  Manage Users’ Identities  Issue Identities  Manage Users  Authenticate Users’ Identities  Service Provider:  Manage access to the service  Check Users’s Identities from Identity Provider  Manage Users’s Profiles

Benefits of SSOBenefits of SSO  Reduce total cost of ownership  Provides measurable ROI across the organization  Helpdesk cost savings  Improve User Productivity and Convenience  Reduce frustration of multiple log-on events  Remembering passwords  Increase Security and Compliance  Strengthen and centralize user access control  Improved reporting and monitoring for regulatory compliance  Allow multi-factor authentication

Some Open SSO SolutionsSome Open SSO Solutions

OpenSSO  OpenSSO is an open source SSO solutions developed by Sun Microsystems Inc (now is subsidiary of Oracle)  OpenSSO provides access management by allowing the implementation of authentication, policy-based authorization, federation, SSO, and web services security from a single, unified framework  OpenSSO usually act as an Identity Provider in a Federation.

What does OpenSSO do ?What does OpenSSO do ?

What does OpenSSO provides ?  Access Control  Federation Management  Web Services Security  Identity Web Services

Demo OpenSSO – Step 1Demo OpenSSO – Step 1  Demonstrate the use of digital certificates to login to Google Apps via OpenSSO  We used services provided by SSOCircle, base on OpenSSO  User go to Google Apps website

Demo OpenSSO – Step 2Demo OpenSSO – Step 2  User is redirected to OpenSSO Login screen.  They can login using various of methods

Demo OpenSSO – Step 3Demo OpenSSO – Step 3  After logging in, I was redirected back to Google Apps  I used a certificate issued by SSOCircle to login

OpenID  An open, decentralized protocols that allow end-users login to multiple services with a single identity  Simple and easy to deploy  Base on mature technology like HTTP, SSL/TLS, Diffie- Hellman  Open, patent free  Supported by a lot of major companies like IBM, Microsoft, Google, Yahoo, AOL.

How does OpenID work ?How does OpenID work ?  Each OpenID is an unique URL   The service provider discover and establish a secure connection with the identity provider  Redirect user to the Identity Provider to login  Redirect back to service provider website  Service provider check OpenID response and grant user access if authenticated.

The popularity of OpenIDThe popularity of OpenID  1 billion OpenID accounts as of 12/2009  9 millions websites have integrated OpenID consumer support.  Major OpenID providers  Google  AOL  Orange  VeriSign  Yahoo  Microsoft

Demo OpenID – Step 1Demo OpenID – Step 1  Facebook allows a Facebook account to be linked with an OpenID account.  In Account Settings screen, you can select an OpenID provider to link accounts with.  I selected Google and enter my Facebook password to continue

Demo OpenID – Step 2Demo OpenID – Step 2  Facebook will redirect me to Google to login  I need to confirm once more to links the 2 accounts  From now on, after logging to Google Accounts, I will be logged in to Facebook automatically

Thank you.Thank you.