AUTHENTICATION AS A

SERVICE by TEAM9 SOLUTIONS

AUTHENTICATION AS A

SERVICE by TEAM9 SOLUTIONS

Dr Marc Conrad & Edward Dell-ClientZainab Almusa-Project Manager

Prithak Sharma-PPT Manager

OBJECTIVE

What is Authentication? About cloud computing & its services Authentication as a service(AaaS) Components of AaaS Authentication Federation Advantages of AaaS AaaS Service Providers

AUTHENTICATIONAUTHENTICATION

Authentication is the process of identifying a user

Authentication lets an entity prove who he/she claims to be

Authentication is the process of validating or confirming that access credentials

provided by a user (for instance, a user ID and password) are valid. A user in this case could be a person, another application, or a service Authentication does not guarantee authorization.

CLOUD COMPUTING & SERVICECLOUD COMPUTING & SERVICE

Computing resources are provisioned, used and made available on internet or intranet.

Cloud computing makes heavy use of Virtualization and SDN (software defined networking )

Services that run on top of the cloud computing are called cloud services.

Gmail is a very good example of cloud service.

AUTHENTICATION AS A SERVICE(AaaS)

AUTHENTICATION AS A SERVICE(AaaS)

As online access to services becomes ubiquitous and the cloud access model gains momentum, authentication is increasingly becoming a focal point for security professionals.

With bank accounts, health records, corporate intellectual property and politically sensitive information being just a few clicks away, no matter where in the world you are ,it is natural to worry about the identity of those wishing to gain access .This is where Authentication comes into play

AUTHENTICATION AS A SERVICE(AaaS)

AUTHENTICATION AS A SERVICE(AaaS)

Authentication server and other resources needed for authentication are placed on the internet (cloud) and are used by clients/users that are physically distant.

The authentication servers and other components are now on the cloud and not on the server farm of an enterprise network.

The Cloud Security Alliance (CSA) is a non-profit organization with a mission to promote the use of best practices for providing security within Cloud Computing, and to provide education, led by a broad coalition of industry practitioners, corporations, associations and other key stakeholders.

COMPONENTS OF AaaSCOMPONENTS OF AaaS

Cloud Federation: It refers to the unionization of software, infrastructure and platform services from different networks that can be accessed by a client via the internet. It is important to note that federated cloud computing services still rely on the existence of physical data centers.

Service Provider (SP): Provide hosting authentication service.

Identity Provider (IdP): An authoritative source of identity data for users provides the primary authentication of the user. The Identity Provider can be the service consumer itself, or external to it.

AUTHENTICATION AS A SERVICE(AaaS)

AUTHENTICATION AS A SERVICE(AaaS)

AaaS involves Federated Single Sign-On (SSO) using industry standards such as SAML, OAUTH and OpenID.

Enables 2 factor strong authentication with convenient soft OTP token support.

AUTHENTICATION FEDERATIONAUTHENTICATION FEDERATION

ADVANTAGE OF AaaSADVANTAGE OF AaaS

Elastic capability – scale up/down on demand Resources are abstracted /virtualized Interoperability between different platforms High availability Secure and reliable ( two factor) Pay as you go service or pay per use service (flexible

payment mode) Single Sign On ( SSO)

AaaS SERVICE PROVIDERSAaaS SERVICE PROVIDERS

Support a wide range of tokens and tokenless authentication methods allowing each user to choose the right token type for their individual needs.

Strong authentication can be provided , standards such as RADIUS and SAML and the availability of APIs and agents for other applications.

We support 3rd party tokens ensuring that existing investment in tokens is not lost when users migrate to our solution.

The comprehensive degree of automation in the solution drastically reduces the cost of management and administration.

AaaS SERVICE PROVIDERSAaaS SERVICE PROVIDERS

ConclusionConclusion

Authentication As A Service (AaaS) gives us all the benefits of cloud computing without worrying about the security of our personal or business data.

AaaS also provide the countermeasures against ID theft, sensitive information like credit card, health records etc.