Securing A Cloud Based Application
Access: One enables you to securely bridge your cloud and datacentre environments... Bringing enterprise class security and single sign-on to the cloud.
Video Transcript
Securing A Cloud Based Application
---------
Consider the challenges of securing a service in a cloud
Today you have two choices for managing the process of authenticating users:
-
Either you deploy an Authentication Server into the cloud – reducing the potential costs savings of adopting a cloud model – and increasing the overhead in terms of user management;
- Or you connect the cloud based application to services hosted in your datacentre – if you need Active Directory or Two-Factor authentication you are exposing a lot of critical services.
With Access: One there is no requirement for the Authentication Servers to reside inside the cloud – but it enables you to leverage your entire existing security infrastructure to secure your application.
---------
Consider this scenario. Inside our datacentre we have an Active Directory Server, An LDAP Server and a Two-Factor Authentication Manager.
---------
We now deploy an new application into a cloud environment.
---------
Access:One allows you to define the authentication workflow, Authorisation Model and to specify additional Attributes to be collected and provided to the application as part of the authentication process.
---------
Our user points their browser at the Application, and is prompted with a login page.
---------
The activities taking place behind the scenes are invisible to the user – what's more, implementing Access: One didn't require any code changes to the application.
The application has made a secure connection to Access:One and asked if the user is authenticated to logon to the Application.
---------
Access:One has reviewed the defined workflow for this particular application, and determined that the user needs to provide an Active Directory Username and Password – followed by the ID on their Hardware Token.
---------
Access:One presents the user with a login page designed to appear as part of the Secured application
The user provides the requested information
---------
Access:One now requests the user provide their Token ID – which it also validates with the Two-Factor Authentication Manager.
---------
A session has now been created within the Access:One Session Database.
---------
Access:One redirects the Users Browser back to the original URL they were trying to access.
---------
The Application repeats the process of checking if the user is Authenticated.
---------
This time a session is located, and the user is logged on.
---------
Access:one does not require any further involvement unless the application requires to step up the level of authorisation.
Access:One supports a number of third party Authentication Servers and is SAML compliant.
Most Recent Comments
There are no comments posted for this entry yet
Please leave a comment
© Copyright 2012 Pirean Limited. All rights reserved. Registered in England Number 4453109 | VAT No. 797448854.
Privacy Policy | Terms & Conditions