CS795/895.NET Passport1. NET PASSPORT &TRUSTBRIDGE SHRIPAD PATIL CS795/895 SECURITY IN DISTRIBUTED SYSTEMS.

Slides:



Advertisements
Similar presentations
Windows 2000 Security --Kerberos COSC513 Project Sihua Xu June 13, 2014.
Advertisements

© 2013 IBM Corporation IBM Security Systems 1 © 2013 IBM Corporation Identity Management And Session Recording A Partnership with IBM and ObserveIT.
SINGLE SIGN-ON. Definition - SSO Single sign-on (SSO) is a session/user authentication process that permits a user to enter one name and password in order.
Prepared by Dept. of Information Technology & Telecommunication, October 24, 2005 Enterprise Directory Services and Identity Management.
Virtual techdays INDIA │ august 2010 Managing Active Directory Using Microsoft Forefront Identity Manager: Amol R Bhandarkar │ Tech Specialist –
 Key exchange o Kerberos o Digital certificates  Certificate authority structure o PGP, hierarchical model  Recovery from exposed keys o Revocation.
PKI 2: Protezione del traffico Web tramite SSL Fabrizio Grossi.
Dr. Sarbari Gupta Electrosoft Services Tel: (703) Security Characteristics of Cryptographic.
An Authorization Service using.NET Passport ™ as underlying Authentication Scheme Bar-Hen Ron Hochberger Daniel Winter 2002 Technion – Israel Institute.
Microsoft Passport Waldemar Swiercz.
Identity and Access Management: Strategy and Solution Sandeep Sinha Lead Product Manager Windows Server Product Management Redmond,
Access Control in IIS 6.0 Windows 2003 Server Prepared by- Shamima Rahman School of Science and Computer Engineering University of Houston - Clear Lake.
Identity and Access Management
Access and Identity Management for Enterprise Portals Rohit Gupta Director, Identity Management Product Management Oracle Corporation.
Authentication via campus single sign-on 2012 VIVO Implementation Fest.
Microsoft Identity and Access Solutions Market Trends and Futures
Single Sign-on Integration (SSI) MSIT 458 – Information Security Project Part 2 Prepared for Professor Yan Chen Prepared by Team Triad Radu Bulgaru Moniza.
© Centrify Corporation. All Rights Reserved. Unified Identity Management across Data Center, Cloud and Mobile.
Dr. John P. Abraham Professor UTPA.  Particularly attacks university computers  Primarily originating from Korea, China, India, Japan, Iran and Taiwan.
Directory and File Transfer Services Chapter 7. Learning Objectives Explain benefits offered by centralized enterprise directory services such as LDAP.
1 ASP.NET SECURITY Presenter: Van Nguyen. 2 Introduction Security is an integral part of any Web-based application. Understanding ASP.NET security will.
Module 1 Introduction to Managing Microsoft® Windows Server® 2008 Environment.
Market Trends Enterprise Web Applications Cloud Computing SaaS Applications BYOD Data Compliance Regulations 30 Second Elevator Pitch Web browsers have.
Session 11: Security with ASP.NET
Module 12: Designing an AD LDS Implementation. AD LDS Usage AD LDS is most commonly used as a solution to the following requirements: Providing an LDAP-based.
National Energy Research Scientific Computing Center (NERSC) Computer Security – The New Threats Stephen Lau NERSC Center Division, LBNL June 24, 2004.
CN1260 Client Operating System Kemtis Kunanuraksapong MSIS with Distinction MCT, MCITP, MCTS, MCDST, MCP, A+
Module 8 Configuring and Securing SharePoint Services and Service Applications.
Designing Active Directory for Security
Using AS 10g with EBS What are the Benefits of Integrating AS 10g with Oracle Applications?
Identity on Force.com & Benefits of SSO Nick Simha.
© Oxford University Press 2011 DISTRIBUTED COMPUTING Sunita Mahajan Sunita Mahajan, Principal, Institute of Computer Science, MET League of Colleges, Mumbai.
TWSd - Security Workshop Part I of III T302 Tuesday, 4/20/2010 TWS Distributed & Mainframe User Education April 18-21, 2010  Carefree Resort  Carefree,
Protect Manage Optimize Why LastPass Enterprise?
Sudha Iyer Principal Product Manager Oracle Corporation.
Identity Solution in Baltic Theory and Practice Viktors Kozlovs Infrastructure Consultant Microsoft Latvia.
Single Sign-On
Planning a Microsoft Windows 2000 Administrative Structure Designing default administrative group membership Designing custom administrative groups local.
Authority of Information Technology Application National Center of Digital Signature Authentication Ninh Binh, June 25, 2010.
Module 8: Designing Security for Authentication. Overview Creating a Security Plan for Authentication Creating a Design for Security of Authentication.
Lieberman Software Random Password Manager & Two-Factor Authentication.
Module 11: Securing a Microsoft ASP.NET Web Application.
Operating System Security Fundamentals Dr. Gabriel.
Qaforum Security Structure. What’s SSO Single sign-on (SSO) is mechanism whereby a single action of user authentication and authorization can permit a.
ITS – Identity Services ONEForest Security Jake DeSantis Keith Brautigam
Free, online, technical courses Take a free online course. Microsoft Virtual Academy.
Access resources in a federation partner organization.
Brian Puhl Principal Technology Architect MSIT Identity & Access Management Microsoft Corporation SESSION CODE: SIA302.
Identity Management and Enterprise Single Sign-On (ESSO)
Security E-Learning Chapter 08. Security Control access to your web site –3 Techinques for Identifying users Giving users access to your site Securing.
Introduction to Microsoft Windows 2000 Security Microsoft Windows 2000 Security Services Overview Security subsystem components Local security authority.
Copyright © 2015 Centrify Corporation. All Rights Reserved. 1 Company Overview & Strategy Lance McAndrew Product Line Sales Engineer.
Slavko Kukrika MVP Connect Windows 10 to the Cloud – Cloud Join.
ASP.NET 2.0 Security Alex Mackman CM Group Ltd
Enterprise Mobility Suite: Simplify security, stay productive Protect data and empower workers Unsecured company data can cost millions in lost research,
Active Directory Domain Services (AD DS). Identity and Access (IDA) – An IDA infrastructure should: Store information about users, groups, computers and.
Windows Active Directory – What is it? Definition - Active Directory is a centralized and standardized system that automates network management of user.
11 | Managing User Info Jeremy Foster Michael Palermo
Secure Connected Infrastructure
Microsoft Passport and Windows Hello Developer’s Guide to Windows 10 Build SDK Update Andy Wigley
Enterprise-level Identity Protection
Deployment Planning Services
Journey to Microsoft Secure Cloud
Radius, LDAP, Radius used in Authenticating Users
Company Overview & Strategy
SINGLE SIGN ON AND SECURITY
Single Sign On Glen Dorton 1/18/2019.
K!M SAA LOGICAL SECURITY Strong Adaptive Authentication
Getting Started With LastPass Enterprise
Presentation transcript:

CS795/895.NET Passport1. NET PASSPORT &TRUSTBRIDGE SHRIPAD PATIL CS795/895 SECURITY IN DISTRIBUTED SYSTEMS

CS795/895.NET Passport2 OVERVIEW  Why Single Sign-on? (sso)  How Passport works?  Security threats  Passport Implementation (.NET)  TrustBridge

CS795/895.NET Passport3 Single Sign-on  The problem  Too many credentials  Which one for which app.  Multiple logon  Business Impact  Increased risk of compromise  Reduced Productivity  Increased helpdesk expenses

CS795/895.NET Passport4 Single sign-on  The problem  Provisioning new accounts  Password management  Auditing user activity  Managing non-user access  Deploying enterprise applications  Impact  No single view of user  Risk of unauthorized access  Delayed access

CS795/895.NET Passport5 Passport - Introduction  single-login system that allows users to navigate across Passport-enabled sites without having to maintain a separate login at each site  User Account contains A Unique Identifier (PUID) A User profile Credentials  3 security levels Standard sign-in Secure channel sign-in Strong credential sign-in

CS795/895.NET Passport6 Passport: How does it works?  Cookies 1.Ticket cookie 2.Profile cookie 3.Visited site cookie

CS795/895.NET Passport7 Problem Areas  Central point of attack  Weak user passwords  Cookies/persistent cookies  Bogus merchant attack  Active attack  DNS Attacks

CS795/895.NET Passport8 2. TrustBridge  Microsoft technology to provide AAA (Authentication, Authorization, Accounting)  Designed to achieve cross-organizational resource sharing  Uses windows active directory  Provides resilient defense against security attacks (data mining, Denial Of Service)  Convenient to use  But, do not provide heterogeneous enterprise system support

CS795/895.NET Passport9 TrustBridge

CS795/895.NET Passport10 Passport Implementation 1.Requirements:- passport SDK, passport manager, IIS, DNS name 2.Register application with.NET service manager 3.Get site ID, Encryption Keys, Certificate 4.Code, test, then deploy passport application 5.Compliance review from Microsoft 6.Launch live web-site

CS795/895.NET Passport11 Thank You…

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.