Scribd Logo
Unggah

Selamat datang di Scribd!

  • Context Based Authentication

    Diunggah oleh

    PistolStar Tailored Authentication
    73 tayangan25 halaman
    Contextual Authentication, also known as Risk-based Authentication, is matching the level of authentication to the expected impact of the surrounding events. Simply put, contextual authentication dynamically establishes the level of credibility of each user in real-time and uses this information to change the level of authentication required to access an application. Tutorial: http://pg.portalguard.com/contextual_authentication_tutorial

    Hak Cipta

    © Attribution Non-Commercial (BY-NC)

    Format Tersedia

    PDF, TXT atau baca online dari Scribd

    Apakah menurut Anda dokumen ini bermanfaat?

    Apakah konten ini tidak pantas?

    Laporkan Dokumen Ini
    Contextual Authentication, also known as Risk-based Authentication, is matching the level of authentication to the expected impact of the surrounding events. Simply put, contextual authentication dynamically establishes the level of credibility of each user in real-time and uses this information to change the level of authentication required to access an application. Tutorial: http://pg.portalguard.com/contextual_authentication_tutorial

    Hak Cipta:

    Attribution Non-Commercial (BY-NC)
    Unduh sebagai PDF, TXT atau baca online dari Scribd
    Tandai sebagai konten tidak pantas
    73 tayangan25 halaman

    Context Based Authentication

    Diunggah oleh

    PistolStar Tailored Authentication
    Contextual Authentication, also known as Risk-based Authentication, is matching the level of authentication to the expected impact of the surrounding events. Simply put, contextual authentication dynamically establishes the level of credibility of each user in real-time and uses this information to change the level of authentication required to access an application. Tutorial: http://pg.portalguard.com/contextual_authentication_tutorial

    Hak Cipta:

    Attribution Non-Commercial (BY-NC)
    Unduh sebagai PDF, TXT atau baca online dari Scribd
    Tandai sebagai konten tidak pantas
    dari 25

    Understanding PortalGuards

    Contextual Authentication: A Multi-factor Approach

    Highlighting the Multi-factor Authentication Layer of the PortalGuard Platform

    By the end of this tutorial you will be able to

    Define PortalGuard
    Understand the barriers to increasing security Discover PortalGuards Contextual Authentication (CBA) See the Step-by-step Authentication Process

    Know the Technical Requirements

    The PortalGuard software is a Contextual Authentication platform which is focused on enhancing usability, while maintaining a balance between security, auditing and compliance for your web, desktop and mobile applications.
    Usability Single Sign-on
    Password Management Password Synchronization Self-service Password Reset

    Security
    Knowledge-based Two-factor Authentication

    Contextual Authentication
    Real-time Reports/Alerts

    Before going into the details


    Configurable by user, group or application

    Stop making assumptions about who is accessing your applications


    Adjust the authentication method dynamically with every access request Gain insight into user access scenarios Cost effective and competitively priced Tailored Authentication for an exact fit

    Remote Access

    Security vs. Usability

    Two-factor Authentication for All Users = No Flexibility Although desirable for security the barriers are overwhelming
    Not able to adapt to different access scenarios Requires dedicated IT resources and hardware High total cost of ownership Increased Help Desk calls due to user frustrations

    Two-factor Authentication for All Users = No Flexibility

    Is there a midpoint between passwords and two-factor authentication?

    Contextual Authentication is the Midpoint. Apply the appropriate authentication level


    Location
    Time
    Password-based

    Device
    Network Application
    Password-based Multi-factor

    Cost effective Flexible

    Five authentication methods:

    Password-based Single Sign-on Contextual Authentication (CBA) Two-factor Authentication Knowledge-based


    Two-factor authentication options soft tokens
    SAML single sign-on

    Real-time activity alerts Notifications & Reporting

    Increased security without impacting the user experience

    Increase usability for authorized users while creating barriers for unauthorized users Flexibility - configurable to the user, group or application levels
    Lower total cost of ownership than hard token two-factor authentication alternatives

    Reduce threats using a proactive approach


    Gather Insight analyze contextual data reports

    Authentication Method:
    Single sign-on: username and password (single password for multiple systems) Password-based: username and password Knowledge-based: username, password and challenge question One-time Password (OTP): username and OTP Multi-factor: username, password and OTP or contextual data

    Credibility Score:
    A numeric value that is used to determine the appropriate authentication method based on a set of ranges.

    Credibility Policy:
    A configurable policy based on categories and identifiers to which you can assign a score.

    Weight:
    An optional percentage for each category that adjusts the categorys impact on the credibility score versus other categories.

    Application Realms:
    Identifies an application and assigns a weight to that application that adjusts the overall credibility score.

    HOW IT WORKS

    Analysis Mode:
    Recommended for a 60-90 day period to establish a baseline for the environment.

    Client-side Browser Add-on:


    Optional to collect users contextual data and can be installed silently using a standard MSI.

    Step 2:
    The user begins the login process by entering their username and clicking Continue.

    Step 3:
    The PortalGuard server identifies the users credibility policy and computes the following:
    Gross score for each category Any category weight impact to the score Net score from the policy and weights Modification due to sensitivity of requested application

    Step 4:
    Contextual data is sent from the client-side browser add-on to the PortalGuard server. The PortalGuard server looks up the appropriate authentication method using the final credibility score and previously set ranges.

    PortalGuard enforced the appropriate authentication method for the users current access attempt. The user provides the required credentials to successfully complete their access request and login.

    Configurable through the PortalGuard Configuration Utility:


    Enable or Disable CBA Assign users or groups to individual credibility policies Credibility Policy:
    Client Type Use Category Weighting Enforce Application Realms Display Scoring UI Categories Weight Identifiers Credibility Score

    Configurable through the PortalGuard Configuration Utility:


    Default Ranges: Start and End Scores Authentication Types Alert On or Off

    Configurable through the PortalGuard Configuration Utility:


    Application Realms

    TECHNICAL REQUIREMENTS

    A MSI is used to install PortalGuard on IIS 6 or 7.x.


    This version of PortalGuard supports direct access and authentication to cloud/browser-based applications, only.
    IBM WebSphere/WebSphere Portal v5.1 or higher Microsoft IIS 6.0 or higher Microsoft Windows SharePoint Services 3.0 or higher Microsoft Office SharePoint Server 2007 or later

    .NET 2.0 framework or later must be installed (64-bit OS only) Microsoft Visual C++ 2005 SP1 Redistributable Package (x64) Microsoft Windows Server 2000 Microsoft Windows Server 2003 (32 or 64-bit) Microsoft Windows Server 2008 (32 or 64-bit) Microsoft Windows Server 2008 R2

    THANK YOU
    For more information visit PortalGuard.com or Contact Us

    Anda mungkin juga menyukai