federated identity sso and multifactor authentication
play

Federated Identity, SSO and Multifactor Authentication June 23 rd , - PowerPoint PPT Presentation

Feb 06, 2023 •414 likes •542 views

Computing Services and Systems Development Federated Identity, SSO and Multifactor Authentication June 23 rd , 2017 Computing Services and Systems Development F EDERATED I DENTITY , SSO AND MFA @ THE U NIVERSITY OF P ITTSBURGH Tony Carra

  1. Computing Services and Systems Development Federated Identity, SSO and Multifactor Authentication June 23 rd , 2017

  2. Computing Services and Systems Development F EDERATED I DENTITY , SSO AND MFA @ THE U NIVERSITY OF P ITTSBURGH Tony Carra

  3. Computing Services and Systems Development Pitt Passport • Single Sign-on service • Grants access to Web Based Services such as; – My.Pitt.edu – CourseWeb (Blackboard) – Student Information System – Box – Office 365 – Many Others

  4. Computing Services and Systems Development Features of Pitt Passport • Consistent – Consistent, trusted login experience; passport.pitt.edu • Multifactor Authentication – Enhanced security with added layer • Login History

  5. Computing Services and Systems Development Technology behind Pitt Passport • Shibboleth • Pitt Passport is more than just Shibboleth… – Central Database / Registry – Active Directory – Provisioning System

  6. Computing Services and Systems Development Pitt Passport and IAM system Human Student ID Center UPMC Resources System System Systems System Account Act Mgt Web Central Management Service Directory Web Site System Identity Provisioning System Other University Box Other Cloud Systems Applications Panopto Active Directory Office 365 Active Directory in Pitt Passport Azure

  7. Computing Services and Systems Development Groups • Managed via Web Based Application • Allows flexibility…for Users and Departments – Create Groups – Maintain membership – Can be used through-out many different applications

  8. Computing Services and Systems Development Why Shibboleth? • Reduced number of IDs and passwords for end users • Works with SAML 2.0 • Easy to customize for different configurations • Built for High Ed and Research organizations

  9. Computing Services and Systems Development Multifactor Authentication in Pitt Passport • Provided by Duo Security • Adds a layer of security • Requires 2 “Factors” to verify identity – Something you Know – Something you Have

  10. Computing Services and Systems Development Multifactor Authentication (cont.) • Benefits: – Secure – Efficient – Convenient

  11. Computing Services and Systems Development Joining InCommon Federation • Implementation of Service Providers • Trusted Partners – Level of Trust – Others Universities working with partners • Certificates

  12. Computing Services and Systems Development Thank You Questions?

Recommend

National Cybersecurity Center of Excellence Multifactor Authentication for e-Commerce Project

National Cybersecurity Center of Excellence Multifactor Authentication for e-Commerce Project

National Cybersecurity Center of Excellence Multifactor Authentication for e-Commerce Project Cloud Identity Summit June 19, 2017 PROJECT OVERVIEW Overview U.S. adoption of credit cards equipped with computer chips helps retailers achieve

364 views • 15 slides
IRODS AND FEDERATED IDENTITY AUTHENTICATION CURRENT LIMITATIONS AND PERSPECTIVE Claudio

IRODS AND FEDERATED IDENTITY AUTHENTICATION CURRENT LIMITATIONS AND PERSPECTIVE Claudio

IRODS AND FEDERATED IDENTITY AUTHENTICATION CURRENT LIMITATIONS AND PERSPECTIVE Claudio Cacciari, claudio.cacciari@surfsara.nl SURF UGM 2020, June 10 th 2020 IRODS and SURF SURF is the collaborative organisation for ICT in Dutch education

669 views • 34 slides
#7 Thinking in possibilities for federated log out. Marcel den Reijer & Fouad Makioui

#7 Thinking in possibilities for federated log out. Marcel den Reijer & Fouad Makioui

#7 Thinking in possibilities for federated log out. Marcel den Reijer & Fouad Makioui February 7, 2017 Supervised by Thijs Kinkhorst & Joost van Dijk Introduction Authentication & Authorization Federated identity SAML 2.0 and

288 views • 24 slides
Lets get a federated identity Do you have access to your email? Youll need a valid email

Lets get a federated identity Do you have access to your email? Youll need a valid email

Lets get a federated identity Do you have access to your email? Youll need a valid email address Intro to Federated Identity Do you have an account from Protect Network or Twitter You can skip ahead! EuroCAMP Training for

104 views • 7 slides
Hardening PGP using GnuPG and Yubikey hybrid multifactor authentication and cryptography John

Hardening PGP using GnuPG and Yubikey hybrid multifactor authentication and cryptography John

Hardening PGP using GnuPG and Yubikey hybrid multifactor authentication and cryptography John Roman Linux System Administrator RAND Corporation SCALE 2017 Roman, John PGP PGP 101 public/private keyrings Roman, John PGP PGP 101

690 views • 42 slides
Hardening PGP using GnuPG and Yubikey hybrid multifactor authentication and cryptography John

Hardening PGP using GnuPG and Yubikey hybrid multifactor authentication and cryptography John

Hardening PGP using GnuPG and Yubikey hybrid multifactor authentication and cryptography John Roman Linux System Administrator RAND Corporation SCALE 2017 Roman, John PGP PGP 101 public/private keyrings Roman, John PGP PGP 101

471 views • 43 slides
External Identity and Authentication Providers For Apache HTTP Server Jan Pazdziora Principal

External Identity and Authentication Providers For Apache HTTP Server Jan Pazdziora Principal

External Identity and Authentication Providers For Apache HTTP Server Jan Pazdziora Principal Software Engineer Identity Management Engineering, Red Hat 17 th November 2014 Basic Authentication The only authentication option in 1996 when

393 views • 21 slides
2nd Meeting of ICAC Federated Identity Status & Plans Mine Altunay October 15, 2019 Current

2nd Meeting of ICAC Federated Identity Status & Plans Mine Altunay October 15, 2019 Current

2nd Meeting of ICAC Federated Identity Status & Plans Mine Altunay October 15, 2019 Current Status Adoption of Federated Identity and Access Control is one of the top priorities for the lab Crucial for our success with DUNE,

403 views • 13 slides
UCSB Identity and LDAP The central campus directory and authentication system UCSB Identity

UCSB Identity and LDAP The central campus directory and authentication system UCSB Identity

UCSB Identity and LDAP The central campus directory and authentication system UCSB Identity System UCSBnetID authentication UCSB-wide student and employee info http://www.identity.ucsb.edu/ LDAP Overview Lightweight Directory Access Protocol

604 views • 24 slides
Using Digital Certificates to Establish Federated Trust chris.brown@enspier.com U.S.

Using Digital Certificates to Establish Federated Trust chris.brown@enspier.com U.S.

Using Digital Certificates to Establish Federated Trust chris.brown@enspier.com U.S. E-Authentication Interoperability Lab Engineer Agenda U.S. Federal E-Authentication Background Current State of PKI in E-Authentication Future of

675 views • 52 slides
Authoritative Quality From Campus Identity Management to a Federated Solution EuroCAMP, Porto,

Authoritative Quality From Campus Identity Management to a Federated Solution EuroCAMP, Porto,

Authoritative Quality From Campus Identity Management to a Federated Solution EuroCAMP, Porto, 2005-11-07 Ingrid Melve, FEIDE manager From campus identity management to a federated solution Case: FEIDE Campus Identity Management 2

655 views • 30 slides
Multifactor Authentication based on User Contextual Data and the Mobile Web September 11, 2014

Multifactor Authentication based on User Contextual Data and the Mobile Web September 11, 2014

Open Source Open Possibilities Multifactor Authentication based on User Contextual Data and the Mobile Web September 11, 2014 W3C Web Crypto Workshop Open Source Open Possibilities PAGE 1 Introduction The web ecosystem is trying to move

657 views • 11 slides
HOST Authentication Overview ECE 525 Authentication Overview Authentication refers to the

HOST Authentication Overview ECE 525 Authentication Overview Authentication refers to the

HOST Authentication Overview ECE 525 Authentication Overview Authentication refers to the process of verifying the identity of the communicating principals to one another Usually sub-divided into Entity authentication Authentication

288 views • 10 slides
Mobile Provided Identity Authentication on the Web tle pt by Jonas Hgberg, Ericsson for W3C

Mobile Provided Identity Authentication on the Web tle pt by Jonas Hgberg, Ericsson for W3C

Mobile Provided Identity Authentication on the Web tle pt by Jonas Hgberg, Ericsson for W3C s WS on Identity in the Browser tle pt 24-5th May 11 Mountain View, CA, USA Mobile Provided Identity Authentication itle on the Web pt

298 views • 13 slides
EUDAT: Towards a pan-European Collaborative Data Infrastructure Federated Identity Management and

EUDAT: Towards a pan-European Collaborative Data Infrastructure Federated Identity Management and

EUDAT: Towards a pan-European Collaborative Data Infrastructure Federated Identity Management and Access Control Mark van de Sanden SARA, The Netherlands Terena VAMP workshop Utrecht, 6-7 September 2012 Outline Project Core Services

435 views • 16 slides
A2: Broken Authentication and Session Management But first Authentication, Authorization,

A2: Broken Authentication and Session Management But first Authentication, Authorization,

A2: Broken Authentication and Session Management But first Authentication, Authorization, Sessions Authentication Determining user identity Multiple ways What you know (password) What you have (phone, RSA SecureID, Yubikey)

1.57k views • 28 slides
Strong Authentication without Tamper-Resistant Hardware and Application to Federated Identities

Strong Authentication without Tamper-Resistant Hardware and Application to Federated Identities

Strong Authentication without Tamper-Resistant Hardware and Application to Federated Identities Zhenfeng Zhang , Yuchen Wang , Kang Yang Institute of Software, Chinese Academy of Sciences; The Joint Academy of Blockchain

869 views • 25 slides
User Authentication for Emerging Interfaces Nasir Memon Tandon School of Engineering New York

User Authentication for Emerging Interfaces Nasir Memon Tandon School of Engineering New York

User Authentication for Emerging Interfaces Nasir Memon Tandon School of Engineering New York University Identity Identity and Authentication What is identity? A computers representation of an unique entity (principal). What is

675 views • 56 slides
Outline Authentication and Identity Management Authentication Computer Security: Security at

Outline Authentication and Identity Management Authentication Computer Security: Security at

Authentication and Identity Management Authentication and Identity Management Operating System and Network Security Operating System and Network Security Cyber war and terrorism Radboud University Nijmegen Cyber war and terrorism Radboud

590 views • 9 slides
Federated Identity Providers and the Ipsilon project Simo Sorce Sr. Princ. Sw. Engineer, Red Hat

Federated Identity Providers and the Ipsilon project Simo Sorce Sr. Princ. Sw. Engineer, Red Hat

Federated Identity Providers and the Ipsilon project Simo Sorce Sr. Princ. Sw. Engineer, Red Hat 2015/02/06 What is Federation ? In a nutshell: Dealing with users that you do not control on your own. To do that you need to trust a third party

480 views • 23 slides
Authentication, vulnerabilities, exploits, and the secure design principles of Saltzer and

Authentication, vulnerabilities, exploits, and the secure design principles of Saltzer and

Authentication, vulnerabilities, exploits, and the secure design principles of Saltzer and Schroeder Authentication in general Bishop: Authentication is the binding of an identity to a principal. Network-based authentication mechanisms

1.6k views • 43 slides
FIM4L Federated Identity Management for Libraries Nick Roy 40th REFEDS Meeting Tallinn, Estonia

FIM4L Federated Identity Management for Libraries Nick Roy 40th REFEDS Meeting Tallinn, Estonia

FIM4L Federated Identity Management for Libraries Nick Roy 40th REFEDS Meeting Tallinn, Estonia 1 The Beginning Project AARC presentation at LIBER 2018 conference in Lille, by Peter Gietz (DAASI international), Jiri Pavlik (Moravian

736 views • 11 slides
Modelling and Analysing an Identity Federation Protocol: Federated Network Providers Scenario

Modelling and Analysing an Identity Federation Protocol: Federated Network Providers Scenario

Modelling and Analysing an Identity Federation Protocol: Federated Network Providers Scenario Maurice ter Beek (FMT, ISTICNR, Pisa, Italy) joint work with Marinella Petrocchi (IITCNR, Pisa, Italy) Corrado Moiso (Telecom Italia, Torino,

559 views • 28 slides
DIGITAL IDENTITY Ben Livshits, Microsoft Research Overview of Todays Lecture 2 Brief

DIGITAL IDENTITY Ben Livshits, Microsoft Research Overview of Todays Lecture 2 Brief

DIGITAL IDENTITY Ben Livshits, Microsoft Research Overview of Todays Lecture 2 Brief history of user Popular identity identities protocols SAML Single sign-on OpenID InfoCard and CardSpace Federated identity

786 views • 66 slides

More recommend