Quick Contact


    ldentity-as-a-Service

    Every business that uses software systems as a primary function expects it’s employees to be signed into the system to perform various activities.

    These software systems schemes may be either based on local servers or operated off the cloud. Some of the issues that an employee can face are mentioned below:

    • Remembering various username and password combinations for multiple systems access.
    • If an employee leaves the company, it is important to guarantee that the account of each user has been disabled. This raises the workload for IT workers.
    • A new methodology, known as Identity as a Service (IDaaS), has emerged to solve the above problems.
    • IDaaS provides identity (information) management as a digital entity. During electronic transactions, this identification can be used.
    Identity Management

    Identity refers to a collection of relatable attributes that can be utilized to make something identifiable. Numerous objects may have the same attributes, but it would not be possible for all of them to have the same identity. Using identification attributes that are unique, this exclusive identity is assigned.

    There are many identity services that have been used to verify services, such as website authentication, purchases, participants in transactions, clients, etc. Some services and systems that constitute Identity as a Service are:

    • SSO (Single sign-on) services
    • Federated Systems
    • Directory Services
    • Registration
    • Services for Authentication
    • Risk and occurrence tracking
    • Profile & Identity Management
    SSO (Single Sign-On)

    Companies also use Single Sign-On software, which enables the user to login only once and handles the user’s access to other systems. Single Sign On capabilities are used to address the issue of using various username & password combinations with different servers.

    As seen in the diagram below, SSO has a single authentication server, handling multiple accesses to other systems:

    ldentity-as-a-Service

    >

    WORKING SSO

    There are several SSO implementations. Here we will address the typical activity of SSO:

    ldentity-as-a-Service

    >

    The function of Single Sign-On software is described in the following steps:

    1. The user uses a username and a password to log into the authentication server.
    2. The authentication server returns a ticket to the customer.
    3. The ticket is submitted by the user to an intranet server.
    4. The intranet server sends the ticket to the server for authentication.
    5. The authentication server sends back the security credentials of the user to the intranet server for that server.

    In case of employee exits; when an employees moves out of an organization all that needs to be done to stop the exited employee’s access from all systems is to disable the user’s profile on the Authentication server.By doing just this one task; the employees access to all the organizations systems get disabled.

    FIDM (Federated Identity Management)

    Federated identity management allows users to access applications and services across multiple trusted domains using a single digital identity. FIDM defines the technologies and protocols that allow security credentials to be bundled across security domains by a user. Security Markup Language (SAML) is used to pack a user’s security credentials, as seen in the diagram below:

    ldentity-as-a-Service

    >

    OpenID

    It provides users with a single account to log into multiple websites. Microsoft, Google! Some of the businesses that support OpenID are Flickr, MySpace and WordPress.com.

    Advantages
    • Increased conversation rates for sites.
    • Higher user profile content access.
    • Less password failure issues.
    • Ease of incorporation of content into social networking sites.

    Copyright 1999- Ducat Creative, All rights reserved.