SlideShare a Scribd company logo

Context Based Authentication

PortalGuard dba PistolStar, Inc.
PortalGuard dba PistolStar, Inc.

Contextual Authentication, also known as Risk-based Authentication, is matching the level of authentication to the expected impact of the surrounding events. Simply put, contextual authentication dynamically establishes the level of credibility of each user in real-time and uses this information to change the level of authentication required to access an application. Please see a link to live tutorial here: http://pg.portalguard.com/contextual_authentication_tutorial

Technology
1 of 25
Download to read offline
Understanding PortalGuard’s Contextual Authentication: A Multi-factor Approach Highlighting the Multi-factor Authentication Layer of the PortalGuard Platform
By the end of this tutorial you will be able to… • Define PortalGuard • Understand the barriers to increasing security • Discover PortalGuard’s Contextual Authentication (CBA) • See the Step-by-step Authentication Process • Know the Technical Requirements
The PortalGuard software is a Contextual Authentication platform which is focused on enhancing usability, while maintaining a balance between security, auditing and compliance for your web, desktop and mobile applications. Usability Security • Single Sign-on • Knowledge-based • Password Management • Two-factor Authentication • Password Synchronization • Contextual Authentication • Self-service Password Reset • Real-time Reports/Alerts
Before going into the details… • Configurable by user, group or application • Stop making assumptions about who is accessing your applications • Adjust the authentication method dynamically with every access request • Gain insight into user access scenarios • Cost effective and competitively priced • Tailored Authentication for an exact fit
Remote Access Security vs. Usability =
Two-factor Authentication for All Users = No Flexibility Although desirable for security the barriers are overwhelming… • Not able to adapt to different access scenarios • Requires dedicated IT resources and hardware • High total cost of ownership • Increased Help Desk calls due to user frustrations
Two-factor Authentication for All Users = No Flexibility Is there a midpoint between passwords and two-factor authentication?
Contextual Authentication is the Midpoint. Apply the appropriate authentication level… • Location Password-based • Time • Device • Network Multi-factor • Application Password-based
• Cost effective • Flexible • Five authentication methods: Password-based Single Sign-on Contextual Authentication (CBA) Two-factor Authentication Knowledge-based • Two-factor authentication options – soft tokens • SAML single sign-on • Real-time activity alerts • Notifications & Reporting
• Increased security – without impacting the user experience • Increase usability for authorized users while creating barriers for unauthorized users • Flexibility - configurable to the user, group or application levels • Lower total cost of ownership than hard token two-factor authentication alternatives • Reduce threats using a proactive approach • Gather Insight – analyze contextual data reports
Authentication Method: • Single sign-on: username and password (single password for multiple systems) • Password-based: username and password • Knowledge-based: username, password and challenge question • One-time Password (OTP): username and OTP • Multi-factor: username, password and OTP or contextual data
Credibility Score: A numeric value that is used to determine the appropriate authentication method based on a set of ranges. Credibility Policy: A configurable policy based on categories and identifiers to which you can assign a score.
Weight: An optional percentage for each category that adjusts the category’s impact on the credibility score versus other categories. Application Realms: Identifies an application and assigns a weight to that application that adjusts the overall credibility score.
HOW IT WORKS
Analysis Mode: Recommended for a 60-90 day period to establish a baseline for the environment.
Client-side Browser Add-on: Optional to collect users contextual data and can be installed silently using a standard MSI.
Step 2: The user begins the login process by entering their username and clicking “Continue”. Step 3: The PortalGuard server identifies the user’s credibility policy and computes the following: • Gross score for each category • Any category weight impact to the score • Net score from the policy and weights • Modification due to sensitivity of requested application
Step 4: Contextual data is sent from the client-side browser add-on to the PortalGuard server. The PortalGuard server looks up the appropriate authentication method using the final credibility score and previously set ranges. PortalGuard enforced the appropriate authentication method for the user’s current access attempt. The user provides the required credentials to successfully complete their access request and login.
Configurable through the PortalGuard Configuration Utility: • Enable or Disable CBA • Assign users or groups to individual credibility policies • Credibility Policy: • Client Type • Use Category Weighting • Enforce Application Realms • Display Scoring UI • Categories • Weight • Identifiers • Credibility Score
Configurable through the PortalGuard Configuration Utility: • Default Ranges: • Start and End Scores • Authentication Types • Alert On or Off
Configurable through the PortalGuard Configuration Utility: • Application Realms
TECHNICAL REQUIREMENTS
A MSI is used to install PortalGuard on IIS 6 or 7.x. This version of PortalGuard supports direct access and authentication to cloud/browser-based applications, only. • IBM WebSphere/WebSphere Portal v5.1 or higher • Microsoft IIS 6.0 or higher • Microsoft Windows SharePoint Services 3.0 or higher • Microsoft Office SharePoint Server 2007 or later • .NET 2.0 framework or later must be installed • (64-bit OS only) Microsoft Visual C++ 2005 SP1 Redistributable Package (x64) • Microsoft Windows Server 2000 • Microsoft Windows Server 2003 (32 or 64-bit) • Microsoft Windows Server 2008 (32 or 64-bit) • Microsoft Windows Server 2008 R2
THANK YOU For more information visit PortalGuard.com or Contact Us

Recommended

Honey encryption
Honey encryption Honey encryption
Honey encryption SahadebBarman
 
Introduction to Self Sovereign Identity
Introduction to Self Sovereign IdentityIntroduction to Self Sovereign Identity
Introduction to Self Sovereign IdentityHeather Vescent
 
Présentation sécurité informatique naceur chafroud de cynapsys
Présentation sécurité informatique naceur chafroud de cynapsysPrésentation sécurité informatique naceur chafroud de cynapsys
Présentation sécurité informatique naceur chafroud de cynapsysJihen KOCHBATI
 
Cloud security and compliance ppt
Cloud security and compliance pptCloud security and compliance ppt
Cloud security and compliance pptKrupa Rajani
 
cloud security ppt
cloud security ppt cloud security ppt
cloud security ppt Devyani Vaidya
 
L’iam : au-delà des idées reçues, les clés de la gestion des identités et des...
L’iam : au-delà des idées reçues, les clés de la gestion des identités et des...L’iam : au-delà des idées reçues, les clés de la gestion des identités et des...
L’iam : au-delà des idées reçues, les clés de la gestion des identités et des...Identity Days
 
Introduction a la securité informatique Volume1
Introduction a la securité informatique Volume1Introduction a la securité informatique Volume1
Introduction a la securité informatique Volume1Sylvain Maret
 
Presentación csirt campus 21 OCT 2011
Presentación csirt campus 21 OCT 2011Presentación csirt campus 21 OCT 2011
Presentación csirt campus 21 OCT 2011Julio C. Hidalgo
 

Recommended

Honey encryption
Honey encryption Honey encryption
Honey encryption SahadebBarman
 
Introduction to Self Sovereign Identity
Introduction to Self Sovereign IdentityIntroduction to Self Sovereign Identity
Introduction to Self Sovereign IdentityHeather Vescent
 
Présentation sécurité informatique naceur chafroud de cynapsys
Présentation sécurité informatique naceur chafroud de cynapsysPrésentation sécurité informatique naceur chafroud de cynapsys
Présentation sécurité informatique naceur chafroud de cynapsysJihen KOCHBATI
 
Cloud security and compliance ppt
Cloud security and compliance pptCloud security and compliance ppt
Cloud security and compliance pptKrupa Rajani
 
cloud security ppt
cloud security ppt cloud security ppt
cloud security ppt Devyani Vaidya
 
L’iam : au-delà des idées reçues, les clés de la gestion des identités et des...
L’iam : au-delà des idées reçues, les clés de la gestion des identités et des...L’iam : au-delà des idées reçues, les clés de la gestion des identités et des...
L’iam : au-delà des idées reçues, les clés de la gestion des identités et des...Identity Days
 
Introduction a la securité informatique Volume1
Introduction a la securité informatique Volume1Introduction a la securité informatique Volume1
Introduction a la securité informatique Volume1Sylvain Maret
 
Presentación csirt campus 21 OCT 2011
Presentación csirt campus 21 OCT 2011Presentación csirt campus 21 OCT 2011
Presentación csirt campus 21 OCT 2011Julio C. Hidalgo
 
BlueHat 2014 - The Attacker's View of Windows Authentication and Post Exploit...
BlueHat 2014 - The Attacker's View of Windows Authentication and Post Exploit...BlueHat 2014 - The Attacker's View of Windows Authentication and Post Exploit...
BlueHat 2014 - The Attacker's View of Windows Authentication and Post Exploit...Benjamin Delpy
 
Hyperledger Indy tutorial
Hyperledger Indy tutorialHyperledger Indy tutorial
Hyperledger Indy tutorialssuser3993f3
 
An introduction to Cyber Essentials
An introduction to Cyber EssentialsAn introduction to Cyber Essentials
An introduction to Cyber EssentialsJisc
 
PPT on Phishing
PPT on PhishingPPT on Phishing
PPT on PhishingPankaj Yadav
 
Introduction to Self-Sovereign Identity
Introduction to Self-Sovereign IdentityIntroduction to Self-Sovereign Identity
Introduction to Self-Sovereign IdentityKaryl Fowler
 
Mod security
Mod securityMod security
Mod securityShruthi Kamath
 
Phishing, pièce jointe piégée : Que cachent-les-mails ?
Phishing, pièce jointe piégée : Que cachent-les-mails ?Phishing, pièce jointe piégée : Que cachent-les-mails ?
Phishing, pièce jointe piégée : Que cachent-les-mails ?Bitdefender en France
 
Final presentation january iia cybersecurity securing your 2016 audit plan
Final presentation january iia cybersecurity securing your 2016 audit planFinal presentation january iia cybersecurity securing your 2016 audit plan
Final presentation january iia cybersecurity securing your 2016 audit planCameron Forbes Over
 
MITRE ATT&CKcon 2018: ATT&CK as a Teacher, Travis Smith, Tripwire
MITRE ATT&CKcon 2018: ATT&CK as a Teacher, Travis Smith, TripwireMITRE ATT&CKcon 2018: ATT&CK as a Teacher, Travis Smith, Tripwire
MITRE ATT&CKcon 2018: ATT&CK as a Teacher, Travis Smith, TripwireMITRE - ATT&CKcon
 
Token-based uthentication
Token-based uthenticationToken-based uthentication
Token-based uthenticationWill Adams
 
La sécurité informatique expliquée aux salariés
La sécurité informatique expliquée aux salariésLa sécurité informatique expliquée aux salariés
La sécurité informatique expliquée aux salariésNRC
 
Six Degrees of Domain Admin - BloodHound at DEF CON 24
Six Degrees of Domain Admin - BloodHound at DEF CON 24Six Degrees of Domain Admin - BloodHound at DEF CON 24
Six Degrees of Domain Admin - BloodHound at DEF CON 24Andy Robbins
 
Chapter 6 network security
Chapter 6 network securityChapter 6 network security
Chapter 6 network securitySyaiful Ahdan
 
Cloud Security Fundamentals Webinar
Cloud Security Fundamentals WebinarCloud Security Fundamentals Webinar
Cloud Security Fundamentals WebinarJoseph Holbrook, Chief Learning Officer (CLO)
 
OpenID Connect 4 SSI
OpenID Connect 4 SSIOpenID Connect 4 SSI
OpenID Connect 4 SSITorsten Lodderstedt
 
Penetration Testing Basics
Penetration Testing BasicsPenetration Testing Basics
Penetration Testing BasicsRick Wanner
 
Threat Modeling In 2021
Threat Modeling In 2021Threat Modeling In 2021
Threat Modeling In 2021Adam Shostack
 
Reconnaissance & Scanning
Reconnaissance & ScanningReconnaissance & Scanning
Reconnaissance & Scanningamiable_indian
 
Linux privilege escalation 101
Linux privilege escalation 101Linux privilege escalation 101
Linux privilege escalation 101Rashid feroz
 
Social Engineering and What to do About it
Social Engineering and What to do About itSocial Engineering and What to do About it
Social Engineering and What to do About itAleksandr Yampolskiy
 
Digital Platform Selection Best Practices
Digital Platform Selection Best PracticesDigital Platform Selection Best Practices
Digital Platform Selection Best Practicesedynamic
 
Enterprise workspaces - Extending SAP NetWeaver Portal capabilities
Enterprise workspaces - Extending SAP NetWeaver Portal capabilities Enterprise workspaces - Extending SAP NetWeaver Portal capabilities
Enterprise workspaces - Extending SAP NetWeaver Portal capabilities SAP Portal
 

More Related Content

What's hot

BlueHat 2014 - The Attacker's View of Windows Authentication and Post Exploit...
BlueHat 2014 - The Attacker's View of Windows Authentication and Post Exploit...BlueHat 2014 - The Attacker's View of Windows Authentication and Post Exploit...
BlueHat 2014 - The Attacker's View of Windows Authentication and Post Exploit...Benjamin Delpy
 
Hyperledger Indy tutorial
Hyperledger Indy tutorialHyperledger Indy tutorial
Hyperledger Indy tutorialssuser3993f3
 
An introduction to Cyber Essentials
An introduction to Cyber EssentialsAn introduction to Cyber Essentials
An introduction to Cyber EssentialsJisc
 
Introduction to Self-Sovereign Identity
Introduction to Self-Sovereign IdentityIntroduction to Self-Sovereign Identity
Introduction to Self-Sovereign IdentityKaryl Fowler
 
Phishing, pièce jointe piégée : Que cachent-les-mails ?
Phishing, pièce jointe piégée : Que cachent-les-mails ?Phishing, pièce jointe piégée : Que cachent-les-mails ?
Phishing, pièce jointe piégée : Que cachent-les-mails ?Bitdefender en France
 
Final presentation january iia cybersecurity securing your 2016 audit plan
Final presentation january iia cybersecurity securing your 2016 audit planFinal presentation january iia cybersecurity securing your 2016 audit plan
Final presentation january iia cybersecurity securing your 2016 audit planCameron Forbes Over
 
MITRE ATT&CKcon 2018: ATT&CK as a Teacher, Travis Smith, Tripwire
MITRE ATT&CKcon 2018: ATT&CK as a Teacher, Travis Smith, TripwireMITRE ATT&CKcon 2018: ATT&CK as a Teacher, Travis Smith, Tripwire
MITRE ATT&CKcon 2018: ATT&CK as a Teacher, Travis Smith, TripwireMITRE - ATT&CKcon
 
Token-based uthentication
Token-based uthenticationToken-based uthentication
Token-based uthenticationWill Adams
 
La sécurité informatique expliquée aux salariés
La sécurité informatique expliquée aux salariésLa sécurité informatique expliquée aux salariés
La sécurité informatique expliquée aux salariésNRC
 
Six Degrees of Domain Admin - BloodHound at DEF CON 24
Six Degrees of Domain Admin - BloodHound at DEF CON 24Six Degrees of Domain Admin - BloodHound at DEF CON 24
Six Degrees of Domain Admin - BloodHound at DEF CON 24Andy Robbins
 
Chapter 6 network security
Chapter 6 network securityChapter 6 network security
Chapter 6 network securitySyaiful Ahdan
 
Penetration Testing Basics
Penetration Testing BasicsPenetration Testing Basics
Penetration Testing BasicsRick Wanner
 
Threat Modeling In 2021
Threat Modeling In 2021Threat Modeling In 2021
Threat Modeling In 2021Adam Shostack
 
Reconnaissance & Scanning
Reconnaissance & ScanningReconnaissance & Scanning
Reconnaissance & Scanningamiable_indian
 
Linux privilege escalation 101
Linux privilege escalation 101Linux privilege escalation 101
Linux privilege escalation 101Rashid feroz
 
Social Engineering and What to do About it
Social Engineering and What to do About itSocial Engineering and What to do About it
Social Engineering and What to do About itAleksandr Yampolskiy
 

What's hot (20)

BlueHat 2014 - The Attacker's View of Windows Authentication and Post Exploit...
BlueHat 2014 - The Attacker's View of Windows Authentication and Post Exploit...BlueHat 2014 - The Attacker's View of Windows Authentication and Post Exploit...
BlueHat 2014 - The Attacker's View of Windows Authentication and Post Exploit...
 
Hyperledger Indy tutorial
Hyperledger Indy tutorialHyperledger Indy tutorial
Hyperledger Indy tutorial
 
An introduction to Cyber Essentials
An introduction to Cyber EssentialsAn introduction to Cyber Essentials
An introduction to Cyber Essentials
 
PPT on Phishing
PPT on PhishingPPT on Phishing
PPT on Phishing
 
Introduction to Self-Sovereign Identity
Introduction to Self-Sovereign IdentityIntroduction to Self-Sovereign Identity
Introduction to Self-Sovereign Identity
 
Mod security
Mod securityMod security
Mod security
 
Phishing, pièce jointe piégée : Que cachent-les-mails ?
Phishing, pièce jointe piégée : Que cachent-les-mails ?Phishing, pièce jointe piégée : Que cachent-les-mails ?
Phishing, pièce jointe piégée : Que cachent-les-mails ?
 
Final presentation january iia cybersecurity securing your 2016 audit plan
Final presentation january iia cybersecurity securing your 2016 audit planFinal presentation january iia cybersecurity securing your 2016 audit plan
Final presentation january iia cybersecurity securing your 2016 audit plan
 
MITRE ATT&CKcon 2018: ATT&CK as a Teacher, Travis Smith, Tripwire
MITRE ATT&CKcon 2018: ATT&CK as a Teacher, Travis Smith, TripwireMITRE ATT&CKcon 2018: ATT&CK as a Teacher, Travis Smith, Tripwire
MITRE ATT&CKcon 2018: ATT&CK as a Teacher, Travis Smith, Tripwire
 
Token-based uthentication
Token-based uthenticationToken-based uthentication
Token-based uthentication
 
La sécurité informatique expliquée aux salariés
La sécurité informatique expliquée aux salariésLa sécurité informatique expliquée aux salariés
La sécurité informatique expliquée aux salariés
 
Six Degrees of Domain Admin - BloodHound at DEF CON 24
Six Degrees of Domain Admin - BloodHound at DEF CON 24Six Degrees of Domain Admin - BloodHound at DEF CON 24
Six Degrees of Domain Admin - BloodHound at DEF CON 24
 
Chapter 6 network security
Chapter 6 network securityChapter 6 network security
Chapter 6 network security
 
Cloud Security Fundamentals Webinar
Cloud Security Fundamentals WebinarCloud Security Fundamentals Webinar
Cloud Security Fundamentals Webinar
 
OpenID Connect 4 SSI
OpenID Connect 4 SSIOpenID Connect 4 SSI
OpenID Connect 4 SSI
 
Penetration Testing Basics
Penetration Testing BasicsPenetration Testing Basics
Penetration Testing Basics
 
Threat Modeling In 2021
Threat Modeling In 2021Threat Modeling In 2021
Threat Modeling In 2021
 
Reconnaissance & Scanning
Reconnaissance & ScanningReconnaissance & Scanning
Reconnaissance & Scanning
 
Linux privilege escalation 101
Linux privilege escalation 101Linux privilege escalation 101
Linux privilege escalation 101
 
Social Engineering and What to do About it
Social Engineering and What to do About itSocial Engineering and What to do About it
Social Engineering and What to do About it
 

Viewers also liked

Digital Platform Selection Best Practices
Digital Platform Selection Best PracticesDigital Platform Selection Best Practices
Digital Platform Selection Best Practicesedynamic
 
Enterprise workspaces - Extending SAP NetWeaver Portal capabilities
Enterprise workspaces - Extending SAP NetWeaver Portal capabilities Enterprise workspaces - Extending SAP NetWeaver Portal capabilities
Enterprise workspaces - Extending SAP NetWeaver Portal capabilities SAP Portal
 
Diarrhea:Myths and facts, Precaution
Diarrhea:Myths and facts, Precaution Diarrhea:Myths and facts, Precaution
Diarrhea:Myths and facts, Precaution Wuzna Haroon
 
mpx Replay, Expedite Your Catch-Up and C3 Workflow 2 of 2
mpx Replay, Expedite Your Catch-Up and C3 Workflow 2 of 2mpx Replay, Expedite Your Catch-Up and C3 Workflow 2 of 2
mpx Replay, Expedite Your Catch-Up and C3 Workflow 2 of 2thePlatform
 
Secure PIN Management How to Issue and Change PINs Securely over the Web
Secure PIN Management How to Issue and Change PINs Securely over the WebSecure PIN Management How to Issue and Change PINs Securely over the Web
Secure PIN Management How to Issue and Change PINs Securely over the WebSafeNet
 
Energy Strategy Group_Report 2012 efficienza energetica
Energy Strategy Group_Report 2012 efficienza energeticaEnergy Strategy Group_Report 2012 efficienza energetica
Energy Strategy Group_Report 2012 efficienza energeticaEugenio Bacile di Castiglione
 
Alta White Paper D2C eCommerce Case Study 2016
Alta White Paper D2C eCommerce Case Study 2016Alta White Paper D2C eCommerce Case Study 2016
Alta White Paper D2C eCommerce Case Study 2016Patrick Nicholson
 

Viewers also liked (13)

Digital Platform Selection Best Practices
Digital Platform Selection Best PracticesDigital Platform Selection Best Practices
Digital Platform Selection Best Practices
 
Enterprise workspaces - Extending SAP NetWeaver Portal capabilities
Enterprise workspaces - Extending SAP NetWeaver Portal capabilities Enterprise workspaces - Extending SAP NetWeaver Portal capabilities
Enterprise workspaces - Extending SAP NetWeaver Portal capabilities
 
Diarrhea:Myths and facts, Precaution
Diarrhea:Myths and facts, Precaution Diarrhea:Myths and facts, Precaution
Diarrhea:Myths and facts, Precaution
 
mpx Replay, Expedite Your Catch-Up and C3 Workflow 2 of 2
mpx Replay, Expedite Your Catch-Up and C3 Workflow 2 of 2mpx Replay, Expedite Your Catch-Up and C3 Workflow 2 of 2
mpx Replay, Expedite Your Catch-Up and C3 Workflow 2 of 2
 
Nt1310 project
Nt1310 projectNt1310 project
Nt1310 project
 
Information från Läkemedelsverket #5 2013
Information från Läkemedelsverket #5 2013Information från Läkemedelsverket #5 2013
Information från Läkemedelsverket #5 2013
 
cathy resume
cathy resumecathy resume
cathy resume
 
"15 Business Story Ideas to Jump on Now"
"15 Business Story Ideas to Jump on Now""15 Business Story Ideas to Jump on Now"
"15 Business Story Ideas to Jump on Now"
 
Secure PIN Management How to Issue and Change PINs Securely over the Web
Secure PIN Management How to Issue and Change PINs Securely over the WebSecure PIN Management How to Issue and Change PINs Securely over the Web
Secure PIN Management How to Issue and Change PINs Securely over the Web
 
Credit cards
Credit cardsCredit cards
Credit cards
 
Basics of Coding in Pediatrics Medical Billing
Basics of Coding in Pediatrics Medical BillingBasics of Coding in Pediatrics Medical Billing
Basics of Coding in Pediatrics Medical Billing
 
Energy Strategy Group_Report 2012 efficienza energetica
Energy Strategy Group_Report 2012 efficienza energeticaEnergy Strategy Group_Report 2012 efficienza energetica
Energy Strategy Group_Report 2012 efficienza energetica
 
Alta White Paper D2C eCommerce Case Study 2016
Alta White Paper D2C eCommerce Case Study 2016Alta White Paper D2C eCommerce Case Study 2016
Alta White Paper D2C eCommerce Case Study 2016
 

Similar to Context Based Authentication

Twofactorauthentication 120625115723-phpapp01
Twofactorauthentication 120625115723-phpapp01Twofactorauthentication 120625115723-phpapp01
Twofactorauthentication 120625115723-phpapp01Hai Nguyen
 
Security 101: Multi-Factor Authentication for IBM i
Security 101: Multi-Factor Authentication for IBM iSecurity 101: Multi-Factor Authentication for IBM i
Security 101: Multi-Factor Authentication for IBM iPrecisely
 
Why upgrade your MFA to Adaptive Authentication?
Why upgrade your MFA to Adaptive Authentication?Why upgrade your MFA to Adaptive Authentication?
Why upgrade your MFA to Adaptive Authentication?WSO2
 
Contextual Authentication: A Multi-factor Approach
Contextual Authentication: A Multi-factor ApproachContextual Authentication: A Multi-factor Approach
Contextual Authentication: A Multi-factor ApproachPortalGuard
 
Webinar - Easy multi factor authentication strategies and PCI DSS
Webinar - Easy multi factor authentication strategies and PCI DSSWebinar - Easy multi factor authentication strategies and PCI DSS
Webinar - Easy multi factor authentication strategies and PCI DSSonionid12
 
(SEC310) Keeping Developers and Auditors Happy in the Cloud
(SEC310) Keeping Developers and Auditors Happy in the Cloud(SEC310) Keeping Developers and Auditors Happy in the Cloud
(SEC310) Keeping Developers and Auditors Happy in the CloudAmazon Web Services
 
API Security In Cloud Native Era
API Security In Cloud Native EraAPI Security In Cloud Native Era
API Security In Cloud Native EraWSO2
 
Security 101: Multi-Factor Authentication for IBM i
Security 101: Multi-Factor Authentication for IBM iSecurity 101: Multi-Factor Authentication for IBM i
Security 101: Multi-Factor Authentication for IBM iPrecisely
 
Safenet Authentication Service, SAS
Safenet Authentication Service, SASSafenet Authentication Service, SAS
Safenet Authentication Service, SASrobbuddingh
 
[WSO2Con EU 2018] Kicking Your Enterprise Security Up a Notch With Adaptive A...
[WSO2Con EU 2018] Kicking Your Enterprise Security Up a Notch With Adaptive A...[WSO2Con EU 2018] Kicking Your Enterprise Security Up a Notch With Adaptive A...
[WSO2Con EU 2018] Kicking Your Enterprise Security Up a Notch With Adaptive A...WSO2
 
Cryptography in user authentication
Cryptography in user authenticationCryptography in user authentication
Cryptography in user authenticationRishikesh Jha
 
Best Practices for Multi-Factor Authentication on IBM i
Best Practices for Multi-Factor Authentication on IBM iBest Practices for Multi-Factor Authentication on IBM i
Best Practices for Multi-Factor Authentication on IBM iPrecisely
 
5 steps to securing your identity infrastructure.pptx
5 steps to securing your identity infrastructure.pptx5 steps to securing your identity infrastructure.pptx
5 steps to securing your identity infrastructure.pptxMCont1
 
Securing Applications in the Cloud
Securing Applications in the CloudSecuring Applications in the Cloud
Securing Applications in the CloudSecurity Innovation
 
Webinar: Beyond Two-Factor: Secure Access Control for Office 365
Webinar: Beyond Two-Factor: Secure Access Control for Office 365 Webinar: Beyond Two-Factor: Secure Access Control for Office 365
Webinar: Beyond Two-Factor: Secure Access Control for Office 365SecureAuth
 

Similar to Context Based Authentication (20)

Two-factor Authentication
Two-factor AuthenticationTwo-factor Authentication
Two-factor Authentication
 
Twofactorauthentication 120625115723-phpapp01
Twofactorauthentication 120625115723-phpapp01Twofactorauthentication 120625115723-phpapp01
Twofactorauthentication 120625115723-phpapp01
 
Unit 5
Unit 5Unit 5
Unit 5
 
Self-service Password Reset
Self-service Password ResetSelf-service Password Reset
Self-service Password Reset
 
Silicon Valley IDSA Meetup October 2018
Silicon Valley IDSA Meetup October 2018 Silicon Valley IDSA Meetup October 2018
Silicon Valley IDSA Meetup October 2018
 
Security 101: Multi-Factor Authentication for IBM i
Security 101: Multi-Factor Authentication for IBM iSecurity 101: Multi-Factor Authentication for IBM i
Security 101: Multi-Factor Authentication for IBM i
 
IDSA at Charlotte IAM Meetup
IDSA at Charlotte IAM MeetupIDSA at Charlotte IAM Meetup
IDSA at Charlotte IAM Meetup
 
Why upgrade your MFA to Adaptive Authentication?
Why upgrade your MFA to Adaptive Authentication?Why upgrade your MFA to Adaptive Authentication?
Why upgrade your MFA to Adaptive Authentication?
 
Contextual Authentication: A Multi-factor Approach
Contextual Authentication: A Multi-factor ApproachContextual Authentication: A Multi-factor Approach
Contextual Authentication: A Multi-factor Approach
 
Webinar - Easy multi factor authentication strategies and PCI DSS
Webinar - Easy multi factor authentication strategies and PCI DSSWebinar - Easy multi factor authentication strategies and PCI DSS
Webinar - Easy multi factor authentication strategies and PCI DSS
 
(SEC310) Keeping Developers and Auditors Happy in the Cloud
(SEC310) Keeping Developers and Auditors Happy in the Cloud(SEC310) Keeping Developers and Auditors Happy in the Cloud
(SEC310) Keeping Developers and Auditors Happy in the Cloud
 
API Security In Cloud Native Era
API Security In Cloud Native EraAPI Security In Cloud Native Era
API Security In Cloud Native Era
 
Security 101: Multi-Factor Authentication for IBM i
Security 101: Multi-Factor Authentication for IBM iSecurity 101: Multi-Factor Authentication for IBM i
Security 101: Multi-Factor Authentication for IBM i
 
Safenet Authentication Service, SAS
Safenet Authentication Service, SASSafenet Authentication Service, SAS
Safenet Authentication Service, SAS
 
[WSO2Con EU 2018] Kicking Your Enterprise Security Up a Notch With Adaptive A...
[WSO2Con EU 2018] Kicking Your Enterprise Security Up a Notch With Adaptive A...[WSO2Con EU 2018] Kicking Your Enterprise Security Up a Notch With Adaptive A...
[WSO2Con EU 2018] Kicking Your Enterprise Security Up a Notch With Adaptive A...
 
Cryptography in user authentication
Cryptography in user authenticationCryptography in user authentication
Cryptography in user authentication
 
Best Practices for Multi-Factor Authentication on IBM i
Best Practices for Multi-Factor Authentication on IBM iBest Practices for Multi-Factor Authentication on IBM i
Best Practices for Multi-Factor Authentication on IBM i
 
5 steps to securing your identity infrastructure.pptx
5 steps to securing your identity infrastructure.pptx5 steps to securing your identity infrastructure.pptx
5 steps to securing your identity infrastructure.pptx
 
Securing Applications in the Cloud
Securing Applications in the CloudSecuring Applications in the Cloud
Securing Applications in the Cloud
 
Webinar: Beyond Two-Factor: Secure Access Control for Office 365
Webinar: Beyond Two-Factor: Secure Access Control for Office 365 Webinar: Beyond Two-Factor: Secure Access Control for Office 365
Webinar: Beyond Two-Factor: Secure Access Control for Office 365
 

More from PortalGuard dba PistolStar, Inc.

The Cost and Loss of Not using Single Sign-On with Two-Factor Authentication
The Cost and Loss of Not using Single Sign-On with Two-Factor AuthenticationThe Cost and Loss of Not using Single Sign-On with Two-Factor Authentication
The Cost and Loss of Not using Single Sign-On with Two-Factor AuthenticationPortalGuard dba PistolStar, Inc.
 

More from PortalGuard dba PistolStar, Inc. (9)

The Cost and Loss of Not using Single Sign-On with Two-Factor Authentication
The Cost and Loss of Not using Single Sign-On with Two-Factor AuthenticationThe Cost and Loss of Not using Single Sign-On with Two-Factor Authentication
The Cost and Loss of Not using Single Sign-On with Two-Factor Authentication
 
Password Synchronization
Password SynchronizationPassword Synchronization
Password Synchronization
 
Password Management
Password ManagementPassword Management
Password Management
 
Password Synchronization
Password SynchronizationPassword Synchronization
Password Synchronization
 
Self-service Password Reset
Self-service Password ResetSelf-service Password Reset
Self-service Password Reset
 
Two-factor Authentication
Two-factor AuthenticationTwo-factor Authentication
Two-factor Authentication
 
Contextual Authentication
Contextual AuthenticationContextual Authentication
Contextual Authentication
 
Password management
Password managementPassword management
Password management
 
Make Your Employees More Security Aware
Make Your Employees More Security AwareMake Your Employees More Security Aware
Make Your Employees More Security Aware
 

Recently uploaded

How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESmohitsingh558521
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 

Recently uploaded (20)

How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 

Context Based Authentication

  • 1. Understanding PortalGuard’s Contextual Authentication: A Multi-factor Approach Highlighting the Multi-factor Authentication Layer of the PortalGuard Platform
  • 2. By the end of this tutorial you will be able to… • Define PortalGuard • Understand the barriers to increasing security • Discover PortalGuard’s Contextual Authentication (CBA) • See the Step-by-step Authentication Process • Know the Technical Requirements
  • 3. The PortalGuard software is a Contextual Authentication platform which is focused on enhancing usability, while maintaining a balance between security, auditing and compliance for your web, desktop and mobile applications. Usability Security • Single Sign-on • Knowledge-based • Password Management • Two-factor Authentication • Password Synchronization • Contextual Authentication • Self-service Password Reset • Real-time Reports/Alerts
  • 4. Before going into the details… • Configurable by user, group or application • Stop making assumptions about who is accessing your applications • Adjust the authentication method dynamically with every access request • Gain insight into user access scenarios • Cost effective and competitively priced • Tailored Authentication for an exact fit
  • 6. Two-factor Authentication for All Users = No Flexibility Although desirable for security the barriers are overwhelming… • Not able to adapt to different access scenarios • Requires dedicated IT resources and hardware • High total cost of ownership • Increased Help Desk calls due to user frustrations
  • 7. Two-factor Authentication for All Users = No Flexibility Is there a midpoint between passwords and two-factor authentication?
  • 8. Contextual Authentication is the Midpoint. Apply the appropriate authentication level… • Location Password-based • Time • Device • Network Multi-factor • Application Password-based
  • 9. • Cost effective • Flexible • Five authentication methods: Password-based Single Sign-on Contextual Authentication (CBA) Two-factor Authentication Knowledge-based • Two-factor authentication options – soft tokens • SAML single sign-on • Real-time activity alerts • Notifications & Reporting
  • 10.
  • 11. • Increased security – without impacting the user experience • Increase usability for authorized users while creating barriers for unauthorized users • Flexibility - configurable to the user, group or application levels • Lower total cost of ownership than hard token two-factor authentication alternatives • Reduce threats using a proactive approach • Gather Insight – analyze contextual data reports
  • 12. Authentication Method: • Single sign-on: username and password (single password for multiple systems) • Password-based: username and password • Knowledge-based: username, password and challenge question • One-time Password (OTP): username and OTP • Multi-factor: username, password and OTP or contextual data
  • 13. Credibility Score: A numeric value that is used to determine the appropriate authentication method based on a set of ranges. Credibility Policy: A configurable policy based on categories and identifiers to which you can assign a score.
  • 14. Weight: An optional percentage for each category that adjusts the category’s impact on the credibility score versus other categories. Application Realms: Identifies an application and assigns a weight to that application that adjusts the overall credibility score.
  • 16. Analysis Mode: Recommended for a 60-90 day period to establish a baseline for the environment.
  • 17. Client-side Browser Add-on: Optional to collect users contextual data and can be installed silently using a standard MSI.
  • 18. Step 2: The user begins the login process by entering their username and clicking “Continue”. Step 3: The PortalGuard server identifies the user’s credibility policy and computes the following: • Gross score for each category • Any category weight impact to the score • Net score from the policy and weights • Modification due to sensitivity of requested application
  • 19. Step 4: Contextual data is sent from the client-side browser add-on to the PortalGuard server. The PortalGuard server looks up the appropriate authentication method using the final credibility score and previously set ranges. PortalGuard enforced the appropriate authentication method for the user’s current access attempt. The user provides the required credentials to successfully complete their access request and login.
  • 20. Configurable through the PortalGuard Configuration Utility: • Enable or Disable CBA • Assign users or groups to individual credibility policies • Credibility Policy: • Client Type • Use Category Weighting • Enforce Application Realms • Display Scoring UI • Categories • Weight • Identifiers • Credibility Score
  • 21. Configurable through the PortalGuard Configuration Utility: • Default Ranges: • Start and End Scores • Authentication Types • Alert On or Off
  • 22. Configurable through the PortalGuard Configuration Utility: • Application Realms
  • 24. A MSI is used to install PortalGuard on IIS 6 or 7.x. This version of PortalGuard supports direct access and authentication to cloud/browser-based applications, only. • IBM WebSphere/WebSphere Portal v5.1 or higher • Microsoft IIS 6.0 or higher • Microsoft Windows SharePoint Services 3.0 or higher • Microsoft Office SharePoint Server 2007 or later • .NET 2.0 framework or later must be installed • (64-bit OS only) Microsoft Visual C++ 2005 SP1 Redistributable Package (x64) • Microsoft Windows Server 2000 • Microsoft Windows Server 2003 (32 or 64-bit) • Microsoft Windows Server 2008 (32 or 64-bit) • Microsoft Windows Server 2008 R2
  • 25. THANK YOU For more information visit PortalGuard.com or Contact Us