As the world began to shift to more remote work, companies had to abruptly move operations out of the office. While this has been challenging for most, it’s been especially complicated for those companies that need high levels of security. Working with numerous new networks creates security risks. Applications and other services that were secured for employees are suddenly outside your network. Which makes it even more difficult to authenticate users. With the Helix Authentication service innate to both Helix ALM and Helix Core, you can solve these security issues. This webinar explains how to solve network bottle necks that are created as a result of many remote connections. ALM Cloud Architect and Business Lead Gerhard Krüger will teach you about: -Limitations of traditional authentication methods. -Increasing security with authentication methods like SAML and ---MFA while using cloud providers. -Identity providers. -How the Helix Authentication service works.

1. Helix ALM by Perforce © Perforce Software, Inc.Helix ALM by Perforce © Perforce Software, Inc.
Secure Authentication From Anywhere With Your Helix
Authentication Service
GERHARD KRÜGER, ALM CLOUD ARCHITECT AND BUSINESS LEAD | PERFORCE SOFTWARE

2. perforce.com2 | Helix ALM by Perforce © Perforce Software, Inc.
Gerhard Krüger
ALM Cloud Architect and Business Lead
Gerhard Kruger is the ALM Business Lead & Cloud Architect at
Perforce Software. Since 2004, Gerhard has helped customers
around the world implement Application Lifecycle Management
(ALM) and DevOps solutions. He holds numerous certifications,
including the Cisco Certified Network Professional Security (CCNP)
and Certified ScrumMaster (CSM).
Presenter

3. perforce.com3 | Helix ALM by Perforce © Perforce Software, Inc.
Our world has changed
Over the last few months our world has changed quickly. Many
companies scrambled to move employees from traditional office-
based positions into new work from home roles.
• This meant:
• Increased VPN traffic as users access services from home.
• Introducing many new networks and security risks.
• Questions about secure authentication.
• Making applications and other services secure for employees
now essentially outside your network.

4. perforce.com4 | Helix ALM by Perforce © Perforce Software, Inc.
Our world has changed - we need to adapt
Many companies quickly found network bottle necks as everyone
needed to connect remotely.
• How do we solve this?
1. Move service to the cloud?
2. How do we secure those services?
Traditional authentication methods like LDAP and Active
Directory have limitations for cloud and/or remote users.
With the introduction of SAML and other similar authentication
methods we can increase security while using cloud providers to
eliminate network bottle necks created by traditional
authentication methods.
• Popular Identity providers (IDP):
• Azure AD • OKTA • Google • OneLogin • OAuth

5. perforce.com5 | Helix ALM by Perforce © Perforce Software, Inc.
Identity Providers
• An identity provider (abbreviated IdP or IDP) is a system entity that creates, maintains, and
manages identity information for principals while providing authentication services to relying
applications within a federation or distributed network.
• Identity providers offer user authentication as a service. Relying party applications, such as web
applications, outsource the user authentication step to a trusted identity provider. Such a relying
party application is said to be federated, that is, it consumes federated identity.
• An identity provider is “a trusted provider that lets you use single sign-on (SSO) to access other
websites.” SSO enhances usability by reducing password fatigue. It also provides better security by
decreasing the potential attack surface.
• Identity providers can facilitate connections between cloud computing resources and users, thus
decreasing the need for users to re-authenticate when using mobile and roaming applications.

6. perforce.com6 | Helix ALM by Perforce © Perforce Software, Inc.
Types of Identity Providers
SAML identity provider
• The Security Assertion Markup Language (SAML) is a set of profiles for exchanging authentication
and authorization data across security domains. In the SAML domain model, an identity provider
is a special type of authentication authority. Specifically, a SAML identity provider is a system
entity that issues authentication assertions in conjunction with an SSO profile of SAML. A relying
party that consumes these authentication assertions is called a SAML service provider.
OpenID provider
• OpenID Connect (OIDC) is an identity layer on top of OAuth. In the domain model associated with
OIDC, an identity provider is a special type of OAuth 2.0 authorization server. Specifically, a system
entity called an OpenID Provider issues JSON-formatted identity tokens to OIDC relying parties via
a RESTful HTTP API.

7. perforce.com7 | Helix ALM by Perforce © Perforce Software, Inc.
Helix Authentication Service
User
User
User
Helix Authentication Service
User
Helix ALM
Helix Core
IDP Provider
Electronic Signature
(CFR 21 Part 11)

8. Questions?