Pragmatic Approach, Practical Designs, Secure Implementations

Implementing SAML in the enterprise. Part 2, Web Services

In part 1 we discussed using SAML technologies in the enterprise for the purpose of web application SSO and user security context propagation. Now let's expand this discussion to the benefits SAML technology can provide to web services.

Read more ...

Enterprise security services: SSO for client server applications

In this blog I would like to discuss options on how to extend the reach of your existing or new enterprise security services to client server and any non-web applications.

Hopefully you already have a centralized web authentication and maybe even authorization engine built around products like Oracle Access Manager, Siteminder or other similar products and you would like to extend your reach into client server and legacy application world.

Read more ...

Simple way to evaluate your RBAC posture

Based on the observations during few recent large scale IAM projects I was involved in, key success factors are in sound understanding of existing business process which drives identity management, building application level profiles using existing access information and bringing them together to form cross platform roles mapped to common HR parameters like user location, department, job function or job title.

Read more ...

Monitoring for unauthorized network access

Network protection in the enterprise environment is typically achieved by implementation of tightly controlled access points which filter and restrict all the traffic moving in and out of protected network segments. This approach is very effective because it allows for centrally managed control points which are capable of enforcing security controls on entire network it is designed to protect.

Read more ...