PKI Installation Made Easy–Video

Ever wonder how difficult it is to install a two tier PKI system? It is actually not that difficult. Watch this video with live step-by-step demonstration showing how to do just that. Entire system can be up and running in under one hour time frame. This is about 70 minutes video presentation showing how to…

0

FIM CM and Custom Subject Policy Module

Forefront Identity Manager Certificate Management (FIM CM) provides very useful function – it can create certificate with predefined subject, specified by the Administrator and enforced centrally on all certificates issued via FIM CM. Most PKI implementations are governed by Certificate Policy (CP) and applicable Certificate Practice Statement (CPS). Among many things, the CPS defines what…

0

Live and Learn

Learned a few little tidy bits this week, or maybe relearned what was known before. But some of it was painful discovery. I was building a lab with multiple physical servers and one big virtual server host. One of the virtual guests is TMG 2010 which is used in this lab as firewall/router between multiple…

0

Open Standard Authentication in the Enterprise, Part 3

  In previous post we started to talk about different SSO solutions.  This post will cover another common SSO approach. Current Solutions Federal Agencies employ two primary strategies to provide Single Sign On across multiple Domains, Applications and across Agency boundaries: Application Resource Forests; (covered in previous post) Password Synchronization across different directories.   Password…

0

Open Standard Authentication in the Enterprise, Part 2

  In previous post we started to talk about different complexities of SSO implementations. Lets review what type of solutions are common in current implementations. Current Solutions Federal Agencies employ two primary strategies to provide Single Sign On across multiple Domains, Applications and across Agency boundaries: Application Resource Forests; Password Synchronization across different directories. (covered…

0

Open Standard Authentication in the Enterprise, Part 1

  In the next few posts, I’m going to talk about SSO in Enterprise environments, with emphasis on Federal Government Agencies. Federal Agencies are facing multiple issues with managing digital identities for employees and contractors. While most Agencies use Active Directory as their primary authentication directories, most of them have a number of other authentication…

0

Levels of Assurance and Claims-based authentication

  Federal Agencies must comply with OMB 04-04 publication. There is an established framework asserting different levels of assurance for digital identities, such as user accounts/passwords, Smart Cards and other types of tokens. Claims-based authentication solutions must support the proper assertion of the level of assurance for couple different reasons: STS must be able to…

0

Personally Identifiable Information (PII) and User Anonymity

  Every system and application in Federal Government must adhere to the OMB memorandum M-04-04 and protect PII. One option that claims-based applications can give you is user anonymity. Remember that your application no longer directly authenticates the users but instead relies on an issuer to do that and to make claims about them. If…

0