Document
advertisement
• Authentication Service
https://store.theartofservice.com/the-authentication-service-toolkit.html
Microsoft Open Specification Promise - Published protocols
1
RFC 1510 and RFC 1964 –
Kerberos Network
Authentication Service
(v5)
https://store.theartofservice.com/the-authentication-service-toolkit.html
Symantec - Verisign authentication
On May 19, 2010, Symantec signed a
definitive agreement to acquire Verisign’s
authentication business unit, which included
the Secure Sockets Layer (SSL) Certificate,
Public Key Infrastructure (PKI), Verisign
Trust, and Verisign Identity Protection (VIP)
authentication services. The acquisition
closed on August 9, 2010. In August 2012,
Symantec completed its rebranding of the
Verisign SSL Certificate Service by renaming
the Verisign Trust Seal the Norton Secured
Seal.
1
https://store.theartofservice.com/the-authentication-service-toolkit.html
Lightweight Directory Access Protocol - Bind (authenticate)
1
SASL (Simple Authentication and Security
Layer) BIND provides authentication
services through a wide range of
mechanisms, e.g. Kerberos or the client
certificate sent with TLS.
https://store.theartofservice.com/the-authentication-service-toolkit.html
Wi-Fi Protected Access - EAP extensions under WPA and WPA2 Enterprise
1
Commercial 802.1X servers include
Microsoft Internet Authentication
Service and Juniper Networks
Steelbelted RADIUS. FreeRADIUS is an
open source 802.1X server.
https://store.theartofservice.com/the-authentication-service-toolkit.html
Windows 2000 - Server family features
1
* Routing and Remote Access Service
(RRAS) support, facilitating Dial-up
access|dial-up and Virtual Private
Network|VPN connections using IPsec,
L2TP or L2TP#L2TP/IPsec|L2TP/IPsec,
support for RADIUS authentication in
Internet Authentication Service, network
connection sharing, Network Address
Translation, unicast and multicast routing
schemes.
https://store.theartofservice.com/the-authentication-service-toolkit.html
Windows 2000 - Server family features
1
* Extensible Authentication Protocol
support in Internet Authentication
Service|IAS (EAP-MD5 and EAP-TLS)
later upgraded to PEAPv0/EAPMSCHAPv2 and PEAP-EAP-TLS in
Windows 2000 SP4
https://store.theartofservice.com/the-authentication-service-toolkit.html
Distributed Computing Environment
The framework includes a remote
procedure call (RPC) mechanism
known as DCE/RPC, a naming
(directory) service, a time service, an
authentication service and a
distributed file system (DFS) known as
DCE Distributed File
System|DCE/DFS.
1
https://store.theartofservice.com/the-authentication-service-toolkit.html
Steam (software) - Software delivery and maintenance
Steam's DRM is available through
Steamworks to software developers,
but the service allows developers and
publishers to include other forms of
DRM and other authentication services
on top of Steam; for example, some
games on Steam require the use of
Games for Windows – Live, and various
titles from publisher Ubisoft require the
use of their UPlay gaming service.
1
https://store.theartofservice.com/the-authentication-service-toolkit.html
Verisign - History
The new company served as a
certificate authority (CA) and its
initial mission was providing trust for
the Internet and Electronic
Commerce through our Digital
Authentication services and products
1
https://store.theartofservice.com/the-authentication-service-toolkit.html
Verisign - Authentication sale
1
On August 9, 2010, Symantec completed its
approximately $1.28 billion acquisition of
Verisign's authentication business, including
the Secure Sockets Layer (SSL) Certificate
Services, the Public Key Infrastructure (PKI)
Services, the Verisign Trust Services, the
Verisign Identity Protection (VIP)
Authentication Service, and the majority
stake in Verisign Japan.[
http://dealbook.nytimes.com/2010/08/10/sy
mantec-acquires-verisign-for-1-28-billion/
Symantec Acquires VeriSign for $1.28 Billion]
https://store.theartofservice.com/the-authentication-service-toolkit.html
Verisign - Company properties
Following the sale of its authentication
services division in 2010, Verisign
relocated from its former headquarters in
Mountain View, California to the
headquarters of the naming division in
Sterling, Virginia (originally NSI Registry's
headquarters)
1
https://store.theartofservice.com/the-authentication-service-toolkit.html
IEEE 802.11i-2004 - Protocol operation
1
These utilize the authentication services
and port access control described in IEEE
802.1X to establish and change the
appropriate cryptographic keys
https://store.theartofservice.com/the-authentication-service-toolkit.html
OpenID - Identifiers
1
To obtain an OpenID-enabled Uniform
Resource Locator|URL that can be
used to log into OpenID-enabled
websites, a user needs to register an
OpenID identifier with an identity
provider. Identity providers offer the
ability to register a URL (typically a
third-level domain, e.g.
username.example.com) that will
automatically be configured with
https://store.theartofservice.com/the-authentication-service-toolkit.html
Access token - Types of tokens
1
The creation of primary tokens and their
association to processes are both
privileged operations, requiring two
different privileges in the name of privilege
separation - the typical scenario sees the
authentication service creating the token,
and a logon service associating it to the
user's operating system shell
https://store.theartofservice.com/the-authentication-service-toolkit.html
Access token - Contents of a token
* the identifier of the associated logon
session. The session is maintained by the
authentication service, and is populated by
the authentication packages with a collection
of all the information (credentials) the user
provided when logging in. Credentials are
used to access remote systems without the
need for the user to re-authenticate (single
sign-on), provided that all the systems
involved share an authentication authority
(e.g. a Kerberos (protocol)|Kerberos ticket
server)
1
https://store.theartofservice.com/the-authentication-service-toolkit.html
LDAP - Bind (authenticate)
Simple Authentication and Security
Layer|SASL (Simple Authentication and
Security Layer) BIND provides
authentication services through a
1
https://store.theartofservice.com/the-authentication-service-toolkit.html
Health Level 7 - Finland
1
There is a choice of using a government
controlled authorization system or using
the same authentication service used for
on-line banking
https://store.theartofservice.com/the-authentication-service-toolkit.html
APS - Organizations, media and firms
*American Philatelic
Society, or their postage
stamp authentication
service
1
https://store.theartofservice.com/the-authentication-service-toolkit.html
Xerox Network Systems - Applications
The XNS Protocols also included an
Authentication Service and an
Authentication Protocol. After contacting
the authentication service for credentials,
this protocol provided a lightweight-way to
digitally sign Courier procedure calls, so
that receivers could verify the signature
and authenticate senders over the XNS
internet, without having to contact the
Authentication service again for the length
of the protocol communication session.
1
https://store.theartofservice.com/the-authentication-service-toolkit.html
Secure Network Communications - Advantages of SNC
* Can use Pluggable
Authentication Service to
enable SNC functionality
1
https://store.theartofservice.com/the-authentication-service-toolkit.html
SAP Logon Ticket - Integration with Identity Access Management Platforms
* Tivoli Access Manager has
developed an authentication service
compatible with SAP Logon Tickets[
http://www.ibm.com/developerworks
/tivoli/library/tauthsaptam/index.html
Authenticating a SAP login ticket in
Tivoli Access Manager e-business
WebSEAL]
1
https://store.theartofservice.com/the-authentication-service-toolkit.html
SAP Logon Ticket - Integration with Identity Access Management Platforms
* Sun ONE Identity has developed a
solution where companies can use the
SAP Internet Transaction Server (ITS 2.0)
and SAP Pluggable Authentication Service
(PAS) for integration with SAP for single
sign-on
1
https://store.theartofservice.com/the-authentication-service-toolkit.html
Alfresco (software) - Features
1
* Pluggable authentication: NTLM, LDAP,
Kerberos (protocol)|Kerberos, Central
Authentication Service|CAS
https://store.theartofservice.com/the-authentication-service-toolkit.html
Security service (telecommunication)
1
: A processing or communication service
that is provided by a system to give a
specific kind of protection to resources,
where said resources may reside with
said system or reside with other
systems, for example, an authentication
service or a PKI-based document
attribution and authentication service. A
security service is a superset of AAA
services. Security services typically
implement portions of security policies
and are implemented via security
https://store.theartofservice.com/the-authentication-service-toolkit.html
Security service (telecommunication) - OSI Security Services General description
The following are considered to be the
security services which can be provided
optionally within the framework of the OSI
Reference Model. The authentication
services require authentication information
comprising locally stored information and
data that is transferred (credentials) to
facilitate the authentication:
1
https://store.theartofservice.com/the-authentication-service-toolkit.html
Windows NT 4.0 Embedded - Upgradeability
1
An option pack was available as a freebundled CD starting around 1998, which
included Internet Information Services|IIS
4.0 with Active Server Pages, FrontPage
Server Extensions, Certificate Server,
Microsoft Transaction Server|MTS,
MSMQ, Collaboration Data Objects for
Windows NT Server|CDONTS, Internet
Authentication Service (IAS), Windows
Indexing Service|Indexing Service,
https://store.theartofservice.com/the-authentication-service-toolkit.html
Kerberos (protocol) - History and development
* A new edition of the Kerberos V5
specification The Kerberos Network
Authentication Service (V5) (RFC
4120). This version obsoletes RFC
1510, clarifies aspects of the protocol
and intended use in a more detailed
and clearer explanation.
1
https://store.theartofservice.com/the-authentication-service-toolkit.html
Radmin - Security
1
The software can still use Windows' own
user authentication services, avoiding the
need to maintain separate sets of user
security data, with Kerberos
(protocol)|Kerberos support available as
well.
https://store.theartofservice.com/the-authentication-service-toolkit.html
Embrace, extend and extinguish - Examples
1
Microsoft's legal statement concerning
unrestricted use of Microsoft
intellectual property also includes the
Kerberos Network Authentication
Service v5 (RFC 1510 and RFC 1964).
https://store.theartofservice.com/the-authentication-service-toolkit.html
Spring Security - Key authentication features
1
*Single sign-on capabilities using the popular
Central Authentication Service.
https://store.theartofservice.com/the-authentication-service-toolkit.html
Active Directory Application Mode - UNIX integration
*[
http://www.quest.com/authenticationservices/ Quest Authentication
Services] (Now part of Dell) (Formerly,
Quest, Vintela) - AD Authentication to
UNIX/Linux/Mac, Group Policy
management, User/Group Migration
tools, Auditing and Reporting
1
https://store.theartofservice.com/the-authentication-service-toolkit.html
WLAN Authentication and Privacy Infrastructure - How the Standard Works
1
WAPI, which was initiated to resolve
the existing security loopholes (WEP)
in WLAN international standard
(ISO/IEC 8802-11), was issued to be
Chinese national standard in 2003.
WAPI works by having a central
Authentication Service Unit (ASU)
which is known to both the wireless
user and the wireless access
point|access point and which acts as a
https://store.theartofservice.com/the-authentication-service-toolkit.html
Internet Authentication Service
1
'Internet Authentication Service' (IAS)
is a component of Windows Server
Operating Systems that provides
centralized user AAA
protocol|authentication, authorization
and accounting.
https://store.theartofservice.com/the-authentication-service-toolkit.html
Internet Authentication Service - Overview
1
Windows 2000 Server and Windows
Server 2003 include the Internet
Authentication Service (IAS), an
implementation of RADIUS server
https://store.theartofservice.com/the-authentication-service-toolkit.html
Internet Authentication Service - Overview
In Windows Server 2008, Network
Policy Server (NPS) replaces the
Internet Authentication Service (IAS).
NPS performs all of the functions of
IAS in Windows Server 2003 for VPN
and 802.1X-based wireless and wired
connections and performs health
evaluation and the granting of either
unlimited or limited access for
Network Access Protection clients.
1
https://store.theartofservice.com/the-authentication-service-toolkit.html
Internet Authentication Service - History
The initial version of Internet
Authentication Service was included
with the Windows NT 4.0 Option Pack.
1
https://store.theartofservice.com/the-authentication-service-toolkit.html
Internet Authentication Service - History
1
Windows 2000 Server's implementation
added support for more intelligent
resolution of user names that are part of a
Windows Server domain, support for UTF8 logging, and improved security.[
http://technet.microsoft.com/enus/library/bb742380.aspx Internet
Authentication Service for Windows 2000]
It also added support for EAP
Authentication for IEEE 802.1x networks.
Later on it added PEAP (with service Pack
https://store.theartofservice.com/the-authentication-service-toolkit.html
Wireless security - Implementing network encryption
1
*Microsoft Internet Authentication
Service
https://store.theartofservice.com/the-authentication-service-toolkit.html
Plone (software) - Design
1
In addition, Plone comes with a user
management system called Pluggable
Authentication Service (PAS)
https://store.theartofservice.com/the-authentication-service-toolkit.html
Casa (disambiguation) - Other
1
* Common Authentication Service
Adapter
https://store.theartofservice.com/the-authentication-service-toolkit.html
IAS - Computing
1
*Internet Authentication Service
https://store.theartofservice.com/the-authentication-service-toolkit.html
Univention Corporate Server - Structure and components
There are numerous open source
applications integrated in UCS, for
example Samba (software)|Samba, the
authentication service Kerberos
(protocol)|Kerberos, the virtualization
software Xen and Kernel-based Virtual
Machine|KVM, Nagios for the monitoring
of servers and services and the backup
solution Bacula
1
https://store.theartofservice.com/the-authentication-service-toolkit.html
Ticket-granting ticket
1
After authentication, this file is
granted to a user for data traffic
protection by the key distribution
center (KDC) subsystem of
authentication services such as
Kerberos (protocol)|Kerberos
https://store.theartofservice.com/the-authentication-service-toolkit.html
XRDS - Service endpoints (SEPs)
# An OpenID 2.0
authentication service (type
http://openid.net/signon/2.0)
.
1
https://store.theartofservice.com/the-authentication-service-toolkit.html
XRDS - Service endpoints (SEPs)
1
# An OpenID 1.0 authentication
service (type
http://openid.net/server/1.0).
https://store.theartofservice.com/the-authentication-service-toolkit.html
Multi-factor authentication - Audio Port tokens
Audio port tokens are usually used to
provide authentication service for mobile
terminals, because many different mobile
manufacturers have various own interface,
such as idock, micro USB, mini USB and
etc
1
https://store.theartofservice.com/the-authentication-service-toolkit.html
Shibboleth (Internet2) - Shibboleth 1.3
1
Shibboleth 1.3 and earlier do not provide a
built-in authentication mechanism, but any
web-based authentication mechanism can
be used to supply user data for Shibboleth
to use. Common systems for this purpose
include Central Authentication
Service|CAS or Pubcookie. The
authentication/SSO features of the Java
container in which the IdP runs (Tomcat,
for example) can also be used.
https://store.theartofservice.com/the-authentication-service-toolkit.html
EAuthentication
'eAuthentication' is an authentication
service provided by one remote server to
other distributed servers, on the Internet or
an intranet.
1
https://store.theartofservice.com/the-authentication-service-toolkit.html
EAuthentication
1
Similar to credit card verification services
that are provided by third parties to
eCommerce web sites, eAuthentication
services provide identity verification
services primarily to web sites but also to
intranet servers.
https://store.theartofservice.com/the-authentication-service-toolkit.html
Roger R. Schell
For several years he managed the
development and delivery of security
for several Novell releases of network
software products including an
integral Public key
infrastructure|PKI, an international
crypto API, and an authentication
service with exposed Secure Sockets
Layer|SSL capability
1
https://store.theartofservice.com/the-authentication-service-toolkit.html
AARNet - Application services
* Eduroam global federated
authentication service, most often
appearing as Eduroam Wi-Fi services
on-campus and at associated locations
1
https://store.theartofservice.com/the-authentication-service-toolkit.html
Foreign relations of Iraqi Kurdistan - Department of Foreign Relations
1
* Providing legal and authentication services
to the people of the region and its citizens
abroad
https://store.theartofservice.com/the-authentication-service-toolkit.html
Steam Greenlight - Software delivery and maintenance
1
Steam's DRM is available to software
developers through Steamworks; the
service allows developers and
publishers to include other forms of
DRM and other authentication services
than Steam; for example, some games
on Steam require the use of Games for
Windows – Live and some titles from
publisher Ubisoft require the use of
their UPlay gaming service.
https://store.theartofservice.com/the-authentication-service-toolkit.html
WidePoint Corporation - ORC
1
ORC provides IT integration and secure
authentication services to the U.S.
Government. It is an authorized certificate
authority for the United States Department
of Defense, General Services
Administration|GSA, and many other
certificate-based authorities. ORC also
provides application specific hardware and
software to maintain high levels of
information assurance.
https://store.theartofservice.com/the-authentication-service-toolkit.html
Central Authentication Service
The 'Central Authentication Service'
('CAS') is a single sign-on protocol for the
World Wide Web|web. Its purpose is to
permit a user to access multiple
applications while providing their
credentials (such as userid and
password) only once. It also allows web
applications to authenticate users
without gaining access to a user's
security credentials, such as a password.
The name CAS also refers to a software
package that implements this protocol.
1
https://store.theartofservice.com/the-authentication-service-toolkit.html
Identity management systems - Solutions
*
[https://www.apereo.or
g/cas Central
Authentication Service]
1
https://store.theartofservice.com/the-authentication-service-toolkit.html
Cryptlib - Features
cryptlib is a security toolkit library
that allows programmers to
incorporate encryption and
authentication services to software. It
provides a high-level interface so
strong security capabilities can be
added to an application without
needing to know many of the low-level
details of encryption or authentication
algorithms. It comes with an over 400
page programming
manual.ftp://ftp.franken.de/pub/cry
1
https://store.theartofservice.com/the-authentication-service-toolkit.html
NT Directory Service - Unix integration
*
[http://www.quest.com/authenticatio
n-services/ Quest Authentication
Services] (Now part of Dell) (Formerly,
Quest, Vintela) - AD authentication,
Group Policy management,
User/Group Migration tools, Auditing
and Reporting
1
https://store.theartofservice.com/the-authentication-service-toolkit.html
Structured Financial Messaging System
1
The access control is through Smart Card
based user access and messages are
secured by means of standard encryption
and authentication services conforming to
ISO standards
https://store.theartofservice.com/the-authentication-service-toolkit.html
AS (disambiguation) - Science and technology
1
* Authentication server, a server that provides
authentication services to users
https://store.theartofservice.com/the-authentication-service-toolkit.html
For More Information, Visit:
• https://store.theartofservice.co
m/the-authentication-servicetoolkit.html
The Art of Service
https://store.theartofservice.com
