Search
 

Who Do You Trust?

Cloud-based computing has created new challenges for authentication and authorization that we simply don’t have when we are able to maintain all of our applications and users inside the firewall. Claims-based authentication systems can help.

By Paul Rolich | Updated on December 31, 2010

Claims-based authentication has been getting a lot of press lately. Cloud-based computing has created new challenges for authentication and authorization that we simply don’t have when we are able to maintain all of our applications and users inside the firewall. Some of these challenges are solved by claims-based authentication systems. As we will see, though, claims-based authorization can also be used to simplify application authorizations on the corporate network as well as provide Web SSO.

There are three basic pieces to the security puzzle. Authenticate—once authenticated, gather attributes from an indemnity store—authorize. The first step is authenticating an entity. I say entity rather than user because in some cases we are authenticating another machine or another system. The most commonly used forms of authentication are simply a matched username-password pair. We can introduce multiple factor authentications using smart cards, biometrics, or public key codes to strengthen the security of the authentication process. There are many different ways to provide authentication—and for our purposes it doesn’t matter what the mechanism is. An entity provides the correct set of credentials to the authentication provider and the authentication provider validates that the credentials match the credentials of that entity in the identity store.

Want to continue reading?
Become a Free
PropertyCasualty360 Digital Reader.

INCLUDED IN A DIGITAL MEMBERSHIP:

  • All PropertyCasualty360.com news coverage, best practices, and in-depth analysis.
  • Educational webcasts, resources from industry leaders, and informative newsletters.
  • Other award-winning websites including BenefitsPRO.com and ThinkAdvisor.com.

Already have an account?

NOT FOR REPRINT

© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.

Recommended Stories

PropertyCasualty360

Join PropertyCasualty360

Don’t miss crucial news and insights you need to make informed decisions for your P&C insurance business. Join PropertyCasualty360.com now!

  • Unlimited access to PropertyCasualty360.com - your roadmap to thriving in a disrupted environment
  • Access to other award-winning ALM websites including BenefitsPRO.com, ThinkAdvisor.com and Law.com
  • Exclusive discounts on PropertyCasualty360, National Underwriter, Claims and ALM events

Already have an account? Sign In Now
Join PropertyCasualty360

Copyright © 2024 ALM Global, LLC. All Rights Reserved.