Your SlideShare is downloading. ×
0
Zaizi Alfresco Solution: Securing Alfresco for Extranet Access
Zaizi Alfresco Solution: Securing Alfresco for Extranet Access
Zaizi Alfresco Solution: Securing Alfresco for Extranet Access
Zaizi Alfresco Solution: Securing Alfresco for Extranet Access
Zaizi Alfresco Solution: Securing Alfresco for Extranet Access
Zaizi Alfresco Solution: Securing Alfresco for Extranet Access
Zaizi Alfresco Solution: Securing Alfresco for Extranet Access
Zaizi Alfresco Solution: Securing Alfresco for Extranet Access
Zaizi Alfresco Solution: Securing Alfresco for Extranet Access
Zaizi Alfresco Solution: Securing Alfresco for Extranet Access
Zaizi Alfresco Solution: Securing Alfresco for Extranet Access
Zaizi Alfresco Solution: Securing Alfresco for Extranet Access
Zaizi Alfresco Solution: Securing Alfresco for Extranet Access
Zaizi Alfresco Solution: Securing Alfresco for Extranet Access
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Zaizi Alfresco Solution: Securing Alfresco for Extranet Access

2,808

Published on

- To allow to users to evaluate the strength of their password, …

- To allow to users to evaluate the strength of their password,
- To allow to users to reset their password,
- To add a CAPTCHA system,
- To define password and account expiration dates,
- To disable accounts,
- To define a maximum of login attempts,
- To add an OpenID authentication (based on Google),
- To add a two factor authentication using iPhone App.

Published in: Technology
2 Comments
1 Like
Statistics
Notes
No Downloads
Views
Total Views
2,808
On Slideshare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
3
Comments
2
Likes
1
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. How to secure Alfresco ?Monday, 24 October 2011
  • 2. Introduction • The goal of this short slide show is to demonstrate what can be done to reinforce authentication. • To achieve our objectives, we improved the Alfresco authentication system : • To allow to users to evaluate the strength of their password, • To allow to users to reset their password, • To add a CAPTCHA system, • To define password and account expiration dates, • To disable accounts, • To define a maximum of login attempts, • To add an OpenID authentication (based on Google), • To add a 2-Factor authentication. Alfresco ArchitectureMonday, 24 October 2011
  • 3. Password Strength • We added a new component to allow to users to evaluate their password strength. • Users can improve the global security by themselves. Alfresco ArchitectureMonday, 24 October 2011
  • 4. Reset password • This feature simplifies the administrator’s task. • This one improves security by generating strong password. • This feature could be called every month to reset all user’s password. Alfresco ArchitectureMonday, 24 October 2011
  • 5. CAPTCHA Systems • A CAPTCHA is a program that can tell whether its user is a human or a computer. • To decrease the number of login attempts. Use an open-source library called reCAPTCHA (that helps to digitize books). Alfresco ArchitectureMonday, 24 October 2011
  • 6. Expiration dates • Administrators can define an account and password expiration date for each user. Alfresco ArchitectureMonday, 24 October 2011
  • 7. Disabled accounts • Administrators can enable/disable account. Alfresco ArchitectureMonday, 24 October 2011
  • 8. Maximum login attempts • We can define a maximum login attempts (be default 3). • After 3 unsuccessful login attempts, the account is automatically locked. Alfresco ArchitectureMonday, 24 October 2011
  • 9. OpenID authentication • OpenID is a safe, faster, and easier way to log in to web sites. • OpenID Users Benefits: • Fewer usernames and passwords to remember • Helps protect personal identity information • Globally unique,“Is that the same David?” • Ability to know where youve shared information Alfresco ArchitectureMonday, 24 October 2011
  • 10. OpenID Authentication OpenID Authentication ? Ask login to google User is logged to Google. Register user as trusted user Confirmation to continue Login as trusted user User logged to Alfresco Alfresco ArchitectureMonday, 24 October 2011
  • 11. 2-Factor authentication • A 2FA authentication (or strong authentication) is an approach to authentication which requires the presentation of two different kinds of evidence: • Something known, like a password, (e.g. Alfresco password) • Something unique (e.g. OTP or One-time password). • In this example, we used a 2FA authentication called WiKID. Alfresco ArchitectureMonday, 24 October 2011
  • 12. 2-Factor authentication Authentication Ask a passcode (OTP) for Alfresco ? Create a passcode Passcode valid for 90 seconds The user fills the passcode in Alfresco Share Passcode valid ? Passcode valid for Alfresco ? Disable the passcode Passcode OK Passcode OK Login with username/password User logged Alfresco Platform designMonday, 24 October 2011
  • 13. 2-Factor authentication Username ? Password ? Alfresco Platform designMonday, 24 October 2011
  • 14. Thank YouMonday, 24 October 2011

×