SlideShare a Scribd company logo

Basic security concepts essential for all architects

Debasis Chakraborty
Debasis Chakraborty

This document outlines some key security concepts that are important for architects to understand, including the differences between identity, authentication, and authorization. It explains that identity is verified through authentication, such as with a username and password, but identity information is stored in LDAP directories rather than databases. It also describes how authorization tokens obtained through single sign-on allow users to access resources based on their permissions and group memberships, as defined in LDAP or through standards like SAML, OAuth, and OpenID.

Business
1 of 1
Download to read offline
Basic Security Concepts essential for all Architects It is quite shame that a number Industry professionals including a large number of architects don't understand the difference between identity, Authentication and authorisation. Allow me to describe it very simple way - Your identity is verified through a process/magic call "Authentication". Identity is typical, that you present to verify your authentication (username/password, fingerprint, and retina. You are Mr Bill, but how someone will verify your Identity, it is through Authentication. Secondly, still a high portion of Architects in BFS domain believes that we can authenticate through/via database/master data. Let me correct it very simple way " No banking products identified a person through database, for user authentication, the industry solution is LDAPv3, and never use DB. Again, majority of professionals including architects doesn't understand that you can get an Authorisation Token through Web Single Sign On. SAML2.0, OpenID, OAUTH2.0 are capable to contain various authorisation parameters such as authorisation, group membership, entitlement etc. So -> Key Points KP1. Authentication (through valid Identity) KP2. Your Identity will be store in to LDAPv3/meta Data " it will never store in to Database". For details information please read "Database Vs. LDAPv3" KP3. Once you have identified correctly, your profile can be retrieve from database " so profile can be store in to database "Master Data" KP4. Once you have Identified properly, i.e. after successful authentication, next step will be Authorisation, which will give you a soft token, i.e. what all operations you are entitle to do so such as "can you access all floor, can you open a locker, can you access VIP area etc.?” KP5. Again LDAPv3 can store your authorisation parameter such as ACL, group membership, roles, policies etc. During this process you can also get a SSO token " in simple example, a single key/hob that will give you access to more than 1 buildings" KP6. Typical Authorisation token are SAML2.0, OUATH2.0, OpenID etc. +KP – Key point

Recommended

Multi Tenancy
Multi TenancyMulti Tenancy
Multi TenancyLogicalDOC
 
How electronic signature software helps create electonic signature securely
How electronic signature software helps create electonic signature securely How electronic signature software helps create electonic signature securely
How electronic signature software helps create electonic signature securely SreeramulaSatya
 
Certification Authority - Sergio Lietti
Certification Authority - Sergio LiettiCertification Authority - Sergio Lietti
Certification Authority - Sergio LiettiNúcleo de Computação Científica
 
identity based encryption transformation for flexible sharing of encrypted da...
identity based encryption transformation for flexible sharing of encrypted da...identity based encryption transformation for flexible sharing of encrypted da...
identity based encryption transformation for flexible sharing of encrypted da...Venkat Projects
 
Electronic signature software
Electronic signature softwareElectronic signature software
Electronic signature softwareSreeramulaSatya
 
Presentation on third party authentication, virtual private networking (vpn),...
Presentation on third party authentication, virtual private networking (vpn),...Presentation on third party authentication, virtual private networking (vpn),...
Presentation on third party authentication, virtual private networking (vpn),...Sushil Subedi
 
Demystifying OAuth 2.0
Demystifying OAuth 2.0Demystifying OAuth 2.0
Demystifying OAuth 2.0Yury Roa
 
Ssl
SslSsl
Sslhuia
 

Recommended

Multi Tenancy
Multi TenancyMulti Tenancy
Multi TenancyLogicalDOC
 
How electronic signature software helps create electonic signature securely
How electronic signature software helps create electonic signature securely How electronic signature software helps create electonic signature securely
How electronic signature software helps create electonic signature securely SreeramulaSatya
 
Certification Authority - Sergio Lietti
Certification Authority - Sergio LiettiCertification Authority - Sergio Lietti
Certification Authority - Sergio LiettiNúcleo de Computação Científica
 
identity based encryption transformation for flexible sharing of encrypted da...
identity based encryption transformation for flexible sharing of encrypted da...identity based encryption transformation for flexible sharing of encrypted da...
identity based encryption transformation for flexible sharing of encrypted da...Venkat Projects
 
Electronic signature software
Electronic signature softwareElectronic signature software
Electronic signature softwareSreeramulaSatya
 
Presentation on third party authentication, virtual private networking (vpn),...
Presentation on third party authentication, virtual private networking (vpn),...Presentation on third party authentication, virtual private networking (vpn),...
Presentation on third party authentication, virtual private networking (vpn),...Sushil Subedi
 
Demystifying OAuth 2.0
Demystifying OAuth 2.0Demystifying OAuth 2.0
Demystifying OAuth 2.0Yury Roa
 
Ssl
SslSsl
Sslhuia
 
1 security goals
1 security goals1 security goals
1 security goalsdrewz lin
 
[Cluj] Turn SSL ON
[Cluj] Turn SSL ON[Cluj] Turn SSL ON
[Cluj] Turn SSL ONOWASP EEE
 
C02
C02C02
C02newbie2019
 
Identity, Security, and XML Web Services -- The Importance of Interoperable S...
Identity, Security, and XML Web Services -- The Importance of Interoperable S...Identity, Security, and XML Web Services -- The Importance of Interoperable S...
Identity, Security, and XML Web Services -- The Importance of Interoperable S...Jorgen Thelin
 
Securing Your Database Dynamic DB Credentials
Securing Your Database Dynamic DB CredentialsSecuring Your Database Dynamic DB Credentials
Securing Your Database Dynamic DB CredentialsDevOps Indonesia
 
Lotus Admin Training Part I
Lotus Admin Training Part ILotus Admin Training Part I
Lotus Admin Training Part ISanjaya K Saxena
 
Low Hanging Fruit, Making Your Basic MongoDB Installation More Secure
Low Hanging Fruit, Making Your Basic MongoDB Installation More SecureLow Hanging Fruit, Making Your Basic MongoDB Installation More Secure
Low Hanging Fruit, Making Your Basic MongoDB Installation More SecureMongoDB
 
816isdfo
816isdfo816isdfo
816isdfoAnil Pandey
 
Network security unit 4,5,6
Network security unit 4,5,6 Network security unit 4,5,6
Network security unit 4,5,6 WE-IT TUTORIALS
 
Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19
Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19
Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19Andrew Hughes
 
Security
SecuritySecurity
Securitydominion
 
Personal Object Technology
Personal Object TechnologyPersonal Object Technology
Personal Object TechnologyRobert Berger
 
When and Why Would I use Oauth2?
When and Why Would I use Oauth2?When and Why Would I use Oauth2?
When and Why Would I use Oauth2?Dave Syer
 
Securing RESTful API
Securing RESTful APISecuring RESTful API
Securing RESTful APIMuhammad Zbeedat
 
Database Security
Database SecurityDatabase Security
Database SecurityRabiaIftikhar10
 
Securing Your MongoDB Deployment
Securing Your MongoDB DeploymentSecuring Your MongoDB Deployment
Securing Your MongoDB DeploymentMongoDB
 
Hadoop and Big Data Security
Hadoop and Big Data SecurityHadoop and Big Data Security
Hadoop and Big Data SecurityChicago Hadoop Users Group
 
Identity, Security and XML Web Services
Identity, Security and XML Web ServicesIdentity, Security and XML Web Services
Identity, Security and XML Web ServicesJorgen Thelin
 
1205 bhat pdf-ssl
1205 bhat pdf-ssl1205 bhat pdf-ssl
1205 bhat pdf-sslJamshoo Lakhani
 
Oralce SSL walelt -TCPS_Troubleshooting_PB.pptx
Oralce SSL walelt -TCPS_Troubleshooting_PB.pptxOralce SSL walelt -TCPS_Troubleshooting_PB.pptx
Oralce SSL walelt -TCPS_Troubleshooting_PB.pptxssuser865ecd
 
LEIN Venture
LEIN VentureLEIN Venture
LEIN VentureDebasis Chakraborty
 
London Entrepreneur & Investor Network Venture
London Entrepreneur & Investor Network Venture London Entrepreneur & Investor Network Venture
London Entrepreneur & Investor Network Venture Debasis Chakraborty
 

More Related Content

Similar to Basic security concepts essential for all architects

1 security goals
1 security goals1 security goals
1 security goalsdrewz lin
 
[Cluj] Turn SSL ON
[Cluj] Turn SSL ON[Cluj] Turn SSL ON
[Cluj] Turn SSL ONOWASP EEE
 
Identity, Security, and XML Web Services -- The Importance of Interoperable S...
Identity, Security, and XML Web Services -- The Importance of Interoperable S...Identity, Security, and XML Web Services -- The Importance of Interoperable S...
Identity, Security, and XML Web Services -- The Importance of Interoperable S...Jorgen Thelin
 
Securing Your Database Dynamic DB Credentials
Securing Your Database Dynamic DB CredentialsSecuring Your Database Dynamic DB Credentials
Securing Your Database Dynamic DB CredentialsDevOps Indonesia
 
Lotus Admin Training Part I
Lotus Admin Training Part ILotus Admin Training Part I
Lotus Admin Training Part ISanjaya K Saxena
 
Low Hanging Fruit, Making Your Basic MongoDB Installation More Secure
Low Hanging Fruit, Making Your Basic MongoDB Installation More SecureLow Hanging Fruit, Making Your Basic MongoDB Installation More Secure
Low Hanging Fruit, Making Your Basic MongoDB Installation More SecureMongoDB
 
Network security unit 4,5,6
Network security unit 4,5,6 Network security unit 4,5,6
Network security unit 4,5,6 WE-IT TUTORIALS
 
Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19
Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19
Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19Andrew Hughes
 
Personal Object Technology
Personal Object TechnologyPersonal Object Technology
Personal Object TechnologyRobert Berger
 
When and Why Would I use Oauth2?
When and Why Would I use Oauth2?When and Why Would I use Oauth2?
When and Why Would I use Oauth2?Dave Syer
 
Securing Your MongoDB Deployment
Securing Your MongoDB DeploymentSecuring Your MongoDB Deployment
Securing Your MongoDB DeploymentMongoDB
 
Identity, Security and XML Web Services
Identity, Security and XML Web ServicesIdentity, Security and XML Web Services
Identity, Security and XML Web ServicesJorgen Thelin
 
Oralce SSL walelt -TCPS_Troubleshooting_PB.pptx
Oralce SSL walelt -TCPS_Troubleshooting_PB.pptxOralce SSL walelt -TCPS_Troubleshooting_PB.pptx
Oralce SSL walelt -TCPS_Troubleshooting_PB.pptxssuser865ecd
 

Similar to Basic security concepts essential for all architects (20)

1 security goals
1 security goals1 security goals
1 security goals
 
[Cluj] Turn SSL ON
[Cluj] Turn SSL ON[Cluj] Turn SSL ON
[Cluj] Turn SSL ON
 
C02
C02C02
C02
 
Identity, Security, and XML Web Services -- The Importance of Interoperable S...
Identity, Security, and XML Web Services -- The Importance of Interoperable S...Identity, Security, and XML Web Services -- The Importance of Interoperable S...
Identity, Security, and XML Web Services -- The Importance of Interoperable S...
 
Securing Your Database Dynamic DB Credentials
Securing Your Database Dynamic DB CredentialsSecuring Your Database Dynamic DB Credentials
Securing Your Database Dynamic DB Credentials
 
Lotus Admin Training Part I
Lotus Admin Training Part ILotus Admin Training Part I
Lotus Admin Training Part I
 
Low Hanging Fruit, Making Your Basic MongoDB Installation More Secure
Low Hanging Fruit, Making Your Basic MongoDB Installation More SecureLow Hanging Fruit, Making Your Basic MongoDB Installation More Secure
Low Hanging Fruit, Making Your Basic MongoDB Installation More Secure
 
816isdfo
816isdfo816isdfo
816isdfo
 
Network security unit 4,5,6
Network security unit 4,5,6 Network security unit 4,5,6
Network security unit 4,5,6
 
Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19
Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19
Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19
 
Security
SecuritySecurity
Security
 
Personal Object Technology
Personal Object TechnologyPersonal Object Technology
Personal Object Technology
 
When and Why Would I use Oauth2?
When and Why Would I use Oauth2?When and Why Would I use Oauth2?
When and Why Would I use Oauth2?
 
Securing RESTful API
Securing RESTful APISecuring RESTful API
Securing RESTful API
 
Database Security
Database SecurityDatabase Security
Database Security
 
Securing Your MongoDB Deployment
Securing Your MongoDB DeploymentSecuring Your MongoDB Deployment
Securing Your MongoDB Deployment
 
Hadoop and Big Data Security
Hadoop and Big Data SecurityHadoop and Big Data Security
Hadoop and Big Data Security
 
Identity, Security and XML Web Services
Identity, Security and XML Web ServicesIdentity, Security and XML Web Services
Identity, Security and XML Web Services
 
1205 bhat pdf-ssl
1205 bhat pdf-ssl1205 bhat pdf-ssl
1205 bhat pdf-ssl
 
Oralce SSL walelt -TCPS_Troubleshooting_PB.pptx
Oralce SSL walelt -TCPS_Troubleshooting_PB.pptxOralce SSL walelt -TCPS_Troubleshooting_PB.pptx
Oralce SSL walelt -TCPS_Troubleshooting_PB.pptx
 

More from Debasis Chakraborty

London Entrepreneur & Investor Network Venture
London Entrepreneur & Investor Network Venture London Entrepreneur & Investor Network Venture
London Entrepreneur & Investor Network Venture Debasis Chakraborty
 
Top 10 reasons - Why you should visit India
Top 10 reasons - Why you should visit IndiaTop 10 reasons - Why you should visit India
Top 10 reasons - Why you should visit IndiaDebasis Chakraborty
 
Payment industry trends and opportunity
Payment industry trends and opportunityPayment industry trends and opportunity
Payment industry trends and opportunityDebasis Chakraborty
 
Nike strategy and acquisition EMBA 2014
Nike strategy and acquisition EMBA 2014Nike strategy and acquisition EMBA 2014
Nike strategy and acquisition EMBA 2014Debasis Chakraborty
 
Company valuation debasis chakraborty emba 2014 403503
Company valuation debasis chakraborty emba 2014 403503Company valuation debasis chakraborty emba 2014 403503
Company valuation debasis chakraborty emba 2014 403503Debasis Chakraborty
 
A2 business memo benihana global-ops_ debasis chakraborty_403503
A2 business memo benihana global-ops_ debasis chakraborty_403503A2 business memo benihana global-ops_ debasis chakraborty_403503
A2 business memo benihana global-ops_ debasis chakraborty_403503Debasis Chakraborty
 
A1 business memo global ops- seb_debasis chakraborty_403503
A1 business memo global ops- seb_debasis chakraborty_403503A1 business memo global ops- seb_debasis chakraborty_403503
A1 business memo global ops- seb_debasis chakraborty_403503Debasis Chakraborty
 
Gloriolesoft Consulting Security and Privacy Offering
Gloriolesoft Consulting Security and Privacy Offering Gloriolesoft Consulting Security and Privacy Offering
Gloriolesoft Consulting Security and Privacy Offering Debasis Chakraborty
 
Gloriolesoft Consulting Cloud Virtualization Service Offering
Gloriolesoft Consulting Cloud Virtualization Service Offering Gloriolesoft Consulting Cloud Virtualization Service Offering
Gloriolesoft Consulting Cloud Virtualization Service Offering Debasis Chakraborty
 
Salesforce and Social CRM to accelerate your business
Salesforce and Social CRM to accelerate your businessSalesforce and Social CRM to accelerate your business
Salesforce and Social CRM to accelerate your businessDebasis Chakraborty
 

More from Debasis Chakraborty (12)

LEIN Venture
LEIN VentureLEIN Venture
LEIN Venture
 
London Entrepreneur & Investor Network Venture
London Entrepreneur & Investor Network Venture London Entrepreneur & Investor Network Venture
London Entrepreneur & Investor Network Venture
 
Top 10 reasons - Why you should visit India
Top 10 reasons - Why you should visit IndiaTop 10 reasons - Why you should visit India
Top 10 reasons - Why you should visit India
 
Marketing strategy
Marketing strategyMarketing strategy
Marketing strategy
 
Payment industry trends and opportunity
Payment industry trends and opportunityPayment industry trends and opportunity
Payment industry trends and opportunity
 
Nike strategy and acquisition EMBA 2014
Nike strategy and acquisition EMBA 2014Nike strategy and acquisition EMBA 2014
Nike strategy and acquisition EMBA 2014
 
Company valuation debasis chakraborty emba 2014 403503
Company valuation debasis chakraborty emba 2014 403503Company valuation debasis chakraborty emba 2014 403503
Company valuation debasis chakraborty emba 2014 403503
 
A2 business memo benihana global-ops_ debasis chakraborty_403503
A2 business memo benihana global-ops_ debasis chakraborty_403503A2 business memo benihana global-ops_ debasis chakraborty_403503
A2 business memo benihana global-ops_ debasis chakraborty_403503
 
A1 business memo global ops- seb_debasis chakraborty_403503
A1 business memo global ops- seb_debasis chakraborty_403503A1 business memo global ops- seb_debasis chakraborty_403503
A1 business memo global ops- seb_debasis chakraborty_403503
 
Gloriolesoft Consulting Security and Privacy Offering
Gloriolesoft Consulting Security and Privacy Offering Gloriolesoft Consulting Security and Privacy Offering
Gloriolesoft Consulting Security and Privacy Offering
 
Gloriolesoft Consulting Cloud Virtualization Service Offering
Gloriolesoft Consulting Cloud Virtualization Service Offering Gloriolesoft Consulting Cloud Virtualization Service Offering
Gloriolesoft Consulting Cloud Virtualization Service Offering
 
Salesforce and Social CRM to accelerate your business
Salesforce and Social CRM to accelerate your businessSalesforce and Social CRM to accelerate your business
Salesforce and Social CRM to accelerate your business
 

Recently uploaded

falcon-invoice-discounting-a-premier-platform-for-investors-in-india
falcon-invoice-discounting-a-premier-platform-for-investors-in-indiafalcon-invoice-discounting-a-premier-platform-for-investors-in-india
falcon-invoice-discounting-a-premier-platform-for-investors-in-indiaFalcon Invoice Discounting
 
Get Bad Credit Loans with Guaranteed Approval
Get Bad Credit Loans with Guaranteed ApprovalGet Bad Credit Loans with Guaranteed Approval
Get Bad Credit Loans with Guaranteed ApprovalDollarLoan Hub
 
University of Connecticut Fees, Courses, Acceptance Rate, Admission deadline,...
University of Connecticut Fees, Courses, Acceptance Rate, Admission deadline,...University of Connecticut Fees, Courses, Acceptance Rate, Admission deadline,...
University of Connecticut Fees, Courses, Acceptance Rate, Admission deadline,...dvividconsultant15
 
5 Things You Need To Know Before Hiring a Videographer
5 Things You Need To Know Before Hiring a Videographer5 Things You Need To Know Before Hiring a Videographer
5 Things You Need To Know Before Hiring a Videographerofm712785
 
PETAVIT SIP-01.pdfAAAAAAAAAAAAAAAAAAAAAAAAAAA
PETAVIT SIP-01.pdfAAAAAAAAAAAAAAAAAAAAAAAAAAAPETAVIT SIP-01.pdfAAAAAAAAAAAAAAAAAAAAAAAAAAA
PETAVIT SIP-01.pdfAAAAAAAAAAAAAAAAAAAAAAAAAAAlawrenceads01
 
Filing Your Delaware Franchise Tax A Detailed Guide
Filing Your Delaware Franchise Tax A Detailed GuideFiling Your Delaware Franchise Tax A Detailed Guide
Filing Your Delaware Franchise Tax A Detailed GuideYourLegal Accounting
 
Memorandum Of Association Constitution of Company.ppt
Memorandum Of Association Constitution of Company.pptMemorandum Of Association Constitution of Company.ppt
Memorandum Of Association Constitution of Company.pptseri bangash
 
The Parable of the Pipeline a book every new businessman or business student ...
The Parable of the Pipeline a book every new businessman or business student ...The Parable of the Pipeline a book every new businessman or business student ...
The Parable of the Pipeline a book every new businessman or business student ...awaisafdar
 
Securing Your Peace of Mind: Private Security Guard Services’
Securing Your Peace of Mind: Private Security Guard Services’Securing Your Peace of Mind: Private Security Guard Services’
Securing Your Peace of Mind: Private Security Guard Services’Dragon Dream Bar
 
Accpac to QuickBooks Conversion Navigating the Transition with Online Account...
Accpac to QuickBooks Conversion Navigating the Transition with Online Account...Accpac to QuickBooks Conversion Navigating the Transition with Online Account...
Accpac to QuickBooks Conversion Navigating the Transition with Online Account...PaulBryant58
 
Pitch Deck Teardown: RAW Dating App's $3M Angel deck
Pitch Deck Teardown: RAW Dating App's $3M Angel deckPitch Deck Teardown: RAW Dating App's $3M Angel deck
Pitch Deck Teardown: RAW Dating App's $3M Angel deckHajeJanKamps
 
Taurus Zodiac Sign_ Personality Traits and Sign Dates.pptx
Taurus Zodiac Sign_ Personality Traits and Sign Dates.pptxTaurus Zodiac Sign_ Personality Traits and Sign Dates.pptx
Taurus Zodiac Sign_ Personality Traits and Sign Dates.pptxmy Pandit
 
Unveiling the Secrets How Does Generative AI Work.pdf
Unveiling the Secrets How Does Generative AI Work.pdfUnveiling the Secrets How Does Generative AI Work.pdf
Unveiling the Secrets How Does Generative AI Work.pdfSam H
 
Lars Winkelbauer — Sustainable Development in the Era of Air Cargo Technology
Lars Winkelbauer — Sustainable Development in the Era of Air Cargo TechnologyLars Winkelbauer — Sustainable Development in the Era of Air Cargo Technology
Lars Winkelbauer — Sustainable Development in the Era of Air Cargo Technologylarswinkelbauer23
 
lecture 02 managerial accounting. chapter 02pptx
lecture 02 managerial accounting. chapter 02pptxlecture 02 managerial accounting. chapter 02pptx
lecture 02 managerial accounting. chapter 02pptxalshamahimohammed1
 
Matt Conway - Attorney - A Knowledgeable Professional - Kentucky.pdf
Matt Conway - Attorney - A Knowledgeable Professional - Kentucky.pdfMatt Conway - Attorney - A Knowledgeable Professional - Kentucky.pdf
Matt Conway - Attorney - A Knowledgeable Professional - Kentucky.pdfMatt Conway - Attorney
 
Lookback Analysis
Lookback AnalysisLookback Analysis
Lookback AnalysisSafe PaaS
 
Global Interconnection Group Joint Venture[960] (1).pdf
Global Interconnection Group Joint Venture[960] (1).pdfGlobal Interconnection Group Joint Venture[960] (1).pdf
Global Interconnection Group Joint Venture[960] (1).pdfHenry Tapper
 
FINAL PRESENTATION.pptx12143241324134134
FINAL PRESENTATION.pptx12143241324134134FINAL PRESENTATION.pptx12143241324134134
FINAL PRESENTATION.pptx12143241324134134LR1709MUSIC
 

Recently uploaded (20)

falcon-invoice-discounting-a-premier-platform-for-investors-in-india
falcon-invoice-discounting-a-premier-platform-for-investors-in-indiafalcon-invoice-discounting-a-premier-platform-for-investors-in-india
falcon-invoice-discounting-a-premier-platform-for-investors-in-india
 
Sustainability: Balancing the Environment, Equity & Economy
Sustainability: Balancing the Environment, Equity & EconomySustainability: Balancing the Environment, Equity & Economy
Sustainability: Balancing the Environment, Equity & Economy
 
Get Bad Credit Loans with Guaranteed Approval
Get Bad Credit Loans with Guaranteed ApprovalGet Bad Credit Loans with Guaranteed Approval
Get Bad Credit Loans with Guaranteed Approval
 
University of Connecticut Fees, Courses, Acceptance Rate, Admission deadline,...
University of Connecticut Fees, Courses, Acceptance Rate, Admission deadline,...University of Connecticut Fees, Courses, Acceptance Rate, Admission deadline,...
University of Connecticut Fees, Courses, Acceptance Rate, Admission deadline,...
 
5 Things You Need To Know Before Hiring a Videographer
5 Things You Need To Know Before Hiring a Videographer5 Things You Need To Know Before Hiring a Videographer
5 Things You Need To Know Before Hiring a Videographer
 
PETAVIT SIP-01.pdfAAAAAAAAAAAAAAAAAAAAAAAAAAA
PETAVIT SIP-01.pdfAAAAAAAAAAAAAAAAAAAAAAAAAAAPETAVIT SIP-01.pdfAAAAAAAAAAAAAAAAAAAAAAAAAAA
PETAVIT SIP-01.pdfAAAAAAAAAAAAAAAAAAAAAAAAAAA
 
Filing Your Delaware Franchise Tax A Detailed Guide
Filing Your Delaware Franchise Tax A Detailed GuideFiling Your Delaware Franchise Tax A Detailed Guide
Filing Your Delaware Franchise Tax A Detailed Guide
 
Memorandum Of Association Constitution of Company.ppt
Memorandum Of Association Constitution of Company.pptMemorandum Of Association Constitution of Company.ppt
Memorandum Of Association Constitution of Company.ppt
 
The Parable of the Pipeline a book every new businessman or business student ...
The Parable of the Pipeline a book every new businessman or business student ...The Parable of the Pipeline a book every new businessman or business student ...
The Parable of the Pipeline a book every new businessman or business student ...
 
Securing Your Peace of Mind: Private Security Guard Services’
Securing Your Peace of Mind: Private Security Guard Services’Securing Your Peace of Mind: Private Security Guard Services’
Securing Your Peace of Mind: Private Security Guard Services’
 
Accpac to QuickBooks Conversion Navigating the Transition with Online Account...
Accpac to QuickBooks Conversion Navigating the Transition with Online Account...Accpac to QuickBooks Conversion Navigating the Transition with Online Account...
Accpac to QuickBooks Conversion Navigating the Transition with Online Account...
 
Pitch Deck Teardown: RAW Dating App's $3M Angel deck
Pitch Deck Teardown: RAW Dating App's $3M Angel deckPitch Deck Teardown: RAW Dating App's $3M Angel deck
Pitch Deck Teardown: RAW Dating App's $3M Angel deck
 
Taurus Zodiac Sign_ Personality Traits and Sign Dates.pptx
Taurus Zodiac Sign_ Personality Traits and Sign Dates.pptxTaurus Zodiac Sign_ Personality Traits and Sign Dates.pptx
Taurus Zodiac Sign_ Personality Traits and Sign Dates.pptx
 
Unveiling the Secrets How Does Generative AI Work.pdf
Unveiling the Secrets How Does Generative AI Work.pdfUnveiling the Secrets How Does Generative AI Work.pdf
Unveiling the Secrets How Does Generative AI Work.pdf
 
Lars Winkelbauer — Sustainable Development in the Era of Air Cargo Technology
Lars Winkelbauer — Sustainable Development in the Era of Air Cargo TechnologyLars Winkelbauer — Sustainable Development in the Era of Air Cargo Technology
Lars Winkelbauer — Sustainable Development in the Era of Air Cargo Technology
 
lecture 02 managerial accounting. chapter 02pptx
lecture 02 managerial accounting. chapter 02pptxlecture 02 managerial accounting. chapter 02pptx
lecture 02 managerial accounting. chapter 02pptx
 
Matt Conway - Attorney - A Knowledgeable Professional - Kentucky.pdf
Matt Conway - Attorney - A Knowledgeable Professional - Kentucky.pdfMatt Conway - Attorney - A Knowledgeable Professional - Kentucky.pdf
Matt Conway - Attorney - A Knowledgeable Professional - Kentucky.pdf
 
Lookback Analysis
Lookback AnalysisLookback Analysis
Lookback Analysis
 
Global Interconnection Group Joint Venture[960] (1).pdf
Global Interconnection Group Joint Venture[960] (1).pdfGlobal Interconnection Group Joint Venture[960] (1).pdf
Global Interconnection Group Joint Venture[960] (1).pdf
 
FINAL PRESENTATION.pptx12143241324134134
FINAL PRESENTATION.pptx12143241324134134FINAL PRESENTATION.pptx12143241324134134
FINAL PRESENTATION.pptx12143241324134134
 

Basic security concepts essential for all architects

  • 1. Basic Security Concepts essential for all Architects It is quite shame that a number Industry professionals including a large number of architects don't understand the difference between identity, Authentication and authorisation. Allow me to describe it very simple way - Your identity is verified through a process/magic call "Authentication". Identity is typical, that you present to verify your authentication (username/password, fingerprint, and retina. You are Mr Bill, but how someone will verify your Identity, it is through Authentication. Secondly, still a high portion of Architects in BFS domain believes that we can authenticate through/via database/master data. Let me correct it very simple way " No banking products identified a person through database, for user authentication, the industry solution is LDAPv3, and never use DB. Again, majority of professionals including architects doesn't understand that you can get an Authorisation Token through Web Single Sign On. SAML2.0, OpenID, OAUTH2.0 are capable to contain various authorisation parameters such as authorisation, group membership, entitlement etc. So -> Key Points KP1. Authentication (through valid Identity) KP2. Your Identity will be store in to LDAPv3/meta Data " it will never store in to Database". For details information please read "Database Vs. LDAPv3" KP3. Once you have identified correctly, your profile can be retrieve from database " so profile can be store in to database "Master Data" KP4. Once you have Identified properly, i.e. after successful authentication, next step will be Authorisation, which will give you a soft token, i.e. what all operations you are entitle to do so such as "can you access all floor, can you open a locker, can you access VIP area etc.?” KP5. Again LDAPv3 can store your authorisation parameter such as ACL, group membership, roles, policies etc. During this process you can also get a SSO token " in simple example, a single key/hob that will give you access to more than 1 buildings" KP6. Typical Authorisation token are SAML2.0, OUATH2.0, OpenID etc. +KP – Key point