Authentication Service

• Authentication Service

https://store.theartofservice.com/the-authentication-service-toolkit.html

Microsoft Open Specification Promise - Published protocols

1 RFC 1510 and RFC 1964 – Kerberos Network

Authentication Service (v5)


Symantec - Verisign authentication

1 On May 19, 2010, Symantec signed a definitive agreement to acquire Verisign’s

authentication business unit, which included the Secure Sockets Layer (SSL) Certificate,

Public Key Infrastructure (PKI), Verisign Trust, and Verisign Identity Protection (VIP)

authentication services. The acquisition closed on August 9, 2010. In August 2012, Symantec completed its rebranding of the Verisign SSL Certificate Service by renaming the Verisign

Trust Seal the Norton Secured Seal.


Lightweight Directory Access Protocol - Bind (authenticate)

1 SASL (Simple Authentication and Security Layer) BIND provides

authentication services through a wide range of mechanisms, e.g.

Kerberos or the client certificate sent with TLS.


Wi-Fi Protected Access - EAP extensions under WPA and WPA2 Enterprise

1 Commercial 802.1X servers include Microsoft Internet Authentication

Service and Juniper Networks Steelbelted RADIUS. FreeRADIUS is

an open source 802.1X server.


Windows 2000 - Server family features

1 * Routing and Remote Access Service (RRAS) support, facilitating Dial-up access|dial-up and Virtual Private

Network|VPN connections using IPsec, L2TP or L2TP#L2TP/IPsec|L2TP/IPsec, support for RADIUS authentication in

Internet Authentication Service, network connection sharing, Network Address

Translation, unicast and multicast routing schemes.


Windows 2000 - Server family features

1 * Extensible Authentication Protocol support in Internet Authentication

Service|IAS (EAP-MD5 and EAP-TLS) later upgraded to PEAPv0/EAP-MSCHAPv2 and PEAP-EAP-TLS in

Windows 2000 SP4


Distributed Computing Environment

1 The framework includes a remote procedure call (RPC) mechanism

known as DCE/RPC, a naming (directory) service, a time service, an

authentication service and a distributed file system (DFS) known

as DCE Distributed File System|DCE/DFS.


Steam (software) - Software delivery and maintenance

1 Steam's DRM is available through Steamworks to software developers, but

the service allows developers and publishers to include other forms of DRM and other authentication services on top of Steam; for example, some games on

Steam require the use of Games for Windows – Live, and various titles from

publisher Ubisoft require the use of their UPlay gaming service.


Verisign - History

1 The new company served as a certificate authority (CA) and its

initial mission was providing trust for the Internet and Electronic

Commerce through our Digital Authentication services and products


Verisign - Authentication sale

1 On August 9, 2010, Symantec completed its approximately $1.28 billion acquisition of

Verisign's authentication business, including the Secure Sockets Layer (SSL) Certificate Services, the Public Key Infrastructure (PKI) Services, the

Verisign Trust Services, the Verisign Identity Protection (VIP) Authentication Service, and the

majority stake in Verisign Japan.[ http://dealbook.nytimes.com/2010/08/10/symantec-acquires-verisign-for-1-28-billion/ Symantec

Acquires VeriSign for $1.28 Billion]


Verisign - Company properties

1 Following the sale of its authentication services division in 2010, Verisign relocated from its former headquarters in Mountain

View, California to the headquarters of the naming division in Sterling, Virginia (originally NSI Registry's

headquarters)


IEEE 802.11i-2004 - Protocol operation

1 These utilize the authentication services and port access control

described in IEEE 802.1X to establish and change the appropriate

cryptographic keys


OpenID - Identifiers

1 To obtain an OpenID-enabled Uniform Resource Locator|URL that can be used to log into OpenID-enabled

websites, a user needs to register an OpenID identifier with an identity

provider. Identity providers offer the ability to register a URL (typically a

third-level domain, e.g. username.example.com) that will automatically be configured with OpenID authentication service.


Access token - Types of tokens

1 The creation of primary tokens and their association to processes are

both privileged operations, requiring two different privileges in the name of privilege separation - the typical scenario sees the authentication service creating the token, and a logon service associating it to the

user's operating system shell


Access token - Contents of a token

1 * the identifier of the associated logon session. The session is maintained by the

authentication service, and is populated by the authentication packages with a collection of all the information (credentials) the user provided

when logging in. Credentials are used to access remote systems without the need for the user to re-authenticate (single sign-on), provided that all the systems involved share an authentication authority (e.g. a Kerberos

(protocol)|Kerberos ticket server)


LDAP - Bind (authenticate)

1 Simple Authentication and Security Layer|SASL (Simple Authentication and Security Layer) BIND provides authentication services through a


Health Level 7 - Finland

1 There is a choice of using a government controlled authorization

system or using the same authentication service used for on-

line banking


APS - Organizations, media and firms

1 *American Philatelic Society, or their postage

stamp authentication service


Xerox Network Systems - Applications

1 The XNS Protocols also included an Authentication Service and an Authentication Protocol. After contacting the authentication service for credentials, this protocol provided

a lightweight-way to digitally sign Courier procedure calls, so that receivers could verify the signature and authenticate senders over the XNS internet, without having to contact

the Authentication service again for the length of the protocol communication

session.


Secure Network Communications - Advantages of SNC

1 * Can use Pluggable Authentication Service

to enable SNC functionality


SAP Logon Ticket - Integration with Identity Access Management Platforms

1 * Tivoli Access Manager has developed an authentication service

compatible with SAP Logon Tickets[

http://www.ibm.com/developerworks/tivoli/library/t-authsaptam/index.html Authenticating a SAP login ticket in Tivoli Access Manager e-business

WebSEAL]


SAP Logon Ticket - Integration with Identity Access Management Platforms

1 * Sun ONE Identity has developed a solution where companies can use the SAP Internet Transaction Server

(ITS 2.0) and SAP Pluggable Authentication Service (PAS) for

integration with SAP for single sign-on


Alfresco (software) - Features

1 * Pluggable authentication: NTLM, LDAP, Kerberos (protocol)|Kerberos, Central Authentication Service|CAS


Security service (telecommunication)

1 : A processing or communication service that is provided by a system to give a specific

kind of protection to resources, where said resources may reside with said system or

reside with other systems, for example, an authentication service or a PKI-based

document attribution and authentication service. A security service is a superset of AAA services. Security services typically

implement portions of security policies and are implemented via security mechanisms.


Security service (telecommunication) - OSI Security Services General description

1 The following are considered to be the security services which can be

provided optionally within the framework of the OSI Reference

Model. The authentication services require authentication information

comprising locally stored information and data that is transferred (credentials) to facilitate the

authentication:https://store.theartofservice.com/the-authentication-service-toolkit.html

Windows NT 4.0 Embedded - Upgradeability

1 An option pack was available as a free-bundled CD starting around 1998, which included Internet

Information Services|IIS 4.0 with Active Server Pages, FrontPage

Server Extensions, Certificate Server, Microsoft Transaction Server|MTS, MSMQ, Collaboration Data Objects for Windows NT Server|CDONTS,

Internet Authentication Service (IAS), Windows Indexing Service|Indexing

Service, Microsoft Management Console 1.0, Microsoft Site Server, SMTP and NNTP services and other

new software.


Kerberos (protocol) - History and development

1 * A new edition of the Kerberos V5 specification The Kerberos Network Authentication Service (V5) (RFC 4120). This version obsoletes RFC

1510, clarifies aspects of the protocol and intended use in a more detailed

and clearer explanation.


Radmin - Security

1 The software can still use Windows' own user authentication services,

avoiding the need to maintain separate sets of user security data, with Kerberos (protocol)|Kerberos

support available as well.


Embrace, extend and extinguish - Examples

1 Microsoft's legal statement concerning unrestricted use of

Microsoft intellectual property also includes the Kerberos Network

Authentication Service v5 (RFC 1510 and RFC 1964).


Spring Security - Key authentication features

1 *Single sign-on capabilities using the popular Central Authentication Service.


Active Directory Application Mode - UNIX integration

1 * [ http://www.quest.com/authentication

-services/ Quest Authentication Services] (Now part of Dell)

(Formerly, Quest, Vintela) - AD Authentication to UNIX/Linux/Mac,

Group Policy management, User/Group Migration tools, Auditing

and Reporting


WLAN Authentication and Privacy Infrastructure - How the Standard Works

1 WAPI, which was initiated to resolve the existing security loopholes (WEP)

in WLAN international standard (ISO/IEC 8802-11), was issued to be Chinese national standard in 2003.

WAPI works by having a central Authentication Service Unit (ASU)

which is known to both the wireless user and the wireless access point|access point and which acts as a central authority verifying both.


Internet Authentication Service

1 'Internet Authentication Service' (IAS) is a component of Windows Server Operating Systems that provides centralized user AAA

protocol|authentication, authorization and accounting.


Internet Authentication Service - Overview

1 Windows 2000 Server and Windows Server 2003 include the Internet Authentication Service (IAS), an

implementation of RADIUS server


Internet Authentication Service - Overview

1 In Windows Server 2008, Network Policy Server (NPS) replaces the

Internet Authentication Service (IAS). NPS performs all of the functions of IAS in Windows Server 2003 for VPN and 802.1X-based wireless and wired

connections and performs health evaluation and the granting of either

unlimited or limited access for Network Access Protection clients.


Internet Authentication Service - History

1 The initial version of Internet Authentication Service was included

with the Windows NT 4.0 Option Pack.


Internet Authentication Service - History

1 Windows 2000 Server's implementation added support for more intelligent

resolution of user names that are part of a Windows Server domain, support for UTF-8

logging, and improved security.[ http://technet.microsoft.com/en-us/library/b

b742380.aspx Internet Authentication Service for Windows 2000] It also added support for EAP Authentication for IEEE

802.1x networks. Later on it added PEAP (with service Pack 4).


Wireless security - Implementing network encryption

1 *Microsoft Internet Authentication Service


Plone (software) - Design

1 In addition, Plone comes with a user management system called

Pluggable Authentication Service (PAS)


Casa (disambiguation) - Other

1 * Common Authentication Service Adapter


IAS - Computing

1 *Internet Authentication Service


Univention Corporate Server - Structure and components

1 There are numerous open source applications integrated in UCS, for example Samba (software)|Samba, the authentication service Kerberos

(protocol)|Kerberos, the virtualization software Xen and Kernel-based

Virtual Machine|KVM, Nagios for the monitoring of servers and services

and the backup solution Bacula


Ticket-granting ticket

1 After authentication, this file is granted to a user for data traffic protection by the key distribution

center (KDC) subsystem of authentication services such as

Kerberos (protocol)|Kerberos


XRDS - Service endpoints (SEPs)

1 # An OpenID 2.0 authentication service

(type http://openid.net/signon/

2.0).


XRDS - Service endpoints (SEPs)

1 # An OpenID 1.0 authentication service (type http://openid.net/server/1.0).


Multi-factor authentication - Audio Port tokens

1 Audio port tokens are usually used to provide authentication service for mobile terminals, because many

different mobile manufacturers have various own interface, such as idock,

micro USB, mini USB and etc


Shibboleth (Internet2) - Shibboleth 1.3

1 Shibboleth 1.3 and earlier do not provide a built-in authentication mechanism, but any web-based

authentication mechanism can be used to supply user data for

Shibboleth to use. Common systems for this purpose include Central Authentication Service|CAS or

Pubcookie. The authentication/SSO features of the Java container in which the IdP runs (Tomcat, for

example) can also be used.


EAuthentication

1 'eAuthentication' is an authentication service provided by one remote

server to other distributed servers, on the Internet or an intranet.


EAuthentication

1 Similar to credit card verification services that are provided by third parties to eCommerce web sites, eAuthentication services provide

identity verification services primarily to web sites but also to

intranet servers.


Roger R. Schell

1 For several years he managed the development and delivery of security for several Novell releases of network

software products including an integral Public key infrastructure|PKI, an international crypto API, and an

authentication service with exposed Secure Sockets Layer|SSL capability


AARNet - Application services

1 * Eduroam global federated authentication service, most often

appearing as Eduroam Wi-Fi services on-campus and at associated

locations


Foreign relations of Iraqi Kurdistan - Department of Foreign Relations

1 * Providing legal and authentication services to the people of the region and its citizens

abroad


Steam Greenlight - Software delivery and maintenance

1 Steam's DRM is available to software developers through Steamworks; the

service allows developers and publishers to include other forms of

DRM and other authentication services than Steam; for example, some games on Steam require the

use of Games for Windows – Live and some titles from publisher Ubisoft

require the use of their UPlay gaming service.


WidePoint Corporation - ORC

1 ORC provides IT integration and secure authentication services to the U.S. Government. It is an authorized certificate authority for the United

States Department of Defense, General Services Administration|GSA,

and many other certificate-based authorities. ORC also provides

application specific hardware and software to maintain high levels of

information assurance.https://store.theartofservice.com/the-authentication-service-toolkit.html

Central Authentication Service

1 The 'Central Authentication Service' ('CAS') is a single sign-on protocol for the World Wide Web|web. Its purpose is to permit a user to access multiple applications while providing their credentials (such as userid

and password) only once. It also allows web applications to authenticate users without

gaining access to a user's security credentials, such as a password. The name CAS also refers to a software package that

implements this protocol.


Identity management systems - Solutions

1 * [https://www.apereo.

org/cas Central Authentication

Service]https://store.theartofservice.com/the-authentication-service-toolkit.html

Cryptlib - Features

1 cryptlib is a security toolkit library that allows programmers to incorporate

encryption and authentication services to software. It provides a high-level interface so strong security capabilities can be added to

an application without needing to know many of the low-level details of encryption or authentication algorithms. It comes with an

over 400 page programming manual.ftp://ftp.franken.de/pub/crypt/cryptlib

/manual.pdf


NT Directory Service - Unix integration

1 * [http://www.quest.com/authenticatio

n-services/ Quest Authentication Services] (Now part of Dell)

(Formerly, Quest, Vintela) - AD authentication, Group Policy

management, User/Group Migration tools, Auditing and Reporting


Structured Financial Messaging System

1 The access control is through Smart Card based user access and

messages are secured by means of standard encryption and

authentication services conforming to ISO standards


AS (disambiguation) - Science and technology

1 * Authentication server, a server that provides authentication services to users


For More Information, Visit:

• https://store.theartofservice.com/the-authentication-service-toolkit.html

The Art of Servicehttps://store.theartofservice.com






Documents

Authentication Service