+1 (949) 777-6959
Videos and Webinars
Appliance Build Request
Follow us on Facebook!
Join us on Google+
Find us on Linkedin
Follow us on Twitter
Watch us on Youtube
The Cloud Makes it: “The 4 A’s of Authentication”…
February 20, 2012 at 9:55 pm
Your standard IT engineer involved in authentication – could easily recite the “
3 A’s of Authentication
But the 3 A’s were designed for the 1990′s – e.g. – when all the resources were internal – and a gateway device was placed in front of these resouces for 1-stop authentication.
The standard for AAA authentication was the RADIUS protocol. RADIUS allowed the gateways to generically pass collected authenitcation information to the RADIUS-compliant auth server. (See
: Traditional AAA authentication, RADIUS, collects static information from the gateway and then passes the creds via UDP to the RADIUS Server.
Problems with standard AAA (RADIUS) authentication:
1. Limits enterprises to supported workflow and static data content
No flexibility in workflow
Restricts enterprise to out-dated authentication methods (SecurID, tokens, etc.)
2. No support for new Cloud Applications
No way to pass identity to SaaS / PaaS providers
SaaS providers do NOT support RADIUS (Seem image #2)
Standard AAA authentication, e.g. RADIUS, provides no support for the exploding world of cloud apps.
The 4th “A” – Identity “Assertion”
In the modern world – there are
for secure Authentication:
This is WHAT IS MISSING with the traditional (AAA) RADIUS authentication – there is NO WAY to ASSERT the identity to outside parties. (RADIUS is just a static mechanism to pass/query credential information).
What is needed:
1. A flexible Authentication solution
That Supports multiple authentication methods
Whatever auth method enterprise chooses
2. That “Asserts” the identity…
A mechanism to tell a relying party the ID
This is EXACTLY what the Securauth product is, a product that meets the (4) of authentication:
provides (1) Authentication, (2) Authorization, (3) Audit and (4) Assertion.
It is this assertion part of the authentication – that truely differents SecureAuth. SecureAuth takes on the last part of the authenticaiton – the “Assertion of the IDentity” to the relying party (Web, VPN, Cloud.) This is not left as an API excercise or a complicated coding project – but built into the SecureAuth product. (See Image #4)
SecureAuth is the only solution that combines the required 4 AAAA’s of authentication.
Please come by the SecureAuth booth @ the
RSA Conference – Moscone Center, Booth #217
– and we’ll map a solution to your requirements.
is a single appliance solution that delivers configurable 2-Factor and SSO authentication for Web, VPN and SaaS based solutions.
Is SecureAuth Impacted by the “Bash Bug” Vulnerability (CVE-2014-7169)?
SecureAuth Presenting Benefits of Context Based Authentication to Avoid Security Breaches at (ISC)2 Security Congress 2014
Compare 2-Factor Access Control
SecureAuth IdP for Mobile
Craig Lund, CEO
Keith Graham, CTO
Tom Stewart, CFO
Sign up for our newsletter
Sign up and receive updates on resources, case studies and blog posts.
Sign me up!