The Cloud Makes it: “The 4 A’s of Authentication”…

Your standard IT engineer involved in authentication – could easily recite the “3 A’s of Authentication“:
  1. Authentication

  2. Authorization

  3. Auditing

But the 3 A’s were designed for the 1990′s –  e.g. – when all the resources were internal – and a gateway device was placed in front of these resouces for 1-stop authentication.
The standard for AAA authentication was the  RADIUS protocol.   RADIUS allowed the gateways to generically pass collected authenitcation information to the RADIUS-compliant auth server.  (See Image #1.)
Image #1:  Traditional AAA authentication, RADIUS, collects static information from the gateway and then passes the creds via UDP to the RADIUS Server.

Problems with standard AAA (RADIUS) authentication:

1.  Limits enterprises to supported workflow and static data content

  • No flexibility in workflow
  • Restricts enterprise to out-dated authentication methods (SecurID, tokens, etc.)

2.  No support for new Cloud Applications

  • No way to pass identity to SaaS / PaaS providers
  • SaaS providers do NOT support RADIUS  (Seem image #2)
Image #2: Standard AAA authentication, e.g. RADIUS, provides no support for the exploding world of cloud apps.

The 4th “A” – Identity “Assertion”

In the modern world – there are (4) “A’s” for secure Authentication:
  1. Authentication
  2. Authorization
  3. Auditing
  4. Assertion (Identity Assertion)
This is WHAT IS MISSING with the traditional (AAA) RADIUS authentication – there is NO WAY to ASSERT the identity to outside parties.  (RADIUS is just a static mechanism to pass/query credential information).

What is needed:

1.  A flexible Authentication solution

  • That Supports multiple authentication methods
  • Whatever auth method enterprise chooses

2.  That “Asserts” the identity…

A mechanism to tell a relying party the ID
  • Securely
  • Repeatably
  • Without APIs
This is EXACTLY what the Securauth product is, a product that meets the (4) of authentication:
Image #3: SecureAuth provides  (1) Authentication,  (2) Authorization, (3) Audit and (4) Assertion.
It is this assertion part of the authentication – that truely differents SecureAuth.  SecureAuth takes on the last part of the authenticaiton – the “Assertion of the IDentity” to the relying party (Web, VPN, Cloud.)  This is not left as an API excercise or a complicated coding project – but built into the SecureAuth product.  (See Image #4)
Image #4: SecureAuth is the only solution that combines the required 4 AAAA’s of authentication.
Please come by the SecureAuth booth @ the RSA Conference – Moscone Center, Booth #217 – or contact us – and we’ll map a solution to your requirements.

SecureAuth is a single appliance solution that delivers configurable 2-Factor and SSO authentication for Web, VPN and SaaS based solutions.