+1 (949) 777-6959
Videos and Webinars
Appliance Build Request
Follow us on Facebook!
Join us on Google+
Find us on Linkedin
Follow us on Twitter
Watch us on Youtube
The Cloud Makes it: “The 4 A’s of Authentication”…
February 20, 2012 at 9:55 pm
Garret Grajek, CTO/COO
Your standard IT engineer involved in authentication – could easily recite the “
3 A’s of Authentication
But the 3 A’s were designed for the 1990′s – e.g. – when all the resources were internal – and a gateway device was placed in front of these resouces for 1-stop authentication.
The standard for AAA authentication was the RADIUS protocol. RADIUS allowed the gateways to generically pass collected authenitcation information to the RADIUS-compliant auth server. (See
: Traditional AAA authentication, RADIUS, collects static information from the gateway and then passes the creds via UDP to the RADIUS Server.
Problems with standard AAA (RADIUS) authentication:
1. Limits enterprises to supported workflow and static data content
No flexibility in workflow
Restricts enterprise to out-dated authentication methods (SecurID, tokens, etc.)
2. No support for new Cloud Applications
No way to pass identity to SaaS / PaaS providers
SaaS providers do NOT support RADIUS (Seem image #2)
Standard AAA authentication, e.g. RADIUS, provides no support for the exploding world of cloud apps.
The 4th “A” – Identity “Assertion”
In the modern world – there are
for secure Authentication:
This is WHAT IS MISSING with the traditional (AAA) RADIUS authentication – there is NO WAY to ASSERT the identity to outside parties. (RADIUS is just a static mechanism to pass/query credential information).
What is needed:
1. A flexible Authentication solution
That Supports multiple authentication methods
Whatever auth method enterprise chooses
2. That “Asserts” the identity…
A mechanism to tell a relying party the ID
This is EXACTLY what the Securauth product is, a product that meets the (4) of authentication:
provides (1) Authentication, (2) Authorization, (3) Audit and (4) Assertion.
It is this assertion part of the authentication – that truely differents SecureAuth. SecureAuth takes on the last part of the authenticaiton – the “Assertion of the IDentity” to the relying party (Web, VPN, Cloud.) This is not left as an API excercise or a complicated coding project – but built into the SecureAuth product. (See Image #4)
SecureAuth is the only solution that combines the required 4 AAAA’s of authentication.
Please come by the SecureAuth booth @ the
RSA Conference – Moscone Center, Booth #217
– and we’ll map a solution to your requirements.
is CTO and a co-founder of
. SecureAuth is a single appliance solution that delivers configurable 2-Factor and SSO authentication for Web, VPN and SaaS based solutions.
MobileIron // SecureAuth
Stop the Authentication Anarchy — Deploy SecureAuth IdP (2F/SSO in One)
SXSW | Austin, TX March 9 – 12
CJIS and GFIPM Compliance — SecureAuth Enables Local, County, State, and Federal Agencies
Hackers Want You to … Keep It Sloppy! (Your Authentication)
Craig Lund, CEO
Garret Grajek, CTO/COO
Tom Stewart, CFO
Sign up for our newsletter
Sign up and receive updates on resources, case studies and blog posts.
Sign me up!