Roger Halbheer on Security » Identity

Office 365 Single Sign-On with AD FS 2.0 whitepaper

Roger Halbheer — Mon, 05 Mar 2012 10:39:28 +0000

Sorry, I did not blog for quite a while.

When looking at the Cloud, one of the key challenges to address – in my opinion – is how to manage the identity of the different users. If you have to add an additional identity to all the logons you already have, the Cloud will just add to the burden. Therefore, I am a firm believer that you need to have federation between your on-premise identity and your cloud identities.

We just released a paper Office 365 Single Sign-On with AD FS 2.0 whitepaper on how to address this with Office 365 and ADFS 2.0:

Through its support for the WS-Federation (WS-Fed) and WS-Trust protocols, Microsoft Active Directory Federation Services (AD FS) 2.0 provides claims-based (Web) single sign-on (also known as identity federation) with the Microsoft Office 365 offering and its Web application and rich client applications.

Building on existing documentation, this document is intended to provide a better understanding of the different single sign-on deployment options for the services in services in Office 365, how to enable single sign-on using corporate Active Directory credentials and AD FS 2.0 to the service in Office, and the different configuration elements to be aware of for such deployment.

This document is intended for system architects and IT professionals who are interested in understanding the basics of the single sign-on feature of Office 365 with AD FS 2.0 along with planning and deploying such a deployment in their environment.

You should have an in-depth look at this

Roger

Is the online world more dangerous?

Roger Halbheer — Tue, 05 Oct 2010 06:34:27 +0000

I often hear statements that the risk of losing your identity or being a victim of fraud is much higher online than offline. From my point of view it is more about the feelings of the consumer: In the real world, we know the risks – at least we learned them over the ages from our parents and we learned to live with them. For the average consumer, the Internet is probably 10-15 years all and there is no common sense yet. There is no “we learned to live with the risks” – yet.

We published a paper called Myth vs. Fact: Online and the Real World (this link point to the more secure version in XPS but if you want pdf, here you go ), which I think is worth looking at. If you want to leverage it, feel free.

Roger

Interpol’s Chief’s Facebook Identity Stolen

Roger Halbheer — Mon, 20 Sep 2010 12:52:37 +0000

This is one of the risks, not a lot of people look into: It is fairly easy for me to setup a Facebook account in another person’s name. This is what happened to Ronald K. Noble, head of Interpol: Interpol Chief Ronald K. Noble Has Facebook Identity Stolen.

Roger

Doing the right thing on ID management isn't enough…

Roger Halbheer — Fri, 16 Jul 2010 19:55:17 +0000

Even though it might be obvious, compliance is not only about protecting data but identities as well – and more. Jon Collins, Freeform Dynamics, whom I value high, wrote a good article: Doing the right thing on ID management isn’t enough… – you should read it!

Roger

Identity in the Cloud

Roger Halbheer — Tue, 25 May 2010 19:38:10 +0000

Kim Cameron, one of our key identity architects had an interesting presentation on identity in the cloud and a corresponding interview. Both are worth looking at if you are planning to move into the direction of the cloud. Especially as it is definitely one of the key challenges:

This is Kim’s presentation:

If you want his slides, here they are.

And finally he was interviewed after the presentation. It gives you more insights into our thoughts around identity and identity federation:

Remember, from my point of view, identity processes, management and federation are key ingredients for a successful cloud strategy

Roger