Security Basics mailing list archives
RE: How to securely leverage Microsoft AD for Outsourcing and third party systems authentication.
From: "Ramsdell, Scott" <sramsdell () stinsonmoheck com>
Date: Thu, 11 May 2006 10:48:35 -0500
Serge, Have you looked at AD Federation Services for Server 2003? Best Regards, Scott Ramsdell -----Original Message----- From: Serge Vondandamo [mailto:serge.vondandamo () wanadoo fr] Sent: Wednesday, May 10, 2006 10:41 PM To: security-basics () lists securityfocus com Subject: How to securely leverage Microsoft AD for Outsourcing and third party systems authentication. Hello, I am trying to define how to leverage Microsoft AD for authentication when dealing with third party systems and outsourcing. Security concerns and recommendations are welcome. Basically, I am focusing on the following points: 1. Hosted applications (third party systems): how to integrate those apps authentication methods to my internal AD infra and allow my users to use their AD credentials (SSO) for accessing those apps? a. Can MS AD speak with third party authentication systems in a secured manner? How this can be achieved? b. Security concerns? What are the recommendations for dealing with those concerns? c. what are the industry Best Practices? 2. Outsourcing: when outsourcing part of my systems, how and what to do in order to allow my users to continue using their AD credentials and access the outsourced systems (External networks)in a secured manner? a. Obviously there are numbers of security concerns but what to do if, this is business requirement and a MUST to do item? b. what are the industry best practices? Any thoughts, ideas or concerns are welcome. Thank you for contribution. Best regards, Serge Vondandamo, CISSP, CCNA This communication is from a law firm and may contain confidential and/or privileged information. If it has been sent to you in error, please contact the sender for instructions concerning return or destruction, and do not use or disclose the contents to others.
Current thread:
- RE: How to securely leverage Microsoft AD for Outsourcing and third party systems authentication. Ramsdell, Scott (May 12)