RE: How to securely leverage Microsoft AD for Outsourcing and third party systems authentication.

["Ramsdell, Scott" <sramsdell () stinsonmoheck com>]

Serge,

Have you looked at AD Federation Services for Server 2003?

Best Regards,
Scott Ramsdell 

-----Original Message-----
From: Serge Vondandamo [mailto:serge.vondandamo () wanadoo fr] 
Sent: Wednesday, May 10, 2006 10:41 PM
To: security-basics () lists securityfocus com
Subject: How to securely leverage Microsoft AD for Outsourcing and third
party systems authentication.

Hello,

I am trying to define how to leverage Microsoft AD for authentication
when dealing with third party systems and outsourcing. Security concerns
and recommendations are welcome.

Basically, I am focusing on the following points:

1. Hosted applications (third party systems): how to integrate those
apps authentication methods to my internal AD infra and allow my users
to use their AD credentials (SSO) for accessing those apps?

a. Can MS AD speak with third party authentication systems in a secured
manner? How this can be achieved? 

b. Security concerns? What are the recommendations for dealing with
those concerns?

c. what are the industry Best Practices?


2. Outsourcing: when outsourcing part of my systems, how and what to do
in order to allow my users to continue using their AD credentials and
access the outsourced systems (External networks)in a secured manner?

a. Obviously there are numbers of security concerns but what to do if,
this is business requirement and a MUST to do item?

b. what are the industry best practices?

Any thoughts, ideas or concerns are welcome.

Thank you for contribution.

Best regards,
Serge Vondandamo, CISSP, CCNA
 
 
This communication is from a law firm and may contain confidential and/or privileged information. If it has been sent 
to you in error, please contact the sender for instructions concerning return or destruction, and do not use or 
disclose the contents to others.