How Gluu Failed - PowerPoint PPT Presentation

About This Presentation
Title:

How Gluu Failed

Description:

Implementations of Duo are providing the first real world experiences on large scale mobile authentication technology and authentication single sign on. – PowerPoint PPT presentation

Number of Views:20

less

Transcript and Presenter's Notes

Title: How Gluu Failed


1
How Gluu Failed
  • While watching an In Common mailing list
    discussion around Duo and other forms of strong
    authentication, it became apparent that weve
    completely failed at educating universities on
    what the Gluu Server is and how it works.
  •  
  •  Implementations of Duo are providing the first
    real world experiences on large scale mobile
    authentication technology and authentication
    single sign on. In Gluus opinion, Duo is a
    fantastic mobile 2FA service. We demo it every
    day to customers. We rely on it internally to
    secure our UNIX servers via SSH. However, not
    surprisingly, Duo did not provide the all-in-one
    credential management nirvana for which many on
    the list hoped. And it brought attention to many
    of the challenges institutions will face
    outsourcing credential management to a SaaS
    provider.
  • Here is just a sample of some of the lists
    feedback
  • 1. Post-enrollment management of devices.
  • 2. Credential reset for each authn mechanism.
  • .
  • 3.Delegated Admin.
  •  

2
4.SAML SSO Admin console 5. Better AD
integration Furthermore, some things that were
not mentioned but should certainly be considered
include trust elevation, adaptive authentication,
and special procedures for logout (dont forget
to kill the CAS session). The thing is what was
being described is the Gluu Server!   Despite our
best efforts to get the word out about what the
Gluu Server does, obviously we failed.   The
reality we are facing is a tsunami of new
authentication mechanisms mobile, biometric,
cognitive, and contextual mechanisms. The
situation and the device you have in your hand
determine which authentication technology has the
best trade-off of price / security / usability.
And, as Ive blogged recently, account reset is
the Achilles heel of 2FA. You are only as strong
as your weakest reset mechanism. If you are
interested in this topic we highly recommend that
you join this webinar on Friday, January 31st, or
schedule a call with Mike. During the call, you
will learn how the Gluu Server supports and
provides web access management products
interfaces for Duo and other great 2FA
technologies via ox Trust, our admin console
that enables centralized management of
authentication and authorization logic for your
organization. Article Resource -
http//thegluuserver.wordpress.com/2014/06/03/gluu
-oscon-submission/  
Write a Comment
User Comments (0)
About PowerShow.com