Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
SlideShare a Scribd company logo

Azure Identity and access management

Download as PPTX, PDF
Dinusha Kumarasiri
Dinusha Kumarasiri

Concept of identity and how identity is used in public cloud (Azure). Various features provided by Azure AD

1 of 15
Identity and Access Management Dinusha Kumarasiri
Agenda  Identity  Identity Management in On-premises  Azure AD  Azure AD Features  Scopes  Role Based Access Control  Identity Collaboration
Identity  Information that represent an agent (user / group)  Identity is used to authenticate against an identity provider  Used to access resources authorized for that identity
Identity management on-premises  Active Directory Domain Services  Custom  Protocols might not be compatible with cloud services  Kerberos  NTLM  LDAP
Azure Active Directory  Cloud based identity and access management service  Works as an identity provider  Can import on-premises identities to cloud
AAD Features : Authentication  Self-service password reset  Multi-Factor Authentication
AAD Features : Application Management  How do we connect with external applications?  How can we avoid using different credentials for each application?
AAD Features : Identity Protection  Automate detection and remediation of identity based risks  Investigate risks  Integrate with other platforms
AAD Features : Privileged Identity Management  Service to manage, control and monitor access to critical operations  Elevating existing permissions Just In Time (JIT)
AAD Features : Seamless Sign-on  Automatically signed into both on-premises and cloud-based applications  Pass-through authentication  Authentication agent in on-premises server  Credentials never leaves on-premises  Password hash synchronization  Azure AD stores the hash of hash of the passwords stored in on-premises AD  Azure AD Connect is used to synchronize
Scopes  Set of resources permissions, policies and costing can be applied at
Role Based Access Control (RBAC)  Access management to cloud resources  Security Principal  Role Definition
Identity Collaboration : B2B  Allow external identities to collaborate with organization  Allow external identities to use organization’s resources
Identity Collaboration : B2C  Business to customer identity as a service  Customers can use social accounts to connect
http://dinushaonline.blogspot.com @kumarasiri048

More Related Content

Azure Identity and access management

  • 1. Identity and Access Management Dinusha Kumarasiri
  • 2. Agenda  Identity  Identity Management in On-premises  Azure AD  Azure AD Features  Scopes  Role Based Access Control  Identity Collaboration
  • 3. Identity  Information that represent an agent (user / group)  Identity is used to authenticate against an identity provider  Used to access resources authorized for that identity
  • 4. Identity management on-premises  Active Directory Domain Services  Custom  Protocols might not be compatible with cloud services  Kerberos  NTLM  LDAP
  • 5. Azure Active Directory  Cloud based identity and access management service  Works as an identity provider  Can import on-premises identities to cloud
  • 6. AAD Features : Authentication  Self-service password reset  Multi-Factor Authentication
  • 7. AAD Features : Application Management  How do we connect with external applications?  How can we avoid using different credentials for each application?
  • 8. AAD Features : Identity Protection  Automate detection and remediation of identity based risks  Investigate risks  Integrate with other platforms
  • 9. AAD Features : Privileged Identity Management  Service to manage, control and monitor access to critical operations  Elevating existing permissions Just In Time (JIT)
  • 10. AAD Features : Seamless Sign-on  Automatically signed into both on-premises and cloud-based applications  Pass-through authentication  Authentication agent in on-premises server  Credentials never leaves on-premises  Password hash synchronization  Azure AD stores the hash of hash of the passwords stored in on-premises AD  Azure AD Connect is used to synchronize
  • 11. Scopes  Set of resources permissions, policies and costing can be applied at
  • 12. Role Based Access Control (RBAC)  Access management to cloud resources  Security Principal  Role Definition
  • 13. Identity Collaboration : B2B  Allow external identities to collaborate with organization  Allow external identities to use organization’s resources
  • 14. Identity Collaboration : B2C  Business to customer identity as a service  Customers can use social accounts to connect