MultiCloud Classroom notes 25/Feb/2025

Identity and Access Management

Authentication and Authorization

  • Authentications deal with identity (Who you are) and Authorization deals with Access Management i.e where you are allowed and what you can do
  • To Authenticate into systems we deal with accounts, Accounts have priveleges
  • Account details are store in Identity Management Systems

Consider the following use cases

  • You org has a time sheet app, users of timesheet are stored in database
  • Your org users, system and groups will be stored in Active Directory (LDAP)
  • To make accessing multiple applications easier, organization use Single Sign On
  • In some cases we use external identity servers to perform federated authentication (OAUTH/ Login with Google/facebook …)
  • Multi factor Authentication:
    • SMS/Over call
    • Soft Authenticators:
      • Microsoft Authenicator
      • Google Authenticator

Auditing, Policy and Governance

  • Audit trail is sequece of events that occurred with the following info
    • what was changed
    • who has done
    • when it was done
  • Policy:
    • Simple: Password Strength policy,
    • Industry standard policies
      • PCI-DSS
      • HIPAA
      • ePHI
Published
Categorized as Uncategorized Tagged

By continuous learner

devops & cloud enthusiastic learner

Leave a ReplyCancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Please turn AdBlock off
Animated Social Media Icons by Acurax Responsive Web Designing Company

Discover more from Direct DevOps from Quality Thought

Subscribe now to keep reading and get access to the full archive.

Continue reading

Exit mobile version
%%footer%%