Chapter 4: Deploying Enterprise Authentication and Authorization Controls

Large enterprises often have very complex environments to manage. There are internal users to manage, there are internal services and external service providers. There are customers to consider, for guest users, within Business-to-Business (B2B) relationships. Federation services can be utilized to ensure robust, centralized authentication and access control are addressed in these hybrid environments. To manage all these interactions with information systems, the correct protocols must be chosen to make sure we have secure authentication and authorization. Many modern environments require the use of an additional factor as a single factor, such as just a user password, ...