Home/Oleg Cohen

About Oleg Cohen

This author has not yet filled in any details.
So far Oleg Cohen has created 12 blog entries.

The Dangers of SAML Replay Attacks

By |2019-09-17T14:59:33-04:00July 31st, 2019|IDM360, SAML PEN Testing|

The Dangers of SAML Replay Attacks Click 'Learn More' button to explore AssureBridge IDM 360™ SAML PEN Testing suite. Introduction Single Sign-on represents a significant attack vector for hackers.  It is particularly vulnerable for two reasons.  If SSO is hacked, then by definition an illicit party has gained access to your [...]

Top IDM Challenges in Mergers and Acquisitions

By |2019-07-31T11:36:21-04:00July 12th, 2019|IDM360|

Top IDM Challenges in Mergers and Acquisitions When companies merge, they face a distinct set of identity management challenges.  This is due to each former company having its own identity management system complete with a distinct set of users, applications and directories.  After the merger, they want to combine into a single [...]

Top IDM Challenges when Exposing Internal Applications to Customers

By |2019-07-12T14:02:22-04:00July 12th, 2019|IDM360|

Top IDM Challenges when Exposing Internal Applications to Customers Companies are increasingly providing direct systems access to their customers.  This streamlines service, improves satisfaction and fosters a sense of community. Systems such as inventory, billing, ticketing and custom business applications are made available via the web directly to customers, partners, suppliers and [...]

Top Challenges Consolidating to a Central Identity Management System

By |2019-07-12T13:31:14-04:00July 11th, 2019|IDM360|

Top Challenges Consolidating to a Central Identity Management System Organizations manage a wide variety of identities.  These include employees, contractors, customers, partners, vendors and prospects.  Most organizations have grown organically or through mergers.  They find their identity management (IDM) infrastructure spread out across the enterprise. Figure 1: Distributed User Identity Distributed Identity [...]

Top 5 Challenges Implementing SAML Single Sign-On for Liferay Portal

By |2019-07-11T15:09:59-04:00January 24th, 2018|IDM360, Liferay SSO|

Top 5 Challenges Implementing SAML Single Sign-On for Liferay Portal Single Sign-On (SSO) using SAML can easily become a serious undertaking for any project or application. There are numerous unexpected challenges that arise along the way. This becomes even more challenging when dealing with a complex platform such as Liferay Portal and [...]

Multifactor Authentication FAQ

By |2016-10-13T14:30:53-04:00October 23rd, 2015|IDM360, Multi-Factor Authentication|

Multifactor Authentication FAQ What is multi-factor authentication? Multi-factor authentication requires users logging in to prove who they are in multiple (typically two) ways. Examples of proof include: You know something that no one else knows (like a password) You have something that no one else has (like your cell phone*) A unique physical [...]

Key Considerations for Home-Grown ID Synchronization

By |2016-10-13T14:31:27-04:00January 22nd, 2013|IDM360|

Most companies that implement SSO need to synchronize the IDs that users will use between systems.  This critical requirement is often seen as an afterthought and implemented via home grown batch scripts that copy the IDs from one system to another.  This can seem simple at first but quickly increases in complexity.  If you are [...]

Comments Off on Key Considerations for Home-Grown ID Synchronization

Top 10 Pitfalls of Home-Grown SAML Solutions

By |2016-10-13T14:31:33-04:00September 27th, 2012|IDM360|

Many companies facing partner pressure to implement SAML compliant SSO solutions and tight project deadlines, often decide to embark on the effort of building their own home-grown implementation.  They typically underestimate the effort and complexity involved, and quickly discover, that even if they are leveraging a SAML library, there are quite a few important issues [...]

Comments Off on Top 10 Pitfalls of Home-Grown SAML Solutions

Top 4 challenges of proprietary SSO solutions

By |2016-10-13T14:31:41-04:00September 4th, 2012|IDM360|

Top 4 challenges of proprietary SSO solutions Firms of all sizes often choose to implement their own Single Sign-On systems to facilitate internet connections with their B2B partners and SaaS applications.  Very often these solutions include duplicate storage and synchronization of user credentials (e.g. user names and passwords) as well as more complex proprietary [...]

Comments Off on Top 4 challenges of proprietary SSO solutions

SAML vs. WS-Federation for Single Sign-On

By |2016-10-13T14:31:47-04:00June 28th, 2012|IDM360|

SAML vs. WS-Federation for Single Sign-On Two very popular standards for Single Sign-On are Security Assertion Markup Language (SAML) and Web Services Federation Language (WS-Federation).  They are very similar but also incompatible.  What’s the difference?  Which one should you use?  What are some of the common pitfalls? Overview SAML and WS-Federation are [...]

Comments Off on SAML vs. WS-Federation for Single Sign-On