OpenAM Adaptive Risk - MultiFactor Authentication

OpenAM is an access management platform, built on Java modular base architecture. Developed by ForgeRock, a software company specializing "Identity and Access Management" solutions. It is an offshoot product out from the original Sun Microsystems project called OpenSSO. It already evolves into “all-in-one” access management solution that includes Authentication, SSO, Authorization, Federation, Entitlements, Adaptive Authentication, Strong Authentication, and Web Services Security, in a single, unified product.

Adaptive Risk

This module is used to assess risks during the authentication process, and to determine whether to require that the user complete further authentication steps. Adaptive risk authentication determines, based on risk scoring, whether more information from a user is required when they login.

* Evaluates each attempted login in real-time and generates a risk score based on parameters such as geographic location, IP address, time of day, and device profile.
* The higher the score, the greater the risk to the organization.
* For high-risk situations, OpenAM provides one of the strongest step-up authentication policies available through the One Time Password security feature.
* Uses two-factor authentication, including challenge questions to verify the user’s identity.


Authentication

For authentication to be successful the user need to prove two things:knowledge and possession of a secret. Readily available out of the box authentication methods that can be used for strong authentication and can be chained along with along with Adaptive Risk scoring for multi-factor authentication. Methods such as the use of JDBC, LDAP, Active Directory, Facebook or Google logins, OTP via SMS/Email, SecureID and more.

* Offers the ability to customize and extend your authentication requirements
* Develop custom authentication modules, post authentication modules, or scripts to extend client-side or server-side authentication
* Provides client application programming interfaces with REST, Java and C APIs


Two-Factor Authentication

* 2-factor authentication enabled using a mobile phone, hardware token, biometric device, as a second factor, a requirement for highly sensitive applications and sites
* Out of the box standard-based solutions such as OATH and HOTP allow use of a mobile phone as a second factor by generating SMS or SOFT-TOKEN
* Extensible to 3rd party services providing a second factor or identity proofing is configurable as part the authentication approval chain


Adaptive Authentication

* Fraud prevention feature assesses risks during the authentication process to determine whether to require the user to present additional credentials
* Configurable using a scoring algorithm that calculates a risk score based on an IP address range, geographic location, device fingerprint, account idle time, etc., and apply to the authentication request.

One Time Password (OTP)

One-Time Passwords (OTP) is a password that can be only used one time. Comparing to regular passwords OTP is considered safer since the password keeps on changing, meaning that it isn’t vulnerable against replay attacks. When it comes to authentication mechanisms, usually OTP is used as an additional authentication mechanism (hence OTP is commonly referred to as two factor authentication/second factor authentication/step-up authentication).

* The main/first authentication step is still using regular passwords
* Adaptive risk process
* Second authentication factor (OTP)

The MayFlower

The Mayflower was the ship that transported the first English Separatists, known today as the Pilgrims, from Plymouth to the New World in 1620. There were 102 passengers, and the crew is estimated to have been about 30, but the exact number is unknown. This voyage has become an iconic story in some of the earliest annals of American history, with its story of death and of survival in the harsh New England winter environment.

The Pilgrims

Human migration in search of freedom and new life. History tells the plight of the Mayflower immigrants in 1620 that will define the United States of America today. The first Pilgrims in America were nearly defeated by the harsh conditions they faced when they arrived in New England.