SlideShare une entreprise Scribd logo
1  sur  15
Identity and Access Management
Dinusha Kumarasiri
Agenda
 Identity
 Identity Management in On-premises
 Azure AD
 Azure AD Features
 Scopes
 Role Based Access Control
 Identity Collaboration
Identity
 Information that represent an agent (user / group)
 Identity is used to authenticate against an identity provider
 Used to access resources authorized for that identity
Identity management on-premises
 Active Directory Domain Services
 Custom
 Protocols might not be compatible with cloud services
 Kerberos
 NTLM
 LDAP
Azure Active Directory
 Cloud based identity and access management service
 Works as an identity provider
 Can import on-premises identities to cloud
AAD Features : Authentication
 Self-service password reset
 Multi-Factor Authentication
AAD Features : Application Management
 How do we connect with external applications?
 How can we avoid using different credentials for each application?
AAD Features : Identity Protection
 Automate detection and remediation of identity based risks
 Investigate risks
 Integrate with other platforms
AAD Features : Privileged Identity Management
 Service to manage, control and monitor access to critical operations
 Elevating existing permissions Just In Time (JIT)
AAD Features : Seamless Sign-on
 Automatically signed into both on-premises and cloud-based
applications
 Pass-through authentication
 Authentication agent in on-premises server
 Credentials never leaves on-premises
 Password hash synchronization
 Azure AD stores the hash of hash of the passwords stored in on-premises AD
 Azure AD Connect is used to synchronize
Scopes
 Set of resources permissions, policies and costing can be applied at
Role Based Access Control (RBAC)
 Access management to cloud resources
 Security Principal
 Role Definition
Identity Collaboration : B2B
 Allow external identities to collaborate with organization
 Allow external identities to use organization’s resources
Identity Collaboration : B2C
 Business to customer identity as a service
 Customers can use social accounts to connect
http://dinushaonline.blogspot.com
@kumarasiri048

Contenu connexe

Tendances

Identity and Access Management from Microsoft and Razor Technology
Identity and Access Management from Microsoft and Razor TechnologyIdentity and Access Management from Microsoft and Razor Technology
Identity and Access Management from Microsoft and Razor TechnologyDavid J Rosenthal
 
Microsoft Azure Active Directory
Microsoft Azure Active DirectoryMicrosoft Azure Active Directory
Microsoft Azure Active DirectoryDavid J Rosenthal
 
Azure AD Presentation - @ BITPro - Ajay
Azure AD Presentation - @ BITPro - AjayAzure AD Presentation - @ BITPro - Ajay
Azure AD Presentation - @ BITPro - AjayAnoop Nair
 
Azure Security Overview
Azure Security OverviewAzure Security Overview
Azure Security OverviewAllen Brokken
 
Azure - Identity as a service
Azure - Identity as a serviceAzure - Identity as a service
Azure - Identity as a serviceBizTalk360
 
Azure Active Directory | Microsoft Azure Tutorial for Beginners | Azure 70-53...
Azure Active Directory | Microsoft Azure Tutorial for Beginners | Azure 70-53...Azure Active Directory | Microsoft Azure Tutorial for Beginners | Azure 70-53...
Azure Active Directory | Microsoft Azure Tutorial for Beginners | Azure 70-53...Edureka!
 
Azure Fundamentals || AZ-900
Azure Fundamentals || AZ-900Azure Fundamentals || AZ-900
Azure Fundamentals || AZ-900thisiswali
 
The Layman's Guide to Microsoft Azure
The Layman's Guide to Microsoft AzureThe Layman's Guide to Microsoft Azure
The Layman's Guide to Microsoft AzureAptera Inc
 
Introduction to Azure
Introduction to AzureIntroduction to Azure
Introduction to AzureRobert Crane
 
Secure Your Cloud Environment with Azure Active Directory (AD)
Secure Your Cloud Environment with Azure Active Directory (AD)Secure Your Cloud Environment with Azure Active Directory (AD)
Secure Your Cloud Environment with Azure Active Directory (AD)WinWire Technologies Inc
 
Windows Azure Virtual Machines
Windows Azure Virtual MachinesWindows Azure Virtual Machines
Windows Azure Virtual MachinesClint Edmonson
 
Azure AD B2C – integration in a bank
Azure AD B2C – integration in a bankAzure AD B2C – integration in a bank
Azure AD B2C – integration in a bankKseniia Lvova
 
Microsoft Azure Security Overview
Microsoft Azure Security OverviewMicrosoft Azure Security Overview
Microsoft Azure Security OverviewAlert Logic
 
Azure security and Compliance
Azure security and ComplianceAzure security and Compliance
Azure security and ComplianceKarina Matos
 
48. Azure Active Directory - Part 1
48. Azure Active Directory - Part 148. Azure Active Directory - Part 1
48. Azure Active Directory - Part 1Shawn Ismail
 
Azure Tutorial For Beginners | Microsoft Azure Tutorial For Beginners | Azure...
Azure Tutorial For Beginners | Microsoft Azure Tutorial For Beginners | Azure...Azure Tutorial For Beginners | Microsoft Azure Tutorial For Beginners | Azure...
Azure Tutorial For Beginners | Microsoft Azure Tutorial For Beginners | Azure...Simplilearn
 

Tendances (20)

Azure Security Overview
Azure Security OverviewAzure Security Overview
Azure Security Overview
 
Identity and Access Management from Microsoft and Razor Technology
Identity and Access Management from Microsoft and Razor TechnologyIdentity and Access Management from Microsoft and Razor Technology
Identity and Access Management from Microsoft and Razor Technology
 
Microsoft Azure Active Directory
Microsoft Azure Active DirectoryMicrosoft Azure Active Directory
Microsoft Azure Active Directory
 
Azure AD Presentation - @ BITPro - Ajay
Azure AD Presentation - @ BITPro - AjayAzure AD Presentation - @ BITPro - Ajay
Azure AD Presentation - @ BITPro - Ajay
 
Azure Security Overview
Azure Security OverviewAzure Security Overview
Azure Security Overview
 
Azure 101
Azure 101Azure 101
Azure 101
 
Azure - Identity as a service
Azure - Identity as a serviceAzure - Identity as a service
Azure - Identity as a service
 
Azure governance
Azure governanceAzure governance
Azure governance
 
Azure Active Directory | Microsoft Azure Tutorial for Beginners | Azure 70-53...
Azure Active Directory | Microsoft Azure Tutorial for Beginners | Azure 70-53...Azure Active Directory | Microsoft Azure Tutorial for Beginners | Azure 70-53...
Azure Active Directory | Microsoft Azure Tutorial for Beginners | Azure 70-53...
 
Azure Fundamentals || AZ-900
Azure Fundamentals || AZ-900Azure Fundamentals || AZ-900
Azure Fundamentals || AZ-900
 
The Layman's Guide to Microsoft Azure
The Layman's Guide to Microsoft AzureThe Layman's Guide to Microsoft Azure
The Layman's Guide to Microsoft Azure
 
Introduction to Azure
Introduction to AzureIntroduction to Azure
Introduction to Azure
 
Secure Your Cloud Environment with Azure Active Directory (AD)
Secure Your Cloud Environment with Azure Active Directory (AD)Secure Your Cloud Environment with Azure Active Directory (AD)
Secure Your Cloud Environment with Azure Active Directory (AD)
 
Windows Azure Virtual Machines
Windows Azure Virtual MachinesWindows Azure Virtual Machines
Windows Azure Virtual Machines
 
Azure AD B2C – integration in a bank
Azure AD B2C – integration in a bankAzure AD B2C – integration in a bank
Azure AD B2C – integration in a bank
 
Azure AD Connect
Azure AD ConnectAzure AD Connect
Azure AD Connect
 
Microsoft Azure Security Overview
Microsoft Azure Security OverviewMicrosoft Azure Security Overview
Microsoft Azure Security Overview
 
Azure security and Compliance
Azure security and ComplianceAzure security and Compliance
Azure security and Compliance
 
48. Azure Active Directory - Part 1
48. Azure Active Directory - Part 148. Azure Active Directory - Part 1
48. Azure Active Directory - Part 1
 
Azure Tutorial For Beginners | Microsoft Azure Tutorial For Beginners | Azure...
Azure Tutorial For Beginners | Microsoft Azure Tutorial For Beginners | Azure...Azure Tutorial For Beginners | Microsoft Azure Tutorial For Beginners | Azure...
Azure Tutorial For Beginners | Microsoft Azure Tutorial For Beginners | Azure...
 

Similaire à Azure Identity and access management

Azure AD and Office 365 - Deja Vu All Over Again
Azure AD and Office 365 - Deja Vu All Over AgainAzure AD and Office 365 - Deja Vu All Over Again
Azure AD and Office 365 - Deja Vu All Over AgainSean Deuby
 
70 346 Managing office 365 identities
70 346 Managing office 365 identities70 346 Managing office 365 identities
70 346 Managing office 365 identitiesclounoud
 
Office 365 MCSA TechEd
Office 365 MCSA TechEdOffice 365 MCSA TechEd
Office 365 MCSA TechEdRobert Gabos
 
Azure multi factor authentication - Global Azure bootcamp 2018 security
Azure multi factor authentication - Global Azure bootcamp 2018  securityAzure multi factor authentication - Global Azure bootcamp 2018  security
Azure multi factor authentication - Global Azure bootcamp 2018 securityJoTechies
 
3 Modern Security - Secure identities to reach zero trust with AAD
3   Modern Security - Secure identities to reach zero trust with AAD3   Modern Security - Secure identities to reach zero trust with AAD
3 Modern Security - Secure identities to reach zero trust with AADAndrew Bettany
 
SYDSP - Office 365 and Cloud Identity - What does it mean for me?
SYDSP  - Office 365 and Cloud Identity - What does it mean for me?SYDSP  - Office 365 and Cloud Identity - What does it mean for me?
SYDSP - Office 365 and Cloud Identity - What does it mean for me?Scott Hoag
 
SPIntersection 2016 - MICROSOFT CLOUD IDENTITIES IN AZURE AND OFFICE 365
SPIntersection 2016 - MICROSOFT CLOUD IDENTITIES IN AZURE AND OFFICE 365SPIntersection 2016 - MICROSOFT CLOUD IDENTITIES IN AZURE AND OFFICE 365
SPIntersection 2016 - MICROSOFT CLOUD IDENTITIES IN AZURE AND OFFICE 365Scott Hoag
 
JoTechies - Cloud identity
JoTechies - Cloud identityJoTechies - Cloud identity
JoTechies - Cloud identityJoTechies
 
20160400 Technet- Hybrid identity and access management with Azure AD Premium
20160400 Technet- Hybrid identity and access management with Azure AD Premium20160400 Technet- Hybrid identity and access management with Azure AD Premium
20160400 Technet- Hybrid identity and access management with Azure AD PremiumRobin Vermeirsch
 
Azure from scratch part 2 By Girish Kalamati
Azure from scratch part 2 By Girish KalamatiAzure from scratch part 2 By Girish Kalamati
Azure from scratch part 2 By Girish KalamatiGirish Kalamati
 
SCU Berlín | Cloud identity for maximum productivity
 SCU Berlín | Cloud identity for maximum productivity SCU Berlín | Cloud identity for maximum productivity
SCU Berlín | Cloud identity for maximum productivityDiana Carolina Torres Viasus
 
JAXSPUG January 2016 - Microsoft Cloud Identities in Azure and Office 365
JAXSPUG January 2016 - Microsoft Cloud Identities in Azure and Office 365JAXSPUG January 2016 - Microsoft Cloud Identities in Azure and Office 365
JAXSPUG January 2016 - Microsoft Cloud Identities in Azure and Office 365Scott Hoag
 
Azure Community Tour 2019 - AZUGDK
Azure Community Tour 2019 - AZUGDKAzure Community Tour 2019 - AZUGDK
Azure Community Tour 2019 - AZUGDKPeter Selch Dahl
 
Premier Webcast - Identity Management with Windows Azure AD
Premier Webcast - Identity Management with Windows Azure ADPremier Webcast - Identity Management with Windows Azure AD
Premier Webcast - Identity Management with Windows Azure ADuberbaum
 
What's new in Azure Active Directory and what's coming new ?
What's new in Azure Active Directory and what's coming new ?What's new in Azure Active Directory and what's coming new ?
What's new in Azure Active Directory and what's coming new ?Vignesh Ganesan I Microsoft MVP
 
Azure Day 1.pptx
Azure Day 1.pptxAzure Day 1.pptx
Azure Day 1.pptxmasbulosoke
 
AD Basic and Azure AD.pptx
AD Basic and Azure AD.pptxAD Basic and Azure AD.pptx
AD Basic and Azure AD.pptxSumTingWong8
 
20181213 - wazug protecting your data with azure ad
20181213 - wazug protecting your data with azure ad20181213 - wazug protecting your data with azure ad
20181213 - wazug protecting your data with azure adArjan Cornelissen
 
Research paper.pptx
Research paper.pptxResearch paper.pptx
Research paper.pptxShibiApp
 

Similaire à Azure Identity and access management (20)

Azure AD and Office 365 - Deja Vu All Over Again
Azure AD and Office 365 - Deja Vu All Over AgainAzure AD and Office 365 - Deja Vu All Over Again
Azure AD and Office 365 - Deja Vu All Over Again
 
70 346 Managing office 365 identities
70 346 Managing office 365 identities70 346 Managing office 365 identities
70 346 Managing office 365 identities
 
Office 365 MCSA TechEd
Office 365 MCSA TechEdOffice 365 MCSA TechEd
Office 365 MCSA TechEd
 
Azure multi factor authentication - Global Azure bootcamp 2018 security
Azure multi factor authentication - Global Azure bootcamp 2018  securityAzure multi factor authentication - Global Azure bootcamp 2018  security
Azure multi factor authentication - Global Azure bootcamp 2018 security
 
3 Modern Security - Secure identities to reach zero trust with AAD
3   Modern Security - Secure identities to reach zero trust with AAD3   Modern Security - Secure identities to reach zero trust with AAD
3 Modern Security - Secure identities to reach zero trust with AAD
 
SYDSP - Office 365 and Cloud Identity - What does it mean for me?
SYDSP  - Office 365 and Cloud Identity - What does it mean for me?SYDSP  - Office 365 and Cloud Identity - What does it mean for me?
SYDSP - Office 365 and Cloud Identity - What does it mean for me?
 
SPIntersection 2016 - MICROSOFT CLOUD IDENTITIES IN AZURE AND OFFICE 365
SPIntersection 2016 - MICROSOFT CLOUD IDENTITIES IN AZURE AND OFFICE 365SPIntersection 2016 - MICROSOFT CLOUD IDENTITIES IN AZURE AND OFFICE 365
SPIntersection 2016 - MICROSOFT CLOUD IDENTITIES IN AZURE AND OFFICE 365
 
JoTechies - Cloud identity
JoTechies - Cloud identityJoTechies - Cloud identity
JoTechies - Cloud identity
 
20160400 Technet- Hybrid identity and access management with Azure AD Premium
20160400 Technet- Hybrid identity and access management with Azure AD Premium20160400 Technet- Hybrid identity and access management with Azure AD Premium
20160400 Technet- Hybrid identity and access management with Azure AD Premium
 
Azure from scratch part 2 By Girish Kalamati
Azure from scratch part 2 By Girish KalamatiAzure from scratch part 2 By Girish Kalamati
Azure from scratch part 2 By Girish Kalamati
 
SCU Berlín | Cloud identity for maximum productivity
 SCU Berlín | Cloud identity for maximum productivity SCU Berlín | Cloud identity for maximum productivity
SCU Berlín | Cloud identity for maximum productivity
 
JAXSPUG January 2016 - Microsoft Cloud Identities in Azure and Office 365
JAXSPUG January 2016 - Microsoft Cloud Identities in Azure and Office 365JAXSPUG January 2016 - Microsoft Cloud Identities in Azure and Office 365
JAXSPUG January 2016 - Microsoft Cloud Identities in Azure and Office 365
 
Azure Community Tour 2019 - AZUGDK
Azure Community Tour 2019 - AZUGDKAzure Community Tour 2019 - AZUGDK
Azure Community Tour 2019 - AZUGDK
 
Premier Webcast - Identity Management with Windows Azure AD
Premier Webcast - Identity Management with Windows Azure ADPremier Webcast - Identity Management with Windows Azure AD
Premier Webcast - Identity Management with Windows Azure AD
 
What's new in Azure Active Directory and what's coming new ?
What's new in Azure Active Directory and what's coming new ?What's new in Azure Active Directory and what's coming new ?
What's new in Azure Active Directory and what's coming new ?
 
Azure Day 1.pptx
Azure Day 1.pptxAzure Day 1.pptx
Azure Day 1.pptx
 
AD Basic and Azure AD.pptx
AD Basic and Azure AD.pptxAD Basic and Azure AD.pptx
AD Basic and Azure AD.pptx
 
Securing your Azure Identity Infrastructure
Securing your Azure Identity InfrastructureSecuring your Azure Identity Infrastructure
Securing your Azure Identity Infrastructure
 
20181213 - wazug protecting your data with azure ad
20181213 - wazug protecting your data with azure ad20181213 - wazug protecting your data with azure ad
20181213 - wazug protecting your data with azure ad
 
Research paper.pptx
Research paper.pptxResearch paper.pptx
Research paper.pptx
 

Plus de Dinusha Kumarasiri

Implementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with AzureImplementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with AzureDinusha Kumarasiri
 
Migrating On-Premises Workloads with Azure Migrate
Migrating On-Premises Workloads with Azure MigrateMigrating On-Premises Workloads with Azure Migrate
Migrating On-Premises Workloads with Azure MigrateDinusha Kumarasiri
 
Azure Event Hubs for Kafka.pptx
Azure Event Hubs for Kafka.pptxAzure Event Hubs for Kafka.pptx
Azure Event Hubs for Kafka.pptxDinusha Kumarasiri
 
Future of Collaboration with Office 365.pptx
Future of Collaboration with Office 365.pptxFuture of Collaboration with Office 365.pptx
Future of Collaboration with Office 365.pptxDinusha Kumarasiri
 
Application Development with Azure
Application Development with AzureApplication Development with Azure
Application Development with AzureDinusha Kumarasiri
 
Building Data Solutions with Azure
Building Data Solutions with AzureBuilding Data Solutions with Azure
Building Data Solutions with AzureDinusha Kumarasiri
 
Introduction to cloud computing
Introduction to cloud computingIntroduction to cloud computing
Introduction to cloud computingDinusha Kumarasiri
 
Real time communication with Azure Functions with Azure SignalR
Real time communication with Azure Functions with Azure SignalRReal time communication with Azure Functions with Azure SignalR
Real time communication with Azure Functions with Azure SignalRDinusha Kumarasiri
 
Azure active directory and role based access control
Azure active directory and role based access controlAzure active directory and role based access control
Azure active directory and role based access controlDinusha Kumarasiri
 
PowerApps with Common Data Services
PowerApps with  Common Data ServicesPowerApps with  Common Data Services
PowerApps with Common Data ServicesDinusha Kumarasiri
 
Automating Business Processes with SharePoint & Flow
Automating Business Processes with SharePoint & FlowAutomating Business Processes with SharePoint & Flow
Automating Business Processes with SharePoint & FlowDinusha Kumarasiri
 
Real-time web applications using SharePoint, SignalR and Azure Service Bus
Real-time web applications using SharePoint, SignalR and Azure Service BusReal-time web applications using SharePoint, SignalR and Azure Service Bus
Real-time web applications using SharePoint, SignalR and Azure Service BusDinusha Kumarasiri
 
Data Loss Prevention in SharePoint 2016
Data Loss Prevention in SharePoint 2016Data Loss Prevention in SharePoint 2016
Data Loss Prevention in SharePoint 2016Dinusha Kumarasiri
 

Plus de Dinusha Kumarasiri (20)

Implementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with AzureImplementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with Azure
 
Migrating On-Premises Workloads with Azure Migrate
Migrating On-Premises Workloads with Azure MigrateMigrating On-Premises Workloads with Azure Migrate
Migrating On-Premises Workloads with Azure Migrate
 
Azure Event Hubs for Kafka.pptx
Azure Event Hubs for Kafka.pptxAzure Event Hubs for Kafka.pptx
Azure Event Hubs for Kafka.pptx
 
Future of Collaboration with Office 365.pptx
Future of Collaboration with Office 365.pptxFuture of Collaboration with Office 365.pptx
Future of Collaboration with Office 365.pptx
 
Application Development with Azure
Application Development with AzureApplication Development with Azure
Application Development with Azure
 
Building Data Solutions with Azure
Building Data Solutions with AzureBuilding Data Solutions with Azure
Building Data Solutions with Azure
 
Introduction to cloud computing
Introduction to cloud computingIntroduction to cloud computing
Introduction to cloud computing
 
Real time communication with Azure Functions with Azure SignalR
Real time communication with Azure Functions with Azure SignalRReal time communication with Azure Functions with Azure SignalR
Real time communication with Azure Functions with Azure SignalR
 
Azure active directory and role based access control
Azure active directory and role based access controlAzure active directory and role based access control
Azure active directory and role based access control
 
Step into cloud
Step into cloudStep into cloud
Step into cloud
 
PowerApps and Flow
PowerApps and FlowPowerApps and Flow
PowerApps and Flow
 
PowerApps with Common Data Services
PowerApps with  Common Data ServicesPowerApps with  Common Data Services
PowerApps with Common Data Services
 
Automating Business Processes with SharePoint & Flow
Automating Business Processes with SharePoint & FlowAutomating Business Processes with SharePoint & Flow
Automating Business Processes with SharePoint & Flow
 
ALM with SharePoint
ALM with SharePointALM with SharePoint
ALM with SharePoint
 
Real-time web applications using SharePoint, SignalR and Azure Service Bus
Real-time web applications using SharePoint, SignalR and Azure Service BusReal-time web applications using SharePoint, SignalR and Azure Service Bus
Real-time web applications using SharePoint, SignalR and Azure Service Bus
 
SharePoint Authentication
SharePoint AuthenticationSharePoint Authentication
SharePoint Authentication
 
Data Loss Prevention in SharePoint 2016
Data Loss Prevention in SharePoint 2016Data Loss Prevention in SharePoint 2016
Data Loss Prevention in SharePoint 2016
 
Introduction to SharePoint
Introduction to SharePointIntroduction to SharePoint
Introduction to SharePoint
 
Azure notification hubs
Azure notification hubsAzure notification hubs
Azure notification hubs
 
Introduction to SharePoint
Introduction to SharePointIntroduction to SharePoint
Introduction to SharePoint
 

Dernier

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdflior mazor
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdfChristopherTHyatt
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 

Dernier (20)

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdf
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 

Azure Identity and access management

  • 1. Identity and Access Management Dinusha Kumarasiri
  • 2. Agenda  Identity  Identity Management in On-premises  Azure AD  Azure AD Features  Scopes  Role Based Access Control  Identity Collaboration
  • 3. Identity  Information that represent an agent (user / group)  Identity is used to authenticate against an identity provider  Used to access resources authorized for that identity
  • 4. Identity management on-premises  Active Directory Domain Services  Custom  Protocols might not be compatible with cloud services  Kerberos  NTLM  LDAP
  • 5. Azure Active Directory  Cloud based identity and access management service  Works as an identity provider  Can import on-premises identities to cloud
  • 6. AAD Features : Authentication  Self-service password reset  Multi-Factor Authentication
  • 7. AAD Features : Application Management  How do we connect with external applications?  How can we avoid using different credentials for each application?
  • 8. AAD Features : Identity Protection  Automate detection and remediation of identity based risks  Investigate risks  Integrate with other platforms
  • 9. AAD Features : Privileged Identity Management  Service to manage, control and monitor access to critical operations  Elevating existing permissions Just In Time (JIT)
  • 10. AAD Features : Seamless Sign-on  Automatically signed into both on-premises and cloud-based applications  Pass-through authentication  Authentication agent in on-premises server  Credentials never leaves on-premises  Password hash synchronization  Azure AD stores the hash of hash of the passwords stored in on-premises AD  Azure AD Connect is used to synchronize
  • 11. Scopes  Set of resources permissions, policies and costing can be applied at
  • 12. Role Based Access Control (RBAC)  Access management to cloud resources  Security Principal  Role Definition
  • 13. Identity Collaboration : B2B  Allow external identities to collaborate with organization  Allow external identities to use organization’s resources
  • 14. Identity Collaboration : B2C  Business to customer identity as a service  Customers can use social accounts to connect