|
SecureAuth® for Federated Application Environments
|
MFC SecureAuth is the only tokenless, non-phishable authentication solution for
federated applications that authenticates the end-user and the web site, in an
easily deployable manner. SecureAuth provides a turnkey solution that delivers
an algorithmically proven method to thwart phishing, DNS and man-in-the-middle
attacks.
|
|
SecureAuth is deployed as the authentication mechanism for the identity provider
(IdP). Upon a successful authentication, SecureAuth can create the relevant
federated assertion (SAML, WS-*, OpenID, etc). This assertion is granted to the
user and the user is redirected to the service provider (SP). This enables a
secure sign-on into the application without the application requiring a
replication of the membership data for the user. This provides a great cost
savings to the enterprise. It is important to note that secure federation model
works for any SAML or other federated assertion model. |
|
|
|
Figure 1: SecureAuth® can be set up to be the authentication service for the Identity Provider (Idp) in a federated environment.
|
|