Skip to main content
CES Technology
Project Palladium

FAQs

Access
API
Cloud
1
What is MFA?

Multi-factor authentication (also sometimes called two-step authentication) refers to the ability to include factors other than passwords in the identity proofing process during authentication. There are two major categories of factors: browser- or device-based; and IDP-based. Browser, or device-based factors are integrated with the login page and all proofing occurs in the user-agent integration with the device. The FIDO specification provide standards for this type of MFA integrations. Examples include fingerprint readers or facial recognition software using the device camera. IDP-based factors are integrated with the identity provider service. There are not currently any widely used standards. Examples include TOPT, HOTP, Push notifications, SMS OTP, email OTP, and telephone-base OTP. Multi-factor authentication does not require a set number of factors, a single factor may be adequate or multiple factors may be required. Passwordless login is where none of the factors are password-based and may only include one factor.

2
What is the difference between authentication and authorization?

Authentication is the process of mapping a person, process, or machine to a digital identity. The mapping process is called proofing. Proofing may involve something the identity possesses (e. g., a security key, a physical key), something it knows (e. g., a password), or something it is (e. g., a fingerprint, facial recognition).

Authorization is the process of granting or denying access to resources by identities.

3
What is the benefit of Single Sign-On(SSO)?

Single Sign is the ability for user to only log in once per user agent for a set period of time - typically an hour. (What is the SSO timeout currently set to on our systems?). That means once a user logs in to one application they don't have to re-enter their credentials for other applications.

4
What is the difference between "Single Sign-on" and "Same Sign-on"?

Single sign-on means the user only has to log in once even if they are accessing multiple applications. Same sign-on means the user uses the same credentials to log into each application.

5
What is access governance

Access governance is the process of establishing, monitoring and auditing who within your organization has access to what, when and how. Access governance tools provide tools and processes to provide:

  • Birthright access
  • Access request flows
  • Access recertification process
  • Access expiration
  • Access auditing
6
What is a token?

A token is an identity provider generated digital representation of an identity that has completed the authentication process.

1
What is an API?

An API is defined on abstract and practical levels. At the abstract level, an API provides a contract for the ways that data and functionality are exposed to other processes. On the practical level, an API is the implementation of the API contract.

1
What is an on-premises(on-prem) cloud strategy?

This strategy is in-house software and data management. All applications will run on hardware that is kept on-premises.

2
What is a hybrid approach to cloud strategy?

Hybrid Cloud is where there are multiple types of cloud(ex: on-prem and Cloud, AWS and Azure).

3
What is a full SaaS cloud strategy?

This is fully in the cloud and is ran on a third parties data centers.

4
What is CES's current cloud strategy?

We are seeking out a cloud solution for all identities. Currently, we are utilizing an on-prem solution and will be transitioning. During the Transition period, we will be working on a hybrid strategy. All new apps will need to be built using a cloud architecture.