Identity Management

What is it?

Is a broad IT security and administrative area that deals with identifying individuals in a system (such as a country, a network, or an enterprise) and controlling their access to resources within that system, by associating user rights and restrictions with the established identity. In term of IT security it enables individuals to access the right resources at the right times for the right reasons.



SSO or Single Sign On is the process of verifying that the user identity is authentic. There are many ways to authenticate an user, from the now obsolete and inexpensive password to a biometric device. Each of them have pros and cons. We mention some of the most common methods where we can provide consulting and assist during the implementation:


Is what you know ...
One of the most popular password driven authentication method is Kerberos. Because Nowadays is part of our daily life because it's used in all Microsoft Windows versions.
However, our opinion is that this method is obsolete and it should be phased out
immediately. Due to hundred of different password policies which each user is required to remember when he/she browses on the daily basis, either the password is written in somewhere, or is the same, thus making this method insecure.
In addition, hackers have tools which "cracks" a simple password in few minutes. The rule of thumb is that if your password is easy for you, it's also easy for hackers.
We implement Kerberos authentication solution where Windows and UNIX, or other Kerberos compatible packages, need integration and allow user a Single Sign On between different applications.



Is what you have ...
PKI authentication is based on “what you have” — a private key related to
the certificate bound to only one person. PKI authentication is far more
resilient to hackers attacks, and does not require end-users to remember
anything, so it is stronger than a password.
We implement company PKI or providing you simple certificate
authentication for e-mails, file encryption, and/or HSM (Hardware Security


Access Control

Access Control is an IT Security feature which controls how an user access a resource or a system. This is also applicable with physical Access Control, whereby control is performed by Security Officer and/or access devices such badges, biometrics, etc. To greatly simplify a long list of definitions and scenarios, once the authentication establishes, or recognizes your identity, access control comes in force allowing access to the resources whose your identity is associated. The bank cash point provides a good example of authentication via the keypad and your debit card (two factors authentication) and allow access to your money only.

In term of specific computer security, we provide assistance in these main categories of Access Control:

In term of specific computer security, we provide assistance in these main categories of Access Control:

Mandatory Access Control (MAC)

Discretionary Access Control (DAC)

Role Base Access Control (RBAC)

Identity Based Access Control

Rules Access Control (Via Attributes Access Control)

Deal characteristic

  • The deal is based upon server or resource hardening, it then can be deployed on servers with same applications and O.S
  • Typical efforts estimation is between three and six months, according the number of applications, data classification and tuning.
  • Clients with annual revenue is higher than $10 million. Typical deal cost is between $50,000 and $300,000

Client benefits

  • When properly implemented, it enables a system to adequately defend itself and offers critical support for application security by protecting against the tampering with, and bypassing of, secured applications.
© Copyright 2018 Finance. All Rights Reserved. © Copyright 2018 Rokeby Technologies Ltd. All Rights Reserved.