New Training: Planning for and Securing Cloud Software-as-a-Service

In this 6-video skill, CBT Nuggets trainer Bart Castle discusses protective, detective, and reactive controls for cloud software-as-a-service models. Gain an understanding of identify federation, cloud access security brokers, email, and DNS security including Cisco tools like Duo, CloudLock, Email Security, and Umbrella. Watch this new Cisco training.

Watch the full course: Implementing and Operating Cisco Security Core Technologies

This training includes:

• 6 videos

• 1.1 hours of training

You’ll learn these topics in this skill:

• Planning for Software-as-a-Service Security

• Federating Identities with SAML, OAuth, and OpenID

• Cisco Zero-Trust for the Workforce

• Cisco Cloudlock Access Security Broker

• Securing DNS with Cisco Umbrella and OpenDNS

• Securing Communications with Cisco Email Security

How OpenID Can Simplify and Secure Your Authentication Stack

The process of user authentication is both difficult to implement and secure well. Thankfully, specifications like OpenID exist that allow software developers to federate their authentication system with services that users already trust. OpenID both simplifies and secures the authentication stack.

What is OpenID?

You have most likely used OpenID without realizing it. Those buttons on websites that let you use your Google or Facebook account to login with are based on OpenID.

OpenID abstracts the authentication mechanisms away from individual services by using a 3rd party identity provider. Its specification is backed by Microsoft, Facebook, Google, and other large tech companies. That's why it is common to see those buttons for using your Microsoft, Facebook, Google, or Apple account to create accounts.

OpenID is a sort of evolution to OAuth. OAuth was originally designed with the same concepts as OpenID but it only handles authorization. As internet services grew and required more complex security schemes, the limitations of OAuth were quickly realized. Though OpenID technically came before OAuth, it's due to the limitations of OAuth that OpenID has become what it is today.