Authenticates a user by querying a database consisting of user records. Resilient privacy enhancing policy evaluation mechanism avoids the passing around of the password through the network by requesting for the password only when the Database Authentication authority is invoked. The sensitive information is only exchanged between the user and the Database Authentication authority over TLS.
Configuring the Database Authentication Authority
To configure the authority, complete the following steps.
- Sign into the Administrative Console
- Click Create New Authority.
- Select Database Authentication from the Authority Type drop down.
- Type a name for the authority in the Authority Name box.
- Type a description of the authority in the Authority Description box (optional).
- Type he fully qualified URI location of the Resilient Access Authority Connector in the Resilient Access Authority Connector Host box, including the number of the port on the Resilient Access Authority Connector host that will accept incoming connections. To encrypt the communications between Resilient and the Resilient Access Authority Connector, type https.
- Configure the connection to the Database server by entering:
- The fully qualified hostname of the database server in the Database Host box:
- The name of the database containing the user records in the Database Name box
- The database user name in the Database User Name box
- The password for the user account to connect to the Database server in the Database Password box.
- Configure how the database will be queried to find the user and verify their password.
- Enter the table in the database that holds the user records in the Authentication Table box
- Enter the column name that has the user identity attribute that will be passed during database authentication in the UserId Column Name box
- Enter the column name that stores the password in the Password Column Name box.
- If Passwords are encoded as MD5 values before storing them in the database then the Password encoded as MD5 checkbox should be checked.
- Resilient Access has integrated with Intensity Analytics Behavioral Biometric Authentication to seamlessly provide strong second factor authentication to policies created in Resilient Access. Intensity Analytics has a patented technology of calibrating the rhythm of a user’s keystoke pattern and using that to create a unique user identity signature. This is then applied to detect if the person typing the password is the person being authenticated. As the user authenticates using their password the system calibrates and stores profiles of the keystroke rhythm until enough profiles have been created to accurately determine a user’s keystroke rhythm. Subsequent authentication attempts will enforce the Intensity Analytics Behavioral Biometric Authentication as an additional authentication factor. To enable Intensity Analytics Behavioral Biometric Authentication click the Include Intensity Analytics checkbox.
- Once you have finished configuring the Database Authentication authority, click Create or Save.