Tag: authentication

Feed: Recent Announcements. Starting today, AWS customers can use ED25519 keys to prove their identity when connecting to EC2 instances using EC2 Instance Connect and EC2 Serial Console from the command line interface. EC2 Instance Connect is a simple and secure way to connect to your instances using Secure Shell (SSH). Aside from leveraging the one time use SSH keys generated each time an authorized user connects, you can also connect your existing SSH keys. In addition to RSA based keys, EC2 customers can now use ED25519 key pairs, an elliptic curve based public-key system commonly used for SSH authentication, ... Read More

Feed: AWS Big Data Blog. Since 2020, Amazon Redshift has supported multi-factor authentication (MFA) to any SAML 2.0 compliant identity provider (IdP) in our JDBC and ODBC drivers. You can map the IdP user identity and group memberships in order to control authorization for database objects in Amazon Redshift. This simplifies administration by enabling you to manage user access in a central location, reducing the overhead of creating and maintaining users in the database in conjunction with the IdP. Recently, we helped a customer who was building their data warehouse on Amazon Redshift and had the requirement of using Microsoft ... Read More

Feed: Featured Blog Posts - Data Science Central. Author: chaitali gawande. 3D Secure Authentication Industry: 3D secure authentication is a fraud-prevention security system for credit and debit card transactions processed online. During card payments, 3D secure authentication adds an additional layer of security. It provides clients with a safe authentication step before they can shop online, assuring that they are using the appropriate card details and minimizing the risk of card payment fraud. Fraudulent online activities, such as identity fraud and unauthorized card use, is greatly reduced when using 3D secure authentication. It protects the cardholder's personal details and increases customer trust ... Read More

Feed: Microsoft Azure Blog. Author: Mark Russinovich. “Continuing our Advancing Reliability blog series, which highlights key updates and initiatives related to improving the reliability of the Azure platform and services, today we turn our focus to Azure Active Directory (Azure AD). We laid out the core availability principles of Azure AD as part of this series back in 2019 so I’ve asked Nadim Abdo, Corporate Vice President, Engineering, to provide the latest update on how our engineering teams are working to ensure the reliability of our identity and access management services that are so critical to customers and partners.”—Mark Russinovich, ... Read More

Feed: Recent Announcements. The Amazon Connect Computer Telephony Integration (CTI) Adapter for Salesforce now simplifies the contact center authentication procedure with the integration of Amazon Connect Voice ID to make voice interactions faster and more secure. Amazon Connect Voice ID analyzes caller's unique voice characteristics using machine learning to help verify identity in real-time and display a confidence score and status within the Contact Control Panel (CCP) in the CTI Adapter. Using CTI Actions and Flows, you can automate fraud case creation or route the call to fraud agents based on the outcome of the Voice ID interaction.  ... Read More

Feed: AWS Compute Blog. Author: Julian Wood. This post is written by Uma Ramadoss, Senior Specialist Solutions Architect, Integration. Today, AWS Lambda is introducing mutual TLS (mTLS) authentication for Amazon Managed Streaming for Apache Kafka (Amazon MSK) and self-managed Kafka as an event source. Many customers use Amazon MSK for streaming data from multiple producers. Multiple subscribers can then consume the streaming data and build data pipelines, analytics, and data integration. To learn more, read Using Amazon MSK as an event source for AWS Lambda. You can activate any combination of authentication modes (mutual TLS, SASL SCRAM, or IAM access ... Read More

Feed: Recent Announcements. AWS Lambda now supports mutual TLS authentication for Amazon MSK and self managed Kafka as an event source. Customers now have the option to provide a client certificate to establish a trust relationship between AWS Lambda and Amazon MSK or self managed Kafka brokers that are configured as event sources. Lambda will support self-signed server certificates or server certificates signed by a private CA for self-managed Kafka event sources by letting customers provide a root CA certificate which allows our pollers to trust their Kafka brokers. Support for self-signed server certificates is not required for MSK event sources ... Read More

Feed: Recent Announcements. Amazon Simple Notification Service (Amazon SNS) now supports token-based authentication for sending mobile push notifications to Apple devices. When creating a new platform application in the Amazon SNS console or API, you can now choose between token-based (.p8 key file) or certificate-based (.p12 certificates) authentication. Token-based authentication provides stateless communication between Amazon SNS and the Apple Push Notification service (APNs). Stateless communication is faster than certificate-based communication because it doesn’t require APNs to look up the certificate. When using .p12 certificates, you had to renew the certificate and the endpoint once a year. Now, by using .p8 ... Read More

Feed: AWS Compute Blog. Author: Talia Nassi. This post is co-written by Karen Hong, Software Development Engineer, AWS Messaging. To use Amazon SNS to send mobile push notifications, you must provide a set of credentials for connecting to the supported push notification service (see prerequisites for push). For the Apple Push Notification service (APNs), SNS now supports using token-based authentication (.p8), in addition to the existing certificate-based method. You can now use a .p8 file to create or update a platform application resource through the SNS console or programmatically. You can publish messages (directly or from a topic) to platform ... Read More

Feed: Planet PostgreSQL. Did you know that PostgreSQL 12 introduced a way for you to provide multifactor (aka "two-factor") authentication to your database?This comes from the ability to set clientcert=verify-full as part of your pg_hba.conf file, which manages how clients can authenticate to PostgreSQL. When you specify clientcert=verify-full, PostgreSQL requires a connecting client to provide a certificate that is valid against its certificate authority (CA) and the certificate's common name (CN) matches the username the client is authenticating as. This is similar to using the cert method of authentication. Where does the second factor come in? You can add clientcert=verify-full to another authentication method, such as the password-based scram-sha-256. When you do this, ... Read More