| The name of the base system (platform): | Windows Azure |
| Developers: | Microsoft |
| Last Release Date: | December, 2014 |
| Technology: | Cybersecurity - Authentication |
Content |
2012
The Microsoft company publicly provided in May, 2012 the new strategy for development of Windows Azure Active Directory technology (AD Azure) as base for management systems for certificates in a cloud. Actually, the AD Azure technology should begin to become service of verification of certificates which also developers will be able to use third-party applications.
On development of strategy for development of control of certificates in a cloud at Microsoft company two years left. Changes in comparison with the traditional Active Directory platform turned out so serious that developers expect to completely change the market of tools of this class. In particular, representatives of Microsoft speak about the concept of "the social enterprise" in which the WAAD service (Windows Azure Active Directory) helps to connect the SaaS-application to a directory service and cloud platforms, integrating corporate clients within some kind of social networks.
The WAAD service which is actively used in web applications Office 365 and Windows Intune, is the center of new strategy. As it stands WAAD represents platforms, capable to service a set of the organizations on one infrastructure with support of the special modes of the increased availability and the highest level of scalability for application in the public Internet portals.
Developers of WAAD technology are going to support all key technologies requiring verification of certificates including Java applications, mobile applications and the cloud systems like Amazon of AWS. Technically WAAD will be implemented in the form of cloud expansion to the local Active Directory directories which already work at the enterprises. Consolidation of local and cloud resources will be carried out due to directory synchronization and the joint base of certificates.
Among other things, for creation of WAAD technology developers made significant changes to architecture of the Active Directory platform. For example, instead of storage and release of certificates of Active Directory on the separate server, it is offered to separate these functions into independent roles. For vertical scaling in the environment of Windows Azure the new role on release of counters of access is provided, and the Active Directory storage can be broken into sections now, placing them on different servers in different data processing centers.
It is remarkable that in Microsoft Kim Cameron, one of the most authoritative specialists in the field of electronic identification of the personality is engaged in work on WAAD technology. According to him, technologies of Microsoft should change approach to verification of certificates around the world as traditional solutions based on the Active Directory do not cope with a situation neither physically, nor conceptually any more. Push to paradigm shift of electronic certificates also other factors, including mass turning on of mobile devices in corporate directory services as full client devices. At last, the KERBEROS protocol on which the majority of the modern systems of verification of certificates is constructed not quite is suitable for mass use in a cloud.
The most important among functional new products should call opening to clients of Windows Azure of full-function 'cloud' service Active Directory. It is possible to solve problems of uniform authorization of users for access to different services (Single Sign On) with its help. The new feature allows to create the uniform directory of users with a possibility of its synchronization with corporate base Active Directory.
The Active Directory based on Windows Azure supports the popular open standards SAML 2.0, OData, WS-FED. In the near future also support of OAuth 2.0/OpenID will appear. The platform will be actively used for authentication of users during the work with such 'cloud' products of Microsoft as Office365, Dynamics CRM online, Windows Intune and also Windows Azure.
Service will be provided in all 14 data centers of Microsoft worldwide. It is already started in work, its reliability is estimated at authentications of users at the level of 99.97%. Together with it the public access to the Windows Azure AD Graph tool allowing to create the applied developer the solutions adapted for corporate tasks using Active Directory service on the Windows platform of Azure was open.
2014
The end of support Windows Server 2003 which, is appointed to July 17, 2015 leaves to users of this product less time to manage to transfer the infrastructure to more modern versions of the operating system. For simplification of this task Microsoft released the beta of Azure Active Directory Connect which will allow to connect the existing directories of Windows Server Active Directory to[1].
Microsoft notifies that separate releases of Azure AD Sync and Azure AD Connect will not be any more, DirSync updates are also not planned. Azure AD Connect becomes the uniform tool for synchronization of all hybrid junctions.
Users can purchase Azure Active Directory Premium using the Office 365 portal without need to have the agreement of Enterprise locally. The company also made public Azure AD App Proxy, intended for providing secure access to employees to local applications, including Sharepoint and Exchange/Outlook Web App of a cloud.
Notes
| The site content is translated by machine translation software powered by PROMT. The machine-translated articles are not always perfect and may contain errors in vocabulary, syntax or grammar. Read original article If you find inaccuracies or errors in the results of machine translation, please write to editor@tadviser.ru. We will make every effort to correct them as soon as possible. |