Traditional password-based authentication systems have their own limitations at implementing security in an organization. Enhancing the strength of the password is inadequate to prevent security threats. Thus, there is a need to explore and apply better authentication techniques such as risk-based authentication.
Risk-based authentication provides context-aware access control that acts to balance the level of trust against risk. It enables organizations to perform the following actions:
Address access-related risks and improves user experience.
Validate risk of an access request at the run time and take appropriate actions, such as forcing an advanced authentication or denying access.
You can also assess risk in a federated setup with service providers such as Salesforce.com, SAP HR, and Oracle Financial with protocols such as SAML and WS Fed.
Access Gateway can also control access for a protected resource based on the risk score.
The following illustration depicts risk-based authentication process:
The following illustration depicts the risk-based authentication in a federated setup:
This section describes risk-based authentication concepts and how to configure it.
Section 4.5.5, Understanding Risk-based Authentication through Scenarios
Section 4.5.8, Enabling Auditing for Risk-Based Authentication Events
Section 4.5.9, Configuring an External Database to Store User History
Section 4.5.10, Enabling Logging for Risk-Based Authentication