Administration Guide › Overview › CA CloudMinder Components › CA AuthMinder

CA AuthMinder

In CA CloudMinder, CA AuthMinder provides strong authentication.

Strong authentication uses two-factor authentication, where an end user is required to provide more than one form of identification. For example, in addition to the typical user name-password (something the user knows), the end user also has to provide an additional hardware or software credential (something the user has).

The Advanced Authentication service provides proprietary software credentials, which can be used as the possession factor (something the user has) for authentication. The end user password or PIN is used as the knowledge factor (something the user knows). As a result, end users retain the familiar user name-password login process. They need to know only their user name and password or PIN, but are protected by a strong authentication solution that works in the background.

The available Strong authentication credential types are:

• ArcotID PKI
• ArcotID OTP

CA RiskMinder

CA RiskMinder evaluates end user logins for possible fraud. When an end user tries to access a protected resource, the Advanced Authentication service first collects a wide range of data, such as the following details:

• End-user device identification
• Location
• User and transaction
• The service evaluates that data using risk evaluation rules.

CA RiskMinder evaluates the end user or device data against risk evaluation rules. CA RiskMinder provides a score and advice about the probability of a fraud. Based on this advice, the end user is granted access, denied access, or asked for additional authentication.

Report Server

The Report Server, also known as CA Business Intelligence, generates reports.

The Report Server provides the following functionality:

• Report scheduling
• Default reports, including reports for Advanced Authentication, SSO, and billing
• Support for a report template
• Support for data replication
• Hosting and tenant administrators can request and view reports.

Databases

The components in CA CloudMinder require the following data stores:

• Advanced Authentication application stores
• CA IdentityMinder object store

  Stores information for auditing, task persistence, workflow, and CA IdentityMinder objects.

• Reporting store

  Uses CA Business Intelligence 3.2. You use this server to include data from the Snapshot Database, which contains information from the CA IdentityMinder Object Store and the CA IdentityMinder user store. An example of a Snapshot Report is the User Profile report. You can also create reports with a disabled snapshot applied, which include data from other data sources, such as the Audit Database.

• SiteMinder policy store, session store and key store

Consoles

Administrators use the following UIs to configure and manage CA CloudMinder:

• User Console
• CSP Console
• Management Console
• Advanced Authentication Administration Consoles