The following high-level diagram illustrates the functional role of CA CloudMinder components and their interaction. The diagram does not illustrate precise data flow; rather, it shows how components relate to one another and how they connect to external components. This illustration shows one example of CA CloudMinder. In this case, it includes all three services: Advanced Authentication, Single Sign-on, and Identity Management.

The components of this architecture are defined as follows:
Is the main user interface to manage CA CloudMinder users, services, and to perform other functions for a specific tenant.
Delivers authentication or credential management, unique two-factor credentials plus real-time risk based authentication.
Provides a cloud-based federation hub that lets customers connect to cloud-based applications, partner hosted applications or other on-premise applications in an organization. The SSO service is standards-based. The service uses SAML, WS-Federation, and WS-Trust to securely share user identity information across business partners.
Communicates with applications named managed endpoints, which are other applications, such as SAP, SalesForce, Webex, Oracle, or Microsoft Exchange. You use this service to assign accounts in these applications to CA CloudMinder users.
Represents cloud-based applications, such as Salesforce.com or Google. Also supported are partner hosted applications or other on-premise applications within your own organization.
Communicates with applications on other systems, named managed endpoints. To create accounts on applications that exist in your on-premise environment, such as an email system, the CA IAM Connector Server is required. If you only want to create accounts on applications on cloud-based applications, such as Salesforce.com, you do not need to install this component.
Provides user authentication, policy-based authorization, single sign-on and auditing for web applications. This is an optional component, since the SSO service provides the key features of CA SiteMinder with Federation Manager.
Generates assertions or claims for users who request access to applications. Three possible choices exist; however, only the first choice appears in this illustration.
|
Copyright © 2014 CA.
All rights reserved.
|
|