Tuesday, May 27, 2025

Coming Soon: White Paper on Disaster Recovery in Healthcare

I'm currently working on my next white paper focused on disaster recovery mechanisms in the healthcare industry—a critical yet often overlooked area that directly impacts patient safety, regulatory compliance, and data integrity.

I'd love your input! If there are specific areas, applications, or systems you'd like to see covered—such as EHR platforms, telemedicine infrastructure, cloud-based backups, or real-time failover strategies—please drop a comment below.

Your feedback will help shape a more relevant and valuable resource for the community.

Monday, May 12, 2025

Cutting-Edge AI Techniques for Securing Healthcare IAM: A Novel Approach to SAML and OAuth Security

 

I'm excited to share my latest research exploring how AI can revolutionize identity security in healthcare environments — specifically strengthening SAML and OAuth frameworks against evolving cyber threats.

🔗 Read the full paper here

This paper introduces an AI-driven approach to real-time anomaly detection, adaptive authentication, and proactive threat mitigation within healthcare IAM systems. It also addresses challenges unique to protecting sensitive health data while maintaining compliance and usability.

🔹 I welcome feedback, insights, or discussion points from cybersecurity professionals, IAM architects, and healthcare IT experts.
🔹 Let’s collaborate on advancing secure, AI-powered identity ecosystems in healthcare!

Thank you for taking the time to read and engage!

#Cybersecurity #HealthcareSecurity #IAM #OAuth #SAML #AI #DigitalHealth #IdentityManagement

Future-Proofing Enterprise Security: Transitioning Legacy Authentication to Modern IAM

 

I’m excited to share my latest research paper that addresses a critical need facing many organizations today — migrating from legacy authentication systems to modern, scalable Identity and Access Management (IAM) frameworks.

🔗 Read the full paper here

In this paper, I explore strategies, real-world challenges, and architectural considerations for future-proofing enterprise security. I also dive into how organizations can adopt passwordless authentication, Zero Trust models, and adaptive risk-based access while ensuring minimal disruption during migration.

🔹 If you're involved in IT modernization, IAM transformation, or enterprise cybersecurity, I would love for you to read through and share your feedback or experiences!
🔹 Your insights will be valuable for evolving best practices around secure digital transformation.

Thank you for your support and interest in securing the future of enterprise identity!

#Cybersecurity #IdentityManagement #IAM #DigitalTransformation #ZeroTrust #SecurityArchitecture #Modernization

How to implement security for Healthcare applications and systems using Passkeys

 

Dear experts, 

I am pleased to share my latest white paper published on ResearchGate:

 "Next-Generation Identity Security in Healthcare: A Passkey-Based Approach"

https://www.researchgate.net/publication/391591235_Next-Generation_Identity_Security_in_Healthcare_A_Passkey-Based_Approach

In this paper, I explore how passkeys and asymmetric cryptography can revolutionize authentication frameworks in healthcare — moving beyond traditional passwords towards phishing-resistant, device-bound, and biometrics-enabled security models. I also discuss integration strategies with existing healthcare IAM systems, real-world deployment challenges, and future directions like quantum-resilient passkey evolution.

🔹 I would greatly appreciate feedback, insights, or discussion points from cybersecurity, healthcare IT, and identity management professionals.

 ðŸ”¹ Your perspectives on real-world challenges, emerging trends, and implementation considerations would be highly valuable!

Thank you in advance to all the cybersecurity experts and IAM practitioners willing to give this a read!

AI-Powered Cybersecurity for Safeguarding Electronic Health Records from Deepfake Biometric Attacks

 

 

 I’m excited to share my latest research publication now available on ResearchGate:
🔗 Read the full paper here

In this white paper, I explore a critical and emerging threat in healthcare cybersecurity — the risk of deepfake biometric attacks targeting Electronic Health Record (EHR) systems.
As healthcare organizations increasingly adopt biometrics like facial recognition and voice authentication for user access, adversaries are beginning to exploit AI-generated deepfakes to impersonate legitimate users.

This paper introduces an AI-powered cybersecurity framework designed to safeguard sensitive healthcare data by integrating real-time liveness detection, behavioral biometrics, and anomaly risk scoring into EHR authentication workflows.
I also discuss key challenges, system architecture, and future directions for securing healthcare identity systems against evolving deepfake threats.

🔹 If you are working in healthcare cybersecurity, identity management, or AI risk mitigation, I welcome your feedback and thoughts on this important and fast-evolving area!

Thank you for reading and engaging with this important topic.
Feel free to share your insights or experiences related to biometric security!




Wednesday, October 28, 2020

PingFederate: OAuth implementation approaches

Hello IAM Learners

It is common to use claims based authentication in recent times for any SSO integrations using OAuth/OpenID connect standards. 

For OAuth implementation in PingFederate, you could create multiple Access Token Manager and map it to adapter if you have multiple HTML adapters in the deployment, otherwise if you just single HTML Adapter used by all OAuth applications then you don't need any of these I am referring to below.

OAuth request coming from Application can be intercepted and processed in PingFederate using two approaches; OAuthSelector or HTTP Header selector. Both of these approaches requires to use Ping authentication policies.

OAuth Client Set Authentication Selector: All OAuth client IDs should be added in this selector as Client.   

HTTP Request Parameter Name: All OAuth client IDs should be added in this selector as parameter values.

There is another selector OAuth Scope Authentication Selector that will be used for OAuth implementations if you have a requirement to trigger the authentication flow based on client scope. 

 

Identifier First Adapter: PingFederate

Hello IAM Experts

Today, I would like to talk about Identifier First Adapter and how it can be addressed for variety of use cases.

Identifier First Adapter is available out-of-the-box in PingFederate 9.3 version and above. This adapter uses HTML template in the back-end which can be customized as per Org needs and it captures the user identifier (could be email or userid) and it uses two attributes Subject and Domain. 

Domain is typically the user email address. Additional attributes can be added to this adapter as needed. 

Some of the use cases:

  1. This adapter can be used if the organization has a requirement to display separate branded login page based on email address or user domain.  
  2. This adapter can be used if you need to separate the authentication flow or trigger additional security mechanism based on userid or email address. 
HTML template also uses velocity template which can be customized with HTML/JS as per Org needs.