Posts

Showing posts from June, 2021

PL 400: Design authentication and authorization strategy (Part 2)

Image
This article is a continuation of Part 1 (Design Authentication and Authorization Strategy) . All information and images are collected from Microsoft documentation or the community. This is part of my PL 400 preparation. Let's talk about the first layer of security. That is Azure AD Conditional Access. I already discussed about Azure AD in the previous section . As is well known that Azure Active Directory works as pillar of Authentication security, but it doesn't mean to prevent actual users of platform. Azure AD Conditional Access : Conditional Access is the tool used by Azure Active Directory to bring signals together, to make decisions, and enforce organizational policies. Conditional Access is at the heart of the new identity driven control plane. Conditional Access policies at their simplest are if-then statements, if a user wants to access a resource, then they must complete an action.  Example: A payroll manager wants to access the payroll application and is required to...

PL 400: Design authentication and authorization strategy (Part 1)

Image
This article is a continuation of my PL 400 preparation. All information and images are taken from Microsoft doc or community. This effort is part of learning and sharing. Security is an essential component of software. Nowadays, since entire processes and services run on the cloud, authentication and authorization are highly important as it enables organizations to keep their networks secure by allowing only authenticated users (or processes) to access their protected resources, including Computer systems may include networks, databases, websites and other network-based applications or services. By definition, Authentication is: the process or action of verifying the identify of User or Process. and Authorization means : Authorization is a security mechanism to determine access levels or user/client privileges related to system resources including files, services, computer programs, data and application features. Microsoft Power Platform is a line of business intelligence, app develop...

PL 400 : Design and Validate the technical architecture for a solution

Image
Generally Architecture is considered as Foundation and if we try to define it. Will look like it below: The core concepts or components of a software in its environment embodied in its elements, relationships, and principles of its design and development In addition, software architecture exposes the structure of a system while hiding the implementation details. Architecture also focuses on how the elements and components within the system interact with each other. As a course syllabus of PL 400, 10-15% of questions come from " Validate requirements and design technical architecture ". In the articles, I am going to explain about  " Design and validate the technical architecture for a solution " which is first part of this section. this article related pictures and icons are based on Power Platform Admin and Governance White Paper and Microsoft's doc. In my view, T echnical Architecture is an abstract representation of the platform, language, and supporting tec...

Team based Security in Microsoft Dynamics 365 CE : Azure AD Security Group Team (Part 4)

Image
In the cloud era, Microsoft Azure is making a great position in the world market and more importantly Power Platform, Dataverse and Dynamics 365 CE are built on Azure Cloud Environment. Initially, it was difficult to integrate between Azure and Microsoft product families, now Microsoft introduces new features in Dynamics 365 CE for Azure users to use directly as team members called Azure AD Security Groups Teams .  This article is a continuation of team-based security where the Owner Team and the Access Team are explained. However, there are a number of Microsoft products that are working together, with Azure and D365 CE being the major ones. So, first we will try to know what is Azure AD Security Group Team. According to Microsoft's Doc : This Team is similar to Owner Team and An Azure AD group team can own records and can have security roles assigned to the team. There are two type of Azure AD Group Team: Security Group  Office Group Security Group (Azure AD Security Group...