CIS14: Case Study: Using a Federated Identity Service for Faster Application Deployment

  • 184 views
Uploaded on

Rowland Nicholson, Caterpillar, Inc. …

Rowland Nicholson, Caterpillar, Inc.
Case study of how Caterpillar used identity virtualization to aggregate, correlate and remap identities to create virtual views, enabling each application to have the required identity information on demand.

More in: Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
184
On Slideshare
0
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
14
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Caterpillar Non-Confidential Identity Virtualization Cloud Identity Summit – July 22, 2014 Rowland Nicholson - IAM Architect Global Information Systems
  • 2. Caterpillar Non-Confidential2 Global Information Systems NNew App Enterprise Directory
  • 3. Caterpillar Non-Confidential3 Global Information Systems UUpgrade Enterprise Directory
  • 4. Caterpillar Non-Confidential4 Global Information Systems LLegacy Enterprise Directory
  • 5. Caterpillar Non-Confidential5 Global Information Systems Enterprise Directory AApp
  • 6. Caterpillar Non-Confidential6 Global Information Systems 1VIRTUAL ATTRIBUTES
  • 7. Caterpillar Non-Confidential7 Global Information Systems Enterprise Directory XISO Doc’s YTurbines DB Accounts
  • 8. Caterpillar Non-Confidential8 Global Information Systems Enterprise Directory XISO Doc’s YTurbines DB Accounts Radius Server
  • 9. Caterpillar Non-Confidential9 Global Information Systems Enterprise Directory XISO Doc’s YTurbines DB Accounts Radius Server Virtual Directory solarid = ‘D’+ badgenumber
  • 10. Caterpillar Non-Confidential10 Global Information Systems Enterprise Directory F1 “Flexible” F2 “Finicky” Virtual Directory +4 virtual attributes department entryUUID member memberOf
  • 11. Caterpillar Non-Confidential11 Global Information Systems 1VIRTUAL ATTRIBUTES
  • 12. Caterpillar Non-Confidential12 Global Information Systems 2 DYNAMIC GROUPS
  • 13. Caterpillar Non-Confidential13 Global Information Systems F2 “Finicky”Only groups •  affiliations •  organizations •  business units •  rules
  • 14. Caterpillar Non-Confidential14 Global Information Systems Enterprise Directory F2 “Finicky” Virtual Directory ou=groups ou=groups ou=autogen ou=dynamic ou=groups
  • 15. Caterpillar Non-Confidential15 Global Information Systems Attribute Values Autogen Group Members with value
  • 16. Caterpillar Non-Confidential16 Global Information Systems Rule Dynamic Group Members match rule
  • 17. Caterpillar Non-Confidential17 Global Information Systems Enterprise Directory F2 “Finicky” Virtual Directory ou=groups ou=groups ou=autogen ou=dynamic ou=groups F1 “Flexible”
  • 18. Caterpillar Non-Confidential18 Global Information Systems 2 DYNAMIC GROUPS
  • 19. Caterpillar Non-Confidential19 Global Information Systems 3 ”VIRTUALIZED” DIRECTORY
  • 20. Caterpillar Non-Confidential20 Global Information Systems F2 “Finicky” Supports only Directory “Q”
  • 21. Caterpillar Non-Confidential21 Global Information Systems F2 “Finicky” Enterprise Directory Virtual Directory •  “Q” DIT •  “Q” Schema
  • 22. Caterpillar Non-Confidential22 Global Information Systems 3 ”VIRTUALIZED” DIRECTORY
  • 23. Caterpillar Non-Confidential23 Global Information Systems … one more thing
  • 24. Caterpillar Non-Confidential24 Global Information Systems Enterprise Directory Virtual Directory PII Data View F2 “Finicky” F1 “Flexible”
  • 25. Caterpillar Non-Confidential25 Global Information Systems APPLICATIONS: F2 “Finicky” F1 “Flexible” IAM Virtual attributes Dynamic groups Virtual DIT/Schema Federated New Upgrades Legacy LDAP WS SAML WS-Fed OAuth OpenID Connect WAM
  • 26. Caterpillar Non-Confidential26 Global Information Systems Thank You!