CIS14: Providing Business with NextGen Identity Solutions in a Legacy World

420 views
349 views

Published on

Steve Hutchinson, GE
Report on the results of a partnership formation between design teams and service delivery teams at GE to leverage existing infrastructure and quickly operationalize new identity services like OAuth, SCIM, and OpenID Connect while also managing a 300% increase in traditional SAML-based integrations

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
420
On SlideShare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
24
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

CIS14: Providing Business with NextGen Identity Solutions in a Legacy World

  1. 1. Providing  NextGen  Iden0ty   Solu0ons  in  a  Legacy  World   Steve  “Hutch”  Hutchinson   SSO  Service  Leader,  GE     sehutchinson@gmail.com   @Iden0tyHutch  
  2. 2. Providing  NextGen  Iden0ty  Solu0ons  in  a  Legacy  World   22  Jul  2014    -­‐    Page  2     A  disclaimer  …   The  views  and  opinions  expressed  in  this   presenta0on  are  my  own  and  do  not  necessarily   represent  the  views  or  opinions  of  the  General   Electric  Company  or  any  of  its  subsidiaries.  
  3. 3. Providing  NextGen  Iden0ty  Solu0ons  in  a  Legacy  World   22  Jul  2014    -­‐    Page  3     Thanks  Daniel  …  no  pressure  
  4. 4. Providing  NextGen  Iden0ty  Solu0ons  in  a  Legacy  World   22  Jul  2014    -­‐    Page  4     A  warning   SOLUTIONS  AT  CIS  ARE  NOT  AS  CLOSE  AS  THEY  APPEAR   but  they  could  be  closer  …  
  5. 5. Providing  NextGen  Iden0ty  Solu0ons  in  a  Legacy  World   22  Jul  2014    -­‐    Page  5     SAML  is  dead?   0 100 200 300 400 500 2013 201420122011201020092008 SAML  Integra-ons   Year   !   “SAML  is  not  dead.  It’s  done.   Which  means  we  can  use  it.”   -­‐  Dale  Olds  at  CIS2013  
  6. 6. Providing  NextGen  Iden0ty  Solu0ons  in  a  Legacy  World   22  Jul  2014    -­‐    Page  6     Ge]ng  from  here  to  there  
  7. 7. Providing  NextGen  Iden0ty  Solu0ons  in  a  Legacy  World   22  Jul  2014    -­‐    Page  7     Where  is  here?   SSO  LDAP   Policy  Decision  Point   Web   Server   Web  Access  Management   Federa0on   Server   Agent   Iden0ty  Federa0on   SAML,  STS,  OAuth,  OpenID   Virtual  Directory   Interceptor   Script   LDAP  Authen0ca0on   Mul0-­‐Source  Directory  Views   Web  Agent   B2B   B2C   HR  System   Ac0ve  Directory   7500+  applica0ons   475+  Federa0ons   350+  directories   5  million  accounts   ~500,000  accounts   18  policy  sets   Registra0on   Apps  
  8. 8. Providing  NextGen  Iden0ty  Solu0ons  in  a  Legacy  World   22  Jul  2014    -­‐    Page  8     Enter  FastWorks  
  9. 9. Providing  NextGen  Iden0ty  Solu0ons  in  a  Legacy  World   22  Jul  2014    -­‐    Page  9     Migra0on  from  data  centers  to  cloud   Web   Server   Agent   PDP   Fed  IdP   Agent   Shibboleth   Plugin   Tradi0onal  Web  Access  Management   SAML   Policy&   User   Stores  
  10. 10. Providing  NextGen  Iden0ty  Solu0ons  in  a  Legacy  World   22  Jul  2014    -­‐    Page  10     Bring  Your  Own  Iden0ty  (BYOI)   Fed  IdP   User  Store   Web/App   Server   Select  IDP   ATTESTATION   NETWORK   PDP   Shibboleth   Plugin   Agent   SCIM  
  11. 11. Providing  NextGen  Iden0ty  Solu0ons  in  a  Legacy  World   22  Jul  2014    -­‐    Page  11     The  API  economy   Web/App   Server   API   Registry   OAuth   Fed  IdP  XML   Gateway  
  12. 12. Providing  NextGen  Iden0ty  Solu0ons  in  a  Legacy  World   22  Jul  2014    -­‐    Page  12     Top  drivers  for  Iden0ty   •  Migra0on  from  data  centers  to  cloud   •  Bring  Your  Own  Iden0ty  (BYOI)   •  API  economy   •  Mobile  devices,  access  anywhere   •  Right-­‐sized  authen0ca0on   •  ABAC  replacing  RBAC   •  UX  improvements   •  Industrial  internet  (Internet  of  Things)  
  13. 13. Providing  NextGen  Iden0ty  Solu0ons  in  a  Legacy  World   22  Jul  2014    -­‐    Page  13     Barriers  to  new  service  offerings   Service   Design   Service   Delivery  
  14. 14. Providing  NextGen  Iden0ty  Solu0ons  in  a  Legacy  World   22  Jul  2014    -­‐    Page  14     Building  a  unified,  agile  service  team   Service   Design   Service   Delivery   •  Create  change   •  Add  or  modify  features   •  Create  stability   •  Create  or  enhance  services   ENABLING  the  business!  
  15. 15. Providing  NextGen  Iden0ty  Solu0ons  in  a  Legacy  World   22  Jul  2014    -­‐    Page  15     The  big  wins   •  Communica0on,  communica0on,  communica0on   •  Eliminate  finger-­‐poin0ng   •  Team  engagement  from  concept  to  delivery   •  Delivery  provides  feedback  loop  for  service   improvement   •  Huge  reduc0on  in  cycle  0mes  
  16. 16. Providing  NextGen  Iden0ty  Solu0ons  in  a  Legacy  World   22  Jul  2014    -­‐    Page  16     Ques0ons?   Steve  “Hutch”  Hutchinson   sehutchinson@gmail.com   @Iden0tyHutch  

×