Federation in Practice

  • 548 views
Uploaded on

Presented by Victor Ake, OpenAM Product Manager and ForgeRock Co-Founder at ForgeRock Open Identity Stack Summit, June 2013.

Presented by Victor Ake, OpenAM Product Manager and ForgeRock Co-Founder at ForgeRock Open Identity Stack Summit, June 2013.

More in: Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
No Downloads

Views

Total Views
548
On Slideshare
0
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
44
Comments
0
Likes
1

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Open Identity SummitFederation in practiceVíctor AkéOpenAM Product ManagerForgeRock
  • 2. Open Identity SummitApplications and data within the firewall perimeterUsers within the enterpriseDifficult to roll out new servicesOLD ACCESS CONTROL
  • 3. Open Identity SummitHanseatic League (Hansa)Trade ConfederationCenturies 13th – 17thTrading outside the wallsSecureMembership agreementFollow protocol
  • 4. Open Identity SummitPartnersOutsourcingSuppliersCustomersInformation, services and users outside the fireWALL
  • 5. Open Identity SummitFEDERATIONFederalism is a political concept in whicha group of members are bound togetherby covenant (Latin: foedus, covenant*)with a governing representative head.*Agreement
  • 6. Open Identity SummitSChengen AreaIt is a group of 26 Europeancountries that have abolishedpassport and immigrationcontrols at their commonborders.!  Present your security tokenat the entrance!  Travel seamlessly within thearea
  • 7. Open Identity SummitPartnersOutsourcingSuppliersCustomersCommercialApplicationsIn-house devapplicationsLegacyapplicationsDirectoryDatabasesActiveDirectoryEnterpriseFEDERATEDIDENTITYIs the means of linking a person´s electronic identity and attributes,stored across multiple distinct identity management systems
  • 8. Open Identity SummitBenefits of Federated identityProvides Single Sign On for an enhanced user experienceShare information across partners securely and privatelyPromote adoption of new servicesReduces costsCloud friendlyMobile friendly
  • 9. Open Identity SummitIdentity Federation StandardsSAML 2.0Ws-federationID-FF
  • 10. Open Identity SummitIdentity Provider,Asserting PARTY, IdPService Provider,Relaying party,Consumer, SPCircle of TrustService Provider,Relaying party,Consumer, SPAgreementsprincipalAuthenticateObtain TokenPresent tokenAccess resourceIdentity Federation actors
  • 11. Open Identity Summit! Enterprise connected to CloudSaaS, partners, suppliers, etc! Customers using socialauthenticationSaaSPrivate CloudSocialPartnersOutsourcingSuppliersCommercialApplicationsIn-house devapplicationsLegacyapplicationsDirectoryDatabasesActiveDirectoryUse cases
  • 12. Open Identity Summit! SaaS/IDaas Providing services toEnterprises! Social authentication to SaaS andIDaaSMulti-tenantIdPMulti-tenantSPIDaasSaaSSocialCommercialApplicationsIn-house devapplicationsLegacyapplicationsDirectoryDatabasesActiveDirectoryUse cases
  • 13. Open Identity SummitWebAppNativeAppNativeAppWebAppLoginAppREST/OAuth2/OpenIDConnectAuthenticationAuthorizationAttribute DeliveryFederationSSOToken PersistenceSession MgmtOAuth2 ProviderOpenAMCloudEnterpriseUse cases
  • 14. Open Identity SummitSP to IdP MeshIdP$IdP$IdP$IdP$SP$SP$SP$
  • 15. Open Identity SummitIdP ProxyIdP$IdP$IdP$IdP$SP$SP$SP$IdPProxy
  • 16. Open Identity SummitFederation is more than SSOSAML 2.0IdP, SP, IdP Proxy, Attribute Query Provider, AttributeAuthority, Authentication Authority, XACML PEP, XACMLPDPWS-FederationIdP, SPID-FFIdP, SPOAuth 2.0RESTful Authorization protocol
  • 17. Open Identity SummitOpenAM + familyOpenamFull blown FederationOpenAM FedletLightweight SAML 2.0 SPOpenIG and FedletPowerful combination of integration and SAML 2.0
  • 18. Open Identity SummitWalkthrough on how to configure OpenAMto achieve SSO to GoogleApps & SalesForceusing SAML2
  • 19. Open Identity SummitIDPSP SPCircle of TrustSSO to Google apps and salesforcedemo.openam.org
  • 20. Q & AVíctor AkéOpenAM Product ManagerForgeRockThanks !