Your SlideShare is downloading. ×
  • Like
Identity & access management jonas syrstad
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Now you can save presentations on your phone or tablet

Available for both IPhone and Android

Text the download link to your phone

Standard text messaging rates apply

Identity & access management jonas syrstad

  • 455 views
Published

 

Published in Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
455
On SlideShare
0
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
17
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Identity & accessmanagementTHE KEY TO THE FLEXIBLE WORKSPACEJonas Syrstad, jsy@pragma.no
  • 2. Disclaimer Avoiding any specific implementation No deep dive into the protocols Focus on Enterprises
  • 3. Key elements; the 4 A’s Administration Authentication Authorization Auditing
  • 4. Administration Identity synchronization  Data flow  Ownership Premission management  Access  Rights
  • 5. Challenges Ownership of data elements Processes Data flow
  • 6. Authentication Trusted 3rd party Claims based identity Open standards  WS-*  SAML
  • 7. Claims based identity A Claim is a statement that is true or false A Security token consists of one or many claims Examples of claim types  Name  Email  Gender  Group membership  Role
  • 8. Claims based identityarchitecture Security tokens issued by a trusted 3rd party Consumed by a relying party Penetrates trust and technology boundaries
  • 9. Claims based identityarchitecture Claims Provider (STS like ADFS) 4. Provide security token 3. Request Security token 5. Submit security token Client Relying party (Browser, 2. Demand Security token (ASP.NET, mobile app, WCF service 1. Request application) access ++)
  • 10. Technologies WS-* Enterprise SAML 2.0 Hybrid OAuth Consumer OpenId
  • 11. Authorization Determine what the user is allowed to do An application responsibility Device classification  What  Where  When
  • 12. Auditing Which applications does the users have access to? How do we track a user across systems and modules  Single view of user activity  Automated actions on breaches of protocol