Your SlideShare is downloading. ×

OpenSSO Deployments

2,864

Published on

Deployments of OpenSSO. At TheAquariumOnline

Deployments of OpenSSO. At TheAquariumOnline

Published in: Technology, Business
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
2,864
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
108
Comments
0
Likes
1
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Real world deployment with Sun OpenSSO Enterprise at Verizon Wireless Ajay Sondhi 1
  • 2. Verizon Wireless OpenSSO Deployment Verizon Wireless is a leader in wireless voice, data,  information and entertainment services  Joint venture of Verizon Comms (NYSE: VZ) + Vodafone (NYSE: VOD)  85 million customers  71,000 employees  $44 billion annual revenue  More than 2,600 retail stores & kiosks  One of the most reliable wireless network in the U.S. ● Network coverage: 267M POPs ● Rapid Disaster Response, Portable Cell Site 2
  • 3. Verizon Wireless OpenSSO Deployment Goals Give users a unified experience across all ● authorized products and services by Single Sign On (SSO) by assigning Account Owner and Account Member roles and multi-line accounts ● Permit standardization across all self-serve platforms by authentication and authorization logic to prevent site intrusion ● Provide seamless integration between Verizon Wireless (VZW) and other lines of businesses (LOBs) to improve customer experience Benefits Easy to integrate new products and services ● ● Simplified SSO reduces IT cost and improves security ● Access Manager (AM) improves security by authentication & authorization logic ● Enable cross-domain SSO unifies user experience between VZW and ASPs ● Enable customized audit capabilities through AM for log access information and diagnostic information analysis 3
  • 4. Verizon Wireless (Technical Requirements) A Deployment Topology & Architecture that supports High Availability ● High Throughput ● High Performance ● A flexible Systems Design that supports SSO with applications hosted on disparate platforms & containers ● Federation & Liberty Protocols ● Customization at all levels including Authentication, Authorization and ● Federation 4
  • 5. Verizon Wireless OpenSSO Deployment Access Manager SSO : Implemented for both B2C and B2B on Wireless ● and Broadband ● 50M MyVerizon wireless customers registered online ● 2M logins/day on VZW ● Supports role based access ● 25 different product vendors integrated Federation : Implemented Federation across VZW and VZT for ● B2C customers ● Implement Federation across VZW and .Net for SMB customers ● Implemented Federation across VZW and VZB for business customers ● Login once & toggle between two distinct My Account websites. ● Convenient access for One-Bill and bundle services 5
  • 6. Verizon Wireless (AM SSO Features) Account Management Registration & Login (2M Logins/day) ● ● Password Management ● Profile & Preference Management User Authentication Cross-Domain Single Sign-On and ● ● State Management ● Role-based Access Control ● Standard User Authentication System for All External Sites Customized APIs Customized Services for Billing, ● Handset, Provisioning and Post-Login Functions 6
  • 7. Verizon Wireless (AM Federation Features) Seamless integration between Verizon Wireless ● and other Verizon LOBs ● Login once & toggle between two distinct My Account web sites ● Convenient access for One-Bill and bundle services ● Cross-sell opportunities on both sites 7
  • 8. Verizon Wireless Architecture High Availability Geographic redundancy in two data ● centers (East & West) ● Session failover capabilities with four instances of AM within each data center. ● Six way multi-mastered directory servers across data centers High Performance Over 50M identities ● ● Over 4000 successful authentications per minute (peak) ● Over 250K active users (peak) ● Provide SSO with over 25 ASPs 8
  • 9. Verizon Wireless Architecture Superior Sun hardware Web servers -T2K (Niagra chipset) for superior multithreaded performance ● ● Directory –x4600 (Opteron chipset) for high disk i/o Design Choices Use of Session Attributes (as opposed to profile) ● ● Turn off profile notifications from AM to agents ● Segregating the configuration Realm ● Restrict the use of URL policy and J2EE policy mode ● Load balancer configuration to ensure stickiness ● Writing to one master LDAP Tuning OS –Memory, File system and Networking ● ● AM Tuning ● JVM tuning ● Agent Tuning ● Directory Server Tuning 9
  • 10. Questions? 10

×