OpenSSO Roadmap Aquarium

2,844 views

Published on

Roadmap for OpenSSO. Presentation at TheAquarium Online

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
2,844
On SlideShare
0
From Embeds
0
Number of Embeds
25
Actions
Shares
0
Downloads
78
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

OpenSSO Roadmap Aquarium

  1. 1. OpenSSO Roadmap Sidharth Mishra sid@sun.com 1
  2. 2. What's Next • More Ease-of-Use Task Flows • Mobile One Time Password. • Reverse Proxy with Password Replay. • Carrier-Grade Monitoring • Entitlement Enforcement • Fedlet for .NET • Embedded Glassfish Container 2
  3. 3. More Ease-of-Use Task Flows (Q1 / Q2 2009) • Protect a Resource Flow • Create a Realm Flow • Configure / Deploy and Agent Flow • Configure an Authentication Store • Configure an Instance • Select an Admin for a Realm 3
  4. 4. SaaS Federation Task Flows (Q2 2009) • Provide simple task flows for configuring federated SSO with popular SaaS services • Focus on standards-based services rather than proprietary 4
  5. 5. Carrier grade monitoring • Server level monitoring and management across entire OpenSSO deployment > Test agents to ensure they are responding to client requests. > Real-time of view of OpenSSO Deployment > Quickly identify and address problems on Server side and client side. • Integrates with 3rd party monitoring and reporting tools.(OpenView, Unicenter, OpenNMS, Zenoss). • Basic monitoring data viewer and graphing. 5
  6. 6. Reverse Proxy Agent • 100% pure Java • Standards compliant reverse proxy. • Standard war file deployment • Transparent authentication. • Session loss recognition and re-authentication • Dispatch via regular expressions. • Central management of access control policies. • Policies are enforced by standard policy agent. 6
  7. 7. OTP - One Time Password (Q4 2009) • Based on OATH reference architecture. • Support for HOTP & TOTP specification. • Supports either 6 digits or 8 digits. • Configurable validity for an OTP password. • Support for both email and OTP password. • Will be used in conjunction with other authentication modules. 7
  8. 8. Entitlement Enforcement (Spring 2009) • Extend OpenSSO to solve access management, federation, secure web services and ENTITLEMENT ENFORCEMENT. > Policy Engine Benchmark – A million policies. > Killer Policy Management User interface > Build as reusable composite service for RM and IM. > XACML enhancements. – XACML Policy Definition Language. – Support for XACML Import / Export. • 3 +1 = 4 SSO Problems. One powerful solution. 8
  9. 9. Fedlet (.NET) Problem Benefits • How do I federation enable an online business partner (Service Provider) • Greater ROI on existing investments (e.g. without it having to deploy and manage a hardware) full fledged heavy weight Federation • Simple to deploy and embed an SP solution? application. OpenSSO Fedlet • Ideal for scenarios where SSO with IDP and retrieval of user attributes is the • A lightweight service provider requirement. implementation of SAML protocol which can be deployed on a Java EE container. • Can be easily embedded in a Service Provider application enabling it to communicate with an Identity Provider using SAML. Fedlet – The lightest and fastest way to federate. 9
  10. 10. OpenSSO Enterprise 8.1 OpenSSO Enterprise Roadmap 10
  11. 11. More Information • OpenSSO Wiki http://wiki.opensso.org/ • OpenSSO Project http://www.opensso.org • OpenSSO Enterprise http://www.sun.com/opensso 11
  12. 12. Thank You. 12

×