Bring your own Identity (BYOID) with WSO2 Identity Server

1,067 views
933 views

Published on

Published in: Technology, Education
0 Comments
3 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,067
On SlideShare
0
From Embeds
0
Number of Embeds
33
Actions
Shares
0
Downloads
72
Comments
0
Likes
3
Embeds 0
No embeds

No notes for slide

Bring your own Identity (BYOID) with WSO2 Identity Server

  1. 1. Director  of  Security   Prabath  Siriwardena   Bring  Your  Own   Iden5ty  (BYOID)  with   WSO2  Iden5ty  Server   April  23,  2014  
  2. 2. 2   About  WSO2   ๏  Global  enterprise,  founded  in  2005  by   acknowledged  leaders  in  XML,  web   services    technologies,  standards    and   open  source   ๏  Provides  only  open  source  plaKorm-­‐as-­‐ a-­‐service  for  private,  public  and  hybrid   cloud  deployments   ๏  All  WSO2  products  are  100%  open   source  and  released  under  the  Apache   License  Version  2.0.   ๏  Is  an  Ac5ve  Member  of  OASIS,  Cloud   Security  Alliance,  OSGi  Alliance,  AMQP   Working  Group,  OpenID  Founda5on   and  W3C.   ๏  Driven  by  Innova5on   ๏  Launched  first  open  source  API   Management  solu5on  in  2012   ๏  Launched  App  Factory  in  2Q  2013   ๏  Launched  Enterprise  Store  and   first  open  source  Mobile  solu5on   in  4Q  2013  
  3. 3. 3   What  WSO2  delivers  
  4. 4. 4  
  5. 5. 5  
  6. 6. Gartner  predicts,  by  the  end  of  2015,  50%  of  all   new  retail  customer  iden<<es  will  be  based  on   social  network  iden<<es.     6  
  7. 7. Facebook  is  only  second  to  China  and  India  in  terms  of   its  user  base.   7  
  8. 8. Facebook  vs.  Internet  User  vs.  World  Popula<on   8  
  9. 9. 9   Facebook vs. China vs. India
  10. 10. 10   Enterprise Identity ßà Social Identity
  11. 11. IT  consumeriza<on  is  an  emerging  topic  or  trend  for   last  few  years.   11  
  12. 12. The  ini<al  consumeriza<on  hype  was  focused  on  the   bring  your  own  device  (BYOD)  trend.     12  
  13. 13. 13   Bring  Your  Own  Device  (BYOD)     à     Bring  Your  Own  Iden<ty   (BYOID)  
  14. 14. The  rise  of  BYOID  is  being  driven  by  users'  "iden<ty   fa<gue”.   14  
  15. 15.  The  analyst  firm  Quocirca  confirms  that  in  Europe  58   percent  transact  directly  with  users  from  other  businesses   and/or  consumers;  for  the  UK  alone  the  figure  is  65   percent.   15  
  16. 16. In  U.S  only,    mergers  and  acquisi<ons  volume  totaled  to   $865.1  billion  in  the  first  nine  months  of  2013,   according  to  Dealogic.   16  
  17. 17. 17   What drives BYOID?
  18. 18. SAML  2.0  /  OpenID  /  OAuth  2.0  /  OpenID  Connect   18  
  19. 19. SAML  1.0  à  Nov  2002  |  SAML  1.1  à  Sept  2003  |  SAML   2.0  à  2005     19  
  20. 20. OpenID  was  ini<ated  by  the  founder  of  LiveJournal,   Brad  Fitzpatrick.   20  
  21. 21. By  the  end  of  2009  –  there  were  more  than  one  billion   OpenID  accounts.     21  
  22. 22. OpenID  started  to  fade  due  to  OAuth  2.0  and  OpenID   Connect.     22  
  23. 23. OpenID  Connect  is  a  profile  built  on  top  OAuth  2.0.     23  
  24. 24. OAuth  is  not  about  authen<ca<on  –  but,  delegated   authoriza<on.       24  
  25. 25. The  standard  based  iden<ty  federa<on  is  the  entry   point  to  BYOID.   25  
  26. 26. Internet  Iden<ty  always  -­‐  has  an  unsolved  problem     26  
  27. 27. SAML  2.0  dominated  Iden<ty  Federa<on  in  last  decade   –  OpenID  Connect  and  JWT  possibly  lead  the  next.     27  
  28. 28. Any  iden<ty  management  system  to  qualify  to   support  BYOID  -­‐  should  simply  go  beyond  standard   support  for  Iden<ty  Federa<on  protocols.     28  
  29. 29. How  would  you  mediate,  transform  iden<ty  tokens   between  different  standards  or  protocols  ?   29  
  30. 30. WSO2  Iden<ty  Server  is  an  open  source  Iden<ty  and   En<tlement  management  server,  which  supports  SAML   2.0,  OpenID,  OAuth  2.0,  OpenID  Connect,  XACML  3.0,   SCIM,  WS-­‐Federa<on  (passive)  and  many  other  iden<ty   federa<on  palerns.     30  
  31. 31. 31   Operators ServiceProviders
  32. 32. 32   Operators ServiceProviders SAML 2.0 OpenID Connect / SAML 2.0 OpenIDConnect OpenIDConnect
  33. 33. 33   SAML 2.0 OpenID Connect / SAML 2.0
  34. 34. 34   SAML 2.0 SAML 2.0 SAML 2.0 SAML 2.0
  35. 35. 35   Operators ServiceProviders
  36. 36. 36   1 Scenario - 1 http://ebuy.federationdemo.com:9766/ebuy/
  37. 37. 37   2 OpenID Connect Request Scenario - 1 1502808989
  38. 38. 38   3 OpenID Connect Request Scenario - 1
  39. 39. 39   4 < credentials > Scenario - 1 User : tom_imobile Password: tom_imobile
  40. 40. 40   4 Scenario - 1
  41. 41. 41   5 OpenID Connect Response Scenario - 1
  42. 42. 42   6 OpenID Connect Response Scenario - 1
  43. 43. 43   7 Scenario - 1
  44. 44. 44   1 Scenario - 2 http://azone.federationdemo.com:9766/azone/ 9477808989
  45. 45. 45   2 OpenID Connect Request Scenario - 2
  46. 46. 46   3 SAML2.0 Request Scenario - 2
  47. 47. 47   3 OAuth 2.0 Scenario - 2
  48. 48. 48   4 < credentials > Scenario - 2
  49. 49. 49   4 OAuth 2.0 response Scenario - 2
  50. 50. 50   5 SAML2 Response Scenario - 2
  51. 51. 51   6 OpenID Connect Response Scenario - 2
  52. 52. 52   7 Scenario - 2
  53. 53. 53   Business  Model  
  54. 54. Contact  us  !  

×