SlideShare a Scribd company logo

Intro to windows identity foundation

Download as PPTX, PDF
Claudio Sánchez
Claudio Sánchez
Technology
1 of 19
Introduction to: Single Sign On Evolved S Claudio Sanchez | LinkedIn.com/in/ClaudioASanchez | @ClaudioASanchez
Realtime feedback S @ClaudioASanchez S #CMAPCCWIF S #CMAPCC
Agenda S Application Security S Federated Identity S What problem are we trying to solve? S Case study S Current state of affairs S Identity in Real Life S Terminology S The Federated Auth dance S Code demo S Q&A
Application Security S Not Sexy S Requires specialized knowledge S Often times, depends on the environment S Never hear about it, unless it fails
Federated Identity S Organization for the Advancement of Structured Information Standards (OASIS) S WS-Federation S WS-Trust S SAML S OpenID, Oauth, Facebook Connect
The Face of WIF (Expert) Vittorio Bertocci | Microsoft | Vibro.NET (Not an Expert) NOT Vittorio
LOL
What problem are we solving? S How many accounts/passwords do you currently have? “Various Gartner studies have estimated that 25% to 35% of calls made to help desks are related to password resets” “Analysts’ estimate costs at approximately $25 to $40 per call with four password reset calls per user per year ”
Case Study | Health Care • Clinicians use an average of 6.4 passwords per day • SSO solution can save an average of 9.51 minutes per day per clinician • $2,675 per year, per clinician1 • 700 full-time equivalent clinicians can save more than $1.88 million per year with an SSO solution in place. • 1,051 patient beds • More than 1,710 full-time attending physicians $4,574,250 $2,675 lost productivity per clinician*1,710 physicians= 1 Based on a $135K/Year Salary, and 250 working days. Source: The Gartner Group, 2002 & The Ponemon Institute, 2010
Our apps are prisoners
Each app is an island
Identity in Real Life ? ? !
Terminology S Claim S Anything that can be said about a user S Name, email, age, role, gender, Sports Team Affiliation, etc S Security Token S Serialized collection of claims S Crypto-signed by issuer S Identity Provider (IdP) S The issuer responsible for authenticating the user S Relaying Party S An application configured to trust an IdP for authentication (Your application)
Claims Can Set Your Application Free
Multiple apps “One token to rule them all”
Code
Q&A
One last thing
LinkedIn.com/in/ClaudioASanchez @ClaudioASanchez http://ClaudioASanchez.blogspot.com

Recommended

Amphion Forum 2013: What to Do About Attacks Against MDMs
Amphion Forum 2013: What to Do About Attacks Against MDMsAmphion Forum 2013: What to Do About Attacks Against MDMs
Amphion Forum 2013: What to Do About Attacks Against MDMsLacoon Mobile Security
 
Estado del Comercio Electrónico en RD
Estado del Comercio Electrónico en RDEstado del Comercio Electrónico en RD
Estado del Comercio Electrónico en RDArturo Lopez Valerio
 
Introducciòn a AngularJS
Introducciòn a AngularJSIntroducciòn a AngularJS
Introducciòn a AngularJSRené Olivo
 
TIC y Redes Sociales en Rep Dominicana
TIC y Redes Sociales en Rep DominicanaTIC y Redes Sociales en Rep Dominicana
TIC y Redes Sociales en Rep DominicanaMite Nishio
 
Presentación Ernesto Flores | XIV CUMBRE REGULATEL-AHCIET
Presentación Ernesto Flores | XIV CUMBRE REGULATEL-AHCIETPresentación Ernesto Flores | XIV CUMBRE REGULATEL-AHCIET
Presentación Ernesto Flores | XIV CUMBRE REGULATEL-AHCIETIndotel RD
 
Comercio Electrónico en la República Dominicana
Comercio Electrónico en la República DominicanaComercio Electrónico en la República Dominicana
Comercio Electrónico en la República DominicanaRené Olivo
 
Pagos electrónicos
Pagos electrónicosPagos electrónicos
Pagos electrónicosRené Olivo
 
Microsoft power point closing presentation-greenberg
Microsoft power point closing presentation-greenbergMicrosoft power point closing presentation-greenberg
Microsoft power point closing presentation-greenbergISSA LA
 

Recommended

Amphion Forum 2013: What to Do About Attacks Against MDMs
Amphion Forum 2013: What to Do About Attacks Against MDMsAmphion Forum 2013: What to Do About Attacks Against MDMs
Amphion Forum 2013: What to Do About Attacks Against MDMsLacoon Mobile Security
 
Estado del Comercio Electrónico en RD
Estado del Comercio Electrónico en RDEstado del Comercio Electrónico en RD
Estado del Comercio Electrónico en RDArturo Lopez Valerio
 
Introducciòn a AngularJS
Introducciòn a AngularJSIntroducciòn a AngularJS
Introducciòn a AngularJSRené Olivo
 
TIC y Redes Sociales en Rep Dominicana
TIC y Redes Sociales en Rep DominicanaTIC y Redes Sociales en Rep Dominicana
TIC y Redes Sociales en Rep DominicanaMite Nishio
 
Presentación Ernesto Flores | XIV CUMBRE REGULATEL-AHCIET
Presentación Ernesto Flores | XIV CUMBRE REGULATEL-AHCIETPresentación Ernesto Flores | XIV CUMBRE REGULATEL-AHCIET
Presentación Ernesto Flores | XIV CUMBRE REGULATEL-AHCIETIndotel RD
 
Comercio Electrónico en la República Dominicana
Comercio Electrónico en la República DominicanaComercio Electrónico en la República Dominicana
Comercio Electrónico en la República DominicanaRené Olivo
 
Pagos electrónicos
Pagos electrónicosPagos electrónicos
Pagos electrónicosRené Olivo
 
Microsoft power point closing presentation-greenberg
Microsoft power point closing presentation-greenbergMicrosoft power point closing presentation-greenberg
Microsoft power point closing presentation-greenbergISSA LA
 
Running with Scissors: Balance between business and InfoSec needs
Running with Scissors: Balance between business and InfoSec needsRunning with Scissors: Balance between business and InfoSec needs
Running with Scissors: Balance between business and InfoSec needsMichael Scheidell
 
CIS14: NSTIC - Why the Identity Ecosystem Steering Group (IDESG)?
CIS14: NSTIC - Why the Identity Ecosystem Steering Group (IDESG)?CIS14: NSTIC - Why the Identity Ecosystem Steering Group (IDESG)?
CIS14: NSTIC - Why the Identity Ecosystem Steering Group (IDESG)?CloudIDSummit
 
Standards for a blue ocean
Standards for a blue oceanStandards for a blue ocean
Standards for a blue oceanMrsAlways RigHt
 
Call For Papers Presentations Ideas. Online assignment writing service.
Call For Papers Presentations Ideas. Online assignment writing service.Call For Papers Presentations Ideas. Online assignment writing service.
Call For Papers Presentations Ideas. Online assignment writing service.Tammy Mitchell
 
Renish Dadhaniya - GlobeSync Technologies | Work at a glance
Renish Dadhaniya - GlobeSync Technologies | Work at a glanceRenish Dadhaniya - GlobeSync Technologies | Work at a glance
Renish Dadhaniya - GlobeSync Technologies | Work at a glanceGlobeSync Technologies
 
OSC2012: Identity Analytics: Exploiting Digital Breadcrumbs
OSC2012: Identity Analytics: Exploiting Digital BreadcrumbsOSC2012: Identity Analytics: Exploiting Digital Breadcrumbs
OSC2012: Identity Analytics: Exploiting Digital BreadcrumbsAccenture the Netherlands
 
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015Joe Bartolo
 
Paragraph Writing Organizer Worksheets. Online assignment writing service.
Paragraph Writing Organizer Worksheets. Online assignment writing service.Paragraph Writing Organizer Worksheets. Online assignment writing service.
Paragraph Writing Organizer Worksheets. Online assignment writing service.Lisa Muthukumar
 
HDI Capital Area Slides August 17, 2018
HDI Capital Area Slides August 17, 2018HDI Capital Area Slides August 17, 2018
HDI Capital Area Slides August 17, 2018hdicapitalarea
 
What could kill NSTIC? A friendly threat assessment in 3 parts.
What could kill NSTIC? A friendly threat assessment in 3 parts.What could kill NSTIC? A friendly threat assessment in 3 parts.
What could kill NSTIC? A friendly threat assessment in 3 parts.Phil Wolff
 
Primer for Information Security Programs
Primer for Information Security ProgramsPrimer for Information Security Programs
Primer for Information Security ProgramsRichard Greenberg, CISSP
 
Opening Up User-Centric Identity
Opening Up User-Centric IdentityOpening Up User-Centric Identity
Opening Up User-Centric IdentityEduserv Foundation
 
NSTIC and IDESG Update
NSTIC and IDESG UpdateNSTIC and IDESG Update
NSTIC and IDESG UpdateIan Glazer
 
Opening the Talent Spigot to Securing our Digital Future
Opening the Talent Spigot to Securing our Digital FutureOpening the Talent Spigot to Securing our Digital Future
Opening the Talent Spigot to Securing our Digital FutureSecurity Innovation
 
Self-Sovereign Identity: Lightening Talk at RightsCon
Self-Sovereign Identity: Lightening Talk at RightsCon Self-Sovereign Identity: Lightening Talk at RightsCon
Self-Sovereign Identity: Lightening Talk at RightsCon Kaliya "Identity Woman" Young
 
11 19-2015 - iasaca membership conference - the state of security
11 19-2015 - iasaca membership conference - the state of security11 19-2015 - iasaca membership conference - the state of security
11 19-2015 - iasaca membership conference - the state of securityMatthew Pascucci
 
Shaping the Future of Trusted Digital Identity
Shaping the Future of Trusted Digital IdentityShaping the Future of Trusted Digital Identity
Shaping the Future of Trusted Digital IdentityNoreen Whysel
 
Safeguarding Research in South Africa: iThenticate and Crossref Similarity Check
Safeguarding Research in South Africa: iThenticate and Crossref Similarity CheckSafeguarding Research in South Africa: iThenticate and Crossref Similarity Check
Safeguarding Research in South Africa: iThenticate and Crossref Similarity CheckAcademy of Science of South Africa
 
Open source and Security
Open source and SecurityOpen source and Security
Open source and SecurityUniversidad Cenfotec
 
Lessons in privacy engineering from a nation scale identity system - connect id
Lessons in privacy engineering from a nation scale identity system - connect idLessons in privacy engineering from a nation scale identity system - connect id
Lessons in privacy engineering from a nation scale identity system - connect idDavid Kelts, CIPT
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 

More Related Content

Similar to Intro to windows identity foundation

Running with Scissors: Balance between business and InfoSec needs
Running with Scissors: Balance between business and InfoSec needsRunning with Scissors: Balance between business and InfoSec needs
Running with Scissors: Balance between business and InfoSec needsMichael Scheidell
 
CIS14: NSTIC - Why the Identity Ecosystem Steering Group (IDESG)?
CIS14: NSTIC - Why the Identity Ecosystem Steering Group (IDESG)?CIS14: NSTIC - Why the Identity Ecosystem Steering Group (IDESG)?
CIS14: NSTIC - Why the Identity Ecosystem Steering Group (IDESG)?CloudIDSummit
 
Standards for a blue ocean
Standards for a blue oceanStandards for a blue ocean
Standards for a blue oceanMrsAlways RigHt
 
Call For Papers Presentations Ideas. Online assignment writing service.
Call For Papers Presentations Ideas. Online assignment writing service.Call For Papers Presentations Ideas. Online assignment writing service.
Call For Papers Presentations Ideas. Online assignment writing service.Tammy Mitchell
 
Renish Dadhaniya - GlobeSync Technologies | Work at a glance
Renish Dadhaniya - GlobeSync Technologies | Work at a glanceRenish Dadhaniya - GlobeSync Technologies | Work at a glance
Renish Dadhaniya - GlobeSync Technologies | Work at a glanceGlobeSync Technologies
 
OSC2012: Identity Analytics: Exploiting Digital Breadcrumbs
OSC2012: Identity Analytics: Exploiting Digital BreadcrumbsOSC2012: Identity Analytics: Exploiting Digital Breadcrumbs
OSC2012: Identity Analytics: Exploiting Digital BreadcrumbsAccenture the Netherlands
 
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015Joe Bartolo
 
Paragraph Writing Organizer Worksheets. Online assignment writing service.
Paragraph Writing Organizer Worksheets. Online assignment writing service.Paragraph Writing Organizer Worksheets. Online assignment writing service.
Paragraph Writing Organizer Worksheets. Online assignment writing service.Lisa Muthukumar
 
HDI Capital Area Slides August 17, 2018
HDI Capital Area Slides August 17, 2018HDI Capital Area Slides August 17, 2018
HDI Capital Area Slides August 17, 2018hdicapitalarea
 
What could kill NSTIC? A friendly threat assessment in 3 parts.
What could kill NSTIC? A friendly threat assessment in 3 parts.What could kill NSTIC? A friendly threat assessment in 3 parts.
What could kill NSTIC? A friendly threat assessment in 3 parts.Phil Wolff
 
Opening Up User-Centric Identity
Opening Up User-Centric IdentityOpening Up User-Centric Identity
Opening Up User-Centric IdentityEduserv Foundation
 
NSTIC and IDESG Update
NSTIC and IDESG UpdateNSTIC and IDESG Update
NSTIC and IDESG UpdateIan Glazer
 
Opening the Talent Spigot to Securing our Digital Future
Opening the Talent Spigot to Securing our Digital FutureOpening the Talent Spigot to Securing our Digital Future
Opening the Talent Spigot to Securing our Digital FutureSecurity Innovation
 
Self-Sovereign Identity: Lightening Talk at RightsCon
Self-Sovereign Identity: Lightening Talk at RightsCon Self-Sovereign Identity: Lightening Talk at RightsCon
Self-Sovereign Identity: Lightening Talk at RightsCon Kaliya "Identity Woman" Young
 
11 19-2015 - iasaca membership conference - the state of security
11 19-2015 - iasaca membership conference - the state of security11 19-2015 - iasaca membership conference - the state of security
11 19-2015 - iasaca membership conference - the state of securityMatthew Pascucci
 
Shaping the Future of Trusted Digital Identity
Shaping the Future of Trusted Digital IdentityShaping the Future of Trusted Digital Identity
Shaping the Future of Trusted Digital IdentityNoreen Whysel
 
Safeguarding Research in South Africa: iThenticate and Crossref Similarity Check
Safeguarding Research in South Africa: iThenticate and Crossref Similarity CheckSafeguarding Research in South Africa: iThenticate and Crossref Similarity Check
Safeguarding Research in South Africa: iThenticate and Crossref Similarity CheckAcademy of Science of South Africa
 
Lessons in privacy engineering from a nation scale identity system - connect id
Lessons in privacy engineering from a nation scale identity system - connect idLessons in privacy engineering from a nation scale identity system - connect id
Lessons in privacy engineering from a nation scale identity system - connect idDavid Kelts, CIPT
 

Similar to Intro to windows identity foundation (20)

Running with Scissors: Balance between business and InfoSec needs
Running with Scissors: Balance between business and InfoSec needsRunning with Scissors: Balance between business and InfoSec needs
Running with Scissors: Balance between business and InfoSec needs
 
CIS14: NSTIC - Why the Identity Ecosystem Steering Group (IDESG)?
CIS14: NSTIC - Why the Identity Ecosystem Steering Group (IDESG)?CIS14: NSTIC - Why the Identity Ecosystem Steering Group (IDESG)?
CIS14: NSTIC - Why the Identity Ecosystem Steering Group (IDESG)?
 
Standards for a blue ocean
Standards for a blue oceanStandards for a blue ocean
Standards for a blue ocean
 
Call For Papers Presentations Ideas. Online assignment writing service.
Call For Papers Presentations Ideas. Online assignment writing service.Call For Papers Presentations Ideas. Online assignment writing service.
Call For Papers Presentations Ideas. Online assignment writing service.
 
Renish Dadhaniya - GlobeSync Technologies | Work at a glance
Renish Dadhaniya - GlobeSync Technologies | Work at a glanceRenish Dadhaniya - GlobeSync Technologies | Work at a glance
Renish Dadhaniya - GlobeSync Technologies | Work at a glance
 
OSC2012: Identity Analytics: Exploiting Digital Breadcrumbs
OSC2012: Identity Analytics: Exploiting Digital BreadcrumbsOSC2012: Identity Analytics: Exploiting Digital Breadcrumbs
OSC2012: Identity Analytics: Exploiting Digital Breadcrumbs
 
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
 
Paragraph Writing Organizer Worksheets. Online assignment writing service.
Paragraph Writing Organizer Worksheets. Online assignment writing service.Paragraph Writing Organizer Worksheets. Online assignment writing service.
Paragraph Writing Organizer Worksheets. Online assignment writing service.
 
HDI Capital Area Slides August 17, 2018
HDI Capital Area Slides August 17, 2018HDI Capital Area Slides August 17, 2018
HDI Capital Area Slides August 17, 2018
 
What could kill NSTIC? A friendly threat assessment in 3 parts.
What could kill NSTIC? A friendly threat assessment in 3 parts.What could kill NSTIC? A friendly threat assessment in 3 parts.
What could kill NSTIC? A friendly threat assessment in 3 parts.
 
Primer for Information Security Programs
Primer for Information Security ProgramsPrimer for Information Security Programs
Primer for Information Security Programs
 
Opening Up User-Centric Identity
Opening Up User-Centric IdentityOpening Up User-Centric Identity
Opening Up User-Centric Identity
 
NSTIC and IDESG Update
NSTIC and IDESG UpdateNSTIC and IDESG Update
NSTIC and IDESG Update
 
Opening the Talent Spigot to Securing our Digital Future
Opening the Talent Spigot to Securing our Digital FutureOpening the Talent Spigot to Securing our Digital Future
Opening the Talent Spigot to Securing our Digital Future
 
Self-Sovereign Identity: Lightening Talk at RightsCon
Self-Sovereign Identity: Lightening Talk at RightsCon Self-Sovereign Identity: Lightening Talk at RightsCon
Self-Sovereign Identity: Lightening Talk at RightsCon
 
11 19-2015 - iasaca membership conference - the state of security
11 19-2015 - iasaca membership conference - the state of security11 19-2015 - iasaca membership conference - the state of security
11 19-2015 - iasaca membership conference - the state of security
 
Shaping the Future of Trusted Digital Identity
Shaping the Future of Trusted Digital IdentityShaping the Future of Trusted Digital Identity
Shaping the Future of Trusted Digital Identity
 
Safeguarding Research in South Africa: iThenticate and Crossref Similarity Check
Safeguarding Research in South Africa: iThenticate and Crossref Similarity CheckSafeguarding Research in South Africa: iThenticate and Crossref Similarity Check
Safeguarding Research in South Africa: iThenticate and Crossref Similarity Check
 
Open source and Security
Open source and SecurityOpen source and Security
Open source and Security
 
Lessons in privacy engineering from a nation scale identity system - connect id
Lessons in privacy engineering from a nation scale identity system - connect idLessons in privacy engineering from a nation scale identity system - connect id
Lessons in privacy engineering from a nation scale identity system - connect id
 

Recently uploaded

Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraDeakin University
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxnull - The Open Security Community
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGMarianaLemus7
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 

Recently uploaded (20)

Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning era
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDG
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 

Intro to windows identity foundation

  • 1. Introduction to: Single Sign On Evolved S Claudio Sanchez | LinkedIn.com/in/ClaudioASanchez | @ClaudioASanchez
  • 3. Agenda S Application Security S Federated Identity S What problem are we trying to solve? S Case study S Current state of affairs S Identity in Real Life S Terminology S The Federated Auth dance S Code demo S Q&A
  • 4. Application Security S Not Sexy S Requires specialized knowledge S Often times, depends on the environment S Never hear about it, unless it fails
  • 5. Federated Identity S Organization for the Advancement of Structured Information Standards (OASIS) S WS-Federation S WS-Trust S SAML S OpenID, Oauth, Facebook Connect
  • 6. The Face of WIF (Expert) Vittorio Bertocci | Microsoft | Vibro.NET (Not an Expert) NOT Vittorio
  • 7. LOL
  • 8. What problem are we solving? S How many accounts/passwords do you currently have? “Various Gartner studies have estimated that 25% to 35% of calls made to help desks are related to password resets” “Analysts’ estimate costs at approximately $25 to $40 per call with four password reset calls per user per year ”
  • 9. Case Study | Health Care • Clinicians use an average of 6.4 passwords per day • SSO solution can save an average of 9.51 minutes per day per clinician • $2,675 per year, per clinician1 • 700 full-time equivalent clinicians can save more than $1.88 million per year with an SSO solution in place. • 1,051 patient beds • More than 1,710 full-time attending physicians $4,574,250 $2,675 lost productivity per clinician*1,710 physicians= 1 Based on a $135K/Year Salary, and 250 working days. Source: The Gartner Group, 2002 & The Ponemon Institute, 2010
  • 10. Our apps are prisoners
  • 11. Each app is an island
  • 12. Identity in Real Life ? ? !
  • 13. Terminology S Claim S Anything that can be said about a user S Name, email, age, role, gender, Sports Team Affiliation, etc S Security Token S Serialized collection of claims S Crypto-signed by issuer S Identity Provider (IdP) S The issuer responsible for authenticating the user S Relaying Party S An application configured to trust an IdP for authentication (Your application)
  • 14. Claims Can Set Your Application Free
  • 15. Multiple apps “One token to rule them all”
  • 16. Code
  • 17. Q&A
  • 19. LinkedIn.com/in/ClaudioASanchez @ClaudioASanchez http://ClaudioASanchez.blogspot.com

Editor's Notes

  1. Windows Identity Foundation is a .NET library that enables Developers to externalize Identity logic from their application - Improves developer productivity - enhances security- Enables Interoperability
  2. Twitter is an awesome way of finding out very quickly if your talk stinks.
  3. ----- Meeting Notes (11/12/11 04:32) ------Vittorio, literally wrote "the" book on Windows Identity Foundation.- I, on the other hand, am still learning the many aspects of WIF
  4. ----- Meeting Notes (11/12/11 04:03) -----Clinicians use multiple applications during the course of a day
  5. ----- Meeting Notes (11/12/11 04:03) -----Today, our applications are chained to the particular APIs or their security layer