ENABLING THE E-CITIZEN IN A DISTRIBUTED ENVIRONMENT
•Download as PPTX, PDF•
0 likes•425 views
DANIEL STROUD, CISSP-ISSAP, MCSE, Identity and Access Management Capabilities Lead, G2, Inc., at the European IRM Summit 2014.
More Related Content
What's hot
What's hot (20)
Similar to ENABLING THE E-CITIZEN IN A DISTRIBUTED ENVIRONMENT
Similar to ENABLING THE E-CITIZEN IN A DISTRIBUTED ENVIRONMENT (20)
More from ForgeRock
More from ForgeRock (20)
Recently uploaded
Recently uploaded (20)
ENABLING THE E-CITIZEN IN A DISTRIBUTED ENVIRONMENT
- 1. Enabling The eCitizen In A Distributed Environment Daniel Stroud IAM Capabilities Manager dan.stroud@g2-inc.com November 2014
- 2. Primary Goals • Reusability • Simplified Public Key Infrastructure (PKI) Authentication in a Distributed Lightweight Directory Access Protocol (LDAP) Environment • Distributed Attribute Repository Support • Simplified Transition to Attribute Based Access Control (ABAC) • Disconnected Operations Support
- 3. Technical Approach • Reusability • Choose a robust Open Source solution • Distill complex configurations • Provide automation and standard packaging • Simplified PKI Authentication • Allow end user PKI certificate linkage and entrenchment • Allow multiple Certificate Revocation List (CRL) definitions via HTTP • Distributed Attribute Repository Support • Implement a pluggable interface with Virtual Directory Service (VDS) capability • Simplified ABAC Transition • Package default rules for protected resources • Disconnected Operations Support • Implement in-memory and local LDAP caching
- 4. An Introduction to the KickStart Console…
- 6. The Ideal Situation Policy Agent Policy Agent Web Application OpenAM Server Web Application J2EE Servlet Container PKI Authority Policy Agent Web Application J2EE Servlet Container Container CRL
- 7. Distributed PKI Environment Policy Agent Policy Agent Web Application OpenAM Server Web Application J2EE Servlet Container LDAP PKI Authority Policy Agent Web Application J2EE Servlet Container Container Web Server CRL CRL
- 9. Distributed Attributes Policy Agent Policy Agent Web Application OpenAM Server Web Application J2EE Servlet Container LDAP Authoritative Attribute Repo Policy Agent Web Application J2EE Servlet Container Container
- 10. Another Look at the KickStart Console…
- 12. Disconnected Policy Agent Policy Agent Web Application OpenAM Server Web Application J2EE Servlet Container LDAP Authoritative Attribute Repo Policy Agent Web Application J2EE Servlet Container Container