CIS 2015-Lessons In Access Management - supporting cloud and mobile with a complete infrastructure update for Queensland Education- Craig Gilmour

•

2 likes•809 views

The Queensland Department of Education and Training had 650,000 active staff and school students being managed by an on premise identity and access management solution, supporting close to 30 separate applications. In order to enable pressing cloud and mobile requirements, the department recognised that significant changes were required. Hence, an ambitious project was established to carry out a complete refresh of all the access management components – replacing them with a more agile solution in an aggressive timeframe. This was completed in time to support a complete Office 365 (Exchange Online) migration for all 650,000 staff and students. This presentation will discuss the approach, pitfalls and learnings of this successful project.

Lessons In Access Management - supporting
cloud and mobile with a complete infrastructure
update for Queensland Education
Craig Gilmour, Chief Identity Architect
UNIFY Solutions

Department of Education & Training Overview
Copyright © 2015 Cloud Identity Summit. All rights reserved. 3

Department of Education & Training Overview
Copyright © 2015 Cloud Identity Summit. All rights reserved. 4
•  Approx 1300 Schools
•  School Staff: 90,000
•  Students: 530,000
•  Over 1.1 million Managed Identities

Key Applications – Utilisation Examples
•  ELearning, Student & Teacher Collaboration Tools
•  5 Apps, 600,000 + Users, “Dial-tone” required
•  Education: Peak Loads on all systems
•  120,000+ adds, moves, changes in 24 hour
•  Student Management System (OneSchool)
•  Peak Page Load: 13600 per min (day: 5.65 M)
•  Peak simultaneous users 7027
Copyright © 2015 Cloud Identity Summit. All rights reserved. 5

A brief History of Identity Initiatives
•  2003 – 2008: Identity Tactical & Prep
•  Schools Managed Internet Service
•  Tactical IdM, Strategy & IAM Vendor Engagement
•  2008 – 2012: “IAM 1.0” Build & Deploy (phases)
•  In Parallel: Central Student Management System
•  2012 – 2014: Operational & Strategy Review
Copyright © 2015 Cloud Identity Summit. All rights reserved. 6

What did we build?
What’s this cloud thing?
Copyright © 2015 Cloud Identity Summit. All rights reserved. 7

Copyright © 2015 Cloud Identity Summit. All rights reserved. 8

Challenges & New Requirements
•  Complexity & Operational Overheads
•  Adding New Applications: complex & vendor required
•  Cloud, Cloud, Cloud & Mobile
•  Cloud Access Management Policies & Patterns
•  O365 (Exchange Online) – 650,000 Identities
•  Cloud Online Learning Applications - accelerated
•  Rapid change, time for a new approach
•  Decision: Replacement of Access Components
Copyright © 2015 Cloud Identity Summit. All rights reserved. 9

AM Refresh Project Objectives
•  Aggressive Timeframe: 2014: February – June 30
•  Federation first & loosely coupled
•  Provide a path for cloud & mobile
•  Strong Microsoft Platform Support
•  On-premise Identities & Credentials & Desktop SSO
•  30 Applications (WAM, Federation, LDAP, Custom)
•  Dual Datacentre (redundant, automatic failover, etc)
•  Scale - current load + O365 (ExchangeOnline)Copyright © 2015 Cloud Identity Summit. All rights reserved. 10

Copyright © 2015 Cloud Identity Summit. All rights reserved. 11

AM Refresh Project Activities - Summary
•  Project Governance & Major Executive Support!
•  Implement Massive Infrastructure Changes
•  Dev, Test, UAT, Prod
•  50 + hardware load-balancer configurations
•  Testing, migration, support plans, ops handover, etc
•  June 30 2014: Made it… except 1 App
•  Ongoing: O365 Migration, upgrades, new Apps
Copyright © 2015 Cloud Identity Summit. All rights reserved. 12

Copyright © 2015 Cloud Identity Summit. All rights reserved. 13

Copyright © 2015 Cloud Identity Summit. All rights reserved. 14

PATTERNS
•  On-Premise Identities &
Credentials
•  On-Premise IdP
•  On-Premise Applications
•  Cloud Apps & Mobile
•  Future: IDaaS & IaaS:
•  PingOne / Azure /
Combination
Copyright © 2015 Cloud Identity Summit. All rights reserved. 15

Where To Now – Enabling the Future!
•  Standard Patterns for App Integration
•  Internally Developed & COTS
•  “As a Service”
•  Support IaaS Management & Role Access
•  Mobile Initiatives (OAuth & API Access)
•  Flexible, Supportable, Manageable Architecture
•  Adapt to “What’s next”
Copyright © 2015 Cloud Identity Summit. All rights reserved. 16

Copyright © 2015 Cloud Identity Summit. All rights reserved. 17

The SCIM (System for Cross-Domain Identity Management) specification is beginning to gain real-world traction for both cloud and on-premises applications. In this workshop you will learn about SCIM, how it is being used in the real world, and why many consider SCIM to be a foundational piece of any identity architecture. We will also discuss how participants can help SCIM’s adoption with their organization and across the industry.

CIS 2015-Lessons Learned in the First Year of an IAM Program- Matt Chambers

CloudIDSummit

CIS 2015 Mergers & Acquisitions in a Cloud Enabled World - Brian Puhl

CloudIDSummit

You'll laugh, you'll cry, and you might even pick up a useful nugget or two listening to a real-world enterprise IT architect share the experiences of the past year trying to support his business migrating to cloud services, and sharing the lessons learned from trying to integrate 2 hybrid enterprises into a single, streamlined company. You'll hear where the cloud came through for us, and how we often had to fall back to on-prem services such as FIM, Ping Federate, and ADFS to make the glue which binds it all together.

Are you asking yourself how do I take my inhouse application and make it available to internal users, partners or customers using SSO and access management technologies? Oh, and you don't want it to be a 6 month project? No problem. Come and find out how to leverage your existing investments and move to modern standards like OpenID Connect, without having to rip and replace infrastructure. Learn the capabilities and tradeoffs you can make to deploy the right level of identity and access management infrastructure to match your security needs.

CIS 2015- User-Authorized Discovery- George Fletcher

CloudIDSummit

As the Internet of Things grows, along with electronic health care records, the need for machine based discovery will grow substantially. One of the problems with standards based discovery today is that it can expose private information which a user might not want exposed. This talk will look at UMA protecting the webfinger discovery specification to create a discovery mechanism that provides user specified authorization policy for access to the discovery information. Issues and gaps will be identified.

CIS 2015 Session Management at Scale - Scott Tomilson & Jamshid Khosravian

CloudIDSummit

Centralized session management has long been a goal of Web Access Management systems: the idea that one session can give end users access to dozens of protected applications with a seamless SSO experience, and terminating it (either by the end user themselves, or by an administrator) cuts off access instantly. It’s a nice dream isn’t it? Turns out that while most WAM products claim they can do this, when deployment time comes around (especially in globally distributed organizations) serious security and scalability challenges emerge that make it unfeasible. In this “session”, come and learn our vision for deploying session management at scale and see how Ping Identity has implemented it in our Federated Access Management solution.

What Happens When Republicans Restrict Abortion Access

The Huffington Post

CIS 2015- Assessing the Risk of Identity and Access- Venkat Rajaji

CloudIDSummit

Today’s enterprises are required to provide access to increasingly sensitive information to a broader set of users types, including employees, partners, and customers. With a mix of cloud and SaaS applications and file sharing, alongside traditional legacy applications and data, the oversight and management is a challenge. Providing a seamless access experience is a critical business enabler. Providing inappropriate access can be a business disaster. This session will explore how organizations can enhance traditional governance and provisioning with continuous monitoring, analytics, and intelligence and take a risk-aware approach to identify privileged access, inappropriate access, and vulnerabilities.

CIS 2015- IoT? The ‘I’ needs to be ‘Identity’- Paul Madsen

CloudIDSummit

Just as the IoT demands interoperability at the network and application layer, for it to reach its hoped for scale and ubiquity it also demands ‘identity interoperability’, i.e. the ability for things and applications to be able to discover, authenticate and trust devices with identities that are managed elsewhere. OAuth 2.0 and OpenID® Connect 1.0 are two authentication and authorization standards that, while not developed specifically with the IoT in mind, promise to serve as important tools for the IoT’s authentication and authorization requirements—enabling a standardized interoperable identity layer for the IoT. In this presentation I'll argue the relevance of these identity standards to the IoT by exploring how they fit into a representative IoT wearable architecture

CIS 2015 How to secure the Internet of Things? Hannes Tschofenig

CloudIDSummit

Companies and researchers are exploring ways to make software and hardware development easier for the masses. Soon you will be able to build your own autonomous drone, create a sensor that assess the watering needs of your plants, and develop a cat tracking device with minimal coding and hardware skills. What is the place of security and privacy in this exciting development? Are we building the next generation of Internet security vulnerabilities right now? In his talk Hannes Tschofenig will highlight challenges with Internet of Things, what role standardization plays, and what contributions ARM, a provider of microprocessor IP, is making to improve IoT security.

CIS 2015 Modernize IAM with UnboundID and Ping Identity - Terry Sigle & B. Al...

CloudIDSummit

Why AWS in Education: Transforming Education in the Cloud

Amazon Web Services

Today’s students come to education with different expectations than students did a decade ago, given their confirmed status as digital natives. In response, education must transform to meet those student needs. Universities are adopting cloud to be more agile and responsive. Platforms being used to teach students have had to transform as well. And education technology companies are emerging to champion new models of education. This session will feature why AWS is an ideal fit for this transformative moment in education and highlight customer examples across the education ecosystem. The session will highlight how cloud can accelerate breakthroughs in educational models and learning outcomes by providing on-demand access to powerful computing that enables dynamic content, video lecture capture and self-paced and distance models and how educational institutions leverage cloud to address their unique technology needs.

Transforming Education in the Cloud

Amazon Web Services

DGDIR_74201540446PMcarbonatd

Marlabs Capabilities: Healthcare and Life Sciences

Marlabs

Marlabs can enhance the clinical and administrative systems of customers to deliver more connected and integrated healthcare solutions. Our healthcare solutions help customers meet the demands of a new economic and regulatory paradigm. Marlabs partners with life sciences organizations on advanced technology engagements as well as on strategic sourcing. Our experience in the new digital technologies like Social, Mobile, Analytics and Cloud help us tailor innovative solutions for our clients.

Oracle OpenWorld - A quick take on all 22 press releases of Day #1 - #3

Holger Mueller

Marlabs Capabilities Overview: Energy and Utilities

Marlabs

Our solutions help customers improve reliability, efficiency and return on assets, and better engage customers. We also support our customers with real-time analytics to take control of grid data and implementation of enterprise applications. Marlabs’ solutions enable utilities to modernize their technology assets to support new business models while reducing cost. We can help with Advanced Metering Infrastructure (AMI) and its integration with distribution automation, building newer customer information systems, consumer portals, and meter data management. Marlabs provides end-to-end support throughout the ongoing transformation. We enable seamless integration of newer systems with legacy systems, supported by cyber-security solutions.

DevOps and APIs: Great Alone, Better Together

MuleSoft

DevOps has emerged as a critical enabler of agility in enterprise IT; a DevOps model increases reliability and minimizes disruption, with the added benefit of increasing speed. But that isn’t enough. DevOps must be balanced with a focus on asset consumption and reuse to make sure the organization is extracting maximum value out of all the newly built assets. And that’s where an API strategy comes in. In this session, we'll discuss how organizations use DevOps and API-led connectivity to reduce time to market 3-4x.

Marlabs Capabilities Overview: Airlines

Marlabs

Transforming Enterprises through Next-generation Cloud Applications

Tata Consultancy Services

Marlabs Capabilities Overview: QA Services

Marlabs

Marlabs’ independent testing services can help customers improve the quality and performance of their software applications along with faster time to market and reduced cost of testing. Our end-to-end outcome-based testing process is aligned with the client’s strategic and operational goals to provide maximum value. We offer a wide range of testing services including life cycle testing, test consulting, test automation services and specialized mobile and enterprise application testing services.

Meetup_Bangalore_Rajesh

D.Rajesh Kumar

CloudExpo NY 2014: Moving Mission Critical Applications to the Cloud

Kacy Clarke

Proven Practices for Office 365 Deployment, Security and Management

Perficient, Inc.

Learn how the single sign-on and automated account provisioning for Office 365 can stop the cloud password sprawl, close security holes and free up IT time for new projects. This covers topics such as how to drive cloud app adoption, centralize, standardize and automate access, leverage active directory without the expense and risk of replicating it, and to ultimately simply your Office 365 deployment.

Manatee to Dolphin: Transitioning to a Startup Mentality

Todd Kaplinger

Viewers also liked

CIS 2015 So you want to SSO … Scott Tomilson & John Dasilva

CloudIDSummit

CIS 2015- User-Authorized Discovery- George Fletcher

CloudIDSummit

CIS 2015 Session Management at Scale - Scott Tomilson & Jamshid Khosravian

CloudIDSummit

What Happens When Republicans Restrict Abortion Access

The Huffington Post

CIS 2015- Assessing the Risk of Identity and Access- Venkat Rajaji

CloudIDSummit

CIS 2015- IoT? The ‘I’ needs to be ‘Identity’- Paul Madsen

CloudIDSummit

CIS 2015 How to secure the Internet of Things? Hannes Tschofenig

CloudIDSummit

CIS 2015 Modernize IAM with UnboundID and Ping Identity - Terry Sigle & B. Al...

CloudIDSummit

Viewers also liked (8)

CIS 2015 So you want to SSO … Scott Tomilson & John Dasilva

CIS 2015- User-Authorized Discovery- George Fletcher

CIS 2015 Session Management at Scale - Scott Tomilson & Jamshid Khosravian

What Happens When Republicans Restrict Abortion Access

CIS 2015- Assessing the Risk of Identity and Access- Venkat Rajaji

CIS 2015- IoT? The ‘I’ needs to be ‘Identity’- Paul Madsen

CIS 2015 How to secure the Internet of Things? Hannes Tschofenig

CIS 2015 Modernize IAM with UnboundID and Ping Identity - Terry Sigle & B. Al...

Similar to CIS 2015-Lessons In Access Management - supporting cloud and mobile with a complete infrastructure update for Queensland Education- Craig Gilmour

Why AWS in Education: Transforming Education in the Cloud

Amazon Web Services

Transforming Education in the Cloud

Amazon Web Services

DGDIR_74201540446PMcarbonatd

Marlabs Capabilities: Healthcare and Life Sciences

Marlabs

Oracle OpenWorld - A quick take on all 22 press releases of Day #1 - #3

Holger Mueller

Marlabs Capabilities Overview: Energy and Utilities

Marlabs

DevOps and APIs: Great Alone, Better Together

MuleSoft

Marlabs Capabilities Overview: Airlines

Marlabs

Transforming Enterprises through Next-generation Cloud Applications

Tata Consultancy Services

Marlabs Capabilities Overview: QA Services

Marlabs

Meetup_Bangalore_Rajesh

D.Rajesh Kumar

CloudExpo NY 2014: Moving Mission Critical Applications to the Cloud

Kacy Clarke

Proven Practices for Office 365 Deployment, Security and Management

Perficient, Inc.

Manatee to Dolphin: Transitioning to a Startup Mentality

Todd Kaplinger

Marlabs Capabilities Overview: Microsoft Dynamics

Marlabs

LMS - Selecting the Right Tool

Connecticut Distance Learning Consortium

Marlabs Services Capabilities Overview

Marlabs

Marlabs Service Offerings include Application Development & Maintenance, Microsoft service offerings, Java development platform, Enterprise Application Services, Enterprise Transformation, Legacy Migration and SOA Capabilities, DW, Business Intelligence & Analytics, Enterprise Social Network Services, mobile, UI/UX – Usability Engineering, Digital Asset Management (DAM), SAP Solutions/Services, Salesforce.com, Testing Services, Infrastructure Services, and Cyber Threat Management Service

implanting DevOps at scale using dynamic test environments

QualiQuali

While many tech startups have adopted modern DevOps practices, mid-size and large enterprises are still barely scratching the surface. How do you start this journey on the right footing? In this webinar we discuss DevOps and what it really means when it comes to implementing and managing it for complex application architectures. In this session you can expect to learn about: The pitfalls organizations typically encounter as they deploy DevOps A practical approach to implementing DevOps at scale for an entire organization Managing dozens of application environments to certify through your pipeline How automated testing platforms, such as Sauce Labs, can be integrated in this process Using case studies and real-world experiences, we cover how to move beyond the first project to get all of your Dev and Test teams to embrace DevOps concepts. We also run a live demo.

Implementing DevOps at Scale Using Dynamic Environments

Sauce Labs

While many tech startups have adopted modern devops practices, mid-size and large enterprises are still barely scratching the surface. They have the management mandate and some resources, but the results are less than convincing when the rubber hits the road: small scale initiatives seems to be the norm, but often have encountered difficulties when trying to expand beyond their initial scope. How do you start this journey on the right footing? Join Pascal Joly, Director of Technology Partnerships at Quali, as he discusses DevOps and what it really means when it comes to implementing and managing it for complex application architectures. Using case studies and real world experiences, he will cover how to move beyond the first project to get all of your Dev and Test teams to embrace DevOps concepts. He will also run a live demo. In this session you can expect to learn about: -The pitfalls organizations typically encounter as they deploy DevOps -A practical approach to implementing DevOps at scale for an entire organization -Managing dozens of application environments to certify through your pipeline -Defining how much resources can be used by your development and test team -How automated testing platforms such as Sauce Labs can be integrated in this process Can’t make the webinar? Register anyway and we’ll send out an email with a link to the recording and slides after the event.

Perth meetup Oct 2019

Zubair Aslam

Similar to CIS 2015-Lessons In Access Management - supporting cloud and mobile with a complete infrastructure update for Queensland Education- Craig Gilmour (20)

Why AWS in Education: Transforming Education in the Cloud

Transforming Education in the Cloud

DGDIR_74201540446PM

Marlabs Capabilities: Healthcare and Life Sciences

Oracle OpenWorld - A quick take on all 22 press releases of Day #1 - #3

Marlabs Capabilities Overview: Energy and Utilities

DevOps and APIs: Great Alone, Better Together

Marlabs Capabilities Overview: Airlines

Transforming Enterprises through Next-generation Cloud Applications

Marlabs Capabilities Overview: QA Services

Meetup_Bangalore_Rajesh

CloudExpo NY 2014: Moving Mission Critical Applications to the Cloud

Proven Practices for Office 365 Deployment, Security and Management

Manatee to Dolphin: Transitioning to a Startup Mentality

Marlabs Capabilities Overview: Microsoft Dynamics

LMS - Selecting the Right Tool

Marlabs Services Capabilities Overview

implanting DevOps at scale using dynamic test environments

Implementing DevOps at Scale Using Dynamic Environments

Perth meetup Oct 2019

More from CloudIDSummit

CIS 2016 Content Highlights

CloudIDSummit

Top 6 Reasons You Should Attend Cloud Identity Summit 2016

CloudIDSummit

The Cloud Identity Summit was founded by Ping Identity with support from industry leaders in 2010 to bring together the brightest minds across the identity and security industry. Today the event is recognized as the world’s premier identity industry conference and includes tracks from industry thought leaders, CIOs and practitioners. Cloud Identity Summit serves as a multi-year roadmap to deploy solutions that are here today but built for the future. For more info, go to www.cloudidentitysummit.com. Be apart of the convo on Twitter: @CloudIDSummit + #CISNOLA

CIS 2015 Security Without Borders: Taming the Cloud and Mobile Frontier - And...CloudIDSummit

Mobile security, identity & authentication reasons for optimism 20150607 v2CloudIDSummit

CIS 2015 Mobile Security, Identity & Authentication: Reasons for Optimism - R...

CloudIDSummit

In an ever interconnected and inter-reliant world, the state of security has been a cause for deep pessimism. In the midst of all the gloom, there is good cause for optimism. With some fits and starts, the building blocks for transforming mobile security are taking shape at every level from the processor, to the chipset to special purpose hardware to operating systems and protocols that address use cases from device integrity to user authentication to payments. How do we think about security, privacy, identity and authentication in this world? This talk will provide a rapid overview of some selected building blocks and some practical examples that are now deployed at scale to illustrate the coming wave and how you as a practitioner or customer can participate and position yourself for maximum benefit.

CIS 2015 Virtual Identity: The Vision, Challenges and Experiences in Driving ...

CloudIDSummit

CIS 2015 Deploying Strong Authentication to a Global Enterprise: A Comedy in ...

CloudIDSummit

Does anybody remember seeing a big red button with the word “PANICK!” written on it? I know it was around here somewhere. Also, there’s all these cats running pell-mell around the place, can someone give me a hand in herding them? In this real-world case study, come and learn how a Fortune 100 with a diverse and extremely mobile work-force was able to turn up strong authentication protections for our critical cloud resources, and how the IT department lived to tell the tale. You’ll hear about the technical implementation of strong authentication enforcement, and how we made key design decisions in the ongoing balancing act between security and user experience, and how we managed up-and-down the chain from executive stakeholders to the boots-on-the-ground who were being asked to join us on this new security adventure.

CIS 2015 Without Great Security, Digital Identity is Not Worth the Electrons ...

CloudIDSummit

CIS 2015 IoT and IDM in your Mobile Enterprise - Brian Katz

CloudIDSummit

CIS 2015 Practical Deployments Enterprise Cloud Access Management Platform - ...

CloudIDSummit

CIS 2015 What I Learned From Pitching IAM To My CIO - Steve Tout

CloudIDSummit

The IAM program needs to align behind the shift towards ITaaS, building the platform for execution and supporting transformation and migration activities. CIOs should keep informed through a relevant IAM capability roadmap in order to make calculated decisions on where investments should be made. Ongoing investments in the IAM program are crucial in order to fill capability gaps, keep up-to-date with support and license agreements and make opportunistic progress on the strategic roadmap. In this talk, Steve discusses recent experiences and lessons learned in preparing for and pitching VMware’s CIO on enterprise IAM program initiatives.

CIS 2015 The IDaaS Dating Game - Sean Deuby

CloudIDSummit

The IDaaS (identity as a service) market segment continues to grow in popularity, and the scope of its vendor's capabilities continue to grow as well. It's still not a match for everyone, however. Join identity architect Sean Deuby for an overview of the most popular IDaaS deployment scenarios, scenarios where IDaaS has a tougher time meeting customer requirements, and whether your company is likely to find its perfect IDaaS mate.

CIS 2015 SSO for Mobile and Web Apps Ashish Jain

CloudIDSummit

The Industrial Internet, the Identity of Everything and the Industrial Enterp...

CloudIDSummit

CIS 2015 SAML-IN / SAML-OUT - Scott Tomilson & John Dasilva

CloudIDSummit

CIS 2015 Identity Relationship Management in the Internet of Things

CloudIDSummit

Devices need owners, people need confidence in device authenticity, data needs to persist in systems long after devices change hands, and access needs to be authorized selectively. That's a lot to ask; even if emerging web identity and security technologies are simpler than the models of yesteryear, IoT devices have complicating limitations when it comes to processing power, memory, user interface, and connectivity. But many use cases span web and IoT environments, so we must try! What are the specific requirements? What elements of web technologies can we borrow outright? What elements may need tweaking?

CIS 2015 The Ethics of Personal Data - Robin Wilton

CloudIDSummit

We're all more conscious than we were 2 years ago, about how much data is collected about us, and how revealing it can be. The commercial and government direction of travel is clear: more data, more mining, more monetization. And if personal data fuels the information economy, who'd want to stop that? But can we get the economic benefits, without selling our digital souls in the process? - Is there a data equivalent to the ""polluter pays"" principle? And if not, is there an alternative? - Ethical data handling sounds great in principle, but can it be practical? - How can organizations put ethical data handling into practice?

CIS 2015 What’s next? Discovery, Dynamic Registration, Mobile Connect and mor...

CloudIDSummit

CIS 2015 OpenID Connect and Mobile Applications - David Chase

CloudIDSummit

CIS 2015 OpenID Connect Workshop Part 1: Challenges for mobile - B. Allyn Fay

CloudIDSummit

More from CloudIDSummit (20)

CIS 2016 Content Highlights

Top 6 Reasons You Should Attend Cloud Identity Summit 2016

CIS 2015 Security Without Borders: Taming the Cloud and Mobile Frontier - And...

Mobile security, identity & authentication reasons for optimism 20150607 v2

CIS 2015 Mobile Security, Identity & Authentication: Reasons for Optimism - R...

CIS 2015 Virtual Identity: The Vision, Challenges and Experiences in Driving ...

CIS 2015 Deploying Strong Authentication to a Global Enterprise: A Comedy in ...

CIS 2015 Without Great Security, Digital Identity is Not Worth the Electrons ...

CIS 2015 IoT and IDM in your Mobile Enterprise - Brian Katz

CIS 2015 Practical Deployments Enterprise Cloud Access Management Platform - ...

CIS 2015 What I Learned From Pitching IAM To My CIO - Steve Tout

CIS 2015 The IDaaS Dating Game - Sean Deuby

CIS 2015 SSO for Mobile and Web Apps Ashish Jain

The Industrial Internet, the Identity of Everything and the Industrial Enterp...

CIS 2015 SAML-IN / SAML-OUT - Scott Tomilson & John Dasilva

CIS 2015 Identity Relationship Management in the Internet of Things

CIS 2015 The Ethics of Personal Data - Robin Wilton

CIS 2015 What’s next? Discovery, Dynamic Registration, Mobile Connect and mor...

CIS 2015 OpenID Connect and Mobile Applications - David Chase

CIS 2015 OpenID Connect Workshop Part 1: Challenges for mobile - B. Allyn Fay

Recently uploaded

Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...

James Anderson

Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management. The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM). Speakers: Bob Boule Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle. Gopinath Rebala Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.

Climate Impact of Software Testing at Nordic Testing Days

Kari Kakkonen

My slides at Nordic Testing Days 6.6.2024 Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.

Accelerate your Kubernetes clusters with Varnish Caching

Thijs Feryn

Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...

UiPathCommunity

💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™: See how to accelerate model training and optimize model performance with active learning Learn about the latest enhancements to out-of-the-box document processing – with little to no training required Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath. Speakers: 👨‍🏫 Andras Palfi, Senior Product Manager, UiPath 👩‍🏫 Lenka Dulovicova, Product Program Manager, UiPath

The Art of the Pitch: WordPress Relationships and Sales

Laura Byrne

Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes? All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.

Removing Uninteresting Bytes in Software Fuzzing

Aftab Hussain

Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process. In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds. - These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.

DevOps and Testing slides at DASA Connect

Kari Kakkonen

UiPath Community Day Dubai: AI at Work..

UiPathCommunity

Welcome to the first live UiPath Community Day Dubai! Join us for this unique occasion to meet our local and global UiPath Community and leaders. You will get a full view of the MEA region's automation landscape and the AI Powered automation technology capabilities of UiPath. Also, hosted by our local partners Marc Ellis, you will enjoy a half-day packed with industry insights and automation peers networking. 📕 Curious on our agenda? Wait no more! 10:00 Welcome note - UiPath Community in Dubai Lovely Sinha, UiPath Community Chapter Leader, UiPath MVPx3, Hyper-automation Consultant, First Abu Dhabi Bank 10:20 A UiPath cross-region MEA overview Ashraf El Zarka, VP and Managing Director MEA, UiPath 10:35: Customer Success Journey Deepthi Deepak, Head of Intelligent Automation CoE, First Abu Dhabi Bank 11:15 The UiPath approach to GenAI with our three principles: improve accuracy, supercharge productivity, and automate more Boris Krumrey, Global VP, Automation Innovation, UiPath 12:15 To discover how Marc Ellis leverages tech-driven solutions in recruitment and managed services. Brendan Lingam, Director of Sales and Business Development, Marc Ellis

Generative AI Deep Dive: Advancing from Proof of Concept to Production

Aggregage

Quantum Computing: Current Landscape and the Future Role of APIs

Vlad Stirbu

Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...

SOFTTECHHUB

The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing. One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.

Leading Change strategies and insights for effective change management pdf 1.pdf

OnBoard

GraphRAG is All You need? LLM & Knowledge Graph

Guy Korland

Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs. 1. Unifying Large Language Models and Knowledge Graphs: A Roadmap. https://arxiv.org/abs/2306.08302 2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs: https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/

SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf

Peter Spielvogel

Building better applications for business users with SAP Fiori. • What is SAP Fiori and why it matters to you • How a better user experience drives measurable business benefits • How to get started with SAP Fiori today • How SAP Fiori elements accelerates application development • How SAP Build Code includes SAP Fiori tools and other generative artificial intelligence capabilities • How SAP Fiori paves the way for using AI in SAP apps

FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf

FIDO Alliance

Securing your Kubernetes cluster_ a step-by-step guide to success !

KatiaHIMEUR1

Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster. However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks. In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.

PCI PIN Basics Webinar from the Controlcase Team

ControlCase

Enhancing Performance with Globus and the Science DMZ

Globus

UiPath Test Automation using UiPath Test Suite series, part 4

DianaGray10

Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap. The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies. Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques What will you get from this session? 1. Insights into SAP testing best practices 2. Heatmap utilization for testing 3. Optimization of testing processes 4. Demo Topics covered: Execution from the test manager Orchestrator execution result Defect reporting SAP heatmap example with demo Speaker: Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP

GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...

Sri Ambati

Recently uploaded (20)

Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...

Climate Impact of Software Testing at Nordic Testing Days

Accelerate your Kubernetes clusters with Varnish Caching

Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...

The Art of the Pitch: WordPress Relationships and Sales

Removing Uninteresting Bytes in Software Fuzzing

DevOps and Testing slides at DASA Connect

UiPath Community Day Dubai: AI at Work..

Generative AI Deep Dive: Advancing from Proof of Concept to Production

Quantum Computing: Current Landscape and the Future Role of APIs

Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...

Leading Change strategies and insights for effective change management pdf 1.pdf

GraphRAG is All You need? LLM & Knowledge Graph

SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf

FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf

Securing your Kubernetes cluster_ a step-by-step guide to success !

PCI PIN Basics Webinar from the Controlcase Team

Enhancing Performance with Globus and the Science DMZ

UiPath Test Automation using UiPath Test Suite series, part 4

GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...

CIS 2015-Lessons In Access Management - supporting cloud and mobile with a complete infrastructure update for Queensland Education- Craig Gilmour

2. Lessons In Access Management - supporting cloud and mobile with a complete infrastructure update for Queensland Education Craig Gilmour, Chief Identity Architect UNIFY Solutions

4. Department of Education & Training Overview Copyright © 2015 Cloud Identity Summit. All rights reserved. 4 •  Approx 1300 Schools •  School Staff: 90,000 •  Students: 530,000 •  Over 1.1 million Managed Identities

5. Key Applications – Utilisation Examples •  ELearning, Student & Teacher Collaboration Tools •  5 Apps, 600,000 + Users, “Dial-tone” required •  Education: Peak Loads on all systems •  120,000+ adds, moves, changes in 24 hour •  Student Management System (OneSchool) •  Peak Page Load: 13600 per min (day: 5.65 M) •  Peak simultaneous users 7027 Copyright © 2015 Cloud Identity Summit. All rights reserved. 5

6. A brief History of Identity Initiatives •  2003 – 2008: Identity Tactical & Prep •  Schools Managed Internet Service •  Tactical IdM, Strategy & IAM Vendor Engagement •  2008 – 2012: “IAM 1.0” Build & Deploy (phases) •  In Parallel: Central Student Management System •  2012 – 2014: Operational & Strategy Review Copyright © 2015 Cloud Identity Summit. All rights reserved. 6

9. Challenges & New Requirements •  Complexity & Operational Overheads •  Adding New Applications: complex & vendor required •  Cloud, Cloud, Cloud & Mobile •  Cloud Access Management Policies & Patterns •  O365 (Exchange Online) – 650,000 Identities •  Cloud Online Learning Applications - accelerated •  Rapid change, time for a new approach •  Decision: Replacement of Access Components Copyright © 2015 Cloud Identity Summit. All rights reserved. 9

10. AM Refresh Project Objectives •  Aggressive Timeframe: 2014: February – June 30 •  Federation first & loosely coupled •  Provide a path for cloud & mobile •  Strong Microsoft Platform Support •  On-premise Identities & Credentials & Desktop SSO •  30 Applications (WAM, Federation, LDAP, Custom) •  Dual Datacentre (redundant, automatic failover, etc) •  Scale - current load + O365 (ExchangeOnline)Copyright © 2015 Cloud Identity Summit. All rights reserved. 10

12. AM Refresh Project Activities - Summary •  Project Governance & Major Executive Support! •  Implement Massive Infrastructure Changes •  Dev, Test, UAT, Prod •  50 + hardware load-balancer configurations •  Testing, migration, support plans, ops handover, etc •  June 30 2014: Made it… except 1 App •  Ongoing: O365 Migration, upgrades, new Apps Copyright © 2015 Cloud Identity Summit. All rights reserved. 12

15. PATTERNS •  On-Premise Identities & Credentials •  On-Premise IdP •  On-Premise Applications •  Cloud Apps & Mobile •  Future: IDaaS & IaaS: •  PingOne / Azure / Combination Copyright © 2015 Cloud Identity Summit. All rights reserved. 15

16. Where To Now – Enabling the Future! •  Standard Patterns for App Integration •  Internally Developed & COTS •  “As a Service” •  Support IaaS Management & Role Access •  Mobile Initiatives (OAuth & API Access) •  Flexible, Supportable, Manageable Architecture •  Adapt to “What’s next” Copyright © 2015 Cloud Identity Summit. All rights reserved. 16

CIS 2015-Lessons In Access Management - supporting cloud and mobile with a complete infrastructure update for Queensland Education- Craig Gilmour

Recommended

Recommended

More Related Content

Viewers also liked

Viewers also liked (8)

Similar to CIS 2015-Lessons In Access Management - supporting cloud and mobile with a complete infrastructure update for Queensland Education- Craig Gilmour

Similar to CIS 2015-Lessons In Access Management - supporting cloud and mobile with a complete infrastructure update for Queensland Education- Craig Gilmour (20)

More from CloudIDSummit

More from CloudIDSummit (20)

Recently uploaded

Recently uploaded (20)

CIS 2015-Lessons In Access Management - supporting cloud and mobile with a complete infrastructure update for Queensland Education- Craig Gilmour