SlideShare a Scribd company logo

CIS14: Creating a Federated Identity Service for ABAC and WebAccess Management cis

CloudIDSummit
CloudIDSummit

Matt Tatro, Denise Lores, Wade Ellery Radiant Logic How to create a federated identity service that will build a bridge from the old world of groups to the new world of ABAC, improving your authorizations and Web Access Management.

Technology
1 of 17
Download to read offline
Creating a Federated Identity Service for ABAC and Web Access Management Wade Ellery Western Region Director of Sales Denise Lores Senior Architect
The Four Pillars of Identity Services ¡  Enhanced user experience ¡  Improved management of security risks ¡  Efficient development/ deployment of applications ¡  Reusable integration ¡  HIPAA, SOX compliance ¡  Common access logs ¡  Improved accountability ¡  Common reporting ¡  Reduced administrative tasks ¡  Reduced help desk calls ¡  Improved process efficiency ¡  Central user information ¡  Reduced administrative tasks ¡  Reduced help desk calls ¡  Improved security ¡  Accountability ¡  Cost savings User Self-Service & Password Management Virtual Directory Web Access Management/SSO Centralized Audit Delegated Administration Synchronization/ Replication Federated Identity Management/SSO Logging and Monitoring Automated Approvals and Workflows Meta Directory Authentication & Authorization Access Certification Enterprise Role Definition Directory Storage Standard APIs Reporting Audit, Role & Compliance Access Management Identity Management Identity Data Services
RadiantOne: Your Foundation to a Complete Identity Service HR DatabasesApplications DatabasesLDAP Directories Cloud Apps
IDM Supporting Multiple Repositories is Costly: Traditional IDM Attempted to Mitigate Existing Identity Infrastructure Legacy Applications
IDM Existing Identity Infrastructure Legacy Applications New Applications and Customers Increase complexity, support, and risk Existing Identity Infrastructure SaaS/Cloud/BYOD/ Partner Apps
RadiantOne   Existing Identity Infrastructure SaaS/Cloud/BYOD/ Partner Apps RadiantOne The Identity Hub IDM Legacy Applications
Federated  Iden-ty  Service   Existing Identity Infrastructure SaaS/Cloud/BYOD/ Partner Apps Federated Identity Service Able to Sunset Identity Stores IDM Legacy Applications
Identity as a service through Virtualization The Key to Solving the Identity Integration Challenge •  Acting as an abstraction layer RadiantOne creates attribute rich global user profiles spanning multiple identity silos. •  Aggregation, Correlation, Transformation, and Normalization of the user identity provides the ability to serve that identity to applications in the format they expect. Aggregation Correlation Integration Virtualization Population C Population B Population A Groups Roles LDAP SQL Web Services /SOA App A App B App C App D App E App F Contexts Services SCIM REST
More Identities, Better Scope—the Secret to Boosting Your Ping federation IdP Deployment
Administrator Standard User Manager Sales Marketing Product Management People ID/ identifiers Product 1 Product 2 Product 3 Web Content Lead Generation Direct Sales Indirect Sales •  If you have those attributes somewhere already, instead of having static assignment, the groups memberships can be data-driven. Where do the Attributes Come From? Existing Data Sources! GroupsRoles Departments Divisions Location
RadiantOne Methodology Leveraging Existing Contexts to Build User Profiles
RadiantOne Methodology Joining across Data Silos Links Identities to Context
•  RadiantOne is made of two main parts: •  An integration layer based on virtualization •  A storage layer: Persistent Cache •  LDAP (up to v6.2) •  HDAP (based on big data technologies, v7.0) RadiantOne Integration Layer and Cache/Storage Layer Integration Layer Integration Layer + Storage (Persistent Cache) HDAP Storage (Persistent Cache)
HR Database LDAP Directory Active Directory Normalizing Attributes Across Sources to Support Policy Authoring and Policy Decision Point employeeNumber=2 samAcountName=Andrew_Fuller objectClass=user mail: andrew_fuller@setree1.com uid=AFuller ntitle=VP Sales ClearanceLevel=1 Region=PA memberOf=Sales nDepartment=Sales Correlated Identity Virtual View employeeNumber=2   samAccountName=Andrew_Fuller   objectClass=user   mail:  andrew_fuller@setree1.com   departmentNumber=234   ?tle=Sales,  VP   uid=AFuller   ?tle=Vice  Pres.  Sales   givenName=Andrew   sn=Fuller   departmentNumber=234   EmployeeID=509-­‐34-­‐5855   ClearanceLevel=1   Region=PA   UserID=EMP_Andrew_Fuller   DeptID=Sales234     cn=Sales objectClass=group member=Andrew_Fuller **Based on identities that have: •  ClearanceLevel=1 •  nTitle=VP Sales •  Region=PA Dynamic Groups Virtual View ComputedAttribute Normalized Attribute Values Federated Identity Attribute Server Normalized Attributes Attribute: nDepartment Values: Accounting Administration Business Development Distribution Marketing Production Research Sales Shipping Attribute: nTitle Values: CEO CIO CISO VP Sales VP Marketing …
Oracle DB User = LCallahan Co = Sutton Ryan MemberOf = Sales RadiantOne as Single Identity Source Access Management Portal ODSEE Enterprise App A (MemberOf = Sales) Enterprise App B (MemberOf = Finc) Claims Enabled App C (Security = High) Claims SaaS App D (Security = Low) Name= Laura_Callahan Co = Sutton Ryan MemberOf = Sales Security = Low saMAccountName = JSmythe Name = John_Smythe MemberOf = IT, Finc Security = High saMAccountName = JSeed Name = Jill_Seed MemberOf = Sales SaaS Profiles Name= Laura_Callahan Co = Sutton Ryan Security = Low MemberOf = Sales Name = John_Seed MemberOf = IT, Finc Security = High John’s AD Profile User = JSmythe MemberOf = IT, Finc SAP ERP Profiles John_Smythe = High Laura_Callahan = Low AD AD Profile saMAccountName = JSmythe MemberOf=Sales IDM Profile User = JSmythe GUID = 23185798306=4 User = LCallahan GUID = 39583201202=3
Customer App Profiles User = LCallahan Co = Sutton Ryan MemberOf = Sales RadiantOne as Single Identity Source for IDaaS and Portal Portal IDaaS NorAm AD Enterprise App A (MemberOf = Sales) Enterprise App B (MemberOf = Finc) Claims Enabled App C (Security = High) Claims SaaS App D (Security = Low) Name= Laura_Callahan Co = Sutton Ryan MemberOf = Sales Security = Low saMAccountName = JSeed Name = John_Seed MemberOf = IT, Finc Security = High saMAccountName = Jsmythe Name = Jill_Smythe MemberOf = Sales IDaaS Profiles Name= Laura_Callahan Co = Sutton Ryan Security = Low MemberOf = Sales Name = John_Seed MemberOf = IT, Finc Security = High John’s AD Profile saMAccountName = JSeed MemberOf = IT, Finc SAP ERP Profiles John_Seed = High Laura_Callahan = Low Sync with VDS EMEA AD Jill AD Profile saMAccountName = JSmythe MemberOf=Sales
Confidential and proprietary materials for authorized Radiant Logic personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. Why RadiantOne •  Portals, Content Management, Collaboration •  Federated Access - SaaS/Cloud Apps/Claims •  Web SSO – Access Management •  Partner/Vendor/Customer IAM •  Fine Grained Authorization (ABAC, XACML) •  Mergers, Acquisitions, Divestitures, Reorgs •  Directory Re-architecture, Replacement, Decommission •  Active Directory Consolidation and Partitioning

Recommended

Idm Workshop
Idm WorkshopIdm Workshop
Idm Workshop
Mohamed Atef
 
OIM11g R2PS2 Architecture
OIM11g R2PS2 ArchitectureOIM11g R2PS2 Architecture
OIM11g R2PS2 Architecture
Atul Goyal
 
Iam suite introduction
Iam suite introductionIam suite introduction
Iam suite introduction
wardell henley
 
Forefront Identity Manager 2010 (Av Rune Lystad)
Forefront Identity Manager 2010 (Av Rune Lystad)Forefront Identity Manager 2010 (Av Rune Lystad)
Forefront Identity Manager 2010 (Av Rune Lystad)
Microsoft Norge AS
 
CIS13: How to Build a Federated Identity Service on Identity and Context Virt...
CIS13: How to Build a Federated Identity Service on Identity and Context Virt...CIS13: How to Build a Federated Identity Service on Identity and Context Virt...
CIS13: How to Build a Federated Identity Service on Identity and Context Virt...
CloudIDSummit
 
User Manager
User ManagerUser Manager
User Manager
EmpowerID
 
C4C integration with SAP PI/PO
C4C integration with SAP PI/POC4C integration with SAP PI/PO
C4C integration with SAP PI/PO
Daniel Graversen
 
Office Developers Conference - Financial Services OBAs
Office Developers Conference - Financial Services OBAsOffice Developers Conference - Financial Services OBAs
Office Developers Conference - Financial Services OBAs
Mike Walker
 

Recommended

Idm Workshop
Idm WorkshopIdm Workshop
Idm Workshop
Mohamed Atef
 
OIM11g R2PS2 Architecture
OIM11g R2PS2 ArchitectureOIM11g R2PS2 Architecture
OIM11g R2PS2 Architecture
Atul Goyal
 
Iam suite introduction
Iam suite introductionIam suite introduction
Iam suite introduction
wardell henley
 
Forefront Identity Manager 2010 (Av Rune Lystad)
Forefront Identity Manager 2010 (Av Rune Lystad)Forefront Identity Manager 2010 (Av Rune Lystad)
Forefront Identity Manager 2010 (Av Rune Lystad)
Microsoft Norge AS
 
CIS13: How to Build a Federated Identity Service on Identity and Context Virt...
CIS13: How to Build a Federated Identity Service on Identity and Context Virt...CIS13: How to Build a Federated Identity Service on Identity and Context Virt...
CIS13: How to Build a Federated Identity Service on Identity and Context Virt...
CloudIDSummit
 
User Manager
User ManagerUser Manager
User Manager
EmpowerID
 
C4C integration with SAP PI/PO
C4C integration with SAP PI/POC4C integration with SAP PI/PO
C4C integration with SAP PI/PO
Daniel Graversen
 
Office Developers Conference - Financial Services OBAs
Office Developers Conference - Financial Services OBAsOffice Developers Conference - Financial Services OBAs
Office Developers Conference - Financial Services OBAs
Mike Walker
 
Oracle Access Manager Overview
Oracle Access Manager OverviewOracle Access Manager Overview
Oracle Access Manager Overview
guestf6dc99b
 
Oracle Identity & Access Management
Oracle Identity & Access ManagementOracle Identity & Access Management
Oracle Identity & Access Management
DLT Solutions
 
Addvantum Oracle Profile OFMW
Addvantum Oracle Profile OFMW Addvantum Oracle Profile OFMW
Addvantum Oracle Profile OFMW
Addvantum
 
Customer-Centric Data Management for Better Customer Experiences
Customer-Centric Data Management for Better Customer ExperiencesCustomer-Centric Data Management for Better Customer Experiences
Customer-Centric Data Management for Better Customer Experiences
Informatica
 
Sim-webcast-part1-1aa
Sim-webcast-part1-1aaSim-webcast-part1-1aa
Sim-webcast-part1-1aa
OracleIDM
 
Password Manager
Password ManagerPassword Manager
Password Manager
EmpowerID
 
Case Study: McKesson
Case Study: McKessonCase Study: McKesson
Case Study: McKesson
ForgeRock
 
Identity Management: Tools, processes & services
Identity Management: Tools, processes & servicesIdentity Management: Tools, processes & services
Identity Management: Tools, processes & services
JISC Netskills
 
IdM FinalVer
IdM FinalVerIdM FinalVer
IdM FinalVer
Kiril Anastasov
 
DRM Webinar Series, PART 1: Barriers Preventing You From Getting Started?
DRM Webinar Series, PART 1: Barriers Preventing You From Getting Started?DRM Webinar Series, PART 1: Barriers Preventing You From Getting Started?
DRM Webinar Series, PART 1: Barriers Preventing You From Getting Started?
US-Analytics
 
Integrate Oracle Identity Management and Advanced Controls for maximum effici...
Integrate Oracle Identity Management and Advanced Controls for maximum effici...Integrate Oracle Identity Management and Advanced Controls for maximum effici...
Integrate Oracle Identity Management and Advanced Controls for maximum effici...
Oracle
 
DRM Webinar Series, PART 3: Will DRM Integrate With Our Applications?
DRM Webinar Series, PART 3: Will DRM Integrate With Our Applications?DRM Webinar Series, PART 3: Will DRM Integrate With Our Applications?
DRM Webinar Series, PART 3: Will DRM Integrate With Our Applications?
US-Analytics
 
Group Manager
Group ManagerGroup Manager
Group Manager
EmpowerID
 
DRM Webinar Series, PART 4: Best Practices, Unlocked
DRM Webinar Series, PART 4: Best Practices, UnlockedDRM Webinar Series, PART 4: Best Practices, Unlocked
DRM Webinar Series, PART 4: Best Practices, Unlocked
US-Analytics
 
Oracle Access Management - Customer presentation
Oracle Access Management - Customer presentation Oracle Access Management - Customer presentation
Oracle Access Management - Customer presentation
Delivery Centric
 
DRM Webinar Series, PART 2: Concerned You're Not Getting the Most Out of Orac...
DRM Webinar Series, PART 2: Concerned You're Not Getting the Most Out of Orac...DRM Webinar Series, PART 2: Concerned You're Not Getting the Most Out of Orac...
DRM Webinar Series, PART 2: Concerned You're Not Getting the Most Out of Orac...
US-Analytics
 
Con8828 justifying and planning a successful identity management upgrade final
Con8828 justifying and planning a successful identity management upgrade finalCon8828 justifying and planning a successful identity management upgrade final
Con8828 justifying and planning a successful identity management upgrade final
OracleIDM
 
Identity Management: What Solution is Right for You?
Identity Management: What Solution is Right for You?Identity Management: What Solution is Right for You?
Identity Management: What Solution is Right for You?
C/D/H Technology Consultants
 
Dreamforce14 Multi Org Collaboration Architecture
Dreamforce14 Multi Org Collaboration ArchitectureDreamforce14 Multi Org Collaboration Architecture
Dreamforce14 Multi Org Collaboration Architecture
Richard Clark
 
CIS14: Why Federated Access Needs a Federated Identity
CIS14: Why Federated Access Needs a Federated IdentityCIS14: Why Federated Access Needs a Federated Identity
CIS14: Why Federated Access Needs a Federated Identity
CloudIDSummit
 
3 Building Blocks For Managing Cloud Applications Webinar
3 Building Blocks For Managing Cloud Applications Webinar3 Building Blocks For Managing Cloud Applications Webinar
3 Building Blocks For Managing Cloud Applications Webinar
Todd Clayton
 
Data Leakage Prevention
Data Leakage PreventionData Leakage Prevention
Data Leakage Prevention
Microsoft TechNet - Belgium and Luxembourg
 

More Related Content

What's hot

Oracle Access Manager Overview
Oracle Access Manager OverviewOracle Access Manager Overview
Oracle Access Manager Overview
guestf6dc99b
 
Oracle Identity & Access Management
Oracle Identity & Access ManagementOracle Identity & Access Management
Oracle Identity & Access Management
DLT Solutions
 
Addvantum Oracle Profile OFMW
Addvantum Oracle Profile OFMW Addvantum Oracle Profile OFMW
Addvantum Oracle Profile OFMW
Addvantum
 
Customer-Centric Data Management for Better Customer Experiences
Customer-Centric Data Management for Better Customer ExperiencesCustomer-Centric Data Management for Better Customer Experiences
Customer-Centric Data Management for Better Customer Experiences
Informatica
 
Sim-webcast-part1-1aa
Sim-webcast-part1-1aaSim-webcast-part1-1aa
Sim-webcast-part1-1aa
OracleIDM
 
Password Manager
Password ManagerPassword Manager
Password Manager
EmpowerID
 
Case Study: McKesson
Case Study: McKessonCase Study: McKesson
Case Study: McKesson
ForgeRock
 
Identity Management: Tools, processes & services
Identity Management: Tools, processes & servicesIdentity Management: Tools, processes & services
Identity Management: Tools, processes & services
JISC Netskills
 
IdM FinalVer
IdM FinalVerIdM FinalVer
IdM FinalVer
Kiril Anastasov
 
DRM Webinar Series, PART 1: Barriers Preventing You From Getting Started?
DRM Webinar Series, PART 1: Barriers Preventing You From Getting Started?DRM Webinar Series, PART 1: Barriers Preventing You From Getting Started?
DRM Webinar Series, PART 1: Barriers Preventing You From Getting Started?
US-Analytics
 
Integrate Oracle Identity Management and Advanced Controls for maximum effici...
Integrate Oracle Identity Management and Advanced Controls for maximum effici...Integrate Oracle Identity Management and Advanced Controls for maximum effici...
Integrate Oracle Identity Management and Advanced Controls for maximum effici...
Oracle
 
DRM Webinar Series, PART 3: Will DRM Integrate With Our Applications?
DRM Webinar Series, PART 3: Will DRM Integrate With Our Applications?DRM Webinar Series, PART 3: Will DRM Integrate With Our Applications?
DRM Webinar Series, PART 3: Will DRM Integrate With Our Applications?
US-Analytics
 
Group Manager
Group ManagerGroup Manager
Group Manager
EmpowerID
 
DRM Webinar Series, PART 4: Best Practices, Unlocked
DRM Webinar Series, PART 4: Best Practices, UnlockedDRM Webinar Series, PART 4: Best Practices, Unlocked
DRM Webinar Series, PART 4: Best Practices, Unlocked
US-Analytics
 
Oracle Access Management - Customer presentation
Oracle Access Management - Customer presentation Oracle Access Management - Customer presentation
Oracle Access Management - Customer presentation
Delivery Centric
 
DRM Webinar Series, PART 2: Concerned You're Not Getting the Most Out of Orac...
DRM Webinar Series, PART 2: Concerned You're Not Getting the Most Out of Orac...DRM Webinar Series, PART 2: Concerned You're Not Getting the Most Out of Orac...
DRM Webinar Series, PART 2: Concerned You're Not Getting the Most Out of Orac...
US-Analytics
 
Con8828 justifying and planning a successful identity management upgrade final
Con8828 justifying and planning a successful identity management upgrade finalCon8828 justifying and planning a successful identity management upgrade final
Con8828 justifying and planning a successful identity management upgrade final
OracleIDM
 
Identity Management: What Solution is Right for You?
Identity Management: What Solution is Right for You?Identity Management: What Solution is Right for You?
Identity Management: What Solution is Right for You?
C/D/H Technology Consultants
 
Dreamforce14 Multi Org Collaboration Architecture
Dreamforce14 Multi Org Collaboration ArchitectureDreamforce14 Multi Org Collaboration Architecture
Dreamforce14 Multi Org Collaboration Architecture
Richard Clark
 

What's hot (19)

Oracle Access Manager Overview
Oracle Access Manager OverviewOracle Access Manager Overview
Oracle Access Manager Overview
 
Oracle Identity & Access Management
Oracle Identity & Access ManagementOracle Identity & Access Management
Oracle Identity & Access Management
 
Addvantum Oracle Profile OFMW
Addvantum Oracle Profile OFMW Addvantum Oracle Profile OFMW
Addvantum Oracle Profile OFMW
 
Customer-Centric Data Management for Better Customer Experiences
Customer-Centric Data Management for Better Customer ExperiencesCustomer-Centric Data Management for Better Customer Experiences
Customer-Centric Data Management for Better Customer Experiences
 
Sim-webcast-part1-1aa
Sim-webcast-part1-1aaSim-webcast-part1-1aa
Sim-webcast-part1-1aa
 
Password Manager
Password ManagerPassword Manager
Password Manager
 
Case Study: McKesson
Case Study: McKessonCase Study: McKesson
Case Study: McKesson
 
Identity Management: Tools, processes & services
Identity Management: Tools, processes & servicesIdentity Management: Tools, processes & services
Identity Management: Tools, processes & services
 
IdM FinalVer
IdM FinalVerIdM FinalVer
IdM FinalVer
 
DRM Webinar Series, PART 1: Barriers Preventing You From Getting Started?
DRM Webinar Series, PART 1: Barriers Preventing You From Getting Started?DRM Webinar Series, PART 1: Barriers Preventing You From Getting Started?
DRM Webinar Series, PART 1: Barriers Preventing You From Getting Started?
 
Integrate Oracle Identity Management and Advanced Controls for maximum effici...
Integrate Oracle Identity Management and Advanced Controls for maximum effici...Integrate Oracle Identity Management and Advanced Controls for maximum effici...
Integrate Oracle Identity Management and Advanced Controls for maximum effici...
 
DRM Webinar Series, PART 3: Will DRM Integrate With Our Applications?
DRM Webinar Series, PART 3: Will DRM Integrate With Our Applications?DRM Webinar Series, PART 3: Will DRM Integrate With Our Applications?
DRM Webinar Series, PART 3: Will DRM Integrate With Our Applications?
 
Group Manager
Group ManagerGroup Manager
Group Manager
 
DRM Webinar Series, PART 4: Best Practices, Unlocked
DRM Webinar Series, PART 4: Best Practices, UnlockedDRM Webinar Series, PART 4: Best Practices, Unlocked
DRM Webinar Series, PART 4: Best Practices, Unlocked
 
Oracle Access Management - Customer presentation
Oracle Access Management - Customer presentation Oracle Access Management - Customer presentation
Oracle Access Management - Customer presentation
 
DRM Webinar Series, PART 2: Concerned You're Not Getting the Most Out of Orac...
DRM Webinar Series, PART 2: Concerned You're Not Getting the Most Out of Orac...DRM Webinar Series, PART 2: Concerned You're Not Getting the Most Out of Orac...
DRM Webinar Series, PART 2: Concerned You're Not Getting the Most Out of Orac...
 
Con8828 justifying and planning a successful identity management upgrade final
Con8828 justifying and planning a successful identity management upgrade finalCon8828 justifying and planning a successful identity management upgrade final
Con8828 justifying and planning a successful identity management upgrade final
 
Identity Management: What Solution is Right for You?
Identity Management: What Solution is Right for You?Identity Management: What Solution is Right for You?
Identity Management: What Solution is Right for You?
 
Dreamforce14 Multi Org Collaboration Architecture
Dreamforce14 Multi Org Collaboration ArchitectureDreamforce14 Multi Org Collaboration Architecture
Dreamforce14 Multi Org Collaboration Architecture
 

Similar to CIS14: Creating a Federated Identity Service for ABAC and WebAccess Management cis

CIS14: Why Federated Access Needs a Federated Identity
CIS14: Why Federated Access Needs a Federated IdentityCIS14: Why Federated Access Needs a Federated Identity
CIS14: Why Federated Access Needs a Federated Identity
CloudIDSummit
 
3 Building Blocks For Managing Cloud Applications Webinar
3 Building Blocks For Managing Cloud Applications Webinar3 Building Blocks For Managing Cloud Applications Webinar
3 Building Blocks For Managing Cloud Applications Webinar
Todd Clayton
 
Data Leakage Prevention
Data Leakage PreventionData Leakage Prevention
Data Leakage Prevention
Microsoft TechNet - Belgium and Luxembourg
 
Data security and compliancy in Office 365
Data security and compliancy in Office 365Data security and compliancy in Office 365
Data security and compliancy in Office 365
Microsoft TechNet - Belgium and Luxembourg
 
Why you should use common data service final
Why you should use common data service finalWhy you should use common data service final
Why you should use common data service final
Joel Lindstrom
 
DW Appliance
DW ApplianceDW Appliance
DW Appliance
Shankar R
 
O365Con18 - Classify, Label and Protect your Data with Azure Information Prot...
O365Con18 - Classify, Label and Protect your Data with Azure Information Prot...O365Con18 - Classify, Label and Protect your Data with Azure Information Prot...
O365Con18 - Classify, Label and Protect your Data with Azure Information Prot...
NCCOMMS
 
CIS13: Deploying an Identity Provider in a Complex, Federated and Siloed World
CIS13: Deploying an Identity Provider in a Complex, Federated and Siloed WorldCIS13: Deploying an Identity Provider in a Complex, Federated and Siloed World
CIS13: Deploying an Identity Provider in a Complex, Federated and Siloed World
CloudIDSummit
 
IDM Introduction
IDM IntroductionIDM Introduction
IDM Introduction
Aidy Tificate
 
CRM Options for Enterprise Nonprofits - Blackbaud CRM Solutions
CRM Options for Enterprise Nonprofits - Blackbaud CRM SolutionsCRM Options for Enterprise Nonprofits - Blackbaud CRM Solutions
CRM Options for Enterprise Nonprofits - Blackbaud CRM Solutions
Heller Consulting
 
Path Maker Security Presentation
Path Maker Security PresentationPath Maker Security Presentation
Path Maker Security Presentation
danhsmith
 
Peopleware. Introduction to Enterprise DataMashups
Peopleware. Introduction to Enterprise DataMashupsPeopleware. Introduction to Enterprise DataMashups
Peopleware. Introduction to Enterprise DataMashups
Justo Hidalgo
 
CIS14: Creating a Federated Identity Service for Better SSO
CIS14: Creating a Federated Identity Service for Better SSOCIS14: Creating a Federated Identity Service for Better SSO
CIS14: Creating a Federated Identity Service for Better SSO
CloudIDSummit
 
Active Directory Proposal
Active Directory ProposalActive Directory Proposal
Active Directory Proposal
MJ Ferdous
 
IAM Solution
IAM SolutionIAM Solution
IAM Solution
vikasraina
 
The Ball Launch on 2013 Microsoft TechDays Part 1/2
The Ball Launch on 2013 Microsoft TechDays Part 1/2The Ball Launch on 2013 Microsoft TechDays Part 1/2
The Ball Launch on 2013 Microsoft TechDays Part 1/2
Kallex
 
FLS_EA_Checklist_AppName_v5.pptx
FLS_EA_Checklist_AppName_v5.pptxFLS_EA_Checklist_AppName_v5.pptx
FLS_EA_Checklist_AppName_v5.pptx
ssuser7b9cdf
 
Ferraz Itp368 Optmizing Information Security
Ferraz Itp368 Optmizing Information SecurityFerraz Itp368 Optmizing Information Security
Ferraz Itp368 Optmizing Information Security
mferraz
 
Alfresco Lunch & Learn by Zia May 2011
Alfresco Lunch & Learn by Zia May 2011Alfresco Lunch & Learn by Zia May 2011
Alfresco Lunch & Learn by Zia May 2011
Zia Consulting
 
Identity Management: Risk Across The Enterprise
Identity Management: Risk Across The EnterpriseIdentity Management: Risk Across The Enterprise
Identity Management: Risk Across The Enterprise
Perficient, Inc.
 

Similar to CIS14: Creating a Federated Identity Service for ABAC and WebAccess Management cis (20)

CIS14: Why Federated Access Needs a Federated Identity
CIS14: Why Federated Access Needs a Federated IdentityCIS14: Why Federated Access Needs a Federated Identity
CIS14: Why Federated Access Needs a Federated Identity
 
3 Building Blocks For Managing Cloud Applications Webinar
3 Building Blocks For Managing Cloud Applications Webinar3 Building Blocks For Managing Cloud Applications Webinar
3 Building Blocks For Managing Cloud Applications Webinar
 
Data Leakage Prevention
Data Leakage PreventionData Leakage Prevention
Data Leakage Prevention
 
Data security and compliancy in Office 365
Data security and compliancy in Office 365Data security and compliancy in Office 365
Data security and compliancy in Office 365
 
Why you should use common data service final
Why you should use common data service finalWhy you should use common data service final
Why you should use common data service final
 
DW Appliance
DW ApplianceDW Appliance
DW Appliance
 
O365Con18 - Classify, Label and Protect your Data with Azure Information Prot...
O365Con18 - Classify, Label and Protect your Data with Azure Information Prot...O365Con18 - Classify, Label and Protect your Data with Azure Information Prot...
O365Con18 - Classify, Label and Protect your Data with Azure Information Prot...
 
CIS13: Deploying an Identity Provider in a Complex, Federated and Siloed World
CIS13: Deploying an Identity Provider in a Complex, Federated and Siloed WorldCIS13: Deploying an Identity Provider in a Complex, Federated and Siloed World
CIS13: Deploying an Identity Provider in a Complex, Federated and Siloed World
 
IDM Introduction
IDM IntroductionIDM Introduction
IDM Introduction
 
CRM Options for Enterprise Nonprofits - Blackbaud CRM Solutions
CRM Options for Enterprise Nonprofits - Blackbaud CRM SolutionsCRM Options for Enterprise Nonprofits - Blackbaud CRM Solutions
CRM Options for Enterprise Nonprofits - Blackbaud CRM Solutions
 
Path Maker Security Presentation
Path Maker Security PresentationPath Maker Security Presentation
Path Maker Security Presentation
 
Peopleware. Introduction to Enterprise DataMashups
Peopleware. Introduction to Enterprise DataMashupsPeopleware. Introduction to Enterprise DataMashups
Peopleware. Introduction to Enterprise DataMashups
 
CIS14: Creating a Federated Identity Service for Better SSO
CIS14: Creating a Federated Identity Service for Better SSOCIS14: Creating a Federated Identity Service for Better SSO
CIS14: Creating a Federated Identity Service for Better SSO
 
Active Directory Proposal
Active Directory ProposalActive Directory Proposal
Active Directory Proposal
 
IAM Solution
IAM SolutionIAM Solution
IAM Solution
 
The Ball Launch on 2013 Microsoft TechDays Part 1/2
The Ball Launch on 2013 Microsoft TechDays Part 1/2The Ball Launch on 2013 Microsoft TechDays Part 1/2
The Ball Launch on 2013 Microsoft TechDays Part 1/2
 
FLS_EA_Checklist_AppName_v5.pptx
FLS_EA_Checklist_AppName_v5.pptxFLS_EA_Checklist_AppName_v5.pptx
FLS_EA_Checklist_AppName_v5.pptx
 
Ferraz Itp368 Optmizing Information Security
Ferraz Itp368 Optmizing Information SecurityFerraz Itp368 Optmizing Information Security
Ferraz Itp368 Optmizing Information Security
 
Alfresco Lunch & Learn by Zia May 2011
Alfresco Lunch & Learn by Zia May 2011Alfresco Lunch & Learn by Zia May 2011
Alfresco Lunch & Learn by Zia May 2011
 
Identity Management: Risk Across The Enterprise
Identity Management: Risk Across The EnterpriseIdentity Management: Risk Across The Enterprise
Identity Management: Risk Across The Enterprise
 

More from CloudIDSummit

CIS 2016 Content Highlights
CIS 2016 Content HighlightsCIS 2016 Content Highlights
CIS 2016 Content Highlights
CloudIDSummit
 
Top 6 Reasons You Should Attend Cloud Identity Summit 2016
Top 6 Reasons You Should Attend Cloud Identity Summit 2016Top 6 Reasons You Should Attend Cloud Identity Summit 2016
Top 6 Reasons You Should Attend Cloud Identity Summit 2016
CloudIDSummit
 
CIS 2015 Security Without Borders: Taming the Cloud and Mobile Frontier - And...
CIS 2015 Security Without Borders: Taming the Cloud and Mobile Frontier - And...CIS 2015 Security Without Borders: Taming the Cloud and Mobile Frontier - And...
CIS 2015 Security Without Borders: Taming the Cloud and Mobile Frontier - And...
CloudIDSummit
 
Mobile security, identity & authentication reasons for optimism 20150607 v2
Mobile security, identity & authentication reasons for optimism 20150607 v2Mobile security, identity & authentication reasons for optimism 20150607 v2
Mobile security, identity & authentication reasons for optimism 20150607 v2
CloudIDSummit
 
CIS 2015 Mobile Security, Identity & Authentication: Reasons for Optimism - R...
CIS 2015 Mobile Security, Identity & Authentication: Reasons for Optimism - R...CIS 2015 Mobile Security, Identity & Authentication: Reasons for Optimism - R...
CIS 2015 Mobile Security, Identity & Authentication: Reasons for Optimism - R...
CloudIDSummit
 
CIS 2015 Virtual Identity: The Vision, Challenges and Experiences in Driving ...
CIS 2015 Virtual Identity: The Vision, Challenges and Experiences in Driving ...CIS 2015 Virtual Identity: The Vision, Challenges and Experiences in Driving ...
CIS 2015 Virtual Identity: The Vision, Challenges and Experiences in Driving ...
CloudIDSummit
 
CIS 2015 Deploying Strong Authentication to a Global Enterprise: A Comedy in ...
CIS 2015 Deploying Strong Authentication to a Global Enterprise: A Comedy in ...CIS 2015 Deploying Strong Authentication to a Global Enterprise: A Comedy in ...
CIS 2015 Deploying Strong Authentication to a Global Enterprise: A Comedy in ...
CloudIDSummit
 
CIS 2015 Without Great Security, Digital Identity is Not Worth the Electrons ...
CIS 2015 Without Great Security, Digital Identity is Not Worth the Electrons ...CIS 2015 Without Great Security, Digital Identity is Not Worth the Electrons ...
CIS 2015 Without Great Security, Digital Identity is Not Worth the Electrons ...
CloudIDSummit
 
CIS 2015 Mergers & Acquisitions in a Cloud Enabled World - Brian Puhl
CIS 2015 Mergers & Acquisitions in a Cloud Enabled World - Brian PuhlCIS 2015 Mergers & Acquisitions in a Cloud Enabled World - Brian Puhl
CIS 2015 Mergers & Acquisitions in a Cloud Enabled World - Brian Puhl
CloudIDSummit
 
CIS 2015 IoT and IDM in your Mobile Enterprise - Brian Katz
CIS 2015 IoT and IDM in your Mobile Enterprise - Brian KatzCIS 2015 IoT and IDM in your Mobile Enterprise - Brian Katz
CIS 2015 IoT and IDM in your Mobile Enterprise - Brian Katz
CloudIDSummit
 
CIS 2015 Practical Deployments Enterprise Cloud Access Management Platform - ...
CIS 2015 Practical Deployments Enterprise Cloud Access Management Platform - ...CIS 2015 Practical Deployments Enterprise Cloud Access Management Platform - ...
CIS 2015 Practical Deployments Enterprise Cloud Access Management Platform - ...
CloudIDSummit
 
CIS 2015 What I Learned From Pitching IAM To My CIO - Steve Tout
CIS 2015 What I Learned From Pitching IAM To My CIO - Steve ToutCIS 2015 What I Learned From Pitching IAM To My CIO - Steve Tout
CIS 2015 What I Learned From Pitching IAM To My CIO - Steve Tout
CloudIDSummit
 
CIS 2015 How to secure the Internet of Things? Hannes Tschofenig
CIS 2015 How to secure the Internet of Things? Hannes TschofenigCIS 2015 How to secure the Internet of Things? Hannes Tschofenig
CIS 2015 How to secure the Internet of Things? Hannes Tschofenig
CloudIDSummit
 
CIS 2015 The IDaaS Dating Game - Sean Deuby
CIS 2015 The IDaaS Dating Game - Sean DeubyCIS 2015 The IDaaS Dating Game - Sean Deuby
CIS 2015 The IDaaS Dating Game - Sean Deuby
CloudIDSummit
 
CIS 2015 SSO for Mobile and Web Apps Ashish Jain
CIS 2015 SSO for Mobile and Web Apps Ashish JainCIS 2015 SSO for Mobile and Web Apps Ashish Jain
CIS 2015 SSO for Mobile and Web Apps Ashish Jain
CloudIDSummit
 
The Industrial Internet, the Identity of Everything and the Industrial Enterp...
The Industrial Internet, the Identity of Everything and the Industrial Enterp...The Industrial Internet, the Identity of Everything and the Industrial Enterp...
The Industrial Internet, the Identity of Everything and the Industrial Enterp...
CloudIDSummit
 
CIS 2015 SAML-IN / SAML-OUT - Scott Tomilson & John Dasilva
CIS 2015 SAML-IN / SAML-OUT - Scott Tomilson & John DasilvaCIS 2015 SAML-IN / SAML-OUT - Scott Tomilson & John Dasilva
CIS 2015 SAML-IN / SAML-OUT - Scott Tomilson & John Dasilva
CloudIDSummit
 
CIS 2015 Session Management at Scale - Scott Tomilson & Jamshid Khosravian
CIS 2015 Session Management at Scale - Scott Tomilson & Jamshid KhosravianCIS 2015 Session Management at Scale - Scott Tomilson & Jamshid Khosravian
CIS 2015 Session Management at Scale - Scott Tomilson & Jamshid Khosravian
CloudIDSummit
 
CIS 2015 So you want to SSO … Scott Tomilson & John Dasilva
CIS 2015 So you want to SSO … Scott Tomilson & John DasilvaCIS 2015 So you want to SSO … Scott Tomilson & John Dasilva
CIS 2015 So you want to SSO … Scott Tomilson & John Dasilva
CloudIDSummit
 
CIS 2015 Identity Relationship Management in the Internet of Things
CIS 2015 Identity Relationship Management in the Internet of ThingsCIS 2015 Identity Relationship Management in the Internet of Things
CIS 2015 Identity Relationship Management in the Internet of Things
CloudIDSummit
 

More from CloudIDSummit (20)

CIS 2016 Content Highlights
CIS 2016 Content HighlightsCIS 2016 Content Highlights
CIS 2016 Content Highlights
 
Top 6 Reasons You Should Attend Cloud Identity Summit 2016
Top 6 Reasons You Should Attend Cloud Identity Summit 2016Top 6 Reasons You Should Attend Cloud Identity Summit 2016
Top 6 Reasons You Should Attend Cloud Identity Summit 2016
 
CIS 2015 Security Without Borders: Taming the Cloud and Mobile Frontier - And...
CIS 2015 Security Without Borders: Taming the Cloud and Mobile Frontier - And...CIS 2015 Security Without Borders: Taming the Cloud and Mobile Frontier - And...
CIS 2015 Security Without Borders: Taming the Cloud and Mobile Frontier - And...
 
Mobile security, identity & authentication reasons for optimism 20150607 v2
Mobile security, identity & authentication reasons for optimism 20150607 v2Mobile security, identity & authentication reasons for optimism 20150607 v2
Mobile security, identity & authentication reasons for optimism 20150607 v2
 
CIS 2015 Mobile Security, Identity & Authentication: Reasons for Optimism - R...
CIS 2015 Mobile Security, Identity & Authentication: Reasons for Optimism - R...CIS 2015 Mobile Security, Identity & Authentication: Reasons for Optimism - R...
CIS 2015 Mobile Security, Identity & Authentication: Reasons for Optimism - R...
 
CIS 2015 Virtual Identity: The Vision, Challenges and Experiences in Driving ...
CIS 2015 Virtual Identity: The Vision, Challenges and Experiences in Driving ...CIS 2015 Virtual Identity: The Vision, Challenges and Experiences in Driving ...
CIS 2015 Virtual Identity: The Vision, Challenges and Experiences in Driving ...
 
CIS 2015 Deploying Strong Authentication to a Global Enterprise: A Comedy in ...
CIS 2015 Deploying Strong Authentication to a Global Enterprise: A Comedy in ...CIS 2015 Deploying Strong Authentication to a Global Enterprise: A Comedy in ...
CIS 2015 Deploying Strong Authentication to a Global Enterprise: A Comedy in ...
 
CIS 2015 Without Great Security, Digital Identity is Not Worth the Electrons ...
CIS 2015 Without Great Security, Digital Identity is Not Worth the Electrons ...CIS 2015 Without Great Security, Digital Identity is Not Worth the Electrons ...
CIS 2015 Without Great Security, Digital Identity is Not Worth the Electrons ...
 
CIS 2015 Mergers & Acquisitions in a Cloud Enabled World - Brian Puhl
CIS 2015 Mergers & Acquisitions in a Cloud Enabled World - Brian PuhlCIS 2015 Mergers & Acquisitions in a Cloud Enabled World - Brian Puhl
CIS 2015 Mergers & Acquisitions in a Cloud Enabled World - Brian Puhl
 
CIS 2015 IoT and IDM in your Mobile Enterprise - Brian Katz
CIS 2015 IoT and IDM in your Mobile Enterprise - Brian KatzCIS 2015 IoT and IDM in your Mobile Enterprise - Brian Katz
CIS 2015 IoT and IDM in your Mobile Enterprise - Brian Katz
 
CIS 2015 Practical Deployments Enterprise Cloud Access Management Platform - ...
CIS 2015 Practical Deployments Enterprise Cloud Access Management Platform - ...CIS 2015 Practical Deployments Enterprise Cloud Access Management Platform - ...
CIS 2015 Practical Deployments Enterprise Cloud Access Management Platform - ...
 
CIS 2015 What I Learned From Pitching IAM To My CIO - Steve Tout
CIS 2015 What I Learned From Pitching IAM To My CIO - Steve ToutCIS 2015 What I Learned From Pitching IAM To My CIO - Steve Tout
CIS 2015 What I Learned From Pitching IAM To My CIO - Steve Tout
 
CIS 2015 How to secure the Internet of Things? Hannes Tschofenig
CIS 2015 How to secure the Internet of Things? Hannes TschofenigCIS 2015 How to secure the Internet of Things? Hannes Tschofenig
CIS 2015 How to secure the Internet of Things? Hannes Tschofenig
 
CIS 2015 The IDaaS Dating Game - Sean Deuby
CIS 2015 The IDaaS Dating Game - Sean DeubyCIS 2015 The IDaaS Dating Game - Sean Deuby
CIS 2015 The IDaaS Dating Game - Sean Deuby
 
CIS 2015 SSO for Mobile and Web Apps Ashish Jain
CIS 2015 SSO for Mobile and Web Apps Ashish JainCIS 2015 SSO for Mobile and Web Apps Ashish Jain
CIS 2015 SSO for Mobile and Web Apps Ashish Jain
 
The Industrial Internet, the Identity of Everything and the Industrial Enterp...
The Industrial Internet, the Identity of Everything and the Industrial Enterp...The Industrial Internet, the Identity of Everything and the Industrial Enterp...
The Industrial Internet, the Identity of Everything and the Industrial Enterp...
 
CIS 2015 SAML-IN / SAML-OUT - Scott Tomilson & John Dasilva
CIS 2015 SAML-IN / SAML-OUT - Scott Tomilson & John DasilvaCIS 2015 SAML-IN / SAML-OUT - Scott Tomilson & John Dasilva
CIS 2015 SAML-IN / SAML-OUT - Scott Tomilson & John Dasilva
 
CIS 2015 Session Management at Scale - Scott Tomilson & Jamshid Khosravian
CIS 2015 Session Management at Scale - Scott Tomilson & Jamshid KhosravianCIS 2015 Session Management at Scale - Scott Tomilson & Jamshid Khosravian
CIS 2015 Session Management at Scale - Scott Tomilson & Jamshid Khosravian
 
CIS 2015 So you want to SSO … Scott Tomilson & John Dasilva
CIS 2015 So you want to SSO … Scott Tomilson & John DasilvaCIS 2015 So you want to SSO … Scott Tomilson & John Dasilva
CIS 2015 So you want to SSO … Scott Tomilson & John Dasilva
 
CIS 2015 Identity Relationship Management in the Internet of Things
CIS 2015 Identity Relationship Management in the Internet of ThingsCIS 2015 Identity Relationship Management in the Internet of Things
CIS 2015 Identity Relationship Management in the Internet of Things
 

Recently uploaded

What is an RPA CoE? Session 1 – CoE Vision
What is an RPA CoE? Session 1 – CoE VisionWhat is an RPA CoE? Session 1 – CoE Vision
What is an RPA CoE? Session 1 – CoE Vision
DianaGray10
 
[OReilly Superstream] Occupy the Space: A grassroots guide to engineering (an...
[OReilly Superstream] Occupy the Space: A grassroots guide to engineering (an...[OReilly Superstream] Occupy the Space: A grassroots guide to engineering (an...
[OReilly Superstream] Occupy the Space: A grassroots guide to engineering (an...
Jason Yip
 
Christine's Supplier Sourcing Presentaion.pptx
Christine's Supplier Sourcing Presentaion.pptxChristine's Supplier Sourcing Presentaion.pptx
Christine's Supplier Sourcing Presentaion.pptx
christinelarrosa
 
QR Secure: A Hybrid Approach Using Machine Learning and Security Validation F...
QR Secure: A Hybrid Approach Using Machine Learning and Security Validation F...QR Secure: A Hybrid Approach Using Machine Learning and Security Validation F...
QR Secure: A Hybrid Approach Using Machine Learning and Security Validation F...
AlexanderRichford
 
"Scaling RAG Applications to serve millions of users", Kevin Goedecke
"Scaling RAG Applications to serve millions of users", Kevin Goedecke"Scaling RAG Applications to serve millions of users", Kevin Goedecke
"Scaling RAG Applications to serve millions of users", Kevin Goedecke
Fwdays
 
Demystifying Knowledge Management through Storytelling
Demystifying Knowledge Management through StorytellingDemystifying Knowledge Management through Storytelling
Demystifying Knowledge Management through Storytelling
Enterprise Knowledge
 
LF Energy Webinar: Carbon Data Specifications: Mechanisms to Improve Data Acc...
LF Energy Webinar: Carbon Data Specifications: Mechanisms to Improve Data Acc...LF Energy Webinar: Carbon Data Specifications: Mechanisms to Improve Data Acc...
LF Energy Webinar: Carbon Data Specifications: Mechanisms to Improve Data Acc...
DanBrown980551
 
Leveraging the Graph for Clinical Trials and Standards
Leveraging the Graph for Clinical Trials and StandardsLeveraging the Graph for Clinical Trials and Standards
Leveraging the Graph for Clinical Trials and Standards
Neo4j
 
Must Know Postgres Extension for DBA and Developer during Migration
Must Know Postgres Extension for DBA and Developer during MigrationMust Know Postgres Extension for DBA and Developer during Migration
Must Know Postgres Extension for DBA and Developer during Migration
Mydbops
 
PRODUCT LISTING OPTIMIZATION PRESENTATION.pptx
PRODUCT LISTING OPTIMIZATION PRESENTATION.pptxPRODUCT LISTING OPTIMIZATION PRESENTATION.pptx
PRODUCT LISTING OPTIMIZATION PRESENTATION.pptx
christinelarrosa
 
Biomedical Knowledge Graphs for Data Scientists and Bioinformaticians
Biomedical Knowledge Graphs for Data Scientists and BioinformaticiansBiomedical Knowledge Graphs for Data Scientists and Bioinformaticians
Biomedical Knowledge Graphs for Data Scientists and Bioinformaticians
Neo4j
 
From Natural Language to Structured Solr Queries using LLMs
From Natural Language to Structured Solr Queries using LLMsFrom Natural Language to Structured Solr Queries using LLMs
From Natural Language to Structured Solr Queries using LLMs
Sease
 
Introducing BoxLang : A new JVM language for productivity and modularity!
Introducing BoxLang : A new JVM language for productivity and modularity!Introducing BoxLang : A new JVM language for productivity and modularity!
Introducing BoxLang : A new JVM language for productivity and modularity!
Ortus Solutions, Corp
 
Getting the Most Out of ScyllaDB Monitoring: ShareChat's Tips
Getting the Most Out of ScyllaDB Monitoring: ShareChat's TipsGetting the Most Out of ScyllaDB Monitoring: ShareChat's Tips
Getting the Most Out of ScyllaDB Monitoring: ShareChat's Tips
ScyllaDB
 
AI in the Workplace Reskilling, Upskilling, and Future Work.pptx
AI in the Workplace Reskilling, Upskilling, and Future Work.pptxAI in the Workplace Reskilling, Upskilling, and Future Work.pptx
AI in the Workplace Reskilling, Upskilling, and Future Work.pptx
Sunil Jagani
 
Apps Break Data
Apps Break DataApps Break Data
Apps Break Data
Ivo Velitchkov
 
ScyllaDB Tablets: Rethinking Replication
ScyllaDB Tablets: Rethinking ReplicationScyllaDB Tablets: Rethinking Replication
ScyllaDB Tablets: Rethinking Replication
ScyllaDB
 
Essentials of Automations: Exploring Attributes & Automation Parameters
Essentials of Automations: Exploring Attributes & Automation ParametersEssentials of Automations: Exploring Attributes & Automation Parameters
Essentials of Automations: Exploring Attributes & Automation Parameters
Safe Software
 
Session 1 - Intro to Robotic Process Automation.pdf
Session 1 - Intro to Robotic Process Automation.pdfSession 1 - Intro to Robotic Process Automation.pdf
Session 1 - Intro to Robotic Process Automation.pdf
UiPathCommunity
 
AWS Certified Solutions Architect Associate (SAA-C03)
AWS Certified Solutions Architect Associate (SAA-C03)AWS Certified Solutions Architect Associate (SAA-C03)
AWS Certified Solutions Architect Associate (SAA-C03)
HarpalGohil4
 

Recently uploaded (20)

What is an RPA CoE? Session 1 – CoE Vision
What is an RPA CoE? Session 1 – CoE VisionWhat is an RPA CoE? Session 1 – CoE Vision
What is an RPA CoE? Session 1 – CoE Vision
 
[OReilly Superstream] Occupy the Space: A grassroots guide to engineering (an...
[OReilly Superstream] Occupy the Space: A grassroots guide to engineering (an...[OReilly Superstream] Occupy the Space: A grassroots guide to engineering (an...
[OReilly Superstream] Occupy the Space: A grassroots guide to engineering (an...
 
Christine's Supplier Sourcing Presentaion.pptx
Christine's Supplier Sourcing Presentaion.pptxChristine's Supplier Sourcing Presentaion.pptx
Christine's Supplier Sourcing Presentaion.pptx
 
QR Secure: A Hybrid Approach Using Machine Learning and Security Validation F...
QR Secure: A Hybrid Approach Using Machine Learning and Security Validation F...QR Secure: A Hybrid Approach Using Machine Learning and Security Validation F...
QR Secure: A Hybrid Approach Using Machine Learning and Security Validation F...
 
"Scaling RAG Applications to serve millions of users", Kevin Goedecke
"Scaling RAG Applications to serve millions of users", Kevin Goedecke"Scaling RAG Applications to serve millions of users", Kevin Goedecke
"Scaling RAG Applications to serve millions of users", Kevin Goedecke
 
Demystifying Knowledge Management through Storytelling
Demystifying Knowledge Management through StorytellingDemystifying Knowledge Management through Storytelling
Demystifying Knowledge Management through Storytelling
 
LF Energy Webinar: Carbon Data Specifications: Mechanisms to Improve Data Acc...
LF Energy Webinar: Carbon Data Specifications: Mechanisms to Improve Data Acc...LF Energy Webinar: Carbon Data Specifications: Mechanisms to Improve Data Acc...
LF Energy Webinar: Carbon Data Specifications: Mechanisms to Improve Data Acc...
 
Leveraging the Graph for Clinical Trials and Standards
Leveraging the Graph for Clinical Trials and StandardsLeveraging the Graph for Clinical Trials and Standards
Leveraging the Graph for Clinical Trials and Standards
 
Must Know Postgres Extension for DBA and Developer during Migration
Must Know Postgres Extension for DBA and Developer during MigrationMust Know Postgres Extension for DBA and Developer during Migration
Must Know Postgres Extension for DBA and Developer during Migration
 
PRODUCT LISTING OPTIMIZATION PRESENTATION.pptx
PRODUCT LISTING OPTIMIZATION PRESENTATION.pptxPRODUCT LISTING OPTIMIZATION PRESENTATION.pptx
PRODUCT LISTING OPTIMIZATION PRESENTATION.pptx
 
Biomedical Knowledge Graphs for Data Scientists and Bioinformaticians
Biomedical Knowledge Graphs for Data Scientists and BioinformaticiansBiomedical Knowledge Graphs for Data Scientists and Bioinformaticians
Biomedical Knowledge Graphs for Data Scientists and Bioinformaticians
 
From Natural Language to Structured Solr Queries using LLMs
From Natural Language to Structured Solr Queries using LLMsFrom Natural Language to Structured Solr Queries using LLMs
From Natural Language to Structured Solr Queries using LLMs
 
Introducing BoxLang : A new JVM language for productivity and modularity!
Introducing BoxLang : A new JVM language for productivity and modularity!Introducing BoxLang : A new JVM language for productivity and modularity!
Introducing BoxLang : A new JVM language for productivity and modularity!
 
Getting the Most Out of ScyllaDB Monitoring: ShareChat's Tips
Getting the Most Out of ScyllaDB Monitoring: ShareChat's TipsGetting the Most Out of ScyllaDB Monitoring: ShareChat's Tips
Getting the Most Out of ScyllaDB Monitoring: ShareChat's Tips
 
AI in the Workplace Reskilling, Upskilling, and Future Work.pptx
AI in the Workplace Reskilling, Upskilling, and Future Work.pptxAI in the Workplace Reskilling, Upskilling, and Future Work.pptx
AI in the Workplace Reskilling, Upskilling, and Future Work.pptx
 
Apps Break Data
Apps Break DataApps Break Data
Apps Break Data
 
ScyllaDB Tablets: Rethinking Replication
ScyllaDB Tablets: Rethinking ReplicationScyllaDB Tablets: Rethinking Replication
ScyllaDB Tablets: Rethinking Replication
 
Essentials of Automations: Exploring Attributes & Automation Parameters
Essentials of Automations: Exploring Attributes & Automation ParametersEssentials of Automations: Exploring Attributes & Automation Parameters
Essentials of Automations: Exploring Attributes & Automation Parameters
 
Session 1 - Intro to Robotic Process Automation.pdf
Session 1 - Intro to Robotic Process Automation.pdfSession 1 - Intro to Robotic Process Automation.pdf
Session 1 - Intro to Robotic Process Automation.pdf
 
AWS Certified Solutions Architect Associate (SAA-C03)
AWS Certified Solutions Architect Associate (SAA-C03)AWS Certified Solutions Architect Associate (SAA-C03)
AWS Certified Solutions Architect Associate (SAA-C03)
 

CIS14: Creating a Federated Identity Service for ABAC and WebAccess Management cis

  • 1. Creating a Federated Identity Service for ABAC and Web Access Management Wade Ellery Western Region Director of Sales Denise Lores Senior Architect
  • 2. The Four Pillars of Identity Services ¡  Enhanced user experience ¡  Improved management of security risks ¡  Efficient development/ deployment of applications ¡  Reusable integration ¡  HIPAA, SOX compliance ¡  Common access logs ¡  Improved accountability ¡  Common reporting ¡  Reduced administrative tasks ¡  Reduced help desk calls ¡  Improved process efficiency ¡  Central user information ¡  Reduced administrative tasks ¡  Reduced help desk calls ¡  Improved security ¡  Accountability ¡  Cost savings User Self-Service & Password Management Virtual Directory Web Access Management/SSO Centralized Audit Delegated Administration Synchronization/ Replication Federated Identity Management/SSO Logging and Monitoring Automated Approvals and Workflows Meta Directory Authentication & Authorization Access Certification Enterprise Role Definition Directory Storage Standard APIs Reporting Audit, Role & Compliance Access Management Identity Management Identity Data Services
  • 3. RadiantOne: Your Foundation to a Complete Identity Service HR DatabasesApplications DatabasesLDAP Directories Cloud Apps
  • 4. IDM Supporting Multiple Repositories is Costly: Traditional IDM Attempted to Mitigate Existing Identity Infrastructure Legacy Applications
  • 5. IDM Existing Identity Infrastructure Legacy Applications New Applications and Customers Increase complexity, support, and risk Existing Identity Infrastructure SaaS/Cloud/BYOD/ Partner Apps
  • 7. Federated  Iden-ty  Service   Existing Identity Infrastructure SaaS/Cloud/BYOD/ Partner Apps Federated Identity Service Able to Sunset Identity Stores IDM Legacy Applications
  • 8. Identity as a service through Virtualization The Key to Solving the Identity Integration Challenge •  Acting as an abstraction layer RadiantOne creates attribute rich global user profiles spanning multiple identity silos. •  Aggregation, Correlation, Transformation, and Normalization of the user identity provides the ability to serve that identity to applications in the format they expect. Aggregation Correlation Integration Virtualization Population C Population B Population A Groups Roles LDAP SQL Web Services /SOA App A App B App C App D App E App F Contexts Services SCIM REST
  • 9. More Identities, Better Scope—the Secret to Boosting Your Ping federation IdP Deployment
  • 10. Administrator Standard User Manager Sales Marketing Product Management People ID/ identifiers Product 1 Product 2 Product 3 Web Content Lead Generation Direct Sales Indirect Sales •  If you have those attributes somewhere already, instead of having static assignment, the groups memberships can be data-driven. Where do the Attributes Come From? Existing Data Sources! GroupsRoles Departments Divisions Location
  • 11. RadiantOne Methodology Leveraging Existing Contexts to Build User Profiles
  • 12. RadiantOne Methodology Joining across Data Silos Links Identities to Context
  • 13. •  RadiantOne is made of two main parts: •  An integration layer based on virtualization •  A storage layer: Persistent Cache •  LDAP (up to v6.2) •  HDAP (based on big data technologies, v7.0) RadiantOne Integration Layer and Cache/Storage Layer Integration Layer Integration Layer + Storage (Persistent Cache) HDAP Storage (Persistent Cache)
  • 14. HR Database LDAP Directory Active Directory Normalizing Attributes Across Sources to Support Policy Authoring and Policy Decision Point employeeNumber=2 samAcountName=Andrew_Fuller objectClass=user mail: andrew_fuller@setree1.com uid=AFuller ntitle=VP Sales ClearanceLevel=1 Region=PA memberOf=Sales nDepartment=Sales Correlated Identity Virtual View employeeNumber=2   samAccountName=Andrew_Fuller   objectClass=user   mail:  andrew_fuller@setree1.com   departmentNumber=234   ?tle=Sales,  VP   uid=AFuller   ?tle=Vice  Pres.  Sales   givenName=Andrew   sn=Fuller   departmentNumber=234   EmployeeID=509-­‐34-­‐5855   ClearanceLevel=1   Region=PA   UserID=EMP_Andrew_Fuller   DeptID=Sales234     cn=Sales objectClass=group member=Andrew_Fuller **Based on identities that have: •  ClearanceLevel=1 •  nTitle=VP Sales •  Region=PA Dynamic Groups Virtual View ComputedAttribute Normalized Attribute Values Federated Identity Attribute Server Normalized Attributes Attribute: nDepartment Values: Accounting Administration Business Development Distribution Marketing Production Research Sales Shipping Attribute: nTitle Values: CEO CIO CISO VP Sales VP Marketing …
  • 15. Oracle DB User = LCallahan Co = Sutton Ryan MemberOf = Sales RadiantOne as Single Identity Source Access Management Portal ODSEE Enterprise App A (MemberOf = Sales) Enterprise App B (MemberOf = Finc) Claims Enabled App C (Security = High) Claims SaaS App D (Security = Low) Name= Laura_Callahan Co = Sutton Ryan MemberOf = Sales Security = Low saMAccountName = JSmythe Name = John_Smythe MemberOf = IT, Finc Security = High saMAccountName = JSeed Name = Jill_Seed MemberOf = Sales SaaS Profiles Name= Laura_Callahan Co = Sutton Ryan Security = Low MemberOf = Sales Name = John_Seed MemberOf = IT, Finc Security = High John’s AD Profile User = JSmythe MemberOf = IT, Finc SAP ERP Profiles John_Smythe = High Laura_Callahan = Low AD AD Profile saMAccountName = JSmythe MemberOf=Sales IDM Profile User = JSmythe GUID = 23185798306=4 User = LCallahan GUID = 39583201202=3
  • 16. Customer App Profiles User = LCallahan Co = Sutton Ryan MemberOf = Sales RadiantOne as Single Identity Source for IDaaS and Portal Portal IDaaS NorAm AD Enterprise App A (MemberOf = Sales) Enterprise App B (MemberOf = Finc) Claims Enabled App C (Security = High) Claims SaaS App D (Security = Low) Name= Laura_Callahan Co = Sutton Ryan MemberOf = Sales Security = Low saMAccountName = JSeed Name = John_Seed MemberOf = IT, Finc Security = High saMAccountName = Jsmythe Name = Jill_Smythe MemberOf = Sales IDaaS Profiles Name= Laura_Callahan Co = Sutton Ryan Security = Low MemberOf = Sales Name = John_Seed MemberOf = IT, Finc Security = High John’s AD Profile saMAccountName = JSeed MemberOf = IT, Finc SAP ERP Profiles John_Seed = High Laura_Callahan = Low Sync with VDS EMEA AD Jill AD Profile saMAccountName = JSmythe MemberOf=Sales
  • 17. Confidential and proprietary materials for authorized Radiant Logic personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. Why RadiantOne •  Portals, Content Management, Collaboration •  Federated Access - SaaS/Cloud Apps/Claims •  Web SSO – Access Management •  Partner/Vendor/Customer IAM •  Fine Grained Authorization (ABAC, XACML) •  Mergers, Acquisitions, Divestitures, Reorgs •  Directory Re-architecture, Replacement, Decommission •  Active Directory Consolidation and Partitioning