SlideShare a Scribd company logo

Addressing Security Concerns with WSO2 Governance Registry Policy Store

WSO2
WSO2

This document discusses addressing security concerns with using WSO2 Governance Registry as a policy store. It provides an overview of WSO2 and describes how WSO2 Identity Server can act as an XACML policy engine. It defines some common policy enforcement terminology and explains the difference between design-time and run-time policies. Finally, it demonstrates how WSO2 Governance Registry can be used to store policies that are evaluated by WSO2 Identity Server during the invocation of a service via the ESB.

Technology
1 of 17
Download to read offline
Addressing Security Concerns with WSO2 Governance Registry as Policy Store Arudsothy  Sriragu   (S   rArudsothy Sriragu (Senior Software Engineer-WSO2 Governance Registry) & Eranda Sooriyabandara (Senior Software Engineer-WSO2 Governance Registry)  Engineer-­‐WSO2  Governance  Registry)   &   Eranda  Sooriyabandara   (Senior  Software  Engineer-­‐WSO2  Governance   Registry)  
About WSO2 •  Providing the only complete open source componentized cloud platform –  Dedicated to removing all the stumbling blocks to enterprise agility –  Enabling you to focus on business logic and business value •  Recognized by leading analyst firms as visionaries and leaders –  Gartner cites WSO2 as visionaries in all 3 categories of application infrastructure –  Forrester places WSO2 in top 2 for API Management •  Global corporation with offices in USA, UK & Sri Lanka –  200+ employees and growing •  Business model of selling comprehensive support & maintenance for our products
150+ globally positioned support customers
Agenda }  Understanding the policy enforcement in SOA environment }  Why does a typical SOA enterprise need policy management }  Some terminologies used in policy enforcement }  How WSO2 Identity Server plays as XACML policy engine }  Run-time policy vs Design-time policy }  Demo - Sample usecase where WSO2 Governance Registry can be used as policy store }  Q&A
Understand the policy enforcement in SOA environment }  A typical service oriented enterprise will have mainly three objects in interaction which are service consumers, services and resources }  How can a SOA environment control varies authorization level depends on the consumer type such as admin user, publisher level user, subscriber level user, login level user..etc. }  To address the above complexity SOA environment forced to have a varies type of policies. }  Therefore applying policies for SOA environment to control its activities during the service consumption or service design will be called as policy enforcement.
Why a typical SOA enterprise need policy management }  To control authorization level among the users accessing the services in any typical SOA environment. }  Prevent Unauthorized access to the services must be prevented. }  Quality of service should be managed by service policy. Therefore SOA enterprise needs a policy management system. }  Giving the access to the correct version of the service based on the consumer type. It can be managed by a versioning policy. }  SOA enterprises need to enforce the policy to accept the content passed as payload in terms of encoding format.    
Some terminologies used in policy enforcement }  PEP -it stands for policy enforcement point where the incoming request is received and authorization request will be generated and sent over to authorization engine. }  PIP - stands for policy information point where information about policy elements such as attribute value and meaning, resource information used in policy, environment in which the particular policy to be evaluated. }  PDP - stands for policy decision point where the authorization request is evaluated which has been sent by the PEP and decision is made whether to authorize or not. This point in general called as authorization engine since it is the decision maker for authorization request.
Contd……… }  PAP - stands for policy administration point where the policy is managed. }  PRP - stands for policy retrieval point where the policy is stored and retrieved by authorization engine to evaluate against the incoming authorization request. }  WSO2 IS can be used as a PAP, PIP and PDP. }  WSO2 Governance Registry is used as PRP. }  WSO2 ESB can be used as PEP.
How WSO2 Identity Server plays as XACML policy engine }  WSO2 IS uses the xacml policy based authorization. XACML stands for eXtensible access control markup language. }  WSO2 IS has the capability to play as a XACML based authorization engine. }  WSO2 IS makes decision based on the policy relevant to the request, in other word IS functions as policy decision point. }  WSO2 Identity Server (IS) makes authorization decision based on XACML request. }  IS returns it authorization response to the policy enforcement point with what action to be taken for the client request. Response will be allow or deny the access.
Run-time policy vs Design-time policy }  Design time policies define the behavior of the service at the design time while the runtime policies define the behavior of the service at the runtime. }  Design time policies are enforced during the period when developer creates the services. For an example, WS-security to be used for security mechanisms. }  An example of runtime policy would be "Only users with admin role are allowed to update the resource A between 10 and 12 o'clock. This policy will be enforced and evaluated at the service invocation.
Demo
Demo
Demo }  Client requests some resource via ESB proxy service. }  When the ESB receives the client request “entitlement mediator”[PEP] will generate the xacml request and call the WSO2 IS [PDP] “entitlement admin service” endpoint. }  WSO2 IS retrieves the policy stored in the Governance Registry and evaluates xacml request. WSO2 IS functions as xacml engine }  Depends on the decision made by the IS request will be processed further and returned the resource to the client or returned with an unauthorized message.
References }  http://wso2.com/library/articles/2011/08/finegrained-authorization- restful-services-xacml }  http://wso2.com/library/articles/2011/10/understanding-xacml- policy-language-xacml-extended-assertion-markup-langue-part-1 }  http://blog.facilelogin.com/2009/06/guide-to-write-xacml-policies- in-wso2.html }  http://hasini-gunasinghe.blogspot.com/2011/12/entitlement- service-xacml-pdp-as-web.html }  http://blog.facilelogin.com/2009/05/identity-server-20-as-xacml- engine.html
Questions and Answers        Q                  &                  A
Engage with WSO2 •  Helping you get the most out of your deployments •  From project evaluation and inception to development and going into production, WSO2 is your partner in ensuring 100% project success
Engage with WSO2 •  Helping you get the most out of your deployments •  From project evaluation and inception to development and going into production, WSO2 is your partner in ensuring 100% project success

Recommended

Governance and Security Solution Patterns
Governance and Security Solution Patterns Governance and Security Solution Patterns
Governance and Security Solution Patterns WSO2
 
Integration Solution Patterns
Integration Solution Patterns Integration Solution Patterns
Integration Solution Patterns WSO2
 
Rxt demo-part3
Rxt demo-part3Rxt demo-part3
Rxt demo-part3WSO2
 
Enterprise Governance - The Key to Success
Enterprise Governance - The Key to Success Enterprise Governance - The Key to Success
Enterprise Governance - The Key to Success WSO2
 
WSO2Con USA 2017: Implement an Effective Digital Platform Using WSO2 Integration
WSO2Con USA 2017: Implement an Effective Digital Platform Using WSO2 IntegrationWSO2Con USA 2017: Implement an Effective Digital Platform Using WSO2 Integration
WSO2Con USA 2017: Implement an Effective Digital Platform Using WSO2 Integration
WSO2
 
Introduction to Configurable Governance Artifacts
Introduction to Configurable Governance ArtifactsIntroduction to Configurable Governance Artifacts
Introduction to Configurable Governance ArtifactsWSO2
 
WSO2Con USA 2017: Opening Keynote - Vision for Agile Digital Transformation
WSO2Con USA 2017: Opening Keynote - Vision for Agile Digital TransformationWSO2Con USA 2017: Opening Keynote - Vision for Agile Digital Transformation
WSO2Con USA 2017: Opening Keynote - Vision for Agile Digital Transformation
WSO2
 
Streamline your SOA Portfolio
Streamline your SOA Portfolio Streamline your SOA Portfolio
Streamline your SOA Portfolio WSO2
 

Recommended

Governance and Security Solution Patterns
Governance and Security Solution Patterns Governance and Security Solution Patterns
Governance and Security Solution Patterns WSO2
 
Integration Solution Patterns
Integration Solution Patterns Integration Solution Patterns
Integration Solution Patterns WSO2
 
Rxt demo-part3
Rxt demo-part3Rxt demo-part3
Rxt demo-part3WSO2
 
Enterprise Governance - The Key to Success
Enterprise Governance - The Key to Success Enterprise Governance - The Key to Success
Enterprise Governance - The Key to Success WSO2
 
WSO2Con USA 2017: Implement an Effective Digital Platform Using WSO2 Integration
WSO2Con USA 2017: Implement an Effective Digital Platform Using WSO2 IntegrationWSO2Con USA 2017: Implement an Effective Digital Platform Using WSO2 Integration
WSO2Con USA 2017: Implement an Effective Digital Platform Using WSO2 Integration
WSO2
 
Introduction to Configurable Governance Artifacts
Introduction to Configurable Governance ArtifactsIntroduction to Configurable Governance Artifacts
Introduction to Configurable Governance ArtifactsWSO2
 
WSO2Con USA 2017: Opening Keynote - Vision for Agile Digital Transformation
WSO2Con USA 2017: Opening Keynote - Vision for Agile Digital TransformationWSO2Con USA 2017: Opening Keynote - Vision for Agile Digital Transformation
WSO2Con USA 2017: Opening Keynote - Vision for Agile Digital Transformation
WSO2
 
Streamline your SOA Portfolio
Streamline your SOA Portfolio Streamline your SOA Portfolio
Streamline your SOA Portfolio WSO2
 
Observability for Integration Using WSO2 Enterprise Integrator
Observability for Integration Using WSO2 Enterprise IntegratorObservability for Integration Using WSO2 Enterprise Integrator
Observability for Integration Using WSO2 Enterprise Integrator
WSO2
 
WSO2 Summit London 2018: Delivering Business Value with WSO2
WSO2 Summit London 2018: Delivering Business Value with WSO2WSO2 Summit London 2018: Delivering Business Value with WSO2
WSO2 Summit London 2018: Delivering Business Value with WSO2
WSO2
 
[WSO2Con EU 2017] WHO CARES? A WSO2 Cloud Oriented Reference Architecture for...
[WSO2Con EU 2017] WHO CARES? A WSO2 Cloud Oriented Reference Architecture for...[WSO2Con EU 2017] WHO CARES? A WSO2 Cloud Oriented Reference Architecture for...
[WSO2Con EU 2017] WHO CARES? A WSO2 Cloud Oriented Reference Architecture for...
WSO2
 
[WSO2Con EU 2017] Cloud-Native API Management
[WSO2Con EU 2017] Cloud-Native API Management[WSO2Con EU 2017] Cloud-Native API Management
[WSO2Con EU 2017] Cloud-Native API Management
WSO2
 
[WSO2Con EU 2017] From the Trenches: IoT Customer Stories
[WSO2Con EU 2017] From the Trenches: IoT Customer Stories[WSO2Con EU 2017] From the Trenches: IoT Customer Stories
[WSO2Con EU 2017] From the Trenches: IoT Customer Stories
WSO2
 
Developing, Administering and Debugging with WSO2 Enterprise Integrator
Developing, Administering and Debugging with WSO2 Enterprise IntegratorDeveloping, Administering and Debugging with WSO2 Enterprise Integrator
Developing, Administering and Debugging with WSO2 Enterprise Integrator
WSO2
 
[WSO2Con EU 2017] Deriving Insights for Your Digital Business with Analytics
[WSO2Con EU 2017] Deriving Insights for Your Digital Business with Analytics[WSO2Con EU 2017] Deriving Insights for Your Digital Business with Analytics
[WSO2Con EU 2017] Deriving Insights for Your Digital Business with Analytics
WSO2
 
WSO2Con USA 2017: Journey of Migration from Legacy ESB to Modern WSO2 ESB Pla...
WSO2Con USA 2017: Journey of Migration from Legacy ESB to Modern WSO2 ESB Pla...WSO2Con USA 2017: Journey of Migration from Legacy ESB to Modern WSO2 ESB Pla...
WSO2Con USA 2017: Journey of Migration from Legacy ESB to Modern WSO2 ESB Pla...
WSO2
 
WSO2Con USA 2017: APIs as Your Digital Connector
WSO2Con USA 2017: APIs as Your Digital ConnectorWSO2Con USA 2017: APIs as Your Digital Connector
WSO2Con USA 2017: APIs as Your Digital Connector
WSO2
 
WSO2Con USA 2017: Enhancing Customer Experience with WSO2 Identity Server
WSO2Con USA 2017: Enhancing Customer Experience with WSO2 Identity ServerWSO2Con USA 2017: Enhancing Customer Experience with WSO2 Identity Server
WSO2Con USA 2017: Enhancing Customer Experience with WSO2 Identity Server
WSO2
 
[WSO2Con EU 2017] Open Interoperability of WSO2 Analytics Platform
[WSO2Con EU 2017] Open Interoperability of WSO2 Analytics Platform[WSO2Con EU 2017] Open Interoperability of WSO2 Analytics Platform
[WSO2Con EU 2017] Open Interoperability of WSO2 Analytics Platform
WSO2
 
Identity as a Managed Cloud Service
Identity as a Managed Cloud ServiceIdentity as a Managed Cloud Service
Identity as a Managed Cloud Service
ForgeRock
 
[WSO2Con EU 2017] How API Management at Suva is Helping in Reducing Costs to ...
[WSO2Con EU 2017] How API Management at Suva is Helping in Reducing Costs to ...[WSO2Con EU 2017] How API Management at Suva is Helping in Reducing Costs to ...
[WSO2Con EU 2017] How API Management at Suva is Helping in Reducing Costs to ...
WSO2
 
WSO2Con USA 2017: Multi-tenanted, Role-based Identity & Access Management sol...
WSO2Con USA 2017: Multi-tenanted, Role-based Identity & Access Management sol...WSO2Con USA 2017: Multi-tenanted, Role-based Identity & Access Management sol...
WSO2Con USA 2017: Multi-tenanted, Role-based Identity & Access Management sol...
WSO2
 
McKesson Case Study
McKesson Case StudyMcKesson Case Study
McKesson Case Study
ForgeRock
 
WSO2 Enterprise Integrator 101
WSO2 Enterprise Integrator 101WSO2 Enterprise Integrator 101
WSO2 Enterprise Integrator 101
WSO2
 
Seamless Integration of Data in E Government
Seamless Integration of Data in E Government Seamless Integration of Data in E Government
Seamless Integration of Data in E Government WSO2
 
API Management Building Blocks and Business value
API Management Building Blocks and Business valueAPI Management Building Blocks and Business value
API Management Building Blocks and Business valueWSO2
 
WSO2Con USA 2017: Introduction to Security: End-to-End Identity Management
WSO2Con USA 2017: Introduction to Security: End-to-End Identity ManagementWSO2Con USA 2017: Introduction to Security: End-to-End Identity Management
WSO2Con USA 2017: Introduction to Security: End-to-End Identity Management
WSO2
 
WSO2Con USA 2017: Managing Verifone’s New Payment Device “Carbon” with WSO2’s...
WSO2Con USA 2017: Managing Verifone’s New Payment Device “Carbon” with WSO2’s...WSO2Con USA 2017: Managing Verifone’s New Payment Device “Carbon” with WSO2’s...
WSO2Con USA 2017: Managing Verifone’s New Payment Device “Carbon” with WSO2’s...
WSO2
 
WSO2 Identity Server - Product Overview
WSO2 Identity Server - Product OverviewWSO2 Identity Server - Product Overview
WSO2 Identity Server - Product Overview
WSO2
 
Detecção de Fraudes em Licitações Usando Batch Analytics com WSO2
Detecção de Fraudes em Licitações Usando Batch Analytics com WSO2Detecção de Fraudes em Licitações Usando Batch Analytics com WSO2
Detecção de Fraudes em Licitações Usando Batch Analytics com WSO2
WSO2
 

More Related Content

What's hot

Observability for Integration Using WSO2 Enterprise Integrator
Observability for Integration Using WSO2 Enterprise IntegratorObservability for Integration Using WSO2 Enterprise Integrator
Observability for Integration Using WSO2 Enterprise Integrator
WSO2
 
WSO2 Summit London 2018: Delivering Business Value with WSO2
WSO2 Summit London 2018: Delivering Business Value with WSO2WSO2 Summit London 2018: Delivering Business Value with WSO2
WSO2 Summit London 2018: Delivering Business Value with WSO2
WSO2
 
[WSO2Con EU 2017] WHO CARES? A WSO2 Cloud Oriented Reference Architecture for...
[WSO2Con EU 2017] WHO CARES? A WSO2 Cloud Oriented Reference Architecture for...[WSO2Con EU 2017] WHO CARES? A WSO2 Cloud Oriented Reference Architecture for...
[WSO2Con EU 2017] WHO CARES? A WSO2 Cloud Oriented Reference Architecture for...
WSO2
 
[WSO2Con EU 2017] Cloud-Native API Management
[WSO2Con EU 2017] Cloud-Native API Management[WSO2Con EU 2017] Cloud-Native API Management
[WSO2Con EU 2017] Cloud-Native API Management
WSO2
 
[WSO2Con EU 2017] From the Trenches: IoT Customer Stories
[WSO2Con EU 2017] From the Trenches: IoT Customer Stories[WSO2Con EU 2017] From the Trenches: IoT Customer Stories
[WSO2Con EU 2017] From the Trenches: IoT Customer Stories
WSO2
 
Developing, Administering and Debugging with WSO2 Enterprise Integrator
Developing, Administering and Debugging with WSO2 Enterprise IntegratorDeveloping, Administering and Debugging with WSO2 Enterprise Integrator
Developing, Administering and Debugging with WSO2 Enterprise Integrator
WSO2
 
[WSO2Con EU 2017] Deriving Insights for Your Digital Business with Analytics
[WSO2Con EU 2017] Deriving Insights for Your Digital Business with Analytics[WSO2Con EU 2017] Deriving Insights for Your Digital Business with Analytics
[WSO2Con EU 2017] Deriving Insights for Your Digital Business with Analytics
WSO2
 
WSO2Con USA 2017: Journey of Migration from Legacy ESB to Modern WSO2 ESB Pla...
WSO2Con USA 2017: Journey of Migration from Legacy ESB to Modern WSO2 ESB Pla...WSO2Con USA 2017: Journey of Migration from Legacy ESB to Modern WSO2 ESB Pla...
WSO2Con USA 2017: Journey of Migration from Legacy ESB to Modern WSO2 ESB Pla...
WSO2
 
WSO2Con USA 2017: APIs as Your Digital Connector
WSO2Con USA 2017: APIs as Your Digital ConnectorWSO2Con USA 2017: APIs as Your Digital Connector
WSO2Con USA 2017: APIs as Your Digital Connector
WSO2
 
WSO2Con USA 2017: Enhancing Customer Experience with WSO2 Identity Server
WSO2Con USA 2017: Enhancing Customer Experience with WSO2 Identity ServerWSO2Con USA 2017: Enhancing Customer Experience with WSO2 Identity Server
WSO2Con USA 2017: Enhancing Customer Experience with WSO2 Identity Server
WSO2
 
[WSO2Con EU 2017] Open Interoperability of WSO2 Analytics Platform
[WSO2Con EU 2017] Open Interoperability of WSO2 Analytics Platform[WSO2Con EU 2017] Open Interoperability of WSO2 Analytics Platform
[WSO2Con EU 2017] Open Interoperability of WSO2 Analytics Platform
WSO2
 
Identity as a Managed Cloud Service
Identity as a Managed Cloud ServiceIdentity as a Managed Cloud Service
Identity as a Managed Cloud Service
ForgeRock
 
[WSO2Con EU 2017] How API Management at Suva is Helping in Reducing Costs to ...
[WSO2Con EU 2017] How API Management at Suva is Helping in Reducing Costs to ...[WSO2Con EU 2017] How API Management at Suva is Helping in Reducing Costs to ...
[WSO2Con EU 2017] How API Management at Suva is Helping in Reducing Costs to ...
WSO2
 
WSO2Con USA 2017: Multi-tenanted, Role-based Identity & Access Management sol...
WSO2Con USA 2017: Multi-tenanted, Role-based Identity & Access Management sol...WSO2Con USA 2017: Multi-tenanted, Role-based Identity & Access Management sol...
WSO2Con USA 2017: Multi-tenanted, Role-based Identity & Access Management sol...
WSO2
 
McKesson Case Study
McKesson Case StudyMcKesson Case Study
McKesson Case Study
ForgeRock
 
WSO2 Enterprise Integrator 101
WSO2 Enterprise Integrator 101WSO2 Enterprise Integrator 101
WSO2 Enterprise Integrator 101
WSO2
 
Seamless Integration of Data in E Government
Seamless Integration of Data in E Government Seamless Integration of Data in E Government
Seamless Integration of Data in E Government WSO2
 
API Management Building Blocks and Business value
API Management Building Blocks and Business valueAPI Management Building Blocks and Business value
API Management Building Blocks and Business valueWSO2
 
WSO2Con USA 2017: Introduction to Security: End-to-End Identity Management
WSO2Con USA 2017: Introduction to Security: End-to-End Identity ManagementWSO2Con USA 2017: Introduction to Security: End-to-End Identity Management
WSO2Con USA 2017: Introduction to Security: End-to-End Identity Management
WSO2
 
WSO2Con USA 2017: Managing Verifone’s New Payment Device “Carbon” with WSO2’s...
WSO2Con USA 2017: Managing Verifone’s New Payment Device “Carbon” with WSO2’s...WSO2Con USA 2017: Managing Verifone’s New Payment Device “Carbon” with WSO2’s...
WSO2Con USA 2017: Managing Verifone’s New Payment Device “Carbon” with WSO2’s...
WSO2
 

What's hot (20)

Observability for Integration Using WSO2 Enterprise Integrator
Observability for Integration Using WSO2 Enterprise IntegratorObservability for Integration Using WSO2 Enterprise Integrator
Observability for Integration Using WSO2 Enterprise Integrator
 
WSO2 Summit London 2018: Delivering Business Value with WSO2
WSO2 Summit London 2018: Delivering Business Value with WSO2WSO2 Summit London 2018: Delivering Business Value with WSO2
WSO2 Summit London 2018: Delivering Business Value with WSO2
 
[WSO2Con EU 2017] WHO CARES? A WSO2 Cloud Oriented Reference Architecture for...
[WSO2Con EU 2017] WHO CARES? A WSO2 Cloud Oriented Reference Architecture for...[WSO2Con EU 2017] WHO CARES? A WSO2 Cloud Oriented Reference Architecture for...
[WSO2Con EU 2017] WHO CARES? A WSO2 Cloud Oriented Reference Architecture for...
 
[WSO2Con EU 2017] Cloud-Native API Management
[WSO2Con EU 2017] Cloud-Native API Management[WSO2Con EU 2017] Cloud-Native API Management
[WSO2Con EU 2017] Cloud-Native API Management
 
[WSO2Con EU 2017] From the Trenches: IoT Customer Stories
[WSO2Con EU 2017] From the Trenches: IoT Customer Stories[WSO2Con EU 2017] From the Trenches: IoT Customer Stories
[WSO2Con EU 2017] From the Trenches: IoT Customer Stories
 
Developing, Administering and Debugging with WSO2 Enterprise Integrator
Developing, Administering and Debugging with WSO2 Enterprise IntegratorDeveloping, Administering and Debugging with WSO2 Enterprise Integrator
Developing, Administering and Debugging with WSO2 Enterprise Integrator
 
[WSO2Con EU 2017] Deriving Insights for Your Digital Business with Analytics
[WSO2Con EU 2017] Deriving Insights for Your Digital Business with Analytics[WSO2Con EU 2017] Deriving Insights for Your Digital Business with Analytics
[WSO2Con EU 2017] Deriving Insights for Your Digital Business with Analytics
 
WSO2Con USA 2017: Journey of Migration from Legacy ESB to Modern WSO2 ESB Pla...
WSO2Con USA 2017: Journey of Migration from Legacy ESB to Modern WSO2 ESB Pla...WSO2Con USA 2017: Journey of Migration from Legacy ESB to Modern WSO2 ESB Pla...
WSO2Con USA 2017: Journey of Migration from Legacy ESB to Modern WSO2 ESB Pla...
 
WSO2Con USA 2017: APIs as Your Digital Connector
WSO2Con USA 2017: APIs as Your Digital ConnectorWSO2Con USA 2017: APIs as Your Digital Connector
WSO2Con USA 2017: APIs as Your Digital Connector
 
WSO2Con USA 2017: Enhancing Customer Experience with WSO2 Identity Server
WSO2Con USA 2017: Enhancing Customer Experience with WSO2 Identity ServerWSO2Con USA 2017: Enhancing Customer Experience with WSO2 Identity Server
WSO2Con USA 2017: Enhancing Customer Experience with WSO2 Identity Server
 
[WSO2Con EU 2017] Open Interoperability of WSO2 Analytics Platform
[WSO2Con EU 2017] Open Interoperability of WSO2 Analytics Platform[WSO2Con EU 2017] Open Interoperability of WSO2 Analytics Platform
[WSO2Con EU 2017] Open Interoperability of WSO2 Analytics Platform
 
Identity as a Managed Cloud Service
Identity as a Managed Cloud ServiceIdentity as a Managed Cloud Service
Identity as a Managed Cloud Service
 
[WSO2Con EU 2017] How API Management at Suva is Helping in Reducing Costs to ...
[WSO2Con EU 2017] How API Management at Suva is Helping in Reducing Costs to ...[WSO2Con EU 2017] How API Management at Suva is Helping in Reducing Costs to ...
[WSO2Con EU 2017] How API Management at Suva is Helping in Reducing Costs to ...
 
WSO2Con USA 2017: Multi-tenanted, Role-based Identity & Access Management sol...
WSO2Con USA 2017: Multi-tenanted, Role-based Identity & Access Management sol...WSO2Con USA 2017: Multi-tenanted, Role-based Identity & Access Management sol...
WSO2Con USA 2017: Multi-tenanted, Role-based Identity & Access Management sol...
 
McKesson Case Study
McKesson Case StudyMcKesson Case Study
McKesson Case Study
 
WSO2 Enterprise Integrator 101
WSO2 Enterprise Integrator 101WSO2 Enterprise Integrator 101
WSO2 Enterprise Integrator 101
 
Seamless Integration of Data in E Government
Seamless Integration of Data in E Government Seamless Integration of Data in E Government
Seamless Integration of Data in E Government
 
API Management Building Blocks and Business value
API Management Building Blocks and Business valueAPI Management Building Blocks and Business value
API Management Building Blocks and Business value
 
WSO2Con USA 2017: Introduction to Security: End-to-End Identity Management
WSO2Con USA 2017: Introduction to Security: End-to-End Identity ManagementWSO2Con USA 2017: Introduction to Security: End-to-End Identity Management
WSO2Con USA 2017: Introduction to Security: End-to-End Identity Management
 
WSO2Con USA 2017: Managing Verifone’s New Payment Device “Carbon” with WSO2’s...
WSO2Con USA 2017: Managing Verifone’s New Payment Device “Carbon” with WSO2’s...WSO2Con USA 2017: Managing Verifone’s New Payment Device “Carbon” with WSO2’s...
WSO2Con USA 2017: Managing Verifone’s New Payment Device “Carbon” with WSO2’s...
 

Viewers also liked

WSO2 Identity Server - Product Overview
WSO2 Identity Server - Product OverviewWSO2 Identity Server - Product Overview
WSO2 Identity Server - Product Overview
WSO2
 
Detecção de Fraudes em Licitações Usando Batch Analytics com WSO2
Detecção de Fraudes em Licitações Usando Batch Analytics com WSO2Detecção de Fraudes em Licitações Usando Batch Analytics com WSO2
Detecção de Fraudes em Licitações Usando Batch Analytics com WSO2
WSO2
 
Integração SAP com Plataformas 100% OpenSource
Integração SAP com Plataformas 100% OpenSourceIntegração SAP com Plataformas 100% OpenSource
Integração SAP com Plataformas 100% OpenSource
WSO2
 
Java 8 ​and ​Best Practices
Java 8 ​and ​Best Practices Java 8 ​and ​Best Practices
Java 8 ​and ​Best Practices
WSO2
 
Dealing with Common Data Requirements in Your Enterprise
Dealing with Common Data Requirements in Your EnterpriseDealing with Common Data Requirements in Your Enterprise
Dealing with Common Data Requirements in Your Enterprise
WSO2
 
Solution Architecture Patterns for Digital Transformation
Solution Architecture Patterns for Digital TransformationSolution Architecture Patterns for Digital Transformation
Solution Architecture Patterns for Digital Transformation
WSO2
 
2016 Year End Webinar - Are You Ready for Digital Transformation?
2016 Year End Webinar - Are You Ready for Digital Transformation?2016 Year End Webinar - Are You Ready for Digital Transformation?
2016 Year End Webinar - Are You Ready for Digital Transformation?
WSO2
 
Soluciones para Mejorar la Toma de Decisiones, la Analítica en Tiempo Real y ...
Soluciones para Mejorar la Toma de Decisiones, la Analítica en Tiempo Real y ...Soluciones para Mejorar la Toma de Decisiones, la Analítica en Tiempo Real y ...
Soluciones para Mejorar la Toma de Decisiones, la Analítica en Tiempo Real y ...
WSO2
 

Viewers also liked (8)

WSO2 Identity Server - Product Overview
WSO2 Identity Server - Product OverviewWSO2 Identity Server - Product Overview
WSO2 Identity Server - Product Overview
 
Detecção de Fraudes em Licitações Usando Batch Analytics com WSO2
Detecção de Fraudes em Licitações Usando Batch Analytics com WSO2Detecção de Fraudes em Licitações Usando Batch Analytics com WSO2
Detecção de Fraudes em Licitações Usando Batch Analytics com WSO2
 
Integração SAP com Plataformas 100% OpenSource
Integração SAP com Plataformas 100% OpenSourceIntegração SAP com Plataformas 100% OpenSource
Integração SAP com Plataformas 100% OpenSource
 
Java 8 ​and ​Best Practices
Java 8 ​and ​Best Practices Java 8 ​and ​Best Practices
Java 8 ​and ​Best Practices
 
Dealing with Common Data Requirements in Your Enterprise
Dealing with Common Data Requirements in Your EnterpriseDealing with Common Data Requirements in Your Enterprise
Dealing with Common Data Requirements in Your Enterprise
 
Solution Architecture Patterns for Digital Transformation
Solution Architecture Patterns for Digital TransformationSolution Architecture Patterns for Digital Transformation
Solution Architecture Patterns for Digital Transformation
 
2016 Year End Webinar - Are You Ready for Digital Transformation?
2016 Year End Webinar - Are You Ready for Digital Transformation?2016 Year End Webinar - Are You Ready for Digital Transformation?
2016 Year End Webinar - Are You Ready for Digital Transformation?
 
Soluciones para Mejorar la Toma de Decisiones, la Analítica en Tiempo Real y ...
Soluciones para Mejorar la Toma de Decisiones, la Analítica en Tiempo Real y ...Soluciones para Mejorar la Toma de Decisiones, la Analítica en Tiempo Real y ...
Soluciones para Mejorar la Toma de Decisiones, la Analítica en Tiempo Real y ...
 

Similar to Addressing Security Concerns with WSO2 Governance Registry Policy Store

Leveraging Governance in the IBM WebSphere Service Registry and Repository fo...
Leveraging Governance in the IBM WebSphere Service Registry and Repository fo...Leveraging Governance in the IBM WebSphere Service Registry and Repository fo...
Leveraging Governance in the IBM WebSphere Service Registry and Repository fo...
Prolifics
 
SAS 70 in a Post-Sarbanes, SaaS World: Quest Session 52070
SAS 70 in a Post-Sarbanes, SaaS World: Quest Session 52070SAS 70 in a Post-Sarbanes, SaaS World: Quest Session 52070
SAS 70 in a Post-Sarbanes, SaaS World: Quest Session 52070
retheauditors
 
Whitepaper: Software Defined Data Center – An Implementation view - Happiest ...
Whitepaper: Software Defined Data Center – An Implementation view - Happiest ...Whitepaper: Software Defined Data Center – An Implementation view - Happiest ...
Whitepaper: Software Defined Data Center – An Implementation view - Happiest ...
Happiest Minds Technologies
 
Building a SaaS using WSO2 Stratos
Building a SaaS using WSO2 StratosBuilding a SaaS using WSO2 Stratos
Building a SaaS using WSO2 StratosWSO2
 
Enterprise Use Case Webinar - PaaS Metering and Monitoring
Enterprise Use Case Webinar - PaaS Metering and Monitoring Enterprise Use Case Webinar - PaaS Metering and Monitoring
Enterprise Use Case Webinar - PaaS Metering and Monitoring WSO2
 
idkidkidkidkidkidkidkdkidkidkidkidkidkidk
idkidkidkidkidkidkidkdkidkidkidkidkidkidkidkidkidkidkidkidkidkdkidkidkidkidkidkidk
idkidkidkidkidkidkidkdkidkidkidkidkidkidk
mahigangal22
 
Data-As-A-Service to enable compliance reporting
Data-As-A-Service to enable compliance reportingData-As-A-Service to enable compliance reporting
Data-As-A-Service to enable compliance reporting
AnalyticsWeek
 
Azure API Manegement Introduction and Integeration with BizTalk
Azure API Manegement Introduction and Integeration with BizTalkAzure API Manegement Introduction and Integeration with BizTalk
Azure API Manegement Introduction and Integeration with BizTalk
Shailesh Dwivedi
 
License Position Snapshot Service
License Position Snapshot ServiceLicense Position Snapshot Service
License Position Snapshot Service
Flexera
 
Twin Cities IAM Meet Up - May 2014 - The latest in authorization trends and s...
Twin Cities IAM Meet Up - May 2014 - The latest in authorization trends and s...Twin Cities IAM Meet Up - May 2014 - The latest in authorization trends and s...
Twin Cities IAM Meet Up - May 2014 - The latest in authorization trends and s...
ggebel
 
Qualifying SaaS, IaaS.pptx
Qualifying SaaS, IaaS.pptxQualifying SaaS, IaaS.pptx
Qualifying SaaS, IaaS.pptx
Sachin Bhandari
 
SOA Pattern : Policy Centralization
SOA Pattern : Policy CentralizationSOA Pattern : Policy Centralization
SOA Pattern : Policy Centralization
WSO2
 
SOX Cloud Criteria Cloud Hosted Accounting
SOX Cloud Criteria Cloud Hosted AccountingSOX Cloud Criteria Cloud Hosted Accounting
SOX Cloud Criteria Cloud Hosted Accounting
RoseASP
 
4. cloud procurement
4. cloud procurement4. cloud procurement
4. cloud procurement
Amazon Web Services LATAM
 
Concorde Solutions ITAM Review Tools Day
Concorde Solutions ITAM Review Tools Day Concorde Solutions ITAM Review Tools Day
Concorde Solutions ITAM Review Tools Day
Martin Thompson
 
APAC Data centre Service Provider landscape - FrostIQ
APAC Data centre Service Provider landscape - FrostIQAPAC Data centre Service Provider landscape - FrostIQ
APAC Data centre Service Provider landscape - FrostIQ
Ajay Sunder
 
Service Analysis And Design
Service Analysis And DesignService Analysis And Design
Service Analysis And Design
Rody Middelkoop
 
SCOM 2012 service SaaS
SCOM 2012 service SaaSSCOM 2012 service SaaS
SCOM 2012 service SaaS
M Senthil Kumar
 
Service Oriented Architecture
Service Oriented ArchitectureService Oriented Architecture
Service Oriented Architecture
gulimran
 

Similar to Addressing Security Concerns with WSO2 Governance Registry Policy Store (20)

Leveraging Governance in the IBM WebSphere Service Registry and Repository fo...
Leveraging Governance in the IBM WebSphere Service Registry and Repository fo...Leveraging Governance in the IBM WebSphere Service Registry and Repository fo...
Leveraging Governance in the IBM WebSphere Service Registry and Repository fo...
 
SAS 70 in a Post-Sarbanes, SaaS World: Quest Session 52070
SAS 70 in a Post-Sarbanes, SaaS World: Quest Session 52070SAS 70 in a Post-Sarbanes, SaaS World: Quest Session 52070
SAS 70 in a Post-Sarbanes, SaaS World: Quest Session 52070
 
Whitepaper: Software Defined Data Center – An Implementation view - Happiest ...
Whitepaper: Software Defined Data Center – An Implementation view - Happiest ...Whitepaper: Software Defined Data Center – An Implementation view - Happiest ...
Whitepaper: Software Defined Data Center – An Implementation view - Happiest ...
 
Building a SaaS using WSO2 Stratos
Building a SaaS using WSO2 StratosBuilding a SaaS using WSO2 Stratos
Building a SaaS using WSO2 Stratos
 
Enterprise Use Case Webinar - PaaS Metering and Monitoring
Enterprise Use Case Webinar - PaaS Metering and Monitoring Enterprise Use Case Webinar - PaaS Metering and Monitoring
Enterprise Use Case Webinar - PaaS Metering and Monitoring
 
idkidkidkidkidkidkidkdkidkidkidkidkidkidk
idkidkidkidkidkidkidkdkidkidkidkidkidkidkidkidkidkidkidkidkidkdkidkidkidkidkidkidk
idkidkidkidkidkidkidkdkidkidkidkidkidkidk
 
Data-As-A-Service to enable compliance reporting
Data-As-A-Service to enable compliance reportingData-As-A-Service to enable compliance reporting
Data-As-A-Service to enable compliance reporting
 
Azure API Manegement Introduction and Integeration with BizTalk
Azure API Manegement Introduction and Integeration with BizTalkAzure API Manegement Introduction and Integeration with BizTalk
Azure API Manegement Introduction and Integeration with BizTalk
 
License Position Snapshot Service
License Position Snapshot ServiceLicense Position Snapshot Service
License Position Snapshot Service
 
Twin Cities IAM Meet Up - May 2014 - The latest in authorization trends and s...
Twin Cities IAM Meet Up - May 2014 - The latest in authorization trends and s...Twin Cities IAM Meet Up - May 2014 - The latest in authorization trends and s...
Twin Cities IAM Meet Up - May 2014 - The latest in authorization trends and s...
 
Qualifying SaaS, IaaS.pptx
Qualifying SaaS, IaaS.pptxQualifying SaaS, IaaS.pptx
Qualifying SaaS, IaaS.pptx
 
SOA Pattern : Policy Centralization
SOA Pattern : Policy CentralizationSOA Pattern : Policy Centralization
SOA Pattern : Policy Centralization
 
SOX Cloud Criteria Cloud Hosted Accounting
SOX Cloud Criteria Cloud Hosted AccountingSOX Cloud Criteria Cloud Hosted Accounting
SOX Cloud Criteria Cloud Hosted Accounting
 
4. cloud procurement
4. cloud procurement4. cloud procurement
4. cloud procurement
 
Concorde Solutions ITAM Review Tools Day
Concorde Solutions ITAM Review Tools Day Concorde Solutions ITAM Review Tools Day
Concorde Solutions ITAM Review Tools Day
 
20150113
2015011320150113
20150113
 
APAC Data centre Service Provider landscape - FrostIQ
APAC Data centre Service Provider landscape - FrostIQAPAC Data centre Service Provider landscape - FrostIQ
APAC Data centre Service Provider landscape - FrostIQ
 
Service Analysis And Design
Service Analysis And DesignService Analysis And Design
Service Analysis And Design
 
SCOM 2012 service SaaS
SCOM 2012 service SaaSSCOM 2012 service SaaS
SCOM 2012 service SaaS
 
Service Oriented Architecture
Service Oriented ArchitectureService Oriented Architecture
Service Oriented Architecture
 

More from WSO2

Accelerate Enterprise Software Engineering with Platformless
Accelerate Enterprise Software Engineering with PlatformlessAccelerate Enterprise Software Engineering with Platformless
Accelerate Enterprise Software Engineering with Platformless
WSO2
 
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital TransformationWSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2
 
architecting-ai-in-the-enterprise-apis-and-applications.pdf
architecting-ai-in-the-enterprise-apis-and-applications.pdfarchitecting-ai-in-the-enterprise-apis-and-applications.pdf
architecting-ai-in-the-enterprise-apis-and-applications.pdf
WSO2
 
Driving Innovation: Scania's API Revolution with WSO2
Driving Innovation: Scania's API Revolution with WSO2Driving Innovation: Scania's API Revolution with WSO2
Driving Innovation: Scania's API Revolution with WSO2
WSO2
 
Less Is More: Utilizing Ballerina to Architect a Cloud Data Platform
Less Is More: Utilizing Ballerina to Architect a Cloud Data PlatformLess Is More: Utilizing Ballerina to Architect a Cloud Data Platform
Less Is More: Utilizing Ballerina to Architect a Cloud Data Platform
WSO2
 
Modernizing Legacy Systems Using Ballerina
Modernizing Legacy Systems Using BallerinaModernizing Legacy Systems Using Ballerina
Modernizing Legacy Systems Using Ballerina
WSO2
 
WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...
WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...
WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...
WSO2
 
WSO2CON 2024 Slides - Unlocking Value with AI
WSO2CON 2024 Slides - Unlocking Value with AIWSO2CON 2024 Slides - Unlocking Value with AI
WSO2CON 2024 Slides - Unlocking Value with AI
WSO2
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
WSO2
 
Quantum Leap in Next-Generation Computing
Quantum Leap in Next-Generation ComputingQuantum Leap in Next-Generation Computing
Quantum Leap in Next-Generation Computing
WSO2
 
WSO2CON 2024 - Elevating the Integration Game to the Cloud
WSO2CON 2024 - Elevating the Integration Game to the CloudWSO2CON 2024 - Elevating the Integration Game to the Cloud
WSO2CON 2024 - Elevating the Integration Game to the Cloud
WSO2
 
WSO2CON 2024 - OSU & WSO2: A Decade Journey in Integration & Innovation
WSO2CON 2024 - OSU & WSO2: A Decade Journey in Integration & InnovationWSO2CON 2024 - OSU & WSO2: A Decade Journey in Integration & Innovation
WSO2CON 2024 - OSU & WSO2: A Decade Journey in Integration & Innovation
WSO2
 
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open SourceWSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
WSO2
 
WSO2CON 2024 Slides - Open Source to SaaS
WSO2CON 2024 Slides - Open Source to SaaSWSO2CON 2024 Slides - Open Source to SaaS
WSO2CON 2024 Slides - Open Source to SaaS
WSO2
 
WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?
WSO2
 
WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...
WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...
WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...
WSO2
 
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
WSO2
 
WSO2CON 2024 - Software Engineering for Digital Businesses
WSO2CON 2024 - Software Engineering for Digital BusinessesWSO2CON 2024 - Software Engineering for Digital Businesses
WSO2CON 2024 - Software Engineering for Digital Businesses
WSO2
 
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
WSO2
 
WSO2CON 2024 - Designing Event-Driven Enterprises: Stories of Transformation
WSO2CON 2024 - Designing Event-Driven Enterprises: Stories of TransformationWSO2CON 2024 - Designing Event-Driven Enterprises: Stories of Transformation
WSO2CON 2024 - Designing Event-Driven Enterprises: Stories of Transformation
WSO2
 

More from WSO2 (20)

Accelerate Enterprise Software Engineering with Platformless
Accelerate Enterprise Software Engineering with PlatformlessAccelerate Enterprise Software Engineering with Platformless
Accelerate Enterprise Software Engineering with Platformless
 
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital TransformationWSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
 
architecting-ai-in-the-enterprise-apis-and-applications.pdf
architecting-ai-in-the-enterprise-apis-and-applications.pdfarchitecting-ai-in-the-enterprise-apis-and-applications.pdf
architecting-ai-in-the-enterprise-apis-and-applications.pdf
 
Driving Innovation: Scania's API Revolution with WSO2
Driving Innovation: Scania's API Revolution with WSO2Driving Innovation: Scania's API Revolution with WSO2
Driving Innovation: Scania's API Revolution with WSO2
 
Less Is More: Utilizing Ballerina to Architect a Cloud Data Platform
Less Is More: Utilizing Ballerina to Architect a Cloud Data PlatformLess Is More: Utilizing Ballerina to Architect a Cloud Data Platform
Less Is More: Utilizing Ballerina to Architect a Cloud Data Platform
 
Modernizing Legacy Systems Using Ballerina
Modernizing Legacy Systems Using BallerinaModernizing Legacy Systems Using Ballerina
Modernizing Legacy Systems Using Ballerina
 
WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...
WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...
WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...
 
WSO2CON 2024 Slides - Unlocking Value with AI
WSO2CON 2024 Slides - Unlocking Value with AIWSO2CON 2024 Slides - Unlocking Value with AI
WSO2CON 2024 Slides - Unlocking Value with AI
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
 
Quantum Leap in Next-Generation Computing
Quantum Leap in Next-Generation ComputingQuantum Leap in Next-Generation Computing
Quantum Leap in Next-Generation Computing
 
WSO2CON 2024 - Elevating the Integration Game to the Cloud
WSO2CON 2024 - Elevating the Integration Game to the CloudWSO2CON 2024 - Elevating the Integration Game to the Cloud
WSO2CON 2024 - Elevating the Integration Game to the Cloud
 
WSO2CON 2024 - OSU & WSO2: A Decade Journey in Integration & Innovation
WSO2CON 2024 - OSU & WSO2: A Decade Journey in Integration & InnovationWSO2CON 2024 - OSU & WSO2: A Decade Journey in Integration & Innovation
WSO2CON 2024 - OSU & WSO2: A Decade Journey in Integration & Innovation
 
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open SourceWSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
 
WSO2CON 2024 Slides - Open Source to SaaS
WSO2CON 2024 Slides - Open Source to SaaSWSO2CON 2024 Slides - Open Source to SaaS
WSO2CON 2024 Slides - Open Source to SaaS
 
WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?
 
WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...
WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...
WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...
 
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
 
WSO2CON 2024 - Software Engineering for Digital Businesses
WSO2CON 2024 - Software Engineering for Digital BusinessesWSO2CON 2024 - Software Engineering for Digital Businesses
WSO2CON 2024 - Software Engineering for Digital Businesses
 
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
 
WSO2CON 2024 - Designing Event-Driven Enterprises: Stories of Transformation
WSO2CON 2024 - Designing Event-Driven Enterprises: Stories of TransformationWSO2CON 2024 - Designing Event-Driven Enterprises: Stories of Transformation
WSO2CON 2024 - Designing Event-Driven Enterprises: Stories of Transformation
 

Recently uploaded

Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AIEnchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Vladimir Iglovikov, Ph.D.
 
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfUnlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Malak Abu Hammad
 
Pushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 daysPushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 days
Adtran
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Paige Cruz
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
KatiaHIMEUR1
 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
Quotidiano Piemontese
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance
 
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex ProofszkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
Alex Pruden
 
A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
sonjaschweigert1
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Albert Hoitingh
 
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
SOFTTECHHUB
 
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
名前 です男
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
ControlCase
 
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdfUni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems S.M.S.A.
 
UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5
DianaGray10
 
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Nexer Digital
 
Building RAG with self-deployed Milvus vector database and Snowpark Container...
Building RAG with self-deployed Milvus vector database and Snowpark Container...Building RAG with self-deployed Milvus vector database and Snowpark Container...
Building RAG with self-deployed Milvus vector database and Snowpark Container...
Zilliz
 
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
Neo4j
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
Alan Dix
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
Safe Software
 

Recently uploaded (20)

Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AIEnchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
 
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfUnlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
 
Pushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 daysPushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 days
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
 
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex ProofszkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
 
A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
 
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
 
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
 
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdfUni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdf
 
UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5
 
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
 
Building RAG with self-deployed Milvus vector database and Snowpark Container...
Building RAG with self-deployed Milvus vector database and Snowpark Container...Building RAG with self-deployed Milvus vector database and Snowpark Container...
Building RAG with self-deployed Milvus vector database and Snowpark Container...
 
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
 

Addressing Security Concerns with WSO2 Governance Registry Policy Store

  • 1. Addressing Security Concerns with WSO2 Governance Registry as Policy Store Arudsothy  Sriragu   (S   rArudsothy Sriragu (Senior Software Engineer-WSO2 Governance Registry) & Eranda Sooriyabandara (Senior Software Engineer-WSO2 Governance Registry)  Engineer-­‐WSO2  Governance  Registry)   &   Eranda  Sooriyabandara   (Senior  Software  Engineer-­‐WSO2  Governance   Registry)  
  • 2. About WSO2 •  Providing the only complete open source componentized cloud platform –  Dedicated to removing all the stumbling blocks to enterprise agility –  Enabling you to focus on business logic and business value •  Recognized by leading analyst firms as visionaries and leaders –  Gartner cites WSO2 as visionaries in all 3 categories of application infrastructure –  Forrester places WSO2 in top 2 for API Management •  Global corporation with offices in USA, UK & Sri Lanka –  200+ employees and growing •  Business model of selling comprehensive support & maintenance for our products
  • 3. 150+ globally positioned support customers
  • 4. Agenda }  Understanding the policy enforcement in SOA environment }  Why does a typical SOA enterprise need policy management }  Some terminologies used in policy enforcement }  How WSO2 Identity Server plays as XACML policy engine }  Run-time policy vs Design-time policy }  Demo - Sample usecase where WSO2 Governance Registry can be used as policy store }  Q&A
  • 5. Understand the policy enforcement in SOA environment }  A typical service oriented enterprise will have mainly three objects in interaction which are service consumers, services and resources }  How can a SOA environment control varies authorization level depends on the consumer type such as admin user, publisher level user, subscriber level user, login level user..etc. }  To address the above complexity SOA environment forced to have a varies type of policies. }  Therefore applying policies for SOA environment to control its activities during the service consumption or service design will be called as policy enforcement.
  • 6. Why a typical SOA enterprise need policy management }  To control authorization level among the users accessing the services in any typical SOA environment. }  Prevent Unauthorized access to the services must be prevented. }  Quality of service should be managed by service policy. Therefore SOA enterprise needs a policy management system. }  Giving the access to the correct version of the service based on the consumer type. It can be managed by a versioning policy. }  SOA enterprises need to enforce the policy to accept the content passed as payload in terms of encoding format.    
  • 7. Some terminologies used in policy enforcement }  PEP -it stands for policy enforcement point where the incoming request is received and authorization request will be generated and sent over to authorization engine. }  PIP - stands for policy information point where information about policy elements such as attribute value and meaning, resource information used in policy, environment in which the particular policy to be evaluated. }  PDP - stands for policy decision point where the authorization request is evaluated which has been sent by the PEP and decision is made whether to authorize or not. This point in general called as authorization engine since it is the decision maker for authorization request.
  • 8. Contd……… }  PAP - stands for policy administration point where the policy is managed. }  PRP - stands for policy retrieval point where the policy is stored and retrieved by authorization engine to evaluate against the incoming authorization request. }  WSO2 IS can be used as a PAP, PIP and PDP. }  WSO2 Governance Registry is used as PRP. }  WSO2 ESB can be used as PEP.
  • 9. How WSO2 Identity Server plays as XACML policy engine }  WSO2 IS uses the xacml policy based authorization. XACML stands for eXtensible access control markup language. }  WSO2 IS has the capability to play as a XACML based authorization engine. }  WSO2 IS makes decision based on the policy relevant to the request, in other word IS functions as policy decision point. }  WSO2 Identity Server (IS) makes authorization decision based on XACML request. }  IS returns it authorization response to the policy enforcement point with what action to be taken for the client request. Response will be allow or deny the access.
  • 10. Run-time policy vs Design-time policy }  Design time policies define the behavior of the service at the design time while the runtime policies define the behavior of the service at the runtime. }  Design time policies are enforced during the period when developer creates the services. For an example, WS-security to be used for security mechanisms. }  An example of runtime policy would be "Only users with admin role are allowed to update the resource A between 10 and 12 o'clock. This policy will be enforced and evaluated at the service invocation.
  • 11. Demo
  • 12. Demo
  • 13. Demo }  Client requests some resource via ESB proxy service. }  When the ESB receives the client request “entitlement mediator”[PEP] will generate the xacml request and call the WSO2 IS [PDP] “entitlement admin service” endpoint. }  WSO2 IS retrieves the policy stored in the Governance Registry and evaluates xacml request. WSO2 IS functions as xacml engine }  Depends on the decision made by the IS request will be processed further and returned the resource to the client or returned with an unauthorized message.
  • 14. References }  http://wso2.com/library/articles/2011/08/finegrained-authorization- restful-services-xacml }  http://wso2.com/library/articles/2011/10/understanding-xacml- policy-language-xacml-extended-assertion-markup-langue-part-1 }  http://blog.facilelogin.com/2009/06/guide-to-write-xacml-policies- in-wso2.html }  http://hasini-gunasinghe.blogspot.com/2011/12/entitlement- service-xacml-pdp-as-web.html }  http://blog.facilelogin.com/2009/05/identity-server-20-as-xacml- engine.html
  • 15. Questions and Answers        Q                  &                  A
  • 16. Engage with WSO2 •  Helping you get the most out of your deployments •  From project evaluation and inception to development and going into production, WSO2 is your partner in ensuring 100% project success
  • 17. Engage with WSO2 •  Helping you get the most out of your deployments •  From project evaluation and inception to development and going into production, WSO2 is your partner in ensuring 100% project success