This document introduces a 4-step identity implementation roadmap and compares commercial and open source identity management solutions. It discusses common identity management project mistakes and how to avoid them. It also provides an overview of the open source JOSSO identity management product, highlighting case studies of its use by organizations like the State of Florida and Software AG. The document concludes with contact information for learning more about JOSSO and its certified implementation partner in Brazil.

1. Leveraging identity with Josso, the Professional Open Source

2. GoalsIntroduce a 4-step Identity Implementation RoadmapExamine the most common Identity Management Project mistakes; and how to avoid themCompare commercial and open source Identity Management Solutions head-to-head Drill down on the JOSSO Open Source Product, Adopters and Case StudiesQ&A

3. A non-IAM Adopter Organization

4. Bird’s eye view of an IdentityInside-Out Implementation Roadmap Deliver an Authoritative Source

5. End the password nightmare

6. Build service around Identity

7. Push Identity beyond organizational boundariesUnify – Deliver an Authoritative SourceWHYBuild value from your identity dataRealize the data backbone of the identity spinal cordHOWAdopt and Extend a user schemaChoose your persistence mechanism and protocol for storing and exposing your organization identities respectivelySet up an Authoritative Source for user and entitlement informationAPPROACHESBatch data synchronization and Reconciliation Directory Virtualization

8. Leverage – End the password nightmareWHYIncrease operational efficiencyIncrease securityHOWAuthentication and Authorization still handled within the application tierPoint business applications to the authoritative source for looking up user and entitlement recordsFederate local identity store against authoritative sourceAPPROACHESConnecting authoritative source to identity consumersBusiness application retrofitting of the identity data layer

9. Service – Build services around identityWHYEnhance user experienceIncrease operational efficiencyIncrease securityHOWSet up an Asserting Authority capable of emitting security tokensAdopt standards for security token emission, formatting and underlying trust system Shift Authentication and Authorization Processes to the Asserting AuthorityLeverage Asserting Authority services from business applications and application platformsAPPROACHESImplement a Standard-based Access Management Solution

10. Externalize – Push Identity beyond organizational boundariesWHYAchieve interoperation with external organizations/domainsExtend the reach of organization’s identity services to the CloudBring Public Cloud services on boardHOWIntroduce support for producing and consuming standard-based assertions (e.g. using the SAML2 protocol)Set up Inbound & Outbound Federated Connections with Partner sitesAPPROACHESDeliver the Federated Identity capabilities into the Access Management Solution – with little to no impact in the application baseDeliver the Federated Identity Capabilities into the Business Application tier – requires retrofitting business applications that need to be externalized; or need to leverage externalized services

11. An IAM Adopter Organization

12. Ingredients for Failure in a IAM ProjectAssume that the product is the solution

13. Underestimate technological complexity

14. Underestimate effort

15. Lack of sponsorship

16. Management not knowledgeable about IAM

17. Approach the project in a waterfall style

18. Implementing IAM infrastructure in-house Ingredients for Success in a IAM ProjectHaving skilled IAM people is more important than the product

19. Invest in defining your Identity Architecture up front; scaffolding it in a proof-of-concept (POC)

20. Plan ahead based on realistic time lines

21. Get the right level of sponsorship for your project

22. Look for coaching from IAM SME’s

23. Execute your project using a staged approach, driven by business value and risk mitigation

24. Rely on proven solutions while focusing on your business Two sides of the same coin

25. Highlights of Commercial IAM Solutions Expensive due to commonly associated user licensing and implementation costs

26. Force you to take a “suite” instead of a best-of-breed approach

27. Usually built on legacy technologies

28. Little extensibility is provided for realizingreal-world scenarios

29. Vendor lock-in

30. No access to source code for diagnosing and eventually solving IAM-specific issues Highlights of Sponsored Open Source Solutions No associated user-licensing cost. You are free to implement in a do-it-yourself fashion.

31. Deliver your identity solution based on mix-and-matching components

32. Usually current in terms of architecture and latest trends

33. Highly extensible for introducing your custom extensions if necessary

34. Source code is available and you are free to create your own version of the product

35. Source code is available for inspectionHead-to-Head Comparison of Commercial and Open Source IAM

36. JOSSO in a nutshell

37. The JOSSO Experience

38. Distinguished JOSSO Adopters

39. The State of Florida Case StudyThe Need: Enable interoperation among heterogeneous homeland security systems in terms of identity

40. The Solution: Deliver a timely, cost-effective identity and access management back-bone

41. Solution Highlights :

42. JOSSO as the identity stack

43. Based on Weblogic and JBoss environments

44. High-availability and Scalability enabled for Identity and Access Management Services

45. 60,000 users ApproximatelySoftware AG Case StudyThe Need: Enable seamless employee and customer access to Communities Ecosystem

46. The Solution: Deliver a timely, cost-effective Standard-based Federated Identity Solution without disrupting Communities Ecosystem

47. Solution Highlights :

48. JOSSO and Atricore Identity Bus as the identity stack

49. Federating against Novel Access Management using SAML2

50. High-availability and Scalability enabled for Identity and Access Management Services

51. 50,000 users approximatelyEuropean Union Case StudyThe Need: Enable identity services into the Planets Product - Preservation and Long-term Access through Networked Services - coordinated by the British Library

52. The Solution: Power the Planet platform with Open Source Identity Management Technology

53. Solution Highlights :

54. JOSSO as the identity stack

55. High-availability and Scalability enabled for Identity and Access Management ServicesQ&A

56. Contact InformationAtricore Inc. : www.atricore.comParceiroCertificado no Brasil:GoNow: www.gonow.com.br R. Tenerife, 31 – 10º andar Vila Olímpia – São Paulo/SP (11) 3046 2525

57. Perspector Data Slide - DO NOT EDITThis slide holds any pictures that are used by 3D images created with Perspector.The slide will not be displayed when the presentation is viewed as a slide show.If you want to send the presentation to someone else for them to watch, you can delete this slide in the copy that you send (but keep your original presentation for future editing).