Federated identity, Project Cloud QTR meeting @ Disney/ABC

•Download as PPTX, PDF•

0 likes•385 views

This document discusses different types of electronic identities and attributes used for authentication, authorization, and access across systems. It covers: - Basic username/password and file permission models for direct local access - More advanced directory services like LDAP, Kerberos, and PKI for system-level access across networks - How public key infrastructure uses certificates to authenticate parties, authorize access, and broker digital assets between organizations in a verifiable way similar to state-issued IDs - The use of certificates to establish unique identities, security features, context, and limitations for both people and systems seeking to collaborate or provide access to resources.

Technology

A linked electronic identity and attributes used across
distinct access systems

Authentication – Username / Password
Authorization – open or simple permissions
Access – direct, local resources

Authentication – shared/replicated credentials
Authorization – file permissions, Owner ID, GroupID
Access – system accessible resources, SAN

Authentication – LDAP/AD, OTP, RADIUS/TACACS,
SSO/RSO, PKI
Authorization – LDAP, GPO, NFS, Kerberos, IAM
Access – NFS, Kerberos, SMB, NAS

Authentication – by service provider, LDAP/AD export,
Public Key Infrastructure (PKI)
Authorization – brokered Digital Asset Management,
Higgins trust framework, Bandit,
Security Assertion Markup Language (SAML),
OpenID, PKI
Access – via API, HADOOP, SPARK, S3, SOAP, REST,
FASP, OpenStack

Issued by regional / delegated authority – state government
Recognized by other agencies - governments, businesses
Contains embedded security features – hologram, magnetic
strip, UV seal, smartchip, barcodes
Contains unique attributes – photo, fingerprint,
signature, license number, street address
Establishes context and limitations – operating class,
expiration date, physical restrictions

Issued by regional / delegated authority – Certificate Authority (CA)
Recognized by other agencies – validated by other CAs, and
filed to use during collaboration
Embedded security features – digital fingerprint , encryption key,
and RSA hash
Contains unique attributes – email address, private key hash,
digital signature, project ID, business
affiliations, organizational roles,
any relevant attribute
Establishes context and limitations – issuing authority, expiration
times, revocation authority

Identities and attributes are embedded in certificates.
Relationships and authorizations can be made using
certificates.
Certificates are created and validated through Certificate
Authority and exchanged between appropriate parties.
Storage vendor uses certificates for authentication,
authorization, and access to objects.

Any data file, object storage or not, can contain value, so
use of encryption is highly desirable.
The further away from direct control, the more
important encryption becomes.
Encryption keys are much more easily exchanged using
certificates, especially if based on public/private key
pairs, like PGP.

Federated identity, Project Cloud QTR meeting @ Disney/ABC

The global system behind a viewer’s transaction of watching a movie or TV show impacts viewers and show creators every day. What if all stakeholders had the same facts – Writers, Producers, Directors, Unions, Studios, Networks, Distributors, Theaters, Broadcasters, Cable Providers, Satellite providers, OTT providers and viewers? Blockchains offer precisely this opportunity. In this article we are going to explore new methods for enabling accountability in pre-production, production, post production, distribution, consumption and reporting with a secure chain of custody and metadata to be accessed, including key social attributes such as viewing method, display usage, rights compliance, and digital rights management. Speaker : Steve Wong, HPE

Day 3 Conference Welcome by Erik Weaver

ETCenter

Security + Cloud: What studios and vendors need to consider when adopting clo...

ETCenter

"The Suitcase" Project Cloud QTR meeting presentation @ Disney/ABC

ETCenter

Immersive media content such as 360 degree video places a unique set of demands on cloud-based infrastructure from a complete end to end solution point of view. A key goal for any solution of this nature is to keep costs low while not impacting availability, scale and compute performance. In this talk we will look at how to solve ingest, processing, storage and delivery of live and on-demand content for immersive media delivery, and present a reference design for 360 degree streaming using best-practice architectural patterns. Speakers: Konstantin Wilms, Principal Solutions Architect M&E, AWS and Chad Schmutzer, Specialist Solutions Architect SPOT, AWS

Similar to Federated identity, Project Cloud QTR meeting @ Disney/ABC

Authorization Policy in a PKI Environment Mary Thompson Srilekha Mudumbai A...

Information Security Awareness Group

Building Open Source Identity Management with FreeIPALDAPCon

CyberoamNGFWTechSheetMaliha Ali

CyberoamNGFWTechSheetbakar kazmi

CyberoamNGFWTechSheetBaqar kazmi

CyberoamNGFWTechSheetMuhammad Owais Akhtar

CyberoamNGSeriesUTMTechSheetBaqar Kazmi

CyberoamNGSeriesUTMTechSheetBaqar kazmi

CyberoamNGSeriesUTMTechSheetMaliha Ali

CyberoamNGSeriesUTMTechSheetbakar kazmi

Layer 7: Managing SOA Security and Operations with SecureSpan

CA API Management

Week Topic Code Access vs Event Based.pptx

ArjayBalberan1

Crypto passport authentication

David Hoen

Crypto passport authentication

Young Alista

Crypto passport authentication

Harry Potter

Crypto passport authentication

Tony Nguyen

Crypto passport authentication

Luis Goldster

Crypto passport authentication

James Wong

Crypto passport authentication

Fraboni Ec

Similar to Federated identity, Project Cloud QTR meeting @ Disney/ABC (20)

Authorization Policy in a PKI Environment Mary Thompson Srilekha Mudumbai A...

Building Open Source Identity Management with FreeIPA

CyberoamNGFWTechSheet

CyberoamNGSeriesUTMTechSheet

Layer 7: Managing SOA Security and Operations with SecureSpan

Week Topic Code Access vs Event Based.pptx

Crypto passport authentication

More from ETCenter

Securing Content in the Cloud

ETCenter

Building Highly Scalable Immersive Media Solutions on AWS

ETCenter

How broadcasters can get in the VR game with sports

ETCenter

With new distribution deals from the NFL on Twitter to ESPN on Sling how we watch TV is now driven by the consumer demand to do more while we watch tune in to watch our favorite team. Enter virtual reality. VR is the first truly transformative technology for sports broadcasting in years – to date, the biggest improvements we've seen have been HD (just better picture) and ""the yellow line."" With VR, we can actually take you to the game, like you're sitting courtside or on the 50year line, while still being able to check their Twitter, trash talk and follow their team in realtime. Speakers : Saswat Panda, CTO, Livelikevr and Michael Davies, SVP Fox Sports

Improve Efficiency by Double Digits – Leveraging Artificial Intelligence and ...

ETCenter

Looking beyond the script

ETCenter

he practical use of computational linguistics for story adaptation and project development. A short case study on the use of natural language processing techniques to support the screenplay adaptation of a popular young-adult novel series. Rather than trying to ‘crack the code’, Double Bishop supports development strategies by revealing hidden insights and bridging interpretive feedback with objective analysis and recommendations. Speaker : Anton Andreacchio, Managing Director, Double Bishop/JumpgateVR

Cloud Apps for Media Processing: IMF Packaging-on-Demand

ETCenter

This talk will address how IMF can benefit a facility where versions matter. It will briefly consider how IMF works and then look at use cases of where automation can be used to ensure optimal handling of titles both at the point of creation and also over time as versions are created, managed and distributed. Developed as an effort to reduce complexity and costs for multi-version content publishing for production, post-production and program preparation workflows, the Dalet xN IMF Maker service will be presented as an example. Speaker : Eric Carson, Senior Business Development Manager, Dalet

IP for Sports broadcast

ETCenter

The distributive aspect of cloud on the digital world

ETCenter

The shift to digital is requiring all types of companies to implement new commerce and collaboration models to engage customers, partners and employees, and support new connectivity and data models for analytics, IoT, and other digital services. To sustainably survive digital disruption, traditional organizations in media and entertainment are transforming their business architectures and IT delivery architectures together. Jason will highlight some specific customer case studies in media and entertainment and talk about how preparing for this shift is of paramount importance to the industry. Speaker : Jason Sherwood, Sr. Manager, Equinix Global Solutions Architects, Equinix

Cloud Transition Patterns for Media Enterprises

ETCenter

On one hand media enterprises using workflows involving thick apps and traditional server based workflows have business opportunities of lifting and shifting from on-prem infrastructure to off-prem cloud or centralized data centers. On the other hand, cloud native micro-services architectures and web apps provide options to implement new services and apps rapidly and dynamically. This talk provides insights into the different hosting patterns observed from these media enterprises, and discusses a common framework provided by Avid’s Media Central Platform to realize the business opportunities under the different hosting models. Speaker : Shailendra Mathur, VP Architecture, AVID

Hacking IoT: the new threat for content assets

ETCenter

Connected devices play an important role in creating and consuming both theatrical and broadcast content, ranging from smart TVs, to connected cameras, to wireless routers, and more. However, these same devices also introduce new security risk, and new attack surfaces against which malicious adversaries can launch their campaigns. Presented by the elite security research group behind esteemed hacking concepts such as IoT Village, this session examines data-based industry trends, the ways in which connected devices are compromised, and what to do about it. Speaker : Ted Harrington, ISE

Graymeta C4 use case, Deduplication

ETCenter

Object storage is awesome.. ETC "Project Cloud" QTR meeting @ Disney/ABC

ETCenter

Open Source Framework for Deploying Data Science Models and Cloud Based Appli...

ETCenter

Next generation applications address more sophisticated questions that go beyond 'What happened?' by using Machine Learning/Statistical modelling to answer 'Why?' and 'What will happen next? Data insights can be easily deployed and rapidly delivered to the decision makers via cloud based applications. This framework focuses on technologies available for the entire data workflow from ingestion and modeling to cloud deployment; Hadoop, MADlib, Python, R, CloudFoundry, etc. This presentation will also include examples of how this framework and innovative Data Science techniques have been applied across diverse business units within Media, including pricing analyses for ad optimization and predicting viewership.

Big Data/DIG: Domain-Specific Insight Graphs by Pedro Szekely of ISI/USC

ETCenter

Domain-specific Insight Graph (DIG) is a technology that harvests and harmonizes millions of Web pages to extract key elements of knowledge (e.g., entities and relations). It integrates corporate databases with the extracted data across sources and modalities encoding implicit and purposefully obfuscated relationships. It offers a faceted content search interface and visualizations to support analysis.

An Introduction to Data Gravity by John Tkaczewski of FileCatalyst

ETCenter

You're probably familiar with the concept of data gravity, even if you’ve never heard the term before. The emerging term and its concept are becoming increasingly popular as file sizes continue to grow at exponential rates, and cloud storage popularity becomes mainstream. This session will introduce the concept of data gravity, the factors at play, and how file transfer will play a role in the future.

This Is Not Your Parent’s Storage: Transitioning to Cloud Object Storage by I...

ETCenter

While the benefits of cloud technology are undeniable—from improved business agility to economies of scale—concerns still exist around security and performance in multi-tenant environments versus dedicated private deployments. Multi-tenant environments introduce additional parties to the trust model and additional factors to the performance mix. This presentation covers the benefits of transitioning media workflows to the cloud and how to overcome obstacles related to security and performance using real world successes as examples.

OpenStack meets TV Everywhere: Peanut Butter and Chocolate by Yuval Fisher of...

ETCenter

OpenStack is in the process of revolutionizing video delivery through virtualization, software defined networking and storage abstraction. OpenStack’s ability to rapidly deploy video ecosystems and dynamically scale them based on resource requirements is enabling service providers to offer new services faster, more robustly, and at lower cost. We’ll review TV Everywhere cloud deployment requirements and why the marriage of TV Everywhere and OpenStack is so compelling.

Cloud Atlas: A movie or a distribution movement? by Brendan Sullivan of Vubiq...

ETCenter

Managing the New Content Supply Chain: Efficiently Reach and Monetize Audienc...

ETCenter

New content supply chain has become increasingly more complex, as we move into the digital era with simplified, customizable workflow products, unifying legacy linear studio systems with digital content management and delivery across devices. This session will discuss the next evolution of cost-effective, powerful media-management solutions that combines the major components of a broadcast facility into a single workflow to launch and support fully automated and branded dynamic live stream channels, to all platforms, at a lower cost than a traditional broadcast infrastructure.

Shoot the Bird: Linear Broadcast Distribution on AWS by Usman Shakeel of Amaz...

ETCenter

Can traditional live linear content distribution models be effectively evolved from existing satellite communication networks to pure IP-based cloud-centric transit? In this session we will take a look at requirements that must be met to facilitate wide-scale distribution of content at low latency with high levels of availability, durability, reliability and throughput. We’ll look at best practices for high availability and resilience, take a deep dive into topics such as effective erasure correction and deterministic network topologies, factor in advantages around lower cost for compute and bandwidth when utilizing cloud-based infrastructure, and arrive at a reference architecture that can be used to drive B2B content distribution through the cloud at scale.

More from ETCenter (20)