SlideShare a Scribd company logo

Implementing eGov

ForgeRock
ForgeRock

ForgeRock Consultant Brad Tumy details eGov implementation in one of our Standards sessions.

Technology
1 of 19
Download to read offline
Brad Tumy 2013 Open Stack Identity Summit - France Tell me WHO are YOU? … ‘Cause I really want to know
Agenda •  Identity Assurance •  Identity Assurance Frameworks •  Implementation Requirements •  Typical Architecture Model @brad_tumy
Who am I? •  @brad_tumy •  http://www.linkedin.com/in/bradtumy •  Identity & Access Management Consultant •  18 Years of InfoSec (Development & Sys Integration) •  Experience: •  Technical Engineer on Dept. of Veteran’s Affairs E-Auth Project •  Tech Engineer on Dept. of Energy FICAM Project •  Tech Engineer on General Service Admin (GSA) FICAM Project •  Tech SME on Dept. of Labor FICAM Project @brad_tumy
Brad Tumy 2013 Open Stack Identity Summit - France So … WHO are YOU?
Brad Tumy 2013 Open Stack Identity Summit - France Identity Assurance
Identity Assurance “… the ability for a party to determine, with some level of certainty, that an electronic credential representing an entity - whether a human or a machine, with which it interacts to effect a transaction, can be trusted to actually belong to the entity.” Levels of Assurance Confidence Level Examples 1 Little or no confidence Google (IDP), Facebook (IDP) 2 Some confidence Corporate username and password 3 High confidence 2FA (Smart card, OTP, etc) 4 Very High Confidence Smart Card (but requires inperson identity proofing) @brad_tumy
Brad Tumy 2013 Open Stack Identity Summit - France Identity Assurance Frameworks
A few major Identity Assurance Frameworks Swedish eLegitimation Pan-Canadian STORK InCommon Kantara IDAP NSTIC / FICAM Australian Access Federation (AAF) National Electronic Authentication Framework @brad_tumy
Identity Assurance Framework Principles Identity Assurance Principle Control afforded to a user 1. User Control Identity assurance activities can only take place by user consent 2. Transparency Identity assurance can only take place in ways user understands and when fully informed 3. Multiplicity User can choose as many different identifiers or identity providers as desired 4. Data Minimization Request or transaction uses minimum identity data as necessary 5. Data Quality User chooses when to update records. 6. Service-User Access and Portability User has to be provided copies of user’s data on request; user can move data whenever they choose 7. Governance / Certification All participants in Identity Assurance System must be accredited 8. Problem Resolution Independent Arbitration 9. Exceptional Circumstances Any exceptions have to be approved by Governing body and subject to independent scrutiny @brad_tumy
Principles / Product Mapping Identity Assurance Principle 1. User Control User Consent Screen in SAML Transaction 2. Transparency User Consent Screen in SAML Transaction should display attributes being shared and how it is being shared. 3. Multiplicity Identity Proxy / IDP Finder 4. Data Minimization @brad_tumy OpenAM Configuration SAML Response should only send required attributes
Brad Tumy 2013 Open Stack Identity Summit - France Implementation Requirements
Implementation Reqs •  Service Provider •  Choice of Credential/IDP at •  Identity Provider •  Identity Proxy •  Provide User Consent appropriate LOA •  SAML request includes LOA mechanisms requirement in authentication context attribute •  Choice of Authentication mechanisms at appropriate •  Manage access according to LOA LOA requirements •  Identity Proofing •  @brad_tumy E.g., Adaptive Risk (e.g. Device Print)
Brad Tumy 2013 Open Stack Identity Summit - France Typical Architecture Model
OpenAM IAF Architecture IDP1 IDP2 Supports LOA1 e.g. Google IDP SAML Request LOA1 Supports LOA2 LOA2 IDP Proxy IDP3 Supports LOA3/4 PKI, 2FA, ETC LOA3 LOA 4 SAML Response Example SAML Request: http://machinea.sp.com/openam/saml2/jsp/spSSOInit.jsp?metaAlias=/ sp&idpEntityID=machineb.idpproxy.com&NameIDFormat=transient&AuthnContextClassRef= http://idmanagement.gov/icam/2009/12/saml_2.0_profile/assurancelevel1 @brad_tumy
Customize for Framework <?xml version="1.0" encoding="UTF-8" standalone="yes"?> <EntityDescriptor entityID="https://am2.ssobridge.com:8443/openam" xmlns="urn:oasis:names:tc:SAML: 2.0:metadata"> <Extensions> <ns1:EntityAttributes xmlns:ns1="urn:oasis:names:tc:SAML:metadata:attribute"> <ns2:Attribute Name="urn:oasis:names:tc:SAML:attribute:assurance-certification" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:ns2="urn:oasis:names:tc:SAML: 2.0:assertion"> <ns2:AttributeValue>http://idmanagement.gov/icam/2009/12/saml_2.0_profile/assurancelevel1 </ns2:AttributeValue> <ns2:AttributeValue>http://idmanagement.gov/icam/2009/12/saml_2.0_profile/assurancelevel2 </ns2:AttributeValue> <ns2:AttributeValue>http://idmanagement.gov/icam/2009/12/saml_2.0_profile/assurancelevel3 </ns2:AttributeValue> <ns2:AttributeValue>http://idmanagement.gov/icam/2009/12/saml_2.0_profile/assurancelevel4 </ns2:AttributeValue> </ns2:Attribute> </ns1:EntityAttributes> </Extensions> @brad_tumy
Brad Tumy 2013 Open Stack Identity Summit - France Questions? Thank you!!
Identity Assurance Programs •  US, NSTIC •  UK, Cabinet Programme Office •  EU, STORK (https://www.eid-stork.eu/) •  There's Pan-Canadian - you can talk to Colin Walls or Ken Dagg •  UK IDAP - John Bradley has been circling in the space •  Swedish eLegitimation @brad_tumy http://www.e-legitimation.se/Elegitimation/
ForgeRock Powerpoint Preso Template Secondary Line of Copy @brad_tumy
All-In-One-Access Management System •  One Solution to Protect Them All. •  One Solution to Protect Them All. •  One Solution to Protect Them All. •  Second Line •  Second Line @brad_tumy

Recommended

Webinar: OpenAM 12.0 - New Featurs
Webinar: OpenAM 12.0 - New FeatursWebinar: OpenAM 12.0 - New Featurs
Webinar: OpenAM 12.0 - New FeatursForgeRock
 
OpenAM - An Introduction
OpenAM - An IntroductionOpenAM - An Introduction
OpenAM - An IntroductionForgeRock
 
OIS Architecture Review
OIS Architecture ReviewOIS Architecture Review
OIS Architecture ReviewForgeRock
 
OpenAM: An Introduction
OpenAM: An IntroductionOpenAM: An Introduction
OpenAM: An IntroductionForgeRock
 
Incredible Edible Identity
Incredible Edible IdentityIncredible Edible Identity
Incredible Edible IdentityForgeRock
 
OpenAM Best Practices - Corelio Media Case Study
OpenAM Best Practices - Corelio Media Case Study OpenAM Best Practices - Corelio Media Case Study
OpenAM Best Practices - Corelio Media Case Study ForgeRock
 
Identity Management with the ForgeRock Identity Platform - So What’s New?
Identity Management with the ForgeRock Identity Platform - So What’s New?Identity Management with the ForgeRock Identity Platform - So What’s New?
Identity Management with the ForgeRock Identity Platform - So What’s New?ForgeRock
 
IDP Proxy Concept: Accessing Identity Data Sources Everywhere!
IDP Proxy Concept: Accessing Identity Data Sources Everywhere!IDP Proxy Concept: Accessing Identity Data Sources Everywhere!
IDP Proxy Concept: Accessing Identity Data Sources Everywhere!ForgeRock
 

Recommended

Webinar: OpenAM 12.0 - New Featurs
Webinar: OpenAM 12.0 - New FeatursWebinar: OpenAM 12.0 - New Featurs
Webinar: OpenAM 12.0 - New FeatursForgeRock
 
OpenAM - An Introduction
OpenAM - An IntroductionOpenAM - An Introduction
OpenAM - An IntroductionForgeRock
 
OIS Architecture Review
OIS Architecture ReviewOIS Architecture Review
OIS Architecture ReviewForgeRock
 
OpenAM: An Introduction
OpenAM: An IntroductionOpenAM: An Introduction
OpenAM: An IntroductionForgeRock
 
Incredible Edible Identity
Incredible Edible IdentityIncredible Edible Identity
Incredible Edible IdentityForgeRock
 
OpenAM Best Practices - Corelio Media Case Study
OpenAM Best Practices - Corelio Media Case Study OpenAM Best Practices - Corelio Media Case Study
OpenAM Best Practices - Corelio Media Case Study ForgeRock
 
Identity Management with the ForgeRock Identity Platform - So What’s New?
Identity Management with the ForgeRock Identity Platform - So What’s New?Identity Management with the ForgeRock Identity Platform - So What’s New?
Identity Management with the ForgeRock Identity Platform - So What’s New?ForgeRock
 
IDP Proxy Concept: Accessing Identity Data Sources Everywhere!
IDP Proxy Concept: Accessing Identity Data Sources Everywhere!IDP Proxy Concept: Accessing Identity Data Sources Everywhere!
IDP Proxy Concept: Accessing Identity Data Sources Everywhere!ForgeRock
 
THE FORGEROCK PLATFORM BIG PICTURE
THE FORGEROCK PLATFORM BIG PICTURETHE FORGEROCK PLATFORM BIG PICTURE
THE FORGEROCK PLATFORM BIG PICTUREForgeRock
 
Federation in Practice
Federation in PracticeFederation in Practice
Federation in PracticeForgeRock
 
Identity as a Managed Cloud Service
Identity as a Managed Cloud ServiceIdentity as a Managed Cloud Service
Identity as a Managed Cloud ServiceForgeRock
 
Webinar: ForgeRock Identity Platform Preview (Dec 2015)
Webinar: ForgeRock Identity Platform Preview (Dec 2015)Webinar: ForgeRock Identity Platform Preview (Dec 2015)
Webinar: ForgeRock Identity Platform Preview (Dec 2015)ForgeRock
 
Open Identity Stack Roadmap
Open Identity Stack RoadmapOpen Identity Stack Roadmap
Open Identity Stack RoadmapForgeRock
 
Directory Services with the ForgeRock Identity Platform - So What’s New?
Directory Services with the ForgeRock Identity Platform - So What’s New?Directory Services with the ForgeRock Identity Platform - So What’s New?
Directory Services with the ForgeRock Identity Platform - So What’s New?ForgeRock
 
Webinar: OpenIDM 3.1
Webinar: OpenIDM 3.1Webinar: OpenIDM 3.1
Webinar: OpenIDM 3.1ForgeRock
 
Customer Scale: Stateless Sessions and Managing High-Volume Digital Services
Customer Scale: Stateless Sessions and Managing High-Volume Digital ServicesCustomer Scale: Stateless Sessions and Managing High-Volume Digital Services
Customer Scale: Stateless Sessions and Managing High-Volume Digital ServicesForgeRock
 
OpenIG Webinar: Your Swiss Army Knife for Protecting and Securing Web Apps, A...
OpenIG Webinar: Your Swiss Army Knife for Protecting and Securing Web Apps, A...OpenIG Webinar: Your Swiss Army Knife for Protecting and Securing Web Apps, A...
OpenIG Webinar: Your Swiss Army Knife for Protecting and Securing Web Apps, A...ForgeRock
 
Webinar: Access Management with the ForgeRock Identity Platform - So What’s N...
Webinar: Access Management with the ForgeRock Identity Platform - So What’s N...Webinar: Access Management with the ForgeRock Identity Platform - So What’s N...
Webinar: Access Management with the ForgeRock Identity Platform - So What’s N...ForgeRock
 
A CONTEMPLATION OF OPENIG DEEP THOUGHTS
A CONTEMPLATION OF OPENIG DEEP THOUGHTSA CONTEMPLATION OF OPENIG DEEP THOUGHTS
A CONTEMPLATION OF OPENIG DEEP THOUGHTSForgeRock
 
OpenDJ - An Introduction
OpenDJ - An IntroductionOpenDJ - An Introduction
OpenDJ - An IntroductionForgeRock
 
OpenIDM - Flexible Provisioning Platform - April 28 Webinar
OpenIDM - Flexible Provisioning Platform - April 28 WebinarOpenIDM - Flexible Provisioning Platform - April 28 Webinar
OpenIDM - Flexible Provisioning Platform - April 28 WebinarForgeRock
 
Pimping the ForgeRock Identity Platform for a Billion Users
Pimping the ForgeRock Identity Platform for a Billion UsersPimping the ForgeRock Identity Platform for a Billion Users
Pimping the ForgeRock Identity Platform for a Billion UsersForgeRock
 
ForgeRock Platform Release - Summer 2016
ForgeRock Platform Release - Summer 2016 ForgeRock Platform Release - Summer 2016
ForgeRock Platform Release - Summer 2016 ForgeRock
 
WSO2 Identity Server 5.3.0 - Product Release Webinar
WSO2 Identity Server 5.3.0 - Product Release WebinarWSO2 Identity Server 5.3.0 - Product Release Webinar
WSO2 Identity Server 5.3.0 - Product Release WebinarWSO2
 
Integrating FIDO Authentication & Federation Protocols
Integrating FIDO Authentication & Federation ProtocolsIntegrating FIDO Authentication & Federation Protocols
Integrating FIDO Authentication & Federation ProtocolsFIDO Alliance
 
Trust Elevation: Implementing an OAuth2 Infrastructure using OpenID Connect &...
Trust Elevation: Implementing an OAuth2 Infrastructure using OpenID Connect &...Trust Elevation: Implementing an OAuth2 Infrastructure using OpenID Connect &...
Trust Elevation: Implementing an OAuth2 Infrastructure using OpenID Connect &...Mike Schwartz
 
Bring your own Identity (BYOID) with WSO2 Identity Server
Bring your own Identity (BYOID) with WSO2 Identity ServerBring your own Identity (BYOID) with WSO2 Identity Server
Bring your own Identity (BYOID) with WSO2 Identity ServerWSO2
 
The Future is Now: What’s New in ForgeRock Access Management
The Future is Now: What’s New in ForgeRock Access Management The Future is Now: What’s New in ForgeRock Access Management
The Future is Now: What’s New in ForgeRock Access Management ForgeRock
 
Decoding SSO-Partners 6.21.19.pptx
Decoding SSO-Partners 6.21.19.pptxDecoding SSO-Partners 6.21.19.pptx
Decoding SSO-Partners 6.21.19.pptxsonuagain
 
Catalyst 2015: Patrick Harding
Catalyst 2015: Patrick HardingCatalyst 2015: Patrick Harding
Catalyst 2015: Patrick HardingPing Identity
 

More Related Content

What's hot

THE FORGEROCK PLATFORM BIG PICTURE
THE FORGEROCK PLATFORM BIG PICTURETHE FORGEROCK PLATFORM BIG PICTURE
THE FORGEROCK PLATFORM BIG PICTUREForgeRock
 
Federation in Practice
Federation in PracticeFederation in Practice
Federation in PracticeForgeRock
 
Identity as a Managed Cloud Service
Identity as a Managed Cloud ServiceIdentity as a Managed Cloud Service
Identity as a Managed Cloud ServiceForgeRock
 
Webinar: ForgeRock Identity Platform Preview (Dec 2015)
Webinar: ForgeRock Identity Platform Preview (Dec 2015)Webinar: ForgeRock Identity Platform Preview (Dec 2015)
Webinar: ForgeRock Identity Platform Preview (Dec 2015)ForgeRock
 
Open Identity Stack Roadmap
Open Identity Stack RoadmapOpen Identity Stack Roadmap
Open Identity Stack RoadmapForgeRock
 
Directory Services with the ForgeRock Identity Platform - So What’s New?
Directory Services with the ForgeRock Identity Platform - So What’s New?Directory Services with the ForgeRock Identity Platform - So What’s New?
Directory Services with the ForgeRock Identity Platform - So What’s New?ForgeRock
 
Webinar: OpenIDM 3.1
Webinar: OpenIDM 3.1Webinar: OpenIDM 3.1
Webinar: OpenIDM 3.1ForgeRock
 
Customer Scale: Stateless Sessions and Managing High-Volume Digital Services
Customer Scale: Stateless Sessions and Managing High-Volume Digital ServicesCustomer Scale: Stateless Sessions and Managing High-Volume Digital Services
Customer Scale: Stateless Sessions and Managing High-Volume Digital ServicesForgeRock
 
OpenIG Webinar: Your Swiss Army Knife for Protecting and Securing Web Apps, A...
OpenIG Webinar: Your Swiss Army Knife for Protecting and Securing Web Apps, A...OpenIG Webinar: Your Swiss Army Knife for Protecting and Securing Web Apps, A...
OpenIG Webinar: Your Swiss Army Knife for Protecting and Securing Web Apps, A...ForgeRock
 
Webinar: Access Management with the ForgeRock Identity Platform - So What’s N...
Webinar: Access Management with the ForgeRock Identity Platform - So What’s N...Webinar: Access Management with the ForgeRock Identity Platform - So What’s N...
Webinar: Access Management with the ForgeRock Identity Platform - So What’s N...ForgeRock
 
A CONTEMPLATION OF OPENIG DEEP THOUGHTS
A CONTEMPLATION OF OPENIG DEEP THOUGHTSA CONTEMPLATION OF OPENIG DEEP THOUGHTS
A CONTEMPLATION OF OPENIG DEEP THOUGHTSForgeRock
 
OpenDJ - An Introduction
OpenDJ - An IntroductionOpenDJ - An Introduction
OpenDJ - An IntroductionForgeRock
 
OpenIDM - Flexible Provisioning Platform - April 28 Webinar
OpenIDM - Flexible Provisioning Platform - April 28 WebinarOpenIDM - Flexible Provisioning Platform - April 28 Webinar
OpenIDM - Flexible Provisioning Platform - April 28 WebinarForgeRock
 
Pimping the ForgeRock Identity Platform for a Billion Users
Pimping the ForgeRock Identity Platform for a Billion UsersPimping the ForgeRock Identity Platform for a Billion Users
Pimping the ForgeRock Identity Platform for a Billion UsersForgeRock
 
ForgeRock Platform Release - Summer 2016
ForgeRock Platform Release - Summer 2016 ForgeRock Platform Release - Summer 2016
ForgeRock Platform Release - Summer 2016 ForgeRock
 
WSO2 Identity Server 5.3.0 - Product Release Webinar
WSO2 Identity Server 5.3.0 - Product Release WebinarWSO2 Identity Server 5.3.0 - Product Release Webinar
WSO2 Identity Server 5.3.0 - Product Release WebinarWSO2
 
Integrating FIDO Authentication & Federation Protocols
Integrating FIDO Authentication & Federation ProtocolsIntegrating FIDO Authentication & Federation Protocols
Integrating FIDO Authentication & Federation ProtocolsFIDO Alliance
 
Trust Elevation: Implementing an OAuth2 Infrastructure using OpenID Connect &...
Trust Elevation: Implementing an OAuth2 Infrastructure using OpenID Connect &...Trust Elevation: Implementing an OAuth2 Infrastructure using OpenID Connect &...
Trust Elevation: Implementing an OAuth2 Infrastructure using OpenID Connect &...Mike Schwartz
 
Bring your own Identity (BYOID) with WSO2 Identity Server
Bring your own Identity (BYOID) with WSO2 Identity ServerBring your own Identity (BYOID) with WSO2 Identity Server
Bring your own Identity (BYOID) with WSO2 Identity ServerWSO2
 
The Future is Now: What’s New in ForgeRock Access Management
The Future is Now: What’s New in ForgeRock Access Management The Future is Now: What’s New in ForgeRock Access Management
The Future is Now: What’s New in ForgeRock Access Management ForgeRock
 

What's hot (20)

THE FORGEROCK PLATFORM BIG PICTURE
THE FORGEROCK PLATFORM BIG PICTURETHE FORGEROCK PLATFORM BIG PICTURE
THE FORGEROCK PLATFORM BIG PICTURE
 
Federation in Practice
Federation in PracticeFederation in Practice
Federation in Practice
 
Identity as a Managed Cloud Service
Identity as a Managed Cloud ServiceIdentity as a Managed Cloud Service
Identity as a Managed Cloud Service
 
Webinar: ForgeRock Identity Platform Preview (Dec 2015)
Webinar: ForgeRock Identity Platform Preview (Dec 2015)Webinar: ForgeRock Identity Platform Preview (Dec 2015)
Webinar: ForgeRock Identity Platform Preview (Dec 2015)
 
Open Identity Stack Roadmap
Open Identity Stack RoadmapOpen Identity Stack Roadmap
Open Identity Stack Roadmap
 
Directory Services with the ForgeRock Identity Platform - So What’s New?
Directory Services with the ForgeRock Identity Platform - So What’s New?Directory Services with the ForgeRock Identity Platform - So What’s New?
Directory Services with the ForgeRock Identity Platform - So What’s New?
 
Webinar: OpenIDM 3.1
Webinar: OpenIDM 3.1Webinar: OpenIDM 3.1
Webinar: OpenIDM 3.1
 
Customer Scale: Stateless Sessions and Managing High-Volume Digital Services
Customer Scale: Stateless Sessions and Managing High-Volume Digital ServicesCustomer Scale: Stateless Sessions and Managing High-Volume Digital Services
Customer Scale: Stateless Sessions and Managing High-Volume Digital Services
 
OpenIG Webinar: Your Swiss Army Knife for Protecting and Securing Web Apps, A...
OpenIG Webinar: Your Swiss Army Knife for Protecting and Securing Web Apps, A...OpenIG Webinar: Your Swiss Army Knife for Protecting and Securing Web Apps, A...
OpenIG Webinar: Your Swiss Army Knife for Protecting and Securing Web Apps, A...
 
Webinar: Access Management with the ForgeRock Identity Platform - So What’s N...
Webinar: Access Management with the ForgeRock Identity Platform - So What’s N...Webinar: Access Management with the ForgeRock Identity Platform - So What’s N...
Webinar: Access Management with the ForgeRock Identity Platform - So What’s N...
 
A CONTEMPLATION OF OPENIG DEEP THOUGHTS
A CONTEMPLATION OF OPENIG DEEP THOUGHTSA CONTEMPLATION OF OPENIG DEEP THOUGHTS
A CONTEMPLATION OF OPENIG DEEP THOUGHTS
 
OpenDJ - An Introduction
OpenDJ - An IntroductionOpenDJ - An Introduction
OpenDJ - An Introduction
 
OpenIDM - Flexible Provisioning Platform - April 28 Webinar
OpenIDM - Flexible Provisioning Platform - April 28 WebinarOpenIDM - Flexible Provisioning Platform - April 28 Webinar
OpenIDM - Flexible Provisioning Platform - April 28 Webinar
 
Pimping the ForgeRock Identity Platform for a Billion Users
Pimping the ForgeRock Identity Platform for a Billion UsersPimping the ForgeRock Identity Platform for a Billion Users
Pimping the ForgeRock Identity Platform for a Billion Users
 
ForgeRock Platform Release - Summer 2016
ForgeRock Platform Release - Summer 2016 ForgeRock Platform Release - Summer 2016
ForgeRock Platform Release - Summer 2016
 
WSO2 Identity Server 5.3.0 - Product Release Webinar
WSO2 Identity Server 5.3.0 - Product Release WebinarWSO2 Identity Server 5.3.0 - Product Release Webinar
WSO2 Identity Server 5.3.0 - Product Release Webinar
 
Integrating FIDO Authentication & Federation Protocols
Integrating FIDO Authentication & Federation ProtocolsIntegrating FIDO Authentication & Federation Protocols
Integrating FIDO Authentication & Federation Protocols
 
Trust Elevation: Implementing an OAuth2 Infrastructure using OpenID Connect &...
Trust Elevation: Implementing an OAuth2 Infrastructure using OpenID Connect &...Trust Elevation: Implementing an OAuth2 Infrastructure using OpenID Connect &...
Trust Elevation: Implementing an OAuth2 Infrastructure using OpenID Connect &...
 
Bring your own Identity (BYOID) with WSO2 Identity Server
Bring your own Identity (BYOID) with WSO2 Identity ServerBring your own Identity (BYOID) with WSO2 Identity Server
Bring your own Identity (BYOID) with WSO2 Identity Server
 
The Future is Now: What’s New in ForgeRock Access Management
The Future is Now: What’s New in ForgeRock Access Management The Future is Now: What’s New in ForgeRock Access Management
The Future is Now: What’s New in ForgeRock Access Management
 

Similar to Implementing eGov

Decoding SSO-Partners 6.21.19.pptx
Decoding SSO-Partners 6.21.19.pptxDecoding SSO-Partners 6.21.19.pptx
Decoding SSO-Partners 6.21.19.pptxsonuagain
 
Catalyst 2015: Patrick Harding
Catalyst 2015: Patrick HardingCatalyst 2015: Patrick Harding
Catalyst 2015: Patrick HardingPing Identity
 
Modern Architectures
Modern ArchitecturesModern Architectures
Modern ArchitecturesSecureAuth
 
Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...
Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...
Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...TrustArc
 
ITAM Tools Day, November 2015 - Concorde
ITAM Tools Day, November 2015 - ConcordeITAM Tools Day, November 2015 - Concorde
ITAM Tools Day, November 2015 - ConcordeMartin Thompson
 
The Human Chain and Digital Services Toolkit Introduction V3.23 27_04_2016
The Human Chain and Digital Services Toolkit Introduction V3.23 27_04_2016The Human Chain and Digital Services Toolkit Introduction V3.23 27_04_2016
The Human Chain and Digital Services Toolkit Introduction V3.23 27_04_2016Tim Jefferson
 
ForgeRock and Trusona - Simplifying the Multi-factor User Experience
ForgeRock and Trusona - Simplifying the Multi-factor User ExperienceForgeRock and Trusona - Simplifying the Multi-factor User Experience
ForgeRock and Trusona - Simplifying the Multi-factor User ExperienceForgeRock
 
Basc presentation on security and application architecture
Basc presentation on security and application architectureBasc presentation on security and application architecture
Basc presentation on security and application architecturewbjwilliams3
 
Securing The Reality of Multiple Cloud Apps: Pandora's Story
Securing The Reality of Multiple Cloud Apps: Pandora's StorySecuring The Reality of Multiple Cloud Apps: Pandora's Story
Securing The Reality of Multiple Cloud Apps: Pandora's StoryCloudLock
 
Monitoring in the DevOps Era
Monitoring in the DevOps EraMonitoring in the DevOps Era
Monitoring in the DevOps EraMike Kavis
 
Applying Innovative Tools for GDPR Success
Applying Innovative Tools for GDPR SuccessApplying Innovative Tools for GDPR Success
Applying Innovative Tools for GDPR SuccessForgeRock
 
Smart Identity for the Hybrid Multicloud World
Smart Identity for the Hybrid Multicloud WorldSmart Identity for the Hybrid Multicloud World
Smart Identity for the Hybrid Multicloud WorldKatherine Cola
 
Security 101: Multi-Factor Authentication for IBM i
Security 101: Multi-Factor Authentication for IBM iSecurity 101: Multi-Factor Authentication for IBM i
Security 101: Multi-Factor Authentication for IBM iPrecisely
 
Open Banking UK “Identity Product” Internals #fapisum - Japan/UK Open Banking...
Open Banking UK “Identity Product” Internals #fapisum - Japan/UK Open Banking...Open Banking UK “Identity Product” Internals #fapisum - Japan/UK Open Banking...
Open Banking UK “Identity Product” Internals #fapisum - Japan/UK Open Banking...FinTechLabs.io
 
Tivi - Tunnistautuminen - 2020
Tivi - Tunnistautuminen - 2020Tivi - Tunnistautuminen - 2020
Tivi - Tunnistautuminen - 2020Pete Nieminen
 
[2021 Somos Summit] - Rethinking Identity Access Management and The Rise of t...
[2021 Somos Summit] - Rethinking Identity Access Management and The Rise of t...[2021 Somos Summit] - Rethinking Identity Access Management and The Rise of t...
[2021 Somos Summit] - Rethinking Identity Access Management and The Rise of t...WSO2
 
[EIC 2021] The Rise of the Developer in IAM
[EIC 2021] The Rise of the Developer in IAM[EIC 2021] The Rise of the Developer in IAM
[EIC 2021] The Rise of the Developer in IAMWSO2
 

Similar to Implementing eGov (20)

Decoding SSO-Partners 6.21.19.pptx
Decoding SSO-Partners 6.21.19.pptxDecoding SSO-Partners 6.21.19.pptx
Decoding SSO-Partners 6.21.19.pptx
 
Catalyst 2015: Patrick Harding
Catalyst 2015: Patrick HardingCatalyst 2015: Patrick Harding
Catalyst 2015: Patrick Harding
 
Modern Architectures
Modern ArchitecturesModern Architectures
Modern Architectures
 
Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...
Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...
Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...
 
ITAM Tools Day, November 2015 - Concorde
ITAM Tools Day, November 2015 - ConcordeITAM Tools Day, November 2015 - Concorde
ITAM Tools Day, November 2015 - Concorde
 
The Human Chain and Digital Services Toolkit Introduction V3.23 27_04_2016
The Human Chain and Digital Services Toolkit Introduction V3.23 27_04_2016The Human Chain and Digital Services Toolkit Introduction V3.23 27_04_2016
The Human Chain and Digital Services Toolkit Introduction V3.23 27_04_2016
 
Securing the Digital Enterprise
Securing the Digital EnterpriseSecuring the Digital Enterprise
Securing the Digital Enterprise
 
ForgeRock and Trusona - Simplifying the Multi-factor User Experience
ForgeRock and Trusona - Simplifying the Multi-factor User ExperienceForgeRock and Trusona - Simplifying the Multi-factor User Experience
ForgeRock and Trusona - Simplifying the Multi-factor User Experience
 
Basc presentation on security and application architecture
Basc presentation on security and application architectureBasc presentation on security and application architecture
Basc presentation on security and application architecture
 
Securing The Reality of Multiple Cloud Apps: Pandora's Story
Securing The Reality of Multiple Cloud Apps: Pandora's StorySecuring The Reality of Multiple Cloud Apps: Pandora's Story
Securing The Reality of Multiple Cloud Apps: Pandora's Story
 
wallet79
wallet79wallet79
wallet79
 
Monitoring in the DevOps Era
Monitoring in the DevOps EraMonitoring in the DevOps Era
Monitoring in the DevOps Era
 
Applying Innovative Tools for GDPR Success
Applying Innovative Tools for GDPR SuccessApplying Innovative Tools for GDPR Success
Applying Innovative Tools for GDPR Success
 
Smart Identity for the Hybrid Multicloud World
Smart Identity for the Hybrid Multicloud WorldSmart Identity for the Hybrid Multicloud World
Smart Identity for the Hybrid Multicloud World
 
Security 101: Multi-Factor Authentication for IBM i
Security 101: Multi-Factor Authentication for IBM iSecurity 101: Multi-Factor Authentication for IBM i
Security 101: Multi-Factor Authentication for IBM i
 
Open Banking UK “Identity Product” Internals #fapisum - Japan/UK Open Banking...
Open Banking UK “Identity Product” Internals #fapisum - Japan/UK Open Banking...Open Banking UK “Identity Product” Internals #fapisum - Japan/UK Open Banking...
Open Banking UK “Identity Product” Internals #fapisum - Japan/UK Open Banking...
 
Compliance & Identity access management
Compliance & Identity access management Compliance & Identity access management
Compliance & Identity access management
 
Tivi - Tunnistautuminen - 2020
Tivi - Tunnistautuminen - 2020Tivi - Tunnistautuminen - 2020
Tivi - Tunnistautuminen - 2020
 
[2021 Somos Summit] - Rethinking Identity Access Management and The Rise of t...
[2021 Somos Summit] - Rethinking Identity Access Management and The Rise of t...[2021 Somos Summit] - Rethinking Identity Access Management and The Rise of t...
[2021 Somos Summit] - Rethinking Identity Access Management and The Rise of t...
 
[EIC 2021] The Rise of the Developer in IAM
[EIC 2021] The Rise of the Developer in IAM[EIC 2021] The Rise of the Developer in IAM
[EIC 2021] The Rise of the Developer in IAM
 

More from ForgeRock

Digital Identities in the Internet of Things - Securely Manage Devices at Scale
Digital Identities in the Internet of Things - Securely Manage Devices at ScaleDigital Identities in the Internet of Things - Securely Manage Devices at Scale
Digital Identities in the Internet of Things - Securely Manage Devices at ScaleForgeRock
 
Get the Exact Identity Solution You Need - In the Cloud - AWS and Beyond
Get the Exact Identity Solution You Need - In the Cloud - AWS and BeyondGet the Exact Identity Solution You Need - In the Cloud - AWS and Beyond
Get the Exact Identity Solution You Need - In the Cloud - AWS and BeyondForgeRock
 
Identity Live Sydney: Identity Management - A Strategic Opportunity
Identity Live Sydney: Identity Management - A Strategic OpportunityIdentity Live Sydney: Identity Management - A Strategic Opportunity
Identity Live Sydney: Identity Management - A Strategic OpportunityForgeRock
 
Identity Live Singapore: Transform Your Cybersecurity Capability
Identity Live Singapore: Transform Your Cybersecurity CapabilityIdentity Live Singapore: Transform Your Cybersecurity Capability
Identity Live Singapore: Transform Your Cybersecurity CapabilityForgeRock
 
Identity Live Singapore 2018 Keynote Presentation
Identity Live Singapore 2018 Keynote PresentationIdentity Live Singapore 2018 Keynote Presentation
Identity Live Singapore 2018 Keynote PresentationForgeRock
 
Identity Live Sydney 2018 Keynote Presentation
Identity Live Sydney 2018 Keynote PresentationIdentity Live Sydney 2018 Keynote Presentation
Identity Live Sydney 2018 Keynote PresentationForgeRock
 
Identity Live Singapore: Just Ask 'Em
Identity Live Singapore: Just Ask 'EmIdentity Live Singapore: Just Ask 'Em
Identity Live Singapore: Just Ask 'EmForgeRock
 
Identity Live Singapore: Building Trust & Privacy in a Connected Society
Identity Live Singapore: Building Trust & Privacy in a Connected SocietyIdentity Live Singapore: Building Trust & Privacy in a Connected Society
Identity Live Singapore: Building Trust & Privacy in a Connected SocietyForgeRock
 
Identity Live Sydney: Intelligent Authentication
Identity Live Sydney: Intelligent Authentication Identity Live Sydney: Intelligent Authentication
Identity Live Sydney: Intelligent Authentication ForgeRock
 
Identity Live Sydney: Building Trust and Privacy in a Connected Society
Identity Live Sydney: Building Trust and Privacy in a Connected SocietyIdentity Live Sydney: Building Trust and Privacy in a Connected Society
Identity Live Sydney: Building Trust and Privacy in a Connected SocietyForgeRock
 
Get the Exact Identity Solution you Need in the Cloud - Deep Dive
Get the Exact Identity Solution you Need in the Cloud - Deep DiveGet the Exact Identity Solution you Need in the Cloud - Deep Dive
Get the Exact Identity Solution you Need in the Cloud - Deep DiveForgeRock
 
Get the Exact Identity Solution You Need - In the Cloud - Overview
Get the Exact Identity Solution You Need - In the Cloud - OverviewGet the Exact Identity Solution You Need - In the Cloud - Overview
Get the Exact Identity Solution You Need - In the Cloud - OverviewForgeRock
 
Opening Keynote (Identity Live Berlin 2018)
Opening Keynote (Identity Live Berlin 2018)Opening Keynote (Identity Live Berlin 2018)
Opening Keynote (Identity Live Berlin 2018)ForgeRock
 
Steinberg - Customer identity as the cornerstone of our approach to digitaliz...
Steinberg - Customer identity as the cornerstone of our approach to digitaliz...Steinberg - Customer identity as the cornerstone of our approach to digitaliz...
Steinberg - Customer identity as the cornerstone of our approach to digitaliz...ForgeRock
 
BMW Group - Identity Enables the Next 100 Years.. (Identity Live Berlin 2018)
BMW Group - Identity Enables the Next 100 Years.. (Identity Live Berlin 2018)BMW Group - Identity Enables the Next 100 Years.. (Identity Live Berlin 2018)
BMW Group - Identity Enables the Next 100 Years.. (Identity Live Berlin 2018)ForgeRock
 
Trust is Everything - The Future of Identity and the ForgeRock Platform (Iden...
Trust is Everything - The Future of Identity and the ForgeRock Platform (Iden...Trust is Everything - The Future of Identity and the ForgeRock Platform (Iden...
Trust is Everything - The Future of Identity and the ForgeRock Platform (Iden...ForgeRock
 
Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...
Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...
Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...ForgeRock
 
Shift from GDPR readiness to sustained compliance to improve your business an...
Shift from GDPR readiness to sustained compliance to improve your business an...Shift from GDPR readiness to sustained compliance to improve your business an...
Shift from GDPR readiness to sustained compliance to improve your business an...ForgeRock
 
Intelligent Authentication (Identity Live Berlin 2018)
Intelligent Authentication (Identity Live Berlin 2018)Intelligent Authentication (Identity Live Berlin 2018)
Intelligent Authentication (Identity Live Berlin 2018)ForgeRock
 
Customer Safeguarding, Fraud and GDPR: Manah Khalil
Customer Safeguarding, Fraud and GDPR: Manah KhalilCustomer Safeguarding, Fraud and GDPR: Manah Khalil
Customer Safeguarding, Fraud and GDPR: Manah KhalilForgeRock
 

More from ForgeRock (20)

Digital Identities in the Internet of Things - Securely Manage Devices at Scale
Digital Identities in the Internet of Things - Securely Manage Devices at ScaleDigital Identities in the Internet of Things - Securely Manage Devices at Scale
Digital Identities in the Internet of Things - Securely Manage Devices at Scale
 
Get the Exact Identity Solution You Need - In the Cloud - AWS and Beyond
Get the Exact Identity Solution You Need - In the Cloud - AWS and BeyondGet the Exact Identity Solution You Need - In the Cloud - AWS and Beyond
Get the Exact Identity Solution You Need - In the Cloud - AWS and Beyond
 
Identity Live Sydney: Identity Management - A Strategic Opportunity
Identity Live Sydney: Identity Management - A Strategic OpportunityIdentity Live Sydney: Identity Management - A Strategic Opportunity
Identity Live Sydney: Identity Management - A Strategic Opportunity
 
Identity Live Singapore: Transform Your Cybersecurity Capability
Identity Live Singapore: Transform Your Cybersecurity CapabilityIdentity Live Singapore: Transform Your Cybersecurity Capability
Identity Live Singapore: Transform Your Cybersecurity Capability
 
Identity Live Singapore 2018 Keynote Presentation
Identity Live Singapore 2018 Keynote PresentationIdentity Live Singapore 2018 Keynote Presentation
Identity Live Singapore 2018 Keynote Presentation
 
Identity Live Sydney 2018 Keynote Presentation
Identity Live Sydney 2018 Keynote PresentationIdentity Live Sydney 2018 Keynote Presentation
Identity Live Sydney 2018 Keynote Presentation
 
Identity Live Singapore: Just Ask 'Em
Identity Live Singapore: Just Ask 'EmIdentity Live Singapore: Just Ask 'Em
Identity Live Singapore: Just Ask 'Em
 
Identity Live Singapore: Building Trust & Privacy in a Connected Society
Identity Live Singapore: Building Trust & Privacy in a Connected SocietyIdentity Live Singapore: Building Trust & Privacy in a Connected Society
Identity Live Singapore: Building Trust & Privacy in a Connected Society
 
Identity Live Sydney: Intelligent Authentication
Identity Live Sydney: Intelligent Authentication Identity Live Sydney: Intelligent Authentication
Identity Live Sydney: Intelligent Authentication
 
Identity Live Sydney: Building Trust and Privacy in a Connected Society
Identity Live Sydney: Building Trust and Privacy in a Connected SocietyIdentity Live Sydney: Building Trust and Privacy in a Connected Society
Identity Live Sydney: Building Trust and Privacy in a Connected Society
 
Get the Exact Identity Solution you Need in the Cloud - Deep Dive
Get the Exact Identity Solution you Need in the Cloud - Deep DiveGet the Exact Identity Solution you Need in the Cloud - Deep Dive
Get the Exact Identity Solution you Need in the Cloud - Deep Dive
 
Get the Exact Identity Solution You Need - In the Cloud - Overview
Get the Exact Identity Solution You Need - In the Cloud - OverviewGet the Exact Identity Solution You Need - In the Cloud - Overview
Get the Exact Identity Solution You Need - In the Cloud - Overview
 
Opening Keynote (Identity Live Berlin 2018)
Opening Keynote (Identity Live Berlin 2018)Opening Keynote (Identity Live Berlin 2018)
Opening Keynote (Identity Live Berlin 2018)
 
Steinberg - Customer identity as the cornerstone of our approach to digitaliz...
Steinberg - Customer identity as the cornerstone of our approach to digitaliz...Steinberg - Customer identity as the cornerstone of our approach to digitaliz...
Steinberg - Customer identity as the cornerstone of our approach to digitaliz...
 
BMW Group - Identity Enables the Next 100 Years.. (Identity Live Berlin 2018)
BMW Group - Identity Enables the Next 100 Years.. (Identity Live Berlin 2018)BMW Group - Identity Enables the Next 100 Years.. (Identity Live Berlin 2018)
BMW Group - Identity Enables the Next 100 Years.. (Identity Live Berlin 2018)
 
Trust is Everything - The Future of Identity and the ForgeRock Platform (Iden...
Trust is Everything - The Future of Identity and the ForgeRock Platform (Iden...Trust is Everything - The Future of Identity and the ForgeRock Platform (Iden...
Trust is Everything - The Future of Identity and the ForgeRock Platform (Iden...
 
Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...
Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...
Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...
 
Shift from GDPR readiness to sustained compliance to improve your business an...
Shift from GDPR readiness to sustained compliance to improve your business an...Shift from GDPR readiness to sustained compliance to improve your business an...
Shift from GDPR readiness to sustained compliance to improve your business an...
 
Intelligent Authentication (Identity Live Berlin 2018)
Intelligent Authentication (Identity Live Berlin 2018)Intelligent Authentication (Identity Live Berlin 2018)
Intelligent Authentication (Identity Live Berlin 2018)
 
Customer Safeguarding, Fraud and GDPR: Manah Khalil
Customer Safeguarding, Fraud and GDPR: Manah KhalilCustomer Safeguarding, Fraud and GDPR: Manah Khalil
Customer Safeguarding, Fraud and GDPR: Manah Khalil
 

Recently uploaded

Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusZilliz
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Jeffrey Haguewood
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...apidays
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...apidays
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistandanishmna97
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...Zilliz
 
AI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by AnitarajAI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by AnitarajAnitaRaj43
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Victor Rentea
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Victor Rentea
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesrafiqahmad00786416
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamUiPathCommunity
 
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)Samir Dash
 

Recently uploaded (20)

Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
AI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by AnitarajAI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by Anitaraj
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
 

Implementing eGov

  • 1. Brad Tumy 2013 Open Stack Identity Summit - France Tell me WHO are YOU? … ‘Cause I really want to know
  • 3. Who am I? •  @brad_tumy •  http://www.linkedin.com/in/bradtumy •  Identity & Access Management Consultant •  18 Years of InfoSec (Development & Sys Integration) •  Experience: •  Technical Engineer on Dept. of Veteran’s Affairs E-Auth Project •  Tech Engineer on Dept. of Energy FICAM Project •  Tech Engineer on General Service Admin (GSA) FICAM Project •  Tech SME on Dept. of Labor FICAM Project @brad_tumy
  • 4. Brad Tumy 2013 Open Stack Identity Summit - France So … WHO are YOU?
  • 5. Brad Tumy 2013 Open Stack Identity Summit - France Identity Assurance
  • 6. Identity Assurance “… the ability for a party to determine, with some level of certainty, that an electronic credential representing an entity - whether a human or a machine, with which it interacts to effect a transaction, can be trusted to actually belong to the entity.” Levels of Assurance Confidence Level Examples 1 Little or no confidence Google (IDP), Facebook (IDP) 2 Some confidence Corporate username and password 3 High confidence 2FA (Smart card, OTP, etc) 4 Very High Confidence Smart Card (but requires inperson identity proofing) @brad_tumy
  • 7. Brad Tumy 2013 Open Stack Identity Summit - France Identity Assurance Frameworks
  • 8. A few major Identity Assurance Frameworks Swedish eLegitimation Pan-Canadian STORK InCommon Kantara IDAP NSTIC / FICAM Australian Access Federation (AAF) National Electronic Authentication Framework @brad_tumy
  • 9. Identity Assurance Framework Principles Identity Assurance Principle Control afforded to a user 1. User Control Identity assurance activities can only take place by user consent 2. Transparency Identity assurance can only take place in ways user understands and when fully informed 3. Multiplicity User can choose as many different identifiers or identity providers as desired 4. Data Minimization Request or transaction uses minimum identity data as necessary 5. Data Quality User chooses when to update records. 6. Service-User Access and Portability User has to be provided copies of user’s data on request; user can move data whenever they choose 7. Governance / Certification All participants in Identity Assurance System must be accredited 8. Problem Resolution Independent Arbitration 9. Exceptional Circumstances Any exceptions have to be approved by Governing body and subject to independent scrutiny @brad_tumy
  • 10. Principles / Product Mapping Identity Assurance Principle 1. User Control User Consent Screen in SAML Transaction 2. Transparency User Consent Screen in SAML Transaction should display attributes being shared and how it is being shared. 3. Multiplicity Identity Proxy / IDP Finder 4. Data Minimization @brad_tumy OpenAM Configuration SAML Response should only send required attributes
  • 11. Brad Tumy 2013 Open Stack Identity Summit - France Implementation Requirements
  • 12. Implementation Reqs •  Service Provider •  Choice of Credential/IDP at •  Identity Provider •  Identity Proxy •  Provide User Consent appropriate LOA •  SAML request includes LOA mechanisms requirement in authentication context attribute •  Choice of Authentication mechanisms at appropriate •  Manage access according to LOA LOA requirements •  Identity Proofing •  @brad_tumy E.g., Adaptive Risk (e.g. Device Print)
  • 13. Brad Tumy 2013 Open Stack Identity Summit - France Typical Architecture Model
  • 14. OpenAM IAF Architecture IDP1 IDP2 Supports LOA1 e.g. Google IDP SAML Request LOA1 Supports LOA2 LOA2 IDP Proxy IDP3 Supports LOA3/4 PKI, 2FA, ETC LOA3 LOA 4 SAML Response Example SAML Request: http://machinea.sp.com/openam/saml2/jsp/spSSOInit.jsp?metaAlias=/ sp&idpEntityID=machineb.idpproxy.com&NameIDFormat=transient&AuthnContextClassRef= http://idmanagement.gov/icam/2009/12/saml_2.0_profile/assurancelevel1 @brad_tumy
  • 15. Customize for Framework <?xml version="1.0" encoding="UTF-8" standalone="yes"?> <EntityDescriptor entityID="https://am2.ssobridge.com:8443/openam" xmlns="urn:oasis:names:tc:SAML: 2.0:metadata"> <Extensions> <ns1:EntityAttributes xmlns:ns1="urn:oasis:names:tc:SAML:metadata:attribute"> <ns2:Attribute Name="urn:oasis:names:tc:SAML:attribute:assurance-certification" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:ns2="urn:oasis:names:tc:SAML: 2.0:assertion"> <ns2:AttributeValue>http://idmanagement.gov/icam/2009/12/saml_2.0_profile/assurancelevel1 </ns2:AttributeValue> <ns2:AttributeValue>http://idmanagement.gov/icam/2009/12/saml_2.0_profile/assurancelevel2 </ns2:AttributeValue> <ns2:AttributeValue>http://idmanagement.gov/icam/2009/12/saml_2.0_profile/assurancelevel3 </ns2:AttributeValue> <ns2:AttributeValue>http://idmanagement.gov/icam/2009/12/saml_2.0_profile/assurancelevel4 </ns2:AttributeValue> </ns2:Attribute> </ns1:EntityAttributes> </Extensions> @brad_tumy
  • 16. Brad Tumy 2013 Open Stack Identity Summit - France Questions? Thank you!!
  • 17. Identity Assurance Programs •  US, NSTIC •  UK, Cabinet Programme Office •  EU, STORK (https://www.eid-stork.eu/) •  There's Pan-Canadian - you can talk to Colin Walls or Ken Dagg •  UK IDAP - John Bradley has been circling in the space •  Swedish eLegitimation @brad_tumy http://www.e-legitimation.se/Elegitimation/
  • 19. All-In-One-Access Management System •  One Solution to Protect Them All. •  One Solution to Protect Them All. •  One Solution to Protect Them All. •  Second Line •  Second Line @brad_tumy