[WSO2 Integration Summit Johannesburg 2019] Identity and Access Management in an API-driven world
•
0 likes•346 views
This deck will illustrate why IAM should be top of mind for your enterprise’s success, and how you can leverage it in your transformation journey.
Recommended
Recommended
More Related Content
What's hot
What's hot (19)
Similar to [WSO2 Integration Summit Johannesburg 2019] Identity and Access Management in an API-driven world
Similar to [WSO2 Integration Summit Johannesburg 2019] Identity and Access Management in an API-driven world (20)
More from WSO2
More from WSO2 (20)
Recently uploaded
Recently uploaded (20)
[WSO2 Integration Summit Johannesburg 2019] Identity and Access Management in an API-driven world
- 1. INTEGRATION SUMMIT 2019 Identity and Access Management in an API-driven World Vidura Gamini Abhaya Senior Director, Solutions Architecture - WSO2 INTEGRATION
- 2. INTEGRATION SUMMIT 2019 The API-driven World
- 3. INTEGRATION SUMMIT 2019 The API-driven World
- 4. INTEGRATION SUMMIT 2019 The API-driven World
- 5. INTEGRATION SUMMIT 2019 The API-driven World
- 6. INTEGRATION SUMMIT 2019 The API-driven World
- 7. INTEGRATION SUMMIT 2019 The API-driven World
- 8. INTEGRATION SUMMIT 2019 The API-driven World
- 9. INTEGRATION SUMMIT 2019 IAM in the API-driven World ID Token Access Token Refresh Token
- 11. INTEGRATION SUMMIT 2019 ● Authorization Code ● Implicit ● Client Credentials ● Resource Owner Password Grant types
- 14. INTEGRATION SUMMIT 2019 Client Credentials
- 15. INTEGRATION SUMMIT 2019 Resource Owner Password
- 16. INTEGRATION SUMMIT 2019 IAM in The API-driven World 1. How to onboard users ? 1. How to authenticate users ?
- 17. INTEGRATION SUMMIT 2019 Users Onboarding
- 18. INTEGRATION SUMMIT 2019 Users Onboarding X Registration Fatigue
- 19. INTEGRATION SUMMIT 2019 Users Onboarding - BYoID Service Provider Identity Providers
- 20. INTEGRATION SUMMIT 2019 Users Authentication
- 21. INTEGRATION SUMMIT 2019 ● Over 70% of employees reuse passwords at work ● 59% reuse their passwords everywhere ● 81% of hacking-related breaches leveraged either stolen and/or weak passwords ● The above rate has gone from 50% to 66% to 81% during the past three years (2017) ‘Passwords’ are Not Secure! Source - 2017 Verizon Data Breach Investigations Report (DBIR)
- 22. INTEGRATION SUMMIT 2019 Users Authentication X
- 23. INTEGRATION SUMMIT 2019 Use Strong Customer Authentication
- 24. INTEGRATION SUMMIT 2019 Multi-factor Authentication Break authentication into multiple steps and verify different authentication factors at each step.
- 25. INTEGRATION SUMMIT 2019 Authentication Factors 1. Knowledge ■ Something you know ■ Password, passphrase, pin, secret fact 2. Possession ■ Something you have ■ Phone, token, badge, smart card 3. Inherence ■ Something you are ■ Fingerprint, facial feature, voice
- 26. INTEGRATION SUMMIT 2019 Authentication Factors Step 1 Step 2
- 27. INTEGRATION SUMMIT 2019 90% Google users have no 2FA Multi-factor Authentication in Reality
- 28. INTEGRATION SUMMIT 2019 What is the Reason?
- 31. INTEGRATION SUMMIT 2019 Authentication needs to be more dynamic, responsive and context sensitive = Adaptive Authentication
- 32. INTEGRATION SUMMIT 2019 Use Case: Geo Velocity
- 33. INTEGRATION SUMMIT 2019 Use Case: An Application Request LoA
- 34. INTEGRATION SUMMIT 2019 Use Case: Authentication from New Devices
- 35. INTEGRATION SUMMIT 2019 WSO2 Identity Server Offering - Overview
- 36. INTEGRATION SUMMIT 2019 WSO2 Identity Server Offering - Overview Static Authentication Flow ● IdP offers static authentication flow to the user ● Multi-factor & Multi-option authentication ● In Multi-option authentication user can pick one option from each step Request-based Conditional Authentication Flow ● IdP offers dynamic authentication flow to the user ● Based on attributes of request message authentication steps will change ● HTTP message, SAML ACR, OIDC ACR
- 37. INTEGRATION SUMMIT 2019 WSO2 Identity Server Offering - Overview User-based Conditional Authentication Flow ● IdP offers static authentication flow to the user ● Based on attributes of identified user authentication steps will change Adaptive/Risk-based Authentication Flow ● IdP offers dynamic authentication flow to the user ● Authentication steps can be based on user behaviors, environments, history and risk score
- 38. INTEGRATION SUMMIT 2019 ● Basic API Security can be provided using OAuth2 and OIDC ● Everyone knows passwords are no longer secure. ● Multi-factor authentication offers a perfect solution but less adopted due to usability issues. ● Multi-factor authentication needs to be more dynamic, responsive and context sensitive, and we called it ‘Adaptive Authentication’ ● WSO2 Identity Server can support any adaptive or risk-based authentication use case. Conclusion
- 39. INTEGRATION SUMMIT 2019 THANK YOU wso2.com