SlideShare a Scribd company logo

Governance and Security Solution Patterns

WSO2
WSO2

WSO2 provides an open source cloud platform and removes barriers to enterprise agility. It focuses on business logic and value. This document discusses governance and security patterns for service-oriented architectures. It covers why SOA is used, what governance is, and security requirements and patterns. Security patterns allow identifying and authenticating users, authorizing access, and using protocols like OAuth for delegation. The document provides examples and implementations of patterns for requirements like role-based access control, claim-based authorization, and constrained delegation.

TechnologyBusiness
1 of 43
Download to read offline
Governance and Security Solution Patterns Gillian Dass and Dakshitha Ratnayake
About WSO2 •  Providing the only complete open source componentized cloud platform •  Dedicated to removing all the stumbling blocks to enterprise agility •  Enabling you to focus on business logic and business value •  Recognized by leading analyst firms as visionaries and leaders •  Gartner cites WSO2 as visionaries in all 3 categories of application infrastructure •  Forrester places WSO2 in top 2 for API Management •  Global corporation with offices in USA, UK & Sri Lanka •  200+ employees and growing •  Business model of selling comprehensive support & maintenance for our products
150+ globally positioned support customers
•  Introduction to Patterns •  Why Service Oriented Architecture? •  What is Governance? •  Governance Business Problems and Patterns •  Need for Security in SOA •  Security Requirements and Solution Patterns Agenda
•  Expose legacy system components as services •  Loose Coupling •  Interoperability •  Flexibility •  Business Process Composition Why SOA?
A generic solution for a common recurring problem •  Used it before •  Error proof •  Catalog to pick one Image Source: http://www.forbes.com/fdc/welcome_mjx.shtml A Pattern
Managing the three Ps of Governance •  People roles & responsibilities •  Process design, execution and monitoring •  Policy definition and enforcements Image Source: http://www.governanceinnovation.org/?pageID=whatis What is Governance?
An organization has metadata related to different data types. They need to capture relationships such as associations and dependencies. Business Scenario
•  Model custom data types in a data repository •  Artifact governance Pattern
Implementation
Implementation
An artifact is deployed across different environments: Dev, QA, Prod. This artifact references some external resources, where the resource need to change for each environment. Business Scenario
/_... Implementation
- Manage service quality - Manage business transactions - Monitor and analyze transaction data - Create dashboard and reports Why Runtime Governance
An online travel reservation application allows users to create/edit and cancel bookings. - If >5 cancellations within 24 hours from a single user send a notification to administrators - Create dashboards and reports for MI purposes Business Scenario
- Real time events monitoring and notifications - Data analysis and presentation Solution Pattern
Implementation
PatternsSecurity Patterns Image Source - http://www.coresecuritypatterns.com/blogs/?tag=ws-security
•  Business assets exposed to the outside as services to be discovered •  Should facilitate interoperability and flexibility Why Security in SOA?
After identifying the need for security in SOA, determine the security requirements. Security Requirements can fall under many categories. A few examples: •  Identification and Authentication •  Authorization Security Requirements
Image Source - http://www.mikeeckman.com/2013/02/how-much-do-you-think-about-privacy-on-the-internet/ Identification and Authentication
•  Services need to identify and verify the claimed identity of internal users of the organization. •  Services need to identify and verify the claimed identity of external users from external organizations. •  Facilitate communication between clients and services which talk in different authentication mechanisms. •  Avoid user credentials to be passed to backend services and avoid user bypassing security processing. Identification and Authentication Requirements
Requirement - Identify and verify the claimed identity of internal users of the organization. Authentication Pattern: Direct Authentication •  Authenticating users with credentials stored internally. •  Credentials can be : §  Username/password §  Username token §  X.509 certificates Identification and Authentication Requirements
Implementation: Direct Authentication Pattern
Configuring a Secured Proxy in ESB
Configuring a Secured Proxy in ESB
Requirement - Identify and verify the claimed identity of external users – from external organizations. Authentication Pattern: Brokered Authentication •  Authenticating users outside the organization boundary. •  Trusting a token issued by a trusted party in partner organization. •  Brokered authentication based on WS-Trust with SAML. Identification and Authentication Requirements
Implementation: Brokered Authentication Pattern
Requirement - Facilitate communication between clients and services which talk in different authentication mechanisms. Resource Access Pattern: Protocol Transition •  ESB authenticates clients with the authentication mechanism that they understand – e.g. Username Token •  Transform credentials to the form that service understands e.g. Basic Auth Identification and Authentication Requirements
Implementation: Protocol Transition Pattern
Requirement - Avoid user credentials to be passed to backend service and avoid user bypassing security processing. Resource Access Pattern: Trusted Sub System •  User authenticates to ESB with his/her credentials. •  Backend service trusts ESB. •  ESB accesses backend service on behalf of authenticated user. Identification and Authentication Requirements
Image Source - http://www.toolsjournal.com/integrations-articles/item/274-direct-and-brokered-authentication User Credentials Submitted to Service + Bypassing Security Processing
Implementation: Trusted Sub System Pattern
Image Source - http://onlinebusiness.volusion.com/articles/volusion-authorizenet-partnership/ Authorization
•  Control access based on privileges of the users •  Control access based on user’s claims, in a fine grained manner •  Delegated access Authorization Requirements
Requirement - Control access based on privileges of the users. e.g. Users in role ‘Teacher’ can update students’ reports while users in role ‘Temporary Teacher’ can only view reports. Authorization pattern: Role Based Access Control Assign users to roles. Grant privileges to roles. This is a coarse grained authorization model. Authorization
Configuring Role Based Access Control Pattern
Requirement - Control access based on user’s claims, in a fine grained manner. e.g. Reports of Art students could only be accessed by Teachers with job title “Art Teacher”. Authorization pattern: Claim Based Authorization •  Provides fine grained authorization •  Policy based access control with XACML – provides flexibility Authorization
Implementation: Claim Based Authorization Pattern
Requirement - Delegated access. e.g. An application in a teacher’s mobile device needs to retrieve the time table for the day from his account in the school’s information system. Authorization pattern: Constrained Delegation •  Using OAuth Authorization
Implementation: Constrained Delegation Pattern
Questions?
Engage with WSO2 •  Helping you get the most out of your deployments •  From project evaluation and inception to development and going into production, WSO2 is your partner in ensuring 100% project success

Recommended

Enterprise Use Case Webinar - PaaS Metering and Monitoring
Enterprise Use Case Webinar - PaaS Metering and Monitoring Enterprise Use Case Webinar - PaaS Metering and Monitoring
Enterprise Use Case Webinar - PaaS Metering and Monitoring WSO2
 
Addressing Security Concerns with WSO2 Governance Registry Policy Store
Addressing Security Concerns with WSO2 Governance Registry Policy StoreAddressing Security Concerns with WSO2 Governance Registry Policy Store
Addressing Security Concerns with WSO2 Governance Registry Policy StoreWSO2
 
Driving Digital Transformation through Big Data Analytics and Machine Learning
Driving Digital Transformation through Big Data Analytics and Machine LearningDriving Digital Transformation through Big Data Analytics and Machine Learning
Driving Digital Transformation through Big Data Analytics and Machine LearningWSO2
 
Enterprise Governance - The Key to Success
Enterprise Governance - The Key to Success Enterprise Governance - The Key to Success
Enterprise Governance - The Key to Success WSO2
 
[WSO2Con EU 2017] IAM: Catalyst for Digital Transformation
[WSO2Con EU 2017] IAM: Catalyst for Digital Transformation[WSO2Con EU 2017] IAM: Catalyst for Digital Transformation
[WSO2Con EU 2017] IAM: Catalyst for Digital TransformationWSO2
 
Seamless Integration of Data in E Government
Seamless Integration of Data in E Government Seamless Integration of Data in E Government
Seamless Integration of Data in E Government WSO2
 
Introduction to Configurable Governance Artifacts
Introduction to Configurable Governance ArtifactsIntroduction to Configurable Governance Artifacts
Introduction to Configurable Governance ArtifactsWSO2
 
[WSO2Con EU 2017] WHO CARES? A WSO2 Cloud Oriented Reference Architecture for...
[WSO2Con EU 2017] WHO CARES? A WSO2 Cloud Oriented Reference Architecture for...[WSO2Con EU 2017] WHO CARES? A WSO2 Cloud Oriented Reference Architecture for...
[WSO2Con EU 2017] WHO CARES? A WSO2 Cloud Oriented Reference Architecture for...WSO2
 

Recommended

Enterprise Use Case Webinar - PaaS Metering and Monitoring
Enterprise Use Case Webinar - PaaS Metering and Monitoring Enterprise Use Case Webinar - PaaS Metering and Monitoring
Enterprise Use Case Webinar - PaaS Metering and Monitoring WSO2
 
Addressing Security Concerns with WSO2 Governance Registry Policy Store
Addressing Security Concerns with WSO2 Governance Registry Policy StoreAddressing Security Concerns with WSO2 Governance Registry Policy Store
Addressing Security Concerns with WSO2 Governance Registry Policy StoreWSO2
 
Driving Digital Transformation through Big Data Analytics and Machine Learning
Driving Digital Transformation through Big Data Analytics and Machine LearningDriving Digital Transformation through Big Data Analytics and Machine Learning
Driving Digital Transformation through Big Data Analytics and Machine LearningWSO2
 
Enterprise Governance - The Key to Success
Enterprise Governance - The Key to Success Enterprise Governance - The Key to Success
Enterprise Governance - The Key to Success WSO2
 
[WSO2Con EU 2017] IAM: Catalyst for Digital Transformation
[WSO2Con EU 2017] IAM: Catalyst for Digital Transformation[WSO2Con EU 2017] IAM: Catalyst for Digital Transformation
[WSO2Con EU 2017] IAM: Catalyst for Digital TransformationWSO2
 
Seamless Integration of Data in E Government
Seamless Integration of Data in E Government Seamless Integration of Data in E Government
Seamless Integration of Data in E Government WSO2
 
Introduction to Configurable Governance Artifacts
Introduction to Configurable Governance ArtifactsIntroduction to Configurable Governance Artifacts
Introduction to Configurable Governance ArtifactsWSO2
 
[WSO2Con EU 2017] WHO CARES? A WSO2 Cloud Oriented Reference Architecture for...
[WSO2Con EU 2017] WHO CARES? A WSO2 Cloud Oriented Reference Architecture for...[WSO2Con EU 2017] WHO CARES? A WSO2 Cloud Oriented Reference Architecture for...
[WSO2Con EU 2017] WHO CARES? A WSO2 Cloud Oriented Reference Architecture for...WSO2
 
WSO2Con USA 2017: Enhancing Customer Experience with WSO2 Identity Server
WSO2Con USA 2017: Enhancing Customer Experience with WSO2 Identity ServerWSO2Con USA 2017: Enhancing Customer Experience with WSO2 Identity Server
WSO2Con USA 2017: Enhancing Customer Experience with WSO2 Identity ServerWSO2
 
Why WSO2 for Digital Transformation?
Why WSO2 for Digital Transformation? Why WSO2 for Digital Transformation?
Why WSO2 for Digital Transformation? WSO2
 
WSO2 Intro Webinar - The WSO2 Data Services - Harnessing Disparate Enterprise...
WSO2 Intro Webinar - The WSO2 Data Services - Harnessing Disparate Enterprise...WSO2 Intro Webinar - The WSO2 Data Services - Harnessing Disparate Enterprise...
WSO2 Intro Webinar - The WSO2 Data Services - Harnessing Disparate Enterprise...WSO2
 
A Walk through SSO
A Walk through SSOA Walk through SSO
A Walk through SSOWSO2
 
[WSO2Con EU 2017] From the Trenches: IoT Customer Stories
[WSO2Con EU 2017] From the Trenches: IoT Customer Stories[WSO2Con EU 2017] From the Trenches: IoT Customer Stories
[WSO2Con EU 2017] From the Trenches: IoT Customer StoriesWSO2
 
WSO2Con USA 2017: Journey of Migration from Legacy ESB to Modern WSO2 ESB Pla...
WSO2Con USA 2017: Journey of Migration from Legacy ESB to Modern WSO2 ESB Pla...WSO2Con USA 2017: Journey of Migration from Legacy ESB to Modern WSO2 ESB Pla...
WSO2Con USA 2017: Journey of Migration from Legacy ESB to Modern WSO2 ESB Pla...WSO2
 
WSO2 Enterprise Integrator 101
WSO2 Enterprise Integrator 101WSO2 Enterprise Integrator 101
WSO2 Enterprise Integrator 101WSO2
 
Building a SaaS using WSO2 Stratos
Building a SaaS using WSO2 StratosBuilding a SaaS using WSO2 Stratos
Building a SaaS using WSO2 StratosWSO2
 
Navigating the Digital Transformation Landscape
Navigating the Digital Transformation Landscape Navigating the Digital Transformation Landscape
Navigating the Digital Transformation Landscape WSO2
 
Developing, Administering and Debugging with WSO2 Enterprise Integrator
Developing, Administering and Debugging with WSO2 Enterprise IntegratorDeveloping, Administering and Debugging with WSO2 Enterprise Integrator
Developing, Administering and Debugging with WSO2 Enterprise IntegratorWSO2
 
Develop an Infrastructure Cost Optimization Strategy
Develop an Infrastructure Cost Optimization StrategyDevelop an Infrastructure Cost Optimization Strategy
Develop an Infrastructure Cost Optimization StrategyWSO2
 
[WSO2Con EU 2017] Deriving Insights for Your Digital Business with Analytics
[WSO2Con EU 2017] Deriving Insights for Your Digital Business with Analytics[WSO2Con EU 2017] Deriving Insights for Your Digital Business with Analytics
[WSO2Con EU 2017] Deriving Insights for Your Digital Business with AnalyticsWSO2
 
Geo Enabling Enterprises - Powered by Rolta i Perspective and the WSO2 ESB
Geo Enabling Enterprises - Powered by Rolta i Perspective and the WSO2 ESBGeo Enabling Enterprises - Powered by Rolta i Perspective and the WSO2 ESB
Geo Enabling Enterprises - Powered by Rolta i Perspective and the WSO2 ESBWSO2
 
WSO2Con USA 2017: Cloud as a Delivery Channel
WSO2Con USA 2017: Cloud as a Delivery ChannelWSO2Con USA 2017: Cloud as a Delivery Channel
WSO2Con USA 2017: Cloud as a Delivery ChannelWSO2
 
[WSO2Con EU 2017] Extending Your Enterprise Integration Patterns Beyond ESBs
[WSO2Con EU 2017] Extending Your Enterprise Integration Patterns Beyond ESBs[WSO2Con EU 2017] Extending Your Enterprise Integration Patterns Beyond ESBs
[WSO2Con EU 2017] Extending Your Enterprise Integration Patterns Beyond ESBsWSO2
 
Enterprise Use Case Webinar – Development Governance with the WSO2 Governance...
Enterprise Use Case Webinar – Development Governance with the WSO2 Governance...Enterprise Use Case Webinar – Development Governance with the WSO2 Governance...
Enterprise Use Case Webinar – Development Governance with the WSO2 Governance...WSO2
 
Summer School 2013 - What is iPaaS and why it is important
Summer School 2013 - What is iPaaS and why it is importantSummer School 2013 - What is iPaaS and why it is important
Summer School 2013 - What is iPaaS and why it is importantWSO2
 
Open Source adoption in a Mexicon Second tier Bank
Open Source adoption in a Mexicon Second tier BankOpen Source adoption in a Mexicon Second tier Bank
Open Source adoption in a Mexicon Second tier BankWSO2
 
Open Banking - Moving Banks Beyond the Norm
Open Banking - Moving Banks Beyond the NormOpen Banking - Moving Banks Beyond the Norm
Open Banking - Moving Banks Beyond the NormWSO2
 
Pattern Driven Enterprise Architecture
Pattern Driven Enterprise ArchitecturePattern Driven Enterprise Architecture
Pattern Driven Enterprise ArchitectureWSO2
 
Security architecture best practices for saas applications
Security architecture best practices for saas applicationsSecurity architecture best practices for saas applications
Security architecture best practices for saas applicationskanimozhin
 
Identity as a Managed Cloud Service
Identity as a Managed Cloud ServiceIdentity as a Managed Cloud Service
Identity as a Managed Cloud ServiceForgeRock
 

More Related Content

What's hot

WSO2Con USA 2017: Enhancing Customer Experience with WSO2 Identity Server
WSO2Con USA 2017: Enhancing Customer Experience with WSO2 Identity ServerWSO2Con USA 2017: Enhancing Customer Experience with WSO2 Identity Server
WSO2Con USA 2017: Enhancing Customer Experience with WSO2 Identity ServerWSO2
 
Why WSO2 for Digital Transformation?
Why WSO2 for Digital Transformation? Why WSO2 for Digital Transformation?
Why WSO2 for Digital Transformation? WSO2
 
WSO2 Intro Webinar - The WSO2 Data Services - Harnessing Disparate Enterprise...
WSO2 Intro Webinar - The WSO2 Data Services - Harnessing Disparate Enterprise...WSO2 Intro Webinar - The WSO2 Data Services - Harnessing Disparate Enterprise...
WSO2 Intro Webinar - The WSO2 Data Services - Harnessing Disparate Enterprise...WSO2
 
A Walk through SSO
A Walk through SSOA Walk through SSO
A Walk through SSOWSO2
 
[WSO2Con EU 2017] From the Trenches: IoT Customer Stories
[WSO2Con EU 2017] From the Trenches: IoT Customer Stories[WSO2Con EU 2017] From the Trenches: IoT Customer Stories
[WSO2Con EU 2017] From the Trenches: IoT Customer StoriesWSO2
 
WSO2Con USA 2017: Journey of Migration from Legacy ESB to Modern WSO2 ESB Pla...
WSO2Con USA 2017: Journey of Migration from Legacy ESB to Modern WSO2 ESB Pla...WSO2Con USA 2017: Journey of Migration from Legacy ESB to Modern WSO2 ESB Pla...
WSO2Con USA 2017: Journey of Migration from Legacy ESB to Modern WSO2 ESB Pla...WSO2
 
WSO2 Enterprise Integrator 101
WSO2 Enterprise Integrator 101WSO2 Enterprise Integrator 101
WSO2 Enterprise Integrator 101WSO2
 
Building a SaaS using WSO2 Stratos
Building a SaaS using WSO2 StratosBuilding a SaaS using WSO2 Stratos
Building a SaaS using WSO2 StratosWSO2
 
Navigating the Digital Transformation Landscape
Navigating the Digital Transformation Landscape Navigating the Digital Transformation Landscape
Navigating the Digital Transformation Landscape WSO2
 
Developing, Administering and Debugging with WSO2 Enterprise Integrator
Developing, Administering and Debugging with WSO2 Enterprise IntegratorDeveloping, Administering and Debugging with WSO2 Enterprise Integrator
Developing, Administering and Debugging with WSO2 Enterprise IntegratorWSO2
 
Develop an Infrastructure Cost Optimization Strategy
Develop an Infrastructure Cost Optimization StrategyDevelop an Infrastructure Cost Optimization Strategy
Develop an Infrastructure Cost Optimization StrategyWSO2
 
[WSO2Con EU 2017] Deriving Insights for Your Digital Business with Analytics
[WSO2Con EU 2017] Deriving Insights for Your Digital Business with Analytics[WSO2Con EU 2017] Deriving Insights for Your Digital Business with Analytics
[WSO2Con EU 2017] Deriving Insights for Your Digital Business with AnalyticsWSO2
 
Geo Enabling Enterprises - Powered by Rolta i Perspective and the WSO2 ESB
Geo Enabling Enterprises - Powered by Rolta i Perspective and the WSO2 ESBGeo Enabling Enterprises - Powered by Rolta i Perspective and the WSO2 ESB
Geo Enabling Enterprises - Powered by Rolta i Perspective and the WSO2 ESBWSO2
 
WSO2Con USA 2017: Cloud as a Delivery Channel
WSO2Con USA 2017: Cloud as a Delivery ChannelWSO2Con USA 2017: Cloud as a Delivery Channel
WSO2Con USA 2017: Cloud as a Delivery ChannelWSO2
 
[WSO2Con EU 2017] Extending Your Enterprise Integration Patterns Beyond ESBs
[WSO2Con EU 2017] Extending Your Enterprise Integration Patterns Beyond ESBs[WSO2Con EU 2017] Extending Your Enterprise Integration Patterns Beyond ESBs
[WSO2Con EU 2017] Extending Your Enterprise Integration Patterns Beyond ESBsWSO2
 
Enterprise Use Case Webinar – Development Governance with the WSO2 Governance...
Enterprise Use Case Webinar – Development Governance with the WSO2 Governance...Enterprise Use Case Webinar – Development Governance with the WSO2 Governance...
Enterprise Use Case Webinar – Development Governance with the WSO2 Governance...WSO2
 
Summer School 2013 - What is iPaaS and why it is important
Summer School 2013 - What is iPaaS and why it is importantSummer School 2013 - What is iPaaS and why it is important
Summer School 2013 - What is iPaaS and why it is importantWSO2
 
Open Source adoption in a Mexicon Second tier Bank
Open Source adoption in a Mexicon Second tier BankOpen Source adoption in a Mexicon Second tier Bank
Open Source adoption in a Mexicon Second tier BankWSO2
 
Open Banking - Moving Banks Beyond the Norm
Open Banking - Moving Banks Beyond the NormOpen Banking - Moving Banks Beyond the Norm
Open Banking - Moving Banks Beyond the NormWSO2
 
Pattern Driven Enterprise Architecture
Pattern Driven Enterprise ArchitecturePattern Driven Enterprise Architecture
Pattern Driven Enterprise ArchitectureWSO2
 

What's hot (20)

WSO2Con USA 2017: Enhancing Customer Experience with WSO2 Identity Server
WSO2Con USA 2017: Enhancing Customer Experience with WSO2 Identity ServerWSO2Con USA 2017: Enhancing Customer Experience with WSO2 Identity Server
WSO2Con USA 2017: Enhancing Customer Experience with WSO2 Identity Server
 
Why WSO2 for Digital Transformation?
Why WSO2 for Digital Transformation? Why WSO2 for Digital Transformation?
Why WSO2 for Digital Transformation?
 
WSO2 Intro Webinar - The WSO2 Data Services - Harnessing Disparate Enterprise...
WSO2 Intro Webinar - The WSO2 Data Services - Harnessing Disparate Enterprise...WSO2 Intro Webinar - The WSO2 Data Services - Harnessing Disparate Enterprise...
WSO2 Intro Webinar - The WSO2 Data Services - Harnessing Disparate Enterprise...
 
A Walk through SSO
A Walk through SSOA Walk through SSO
A Walk through SSO
 
[WSO2Con EU 2017] From the Trenches: IoT Customer Stories
[WSO2Con EU 2017] From the Trenches: IoT Customer Stories[WSO2Con EU 2017] From the Trenches: IoT Customer Stories
[WSO2Con EU 2017] From the Trenches: IoT Customer Stories
 
WSO2Con USA 2017: Journey of Migration from Legacy ESB to Modern WSO2 ESB Pla...
WSO2Con USA 2017: Journey of Migration from Legacy ESB to Modern WSO2 ESB Pla...WSO2Con USA 2017: Journey of Migration from Legacy ESB to Modern WSO2 ESB Pla...
WSO2Con USA 2017: Journey of Migration from Legacy ESB to Modern WSO2 ESB Pla...
 
WSO2 Enterprise Integrator 101
WSO2 Enterprise Integrator 101WSO2 Enterprise Integrator 101
WSO2 Enterprise Integrator 101
 
Building a SaaS using WSO2 Stratos
Building a SaaS using WSO2 StratosBuilding a SaaS using WSO2 Stratos
Building a SaaS using WSO2 Stratos
 
Navigating the Digital Transformation Landscape
Navigating the Digital Transformation Landscape Navigating the Digital Transformation Landscape
Navigating the Digital Transformation Landscape
 
Developing, Administering and Debugging with WSO2 Enterprise Integrator
Developing, Administering and Debugging with WSO2 Enterprise IntegratorDeveloping, Administering and Debugging with WSO2 Enterprise Integrator
Developing, Administering and Debugging with WSO2 Enterprise Integrator
 
Develop an Infrastructure Cost Optimization Strategy
Develop an Infrastructure Cost Optimization StrategyDevelop an Infrastructure Cost Optimization Strategy
Develop an Infrastructure Cost Optimization Strategy
 
[WSO2Con EU 2017] Deriving Insights for Your Digital Business with Analytics
[WSO2Con EU 2017] Deriving Insights for Your Digital Business with Analytics[WSO2Con EU 2017] Deriving Insights for Your Digital Business with Analytics
[WSO2Con EU 2017] Deriving Insights for Your Digital Business with Analytics
 
Geo Enabling Enterprises - Powered by Rolta i Perspective and the WSO2 ESB
Geo Enabling Enterprises - Powered by Rolta i Perspective and the WSO2 ESBGeo Enabling Enterprises - Powered by Rolta i Perspective and the WSO2 ESB
Geo Enabling Enterprises - Powered by Rolta i Perspective and the WSO2 ESB
 
WSO2Con USA 2017: Cloud as a Delivery Channel
WSO2Con USA 2017: Cloud as a Delivery ChannelWSO2Con USA 2017: Cloud as a Delivery Channel
WSO2Con USA 2017: Cloud as a Delivery Channel
 
[WSO2Con EU 2017] Extending Your Enterprise Integration Patterns Beyond ESBs
[WSO2Con EU 2017] Extending Your Enterprise Integration Patterns Beyond ESBs[WSO2Con EU 2017] Extending Your Enterprise Integration Patterns Beyond ESBs
[WSO2Con EU 2017] Extending Your Enterprise Integration Patterns Beyond ESBs
 
Enterprise Use Case Webinar – Development Governance with the WSO2 Governance...
Enterprise Use Case Webinar – Development Governance with the WSO2 Governance...Enterprise Use Case Webinar – Development Governance with the WSO2 Governance...
Enterprise Use Case Webinar – Development Governance with the WSO2 Governance...
 
Summer School 2013 - What is iPaaS and why it is important
Summer School 2013 - What is iPaaS and why it is importantSummer School 2013 - What is iPaaS and why it is important
Summer School 2013 - What is iPaaS and why it is important
 
Open Source adoption in a Mexicon Second tier Bank
Open Source adoption in a Mexicon Second tier BankOpen Source adoption in a Mexicon Second tier Bank
Open Source adoption in a Mexicon Second tier Bank
 
Open Banking - Moving Banks Beyond the Norm
Open Banking - Moving Banks Beyond the NormOpen Banking - Moving Banks Beyond the Norm
Open Banking - Moving Banks Beyond the Norm
 
Pattern Driven Enterprise Architecture
Pattern Driven Enterprise ArchitecturePattern Driven Enterprise Architecture
Pattern Driven Enterprise Architecture
 

Similar to Governance and Security Solution Patterns

Security architecture best practices for saas applications
Security architecture best practices for saas applicationsSecurity architecture best practices for saas applications
Security architecture best practices for saas applicationskanimozhin
 
Identity as a Managed Cloud Service
Identity as a Managed Cloud ServiceIdentity as a Managed Cloud Service
Identity as a Managed Cloud ServiceForgeRock
 
Global azure virtual 2021 - Azure Lighthouse
Global azure virtual 2021 - Azure LighthouseGlobal azure virtual 2021 - Azure Lighthouse
Global azure virtual 2021 - Azure LighthouseIvo Andreev
 
IT_Security_Service Delivery_Consultant
IT_Security_Service Delivery_Consultant IT_Security_Service Delivery_Consultant
IT_Security_Service Delivery_Consultant Saravanan Purushothaman
 
Security Architecture Best Practices for SaaS Applications
Security Architecture Best Practices for SaaS ApplicationsSecurity Architecture Best Practices for SaaS Applications
Security Architecture Best Practices for SaaS ApplicationsTechcello
 
Azure AD B2C Webinar Series: Custom Policies Part 1
Azure AD B2C Webinar Series: Custom Policies Part 1Azure AD B2C Webinar Series: Custom Policies Part 1
Azure AD B2C Webinar Series: Custom Policies Part 1Vinu Gunasekaran
 
Secure Development on the Salesforce Platform - Part 3
Secure Development on the Salesforce Platform - Part 3Secure Development on the Salesforce Platform - Part 3
Secure Development on the Salesforce Platform - Part 3Mark Adcock
 
Sso security&business tool_2018_issa_infosecsummit_grant_reveal_final
Sso security&business tool_2018_issa_infosecsummit_grant_reveal_finalSso security&business tool_2018_issa_infosecsummit_grant_reveal_final
Sso security&business tool_2018_issa_infosecsummit_grant_reveal_finalGrant Reveal
 
Iam suite introduction
Iam suite introductionIam suite introduction
Iam suite introductionwardell henley
 
vbrownbag dcd6-2.4-merged
vbrownbag dcd6-2.4-mergedvbrownbag dcd6-2.4-merged
vbrownbag dcd6-2.4-mergedVirtualtiers
 
Cache Security- Adding Security to Non-Secure Applications
Cache Security- Adding Security to Non-Secure ApplicationsCache Security- Adding Security to Non-Secure Applications
Cache Security- Adding Security to Non-Secure ApplicationsInterSystems Corporation
 
Practical soa for business and researchers
Practical soa for business and researchersPractical soa for business and researchers
Practical soa for business and researchersMustafa Gamal
 
IDM in telecom industry
IDM in telecom industryIDM in telecom industry
IDM in telecom industryAjit Dadresa
 
Five Things You Gotta Know About Modern Identity
Five Things You Gotta Know About Modern IdentityFive Things You Gotta Know About Modern Identity
Five Things You Gotta Know About Modern IdentityMark Diodati
 
Cloud Security Standards: What to Expect and What to Negotiate V2.0
Cloud Security Standards: What to Expect and What to Negotiate V2.0Cloud Security Standards: What to Expect and What to Negotiate V2.0
Cloud Security Standards: What to Expect and What to Negotiate V2.0Cloud Standards Customer Council
 
Why IAM is the Need of the Hour
Why IAM is the Need of the HourWhy IAM is the Need of the Hour
Why IAM is the Need of the HourTechdemocracy
 
Building an Identity Management Business Case
Building an Identity Management Business CaseBuilding an Identity Management Business Case
Building an Identity Management Business CaseHitachi ID Systems, Inc.
 

Similar to Governance and Security Solution Patterns (20)

Security architecture best practices for saas applications
Security architecture best practices for saas applicationsSecurity architecture best practices for saas applications
Security architecture best practices for saas applications
 
Identity as a Managed Cloud Service
Identity as a Managed Cloud ServiceIdentity as a Managed Cloud Service
Identity as a Managed Cloud Service
 
Global azure virtual 2021 - Azure Lighthouse
Global azure virtual 2021 - Azure LighthouseGlobal azure virtual 2021 - Azure Lighthouse
Global azure virtual 2021 - Azure Lighthouse
 
IT_Security_Service Delivery_Consultant
IT_Security_Service Delivery_Consultant IT_Security_Service Delivery_Consultant
IT_Security_Service Delivery_Consultant
 
Security Architecture Best Practices for SaaS Applications
Security Architecture Best Practices for SaaS ApplicationsSecurity Architecture Best Practices for SaaS Applications
Security Architecture Best Practices for SaaS Applications
 
Azure AD B2C Webinar Series: Custom Policies Part 1
Azure AD B2C Webinar Series: Custom Policies Part 1Azure AD B2C Webinar Series: Custom Policies Part 1
Azure AD B2C Webinar Series: Custom Policies Part 1
 
Secure Development on the Salesforce Platform - Part 3
Secure Development on the Salesforce Platform - Part 3Secure Development on the Salesforce Platform - Part 3
Secure Development on the Salesforce Platform - Part 3
 
Sso security&business tool_2018_issa_infosecsummit_grant_reveal_final
Sso security&business tool_2018_issa_infosecsummit_grant_reveal_finalSso security&business tool_2018_issa_infosecsummit_grant_reveal_final
Sso security&business tool_2018_issa_infosecsummit_grant_reveal_final
 
Iam suite introduction
Iam suite introductionIam suite introduction
Iam suite introduction
 
vbrownbag dcd6-2.4-merged
vbrownbag dcd6-2.4-mergedvbrownbag dcd6-2.4-merged
vbrownbag dcd6-2.4-merged
 
Cache Security- Adding Security to Non-Secure Applications
Cache Security- Adding Security to Non-Secure ApplicationsCache Security- Adding Security to Non-Secure Applications
Cache Security- Adding Security to Non-Secure Applications
 
Open iam technicalarchitecture-v3-a
Open iam technicalarchitecture-v3-aOpen iam technicalarchitecture-v3-a
Open iam technicalarchitecture-v3-a
 
Practical soa for business and researchers
Practical soa for business and researchersPractical soa for business and researchers
Practical soa for business and researchers
 
Co p
Co pCo p
Co p
 
IDM in telecom industry
IDM in telecom industryIDM in telecom industry
IDM in telecom industry
 
Co p
Co pCo p
Co p
 
Five Things You Gotta Know About Modern Identity
Five Things You Gotta Know About Modern IdentityFive Things You Gotta Know About Modern Identity
Five Things You Gotta Know About Modern Identity
 
Cloud Security Standards: What to Expect and What to Negotiate V2.0
Cloud Security Standards: What to Expect and What to Negotiate V2.0Cloud Security Standards: What to Expect and What to Negotiate V2.0
Cloud Security Standards: What to Expect and What to Negotiate V2.0
 
Why IAM is the Need of the Hour
Why IAM is the Need of the HourWhy IAM is the Need of the Hour
Why IAM is the Need of the Hour
 
Building an Identity Management Business Case
Building an Identity Management Business CaseBuilding an Identity Management Business Case
Building an Identity Management Business Case
 

More from WSO2

Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native ApplicationsWSO2
 
Accelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with PlatformlessAccelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with PlatformlessWSO2
 
How to Create a Service in Choreo
How to Create a Service in ChoreoHow to Create a Service in Choreo
How to Create a Service in ChoreoWSO2
 
Ballerina Tech Talk - May 2023
Ballerina Tech Talk - May 2023Ballerina Tech Talk - May 2023
Ballerina Tech Talk - May 2023WSO2
 
Platform Strategy to Deliver Digital Experiences on Azure
Platform Strategy to Deliver Digital Experiences on AzurePlatform Strategy to Deliver Digital Experiences on Azure
Platform Strategy to Deliver Digital Experiences on AzureWSO2
 
GartnerITSymSessionSlides.pdf
GartnerITSymSessionSlides.pdfGartnerITSymSessionSlides.pdf
GartnerITSymSessionSlides.pdfWSO2
 
[Webinar] How to Create an API in Minutes
[Webinar] How to Create an API in Minutes[Webinar] How to Create an API in Minutes
[Webinar] How to Create an API in MinutesWSO2
 
Modernizing the Student Journey with Ethos Identity
Modernizing the Student Journey with Ethos IdentityModernizing the Student Journey with Ethos Identity
Modernizing the Student Journey with Ethos IdentityWSO2
 
Choreo - Build unique digital experiences on WSO2's platform, secured by Etho...
Choreo - Build unique digital experiences on WSO2's platform, secured by Etho...Choreo - Build unique digital experiences on WSO2's platform, secured by Etho...
Choreo - Build unique digital experiences on WSO2's platform, secured by Etho...WSO2
 
CIO Summit Berlin 2022.pptx.pdf
CIO Summit Berlin 2022.pptx.pdfCIO Summit Berlin 2022.pptx.pdf
CIO Summit Berlin 2022.pptx.pdfWSO2
 
Delivering New Digital Experiences Fast - Introducing Choreo
Delivering New Digital Experiences Fast - Introducing ChoreoDelivering New Digital Experiences Fast - Introducing Choreo
Delivering New Digital Experiences Fast - Introducing ChoreoWSO2
 
Fueling the Digital Experience Economy with Connected Products
Fueling the Digital Experience Economy with Connected ProductsFueling the Digital Experience Economy with Connected Products
Fueling the Digital Experience Economy with Connected ProductsWSO2
 
A Reference Methodology for Agile Digital Businesses
A Reference Methodology for Agile Digital Businesses A Reference Methodology for Agile Digital Businesses
A Reference Methodology for Agile Digital BusinessesWSO2
 
Workflows in WSO2 API Manager - WSO2 API Manager Community Call (12/15/2021)
Workflows in WSO2 API Manager - WSO2 API Manager Community Call (12/15/2021)Workflows in WSO2 API Manager - WSO2 API Manager Community Call (12/15/2021)
Workflows in WSO2 API Manager - WSO2 API Manager Community Call (12/15/2021)WSO2
 
Lessons from the pandemic - From a single use case to true transformation
Lessons from the pandemic - From a single use case to true transformation Lessons from the pandemic - From a single use case to true transformation
Lessons from the pandemic - From a single use case to true transformationWSO2
 
Adding Liveliness to Banking Experiences
Adding Liveliness to Banking ExperiencesAdding Liveliness to Banking Experiences
Adding Liveliness to Banking ExperiencesWSO2
 
Building a Future-ready Bank
Building a Future-ready BankBuilding a Future-ready Bank
Building a Future-ready BankWSO2
 
WSO2 API Manager Community Call - November 2021
WSO2 API Manager Community Call - November 2021WSO2 API Manager Community Call - November 2021
WSO2 API Manager Community Call - November 2021WSO2
 
[API World ] - Managing Asynchronous APIs
[API World ] - Managing Asynchronous APIs[API World ] - Managing Asynchronous APIs
[API World ] - Managing Asynchronous APIsWSO2
 
[API World 2021 ] - Understanding Cloud Native Deployment
[API World 2021 ] - Understanding Cloud Native Deployment[API World 2021 ] - Understanding Cloud Native Deployment
[API World 2021 ] - Understanding Cloud Native DeploymentWSO2
 

More from WSO2 (20)

Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Accelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with PlatformlessAccelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with Platformless
 
How to Create a Service in Choreo
How to Create a Service in ChoreoHow to Create a Service in Choreo
How to Create a Service in Choreo
 
Ballerina Tech Talk - May 2023
Ballerina Tech Talk - May 2023Ballerina Tech Talk - May 2023
Ballerina Tech Talk - May 2023
 
Platform Strategy to Deliver Digital Experiences on Azure
Platform Strategy to Deliver Digital Experiences on AzurePlatform Strategy to Deliver Digital Experiences on Azure
Platform Strategy to Deliver Digital Experiences on Azure
 
GartnerITSymSessionSlides.pdf
GartnerITSymSessionSlides.pdfGartnerITSymSessionSlides.pdf
GartnerITSymSessionSlides.pdf
 
[Webinar] How to Create an API in Minutes
[Webinar] How to Create an API in Minutes[Webinar] How to Create an API in Minutes
[Webinar] How to Create an API in Minutes
 
Modernizing the Student Journey with Ethos Identity
Modernizing the Student Journey with Ethos IdentityModernizing the Student Journey with Ethos Identity
Modernizing the Student Journey with Ethos Identity
 
Choreo - Build unique digital experiences on WSO2's platform, secured by Etho...
Choreo - Build unique digital experiences on WSO2's platform, secured by Etho...Choreo - Build unique digital experiences on WSO2's platform, secured by Etho...
Choreo - Build unique digital experiences on WSO2's platform, secured by Etho...
 
CIO Summit Berlin 2022.pptx.pdf
CIO Summit Berlin 2022.pptx.pdfCIO Summit Berlin 2022.pptx.pdf
CIO Summit Berlin 2022.pptx.pdf
 
Delivering New Digital Experiences Fast - Introducing Choreo
Delivering New Digital Experiences Fast - Introducing ChoreoDelivering New Digital Experiences Fast - Introducing Choreo
Delivering New Digital Experiences Fast - Introducing Choreo
 
Fueling the Digital Experience Economy with Connected Products
Fueling the Digital Experience Economy with Connected ProductsFueling the Digital Experience Economy with Connected Products
Fueling the Digital Experience Economy with Connected Products
 
A Reference Methodology for Agile Digital Businesses
A Reference Methodology for Agile Digital Businesses A Reference Methodology for Agile Digital Businesses
A Reference Methodology for Agile Digital Businesses
 
Workflows in WSO2 API Manager - WSO2 API Manager Community Call (12/15/2021)
Workflows in WSO2 API Manager - WSO2 API Manager Community Call (12/15/2021)Workflows in WSO2 API Manager - WSO2 API Manager Community Call (12/15/2021)
Workflows in WSO2 API Manager - WSO2 API Manager Community Call (12/15/2021)
 
Lessons from the pandemic - From a single use case to true transformation
Lessons from the pandemic - From a single use case to true transformation Lessons from the pandemic - From a single use case to true transformation
Lessons from the pandemic - From a single use case to true transformation
 
Adding Liveliness to Banking Experiences
Adding Liveliness to Banking ExperiencesAdding Liveliness to Banking Experiences
Adding Liveliness to Banking Experiences
 
Building a Future-ready Bank
Building a Future-ready BankBuilding a Future-ready Bank
Building a Future-ready Bank
 
WSO2 API Manager Community Call - November 2021
WSO2 API Manager Community Call - November 2021WSO2 API Manager Community Call - November 2021
WSO2 API Manager Community Call - November 2021
 
[API World ] - Managing Asynchronous APIs
[API World ] - Managing Asynchronous APIs[API World ] - Managing Asynchronous APIs
[API World ] - Managing Asynchronous APIs
 
[API World 2021 ] - Understanding Cloud Native Deployment
[API World 2021 ] - Understanding Cloud Native Deployment[API World 2021 ] - Understanding Cloud Native Deployment
[API World 2021 ] - Understanding Cloud Native Deployment
 

Recently uploaded

08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 

Recently uploaded (20)

08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 

Governance and Security Solution Patterns

  • 1. Governance and Security Solution Patterns Gillian Dass and Dakshitha Ratnayake
  • 2. About WSO2 •  Providing the only complete open source componentized cloud platform •  Dedicated to removing all the stumbling blocks to enterprise agility •  Enabling you to focus on business logic and business value •  Recognized by leading analyst firms as visionaries and leaders •  Gartner cites WSO2 as visionaries in all 3 categories of application infrastructure •  Forrester places WSO2 in top 2 for API Management •  Global corporation with offices in USA, UK & Sri Lanka •  200+ employees and growing •  Business model of selling comprehensive support & maintenance for our products
  • 3. 150+ globally positioned support customers
  • 4. •  Introduction to Patterns •  Why Service Oriented Architecture? •  What is Governance? •  Governance Business Problems and Patterns •  Need for Security in SOA •  Security Requirements and Solution Patterns Agenda
  • 5. •  Expose legacy system components as services •  Loose Coupling •  Interoperability •  Flexibility •  Business Process Composition Why SOA?
  • 6. A generic solution for a common recurring problem •  Used it before •  Error proof •  Catalog to pick one Image Source: http://www.forbes.com/fdc/welcome_mjx.shtml A Pattern
  • 7. Managing the three Ps of Governance •  People roles & responsibilities •  Process design, execution and monitoring •  Policy definition and enforcements Image Source: http://www.governanceinnovation.org/?pageID=whatis What is Governance?
  • 8. An organization has metadata related to different data types. They need to capture relationships such as associations and dependencies. Business Scenario
  • 9. •  Model custom data types in a data repository •  Artifact governance Pattern
  • 12. An artifact is deployed across different environments: Dev, QA, Prod. This artifact references some external resources, where the resource need to change for each environment. Business Scenario
  • 14. - Manage service quality - Manage business transactions - Monitor and analyze transaction data - Create dashboard and reports Why Runtime Governance
  • 15. An online travel reservation application allows users to create/edit and cancel bookings. - If >5 cancellations within 24 hours from a single user send a notification to administrators - Create dashboards and reports for MI purposes Business Scenario
  • 16. - Real time events monitoring and notifications - Data analysis and presentation Solution Pattern
  • 18. PatternsSecurity Patterns Image Source - http://www.coresecuritypatterns.com/blogs/?tag=ws-security
  • 19. •  Business assets exposed to the outside as services to be discovered •  Should facilitate interoperability and flexibility Why Security in SOA?
  • 20. After identifying the need for security in SOA, determine the security requirements. Security Requirements can fall under many categories. A few examples: •  Identification and Authentication •  Authorization Security Requirements
  • 21. Image Source - http://www.mikeeckman.com/2013/02/how-much-do-you-think-about-privacy-on-the-internet/ Identification and Authentication
  • 22. •  Services need to identify and verify the claimed identity of internal users of the organization. •  Services need to identify and verify the claimed identity of external users from external organizations. •  Facilitate communication between clients and services which talk in different authentication mechanisms. •  Avoid user credentials to be passed to backend services and avoid user bypassing security processing. Identification and Authentication Requirements
  • 23. Requirement - Identify and verify the claimed identity of internal users of the organization. Authentication Pattern: Direct Authentication •  Authenticating users with credentials stored internally. •  Credentials can be : §  Username/password §  Username token §  X.509 certificates Identification and Authentication Requirements
  • 25. Configuring a Secured Proxy in ESB
  • 26. Configuring a Secured Proxy in ESB
  • 27. Requirement - Identify and verify the claimed identity of external users – from external organizations. Authentication Pattern: Brokered Authentication •  Authenticating users outside the organization boundary. •  Trusting a token issued by a trusted party in partner organization. •  Brokered authentication based on WS-Trust with SAML. Identification and Authentication Requirements
  • 29. Requirement - Facilitate communication between clients and services which talk in different authentication mechanisms. Resource Access Pattern: Protocol Transition •  ESB authenticates clients with the authentication mechanism that they understand – e.g. Username Token •  Transform credentials to the form that service understands e.g. Basic Auth Identification and Authentication Requirements
  • 31. Requirement - Avoid user credentials to be passed to backend service and avoid user bypassing security processing. Resource Access Pattern: Trusted Sub System •  User authenticates to ESB with his/her credentials. •  Backend service trusts ESB. •  ESB accesses backend service on behalf of authenticated user. Identification and Authentication Requirements
  • 32. Image Source - http://www.toolsjournal.com/integrations-articles/item/274-direct-and-brokered-authentication User Credentials Submitted to Service + Bypassing Security Processing
  • 33. Implementation: Trusted Sub System Pattern
  • 34. Image Source - http://onlinebusiness.volusion.com/articles/volusion-authorizenet-partnership/ Authorization
  • 35. •  Control access based on privileges of the users •  Control access based on user’s claims, in a fine grained manner •  Delegated access Authorization Requirements
  • 36. Requirement - Control access based on privileges of the users. e.g. Users in role ‘Teacher’ can update students’ reports while users in role ‘Temporary Teacher’ can only view reports. Authorization pattern: Role Based Access Control Assign users to roles. Grant privileges to roles. This is a coarse grained authorization model. Authorization
  • 37. Configuring Role Based Access Control Pattern
  • 38. Requirement - Control access based on user’s claims, in a fine grained manner. e.g. Reports of Art students could only be accessed by Teachers with job title “Art Teacher”. Authorization pattern: Claim Based Authorization •  Provides fine grained authorization •  Policy based access control with XACML – provides flexibility Authorization
  • 39. Implementation: Claim Based Authorization Pattern
  • 40. Requirement - Delegated access. e.g. An application in a teacher’s mobile device needs to retrieve the time table for the day from his account in the school’s information system. Authorization pattern: Constrained Delegation •  Using OAuth Authorization
  • 43. Engage with WSO2 •  Helping you get the most out of your deployments •  From project evaluation and inception to development and going into production, WSO2 is your partner in ensuring 100% project success