Upload File

wso2con eu 2016: end-to-end identity management

58

Upload: wso2-inc

Post on 12-Jan-2017

193 views

Category:

Technology


1 download

Report

TRANSCRIPT

Page 1: WSO2Con EU 2016: End-to-End Identity Management
Page 2: WSO2Con EU 2016: End-to-End Identity Management

1.2.3.

Page 3: WSO2Con EU 2016: End-to-End Identity Management

••••

Page 4: WSO2Con EU 2016: End-to-End Identity Management
Page 5: WSO2Con EU 2016: End-to-End Identity Management
Page 6: WSO2Con EU 2016: End-to-End Identity Management
Page 7: WSO2Con EU 2016: End-to-End Identity Management
Page 8: WSO2Con EU 2016: End-to-End Identity Management
Page 9: WSO2Con EU 2016: End-to-End Identity Management

•••••

Page 10: WSO2Con EU 2016: End-to-End Identity Management

••

•••

Page 11: WSO2Con EU 2016: End-to-End Identity Management

Robert(An employee)

Cloud email Service

Username = “robert”Password = “robert-pass”

Expense Management

SystemHR System

Username = “robert2”Password = “robert2-pass”Username = “robert2”Password = “robert2-pass”

Username = “robert_5”Password = “K67robert2-AB-#2”

Page 12: WSO2Con EU 2016: End-to-End Identity Management
Page 13: WSO2Con EU 2016: End-to-End Identity Management

Robert

Mail ClientUsername = “robert”Password = “robert-pass”

HR System

Expense Management

System

Username = “robert2”Password = “robert2-pass”Username = “robert”Password = “robert-pass”

Username = “robert”Password = “robert-pass”

Userstore

Page 14: WSO2Con EU 2016: End-to-End Identity Management
Page 15: WSO2Con EU 2016: End-to-End Identity Management
Page 16: WSO2Con EU 2016: End-to-End Identity Management
Page 17: WSO2Con EU 2016: End-to-End Identity Management

Identity Broker(e.g. WSO2 IS)

Service provider(e.g. HR System)

Robert

Username = “robert”Password = “robert-pass”

Token

Token

Userstore

Standard authentication request

Page 18: WSO2Con EU 2016: End-to-End Identity Management

Robert

Mail ClientUsername = “robert”Password = “robert-pass”

HR System

Expense Management

System

Username = “robert2”Password = “robert2-pass”Username = “robert”Password = “robert-pass”

Username = “robert”Password = “robert-pass”

Identity Broker(e.g. WSO2 IS)

Page 19: WSO2Con EU 2016: End-to-End Identity Management

Identity Broker(e.g. WSO2 IS)

Service provider(e.g. HR System)

Userdata

1. Log in request

2. Redirect to IDP

3. Request token4. Authenticate

5. Redirect to SP

6. Response token Session: S1

Page 20: WSO2Con EU 2016: End-to-End Identity Management

Identity Broker(e.g. WSO2 IS)

Service provider 2(e.g. Cloud Mail

Service)

Userdata

1. Log in request

2. Redirect to IDP

3. Request token (session: IS1)

5. Redirect to SP2

6. Response token

Service provider 1(e.g. HR System)

Session: S1

4. Bypass login page

Session: S2

Page 21: WSO2Con EU 2016: End-to-End Identity Management

••

Page 22: WSO2Con EU 2016: End-to-End Identity Management

••

••

Page 23: WSO2Con EU 2016: End-to-End Identity Management

•––

•–

•–

•–

Page 24: WSO2Con EU 2016: End-to-End Identity Management
Page 25: WSO2Con EU 2016: End-to-End Identity Management
Page 26: WSO2Con EU 2016: End-to-End Identity Management

••••••

Page 27: WSO2Con EU 2016: End-to-End Identity Management

•••

Page 28: WSO2Con EU 2016: End-to-End Identity Management
Page 29: WSO2Con EU 2016: End-to-End Identity Management

eXtensible Access Control Markup Language (XACML)

/data/files

/data/archives

/data/visualize

/data/details

Policy decision Point

If user = jane Permit.

If role = clark andAction = writeDeny.

Policy Store

Policy Administration Point

Policy Enforcement Point(PEP)User = Tao

User = David

User = Jane

Page 30: WSO2Con EU 2016: End-to-End Identity Management
Page 31: WSO2Con EU 2016: End-to-End Identity Management
Page 32: WSO2Con EU 2016: End-to-End Identity Management

Identity server

Extern Inc.

<<< Create User >>>Username: janeEmail: [email protected]

Cloud email service

<<< Create User >>>Username: janePassword: jane123Email: [email protected]

<<< Create User >>>Username: jane

<<< Create User >>>Username: [email protected]

Contacts DirectoryExpense Management System

Page 33: WSO2Con EU 2016: End-to-End Identity Management
Page 34: WSO2Con EU 2016: End-to-End Identity Management
Page 35: WSO2Con EU 2016: End-to-End Identity Management
Page 36: WSO2Con EU 2016: End-to-End Identity Management
Page 37: WSO2Con EU 2016: End-to-End Identity Management

Identityserver

Update roles

Approve role assignment

Approve role assignment

Assigned to “supervisors” role

Assigned to “James”

Page 38: WSO2Con EU 2016: End-to-End Identity Management

••••

Page 39: WSO2Con EU 2016: End-to-End Identity Management
Page 40: WSO2Con EU 2016: End-to-End Identity Management
Page 41: WSO2Con EU 2016: End-to-End Identity Management

Page 42: WSO2Con EU 2016: End-to-End Identity Management

Page 43: WSO2Con EU 2016: End-to-End Identity Management
Page 44: WSO2Con EU 2016: End-to-End Identity Management

••

Page 45: WSO2Con EU 2016: End-to-End Identity Management

1.

2.

3.

Page 46: WSO2Con EU 2016: End-to-End Identity Management
Page 47: WSO2Con EU 2016: End-to-End Identity Management

IdentityBroker

Identity Broker

Username: janePassword: jane123Email: [email protected]

1. Access request

2 .Auth request

3. Auth request

4. Auth response

User Directory

5. Add user

mailto:[email protected]
mailto:[email protected]
mailto:[email protected]
Page 48: WSO2Con EU 2016: End-to-End Identity Management

IdentityBroker

Identity Broker

Username: janePassword: jane123Email: [email protected]

1. Access request

2 .Auth request

3. Auth request

4. Auth response5. Add user

mailto:[email protected]
mailto:[email protected]
mailto:[email protected]
Page 49: WSO2Con EU 2016: End-to-End Identity Management
Page 50: WSO2Con EU 2016: End-to-End Identity Management
Page 51: WSO2Con EU 2016: End-to-End Identity Management
Page 52: WSO2Con EU 2016: End-to-End Identity Management
Page 53: WSO2Con EU 2016: End-to-End Identity Management

Page 54: WSO2Con EU 2016: End-to-End Identity Management

Page 55: WSO2Con EU 2016: End-to-End Identity Management

Page 56: WSO2Con EU 2016: End-to-End Identity Management
Page 57: WSO2Con EU 2016: End-to-End Identity Management

••••••••

Page 58: WSO2Con EU 2016: End-to-End Identity Management

Users: SOA Last Mile - WSO2Con 2011

WSO2Con EU 2015: IoT in Finance

WSO2Con ASIA 2016: Case Study: Identity in the WSO2 Ecosystem

WSO2Con EU 2015: Keynote - The Identity of Things: The Next Internet Challenge

WSO2Con USA 2017: Multi-tenanted, Role-based Identity & Access Management solution at West

WSO2Con 2015 USA: Introducing Microservices Server

WSO2Con USA 2017: Identity Solution Patterns

Oracle Identity Management 11g...Oracle Identity Management Business Benefits Oracle Identity Management allows enterprises to manage the end-to-end life cycle of user identities across

WSO2Con EU 2015: WSO2 For EXPO2015

Wso2con Asia 2014 Keynote

WSO2Con EU 2016: Identity Management – A Cornerstone for the Connected Enterprise

WSO2Con USA 2017: Building an End-to-End Integration Scenario with WSO2 Integration

DATA SHEET RSA IDENTITY GOVERNANCE & LIFECYCLE SERVICES€¦ · End-user Identity Lifecycle Management The RSA Identity Assurance Practice optimizes the deployment of RSA Identity

[WSO2Con EU 2017] Container-native Architecture

Company Confidential. Identity Checkpoint is “The End to Identity Theft”

Understanding Microservice Architecture WSO2Con Asia 2016

End User Identity Finder Guide for Windows

WSO2Con 2011: Introduction to Stratos

WSO2Con EU 2016: Understanding Microservice Architecture

WSO2con 2011: Introduction to Stratos

WSO2Con ASIA 2016: IoT Analytics

WSO2Con USA 2015: End-to-end Microservice Architecture with WSO2 Identity Server and WSO2 API Manager: Real-world Case Study

WSO2Con ASIA 2016: WSO2.Telco IDS – Mobile as Identity

WSO2Con USA 2015: Iterative Architecture

End of Identity

WSO2Con EU 2015: WSO2 Identity Server: Identity Management for the Next Decade

[WSO2Con EU 2017] Introduction to Ballerina

[WSO2Con EU 2017] GDPR Impact on Consumer Identity and Access Management (CIAM)

WSO2Con USA 2015: Data to Consumer: End-to-End Middleware Capabilities

WSO2Con USA 2017: Rise to the Challenge with WSO2 Identity Server and WSO2 API Manager

WSO2Con ASIA 2016: WSO2 Identity Server: Identity Management for the Next Decade

WSO2Con USA 2015: Application Services Governance

MORPHO NATIONAL & RESIDENT IDENTITY CARD SOLUTIONSliterature.puertoricosupplier.com/085/FO84979.pdf · MORPHO NATIONAL & RESIDENT IDENTITY CARD SOLUTIONS CUSTOMIZABLE END-TO-END SOLUTIONS

End-to-End Identity Management: From Access to …...• Okta secures identity access • SailPoint ensures identity governance • Okta, SailPoint integrate with app infrastructure

Apache Stratos tutorial WSO2Con Europe-2014