SlideShare uma empresa Scribd logo

Apache Syncope and Tirasa

Transferir como ODP, PDF
Francesco Chicchiriccò
Francesco Chicchiriccò
Internet
1 de 26
OpenSource Identity Management with Apache Syncope Viale D'Annunzio, 267 - 65127 Pescara Partita IVA 01974100685 N. REA 143460 Tel +39 0859116307 / FAX +39 0859111173 http://www.tirasa.net info@tirasa.net
Agenda ● Identity and Access Management ● Vendor Vs Open Source solutions ● Apache Syncope ● Tirasa: Apache Syncope Enterprise support
What's IdM about? ● Data records that contains a collection of data about a person ● “Data record” → Account ● “A person” → Identity ● The joint effort of business process and IT to manage user data on systems and applications.
IdM technologies ● Identity Stores ● Storage of user information ● Provisioning ● Synchronize account data across identity stores and a broad range of data formats, models, meanings and purposes ● Access Management ● Security mechanisms that take place when a user is accessing a specific system or functionality
Identity Stores ● Examples ● LDAP / Active Directory ● RDBMS ● Meta and Virtual Directories ● Accounts can be created and managed in one place only ● Each application manages authentication separately ● Users may use the same password for all connected applications
Aren't Identity Stores enough? ● Heterogeneity of systems ● Lack of a single source of information ● HR for corporate id, Groupware for mail address, ... ● Need for a local user database ● Inconsistent policies ● Lack of workflow management ● Hidden infrastructure management cost, growing with organization size
Provisioning ● Keeping identity stores as synchronized as possible ● Need to be customizable and flexible ● Priority: non-intrusiveness ● Focused on application back-end ● Communication: ● Connectors ● Agents
Identity Lifecycle
Access Management ● Mediator to all access to all applications ● Focused on application front-end ● Aspects ● Authentication (Single SignOn) ● Authorization ● Federation (SAML, Liberty, OAuth, OpenID, ...) ● Mainly applicable to web applications ● Difficult integration with pre-existing apps
IdM in practice: before...
IdM in practice: ...after!
Vendor products ● Oracle (with addition of ex-Sun suite) ● Novell ● IBM (Tivoli) ● Microsoft (Forefront) ● Niche players ● Ping ● NetIQ ● SailPoint ● Quest (now Dell)
Open Source non-ASF products Identity Stores Access Management Provisioning
Open Source ASF projects ● Identity Stores ● Apache Directory ● Provisioning ● Apache Syncope ● Access Management ● Apache Shiro
Apache Syncope ● Inception by Tirasa in 2010 ● Entered ASF incubator in February 2012 ● Graduated as TLP in November 2012 ● Active community ● 13 committers, 5 contributors ● ~130 mailing list subscribers, stable traffic
Syncope: features ● Workflow-based provisioning engine of users and roles ● Account / Password policies ● Agentless connection with Identity Stores ● Auditing & Reporting ● Shining admin console ● Customizable and extensible by design
Syncope: architecture
Syncope: mapping
Syncope and the external world
Syncope: connectors ● Based on ConnId, hosted at GitHub, new home of Sun's Identity Connectors ● Ready-to-use bundles: ● LDAP ● Active Directory ● Database ● CSV Directory ● SOAP ● Google Apps ● UNIX ● Write your own bundle PPrroovviissiioonniinngg EEnnggiinnee AAPPII SSPPII Common Code Objects & Utils Using Connectors
Syncope: roadmap ● Security realms (multi-tenant scenarios) ● SCIM interface ● Concurrent / Asynchronous communication with external resources ● Access Management features ● More at http://s.apache.org/SyncopeRoadmap
Syncope: (some) success stories
● Italian limited company established in 2011 ● Small, highly skilled staff ● Deliverying IAM solutions for Sun Microsystems for 10 years ● Instructors of IdM, Access Manager and Directory Server for Sun Microsystem's courses ● Creates and leverages Open Source tools for Enterprise Integration ● ConnId ● Hippo Cocoon Toolkit
Syncope: enterprise services ● Product evaluation – Introductory workshop – Proof of Concept (PoC) ● Development support ● Production support ● Syncope Compliance Dashboard ● More at http://syncope.tirasa.net
Syncope: trying it out ● Online http://syncopedemo.tirasa.net ● Virtual Machine image ● Ubuntu Juju / Microsoft Azure ● .deb packages ● Standalone distribution ● Quickstart projects on GitHub ● Maven Archetype
Questions?

Recomendados

Building Open Source Identity Infrastructures
Building Open Source Identity InfrastructuresBuilding Open Source Identity Infrastructures
Building Open Source Identity Infrastructures
Misagh Moayyed
 
Integrating Apache Camel with Apache Syncope
Integrating Apache Camel with Apache SyncopeIntegrating Apache Camel with Apache Syncope
Integrating Apache Camel with Apache Syncope
Colm O hEigeartaigh
 
Building open source identity infrastructures
Building open source identity infrastructuresBuilding open source identity infrastructures
Building open source identity infrastructures
Francesco Chicchiriccò
 
Open Source & Identity Management
Open Source & Identity ManagementOpen Source & Identity Management
Open Source & Identity Management
JISC Netskills
 
Open Source Identity Management
Open Source Identity ManagementOpen Source Identity Management
Open Source Identity Management
Radovan Semancik
 
Complete open source IAM solution
Complete open source IAM solutionComplete open source IAM solution
Complete open source IAM solution
Radovan Semancik
 
OpenDJ: An Introduction
OpenDJ: An IntroductionOpenDJ: An Introduction
OpenDJ: An Introduction
ForgeRock
 
OpenDJ - An Introduction
OpenDJ - An IntroductionOpenDJ - An Introduction
OpenDJ - An Introduction
ForgeRock
 

Recomendados

Building Open Source Identity Infrastructures
Building Open Source Identity InfrastructuresBuilding Open Source Identity Infrastructures
Building Open Source Identity Infrastructures
Misagh Moayyed
 
Integrating Apache Camel with Apache Syncope
Integrating Apache Camel with Apache SyncopeIntegrating Apache Camel with Apache Syncope
Integrating Apache Camel with Apache Syncope
Colm O hEigeartaigh
 
Building open source identity infrastructures
Building open source identity infrastructuresBuilding open source identity infrastructures
Building open source identity infrastructures
Francesco Chicchiriccò
 
Open Source & Identity Management
Open Source & Identity ManagementOpen Source & Identity Management
Open Source & Identity Management
JISC Netskills
 
Open Source Identity Management
Open Source Identity ManagementOpen Source Identity Management
Open Source Identity Management
Radovan Semancik
 
Complete open source IAM solution
Complete open source IAM solutionComplete open source IAM solution
Complete open source IAM solution
Radovan Semancik
 
OpenDJ: An Introduction
OpenDJ: An IntroductionOpenDJ: An Introduction
OpenDJ: An Introduction
ForgeRock
 
OpenDJ - An Introduction
OpenDJ - An IntroductionOpenDJ - An Introduction
OpenDJ - An Introduction
ForgeRock
 
OpenIDM - Flexible Provisioning Platform - April 28 Webinar
OpenIDM - Flexible Provisioning Platform - April 28 WebinarOpenIDM - Flexible Provisioning Platform - April 28 Webinar
OpenIDM - Flexible Provisioning Platform - April 28 Webinar
ForgeRock
 
Integrating Apache Syncope with Apache CXF
Integrating Apache Syncope with Apache CXFIntegrating Apache Syncope with Apache CXF
Integrating Apache Syncope with Apache CXF
coheigea
 
Identity Manager Opensource OpenIDM Architecture
Identity Manager Opensource OpenIDM ArchitectureIdentity Manager Opensource OpenIDM Architecture
Identity Manager Opensource OpenIDM Architecture
Aidy Tificate
 
Identity Management with midPoint
Identity Management with midPointIdentity Management with midPoint
Identity Management with midPoint
Radovan Semancik
 
WSO2Con USA 2017: Enhancing Customer Experience with WSO2 Identity Server
WSO2Con USA 2017: Enhancing Customer Experience with WSO2 Identity ServerWSO2Con USA 2017: Enhancing Customer Experience with WSO2 Identity Server
WSO2Con USA 2017: Enhancing Customer Experience with WSO2 Identity Server
WSO2
 
Asp.Net Identity
Asp.Net IdentityAsp.Net Identity
Asp.Net Identity
Marwa Ahmad
 
Deep thoughts from the real world of azure
Deep thoughts from the real world of azureDeep thoughts from the real world of azure
Deep thoughts from the real world of azure
Michele Leroux Bustamante
 
Case Study: University of California, Berkeley and San Francisco
Case Study: University of California, Berkeley and San FranciscoCase Study: University of California, Berkeley and San Francisco
Case Study: University of California, Berkeley and San Francisco
ForgeRock
 
ZubZib Black Coffee #9 - ASP.NET Identity
ZubZib Black Coffee #9 - ASP.NET IdentityZubZib Black Coffee #9 - ASP.NET Identity
ZubZib Black Coffee #9 - ASP.NET Identity
Non Intanon
 
WSO2Con USA 2017: Building a Secure Enterprise
WSO2Con USA 2017: Building a Secure EnterpriseWSO2Con USA 2017: Building a Secure Enterprise
WSO2Con USA 2017: Building a Secure Enterprise
WSO2
 
Authentication & Authorization in ASPdotNet MVC
Authentication & Authorization in ASPdotNet MVCAuthentication & Authorization in ASPdotNet MVC
Authentication & Authorization in ASPdotNet MVC
Mindfire Solutions
 
OpenIDM - An Introduction
OpenIDM - An IntroductionOpenIDM - An Introduction
OpenIDM - An Introduction
ForgeRock
 
Case Study: Plus Retail - Moving from the Old World to the New World
Case Study: Plus Retail - Moving from the Old World to the New WorldCase Study: Plus Retail - Moving from the Old World to the New World
Case Study: Plus Retail - Moving from the Old World to the New World
ForgeRock
 
2015.04.23 Azure Mobile Services
2015.04.23 Azure Mobile Services2015.04.23 Azure Mobile Services
2015.04.23 Azure Mobile Services
Marco Parenzan
 
Introduction to Azure AD and Azure AD B2C
Introduction to Azure AD and Azure AD B2CIntroduction to Azure AD and Azure AD B2C
Introduction to Azure AD and Azure AD B2C
Joonas Westlin
 
WSO2Con USA 2017: Introduction to Security: End-to-End Identity Management
WSO2Con USA 2017: Introduction to Security: End-to-End Identity ManagementWSO2Con USA 2017: Introduction to Security: End-to-End Identity Management
WSO2Con USA 2017: Introduction to Security: End-to-End Identity Management
WSO2
 
There is REST and then there is "REST"
There is REST and then there is "REST"There is REST and then there is "REST"
There is REST and then there is "REST"
Radovan Semancik
 
iPlanet presentation
iPlanet presentationiPlanet presentation
iPlanet presentation
rogerkellerman
 
Directories for the REST of Us: REST to LDAP in OpenDJ 2.6
Directories for the REST of Us: REST to LDAP in OpenDJ 2.6Directories for the REST of Us: REST to LDAP in OpenDJ 2.6
Directories for the REST of Us: REST to LDAP in OpenDJ 2.6
ForgeRock
 
Building a document e-signing workflow with Azure Durable Functions
Building a document e-signing workflow with Azure Durable FunctionsBuilding a document e-signing workflow with Azure Durable Functions
Building a document e-signing workflow with Azure Durable Functions
Joonas Westlin
 
Dynatech presentation for TSI Career Day
Dynatech presentation for TSI Career DayDynatech presentation for TSI Career Day
Dynatech presentation for TSI Career Day
Artur Babyuk
 
[Workshop] Managing the API lifecycle with Open Source Technologies
[Workshop] Managing the API lifecycle with Open Source Technologies[Workshop] Managing the API lifecycle with Open Source Technologies
[Workshop] Managing the API lifecycle with Open Source Technologies
WSO2
 

Mais conteúdo relacionado

Mais procurados

OpenIDM - Flexible Provisioning Platform - April 28 Webinar
OpenIDM - Flexible Provisioning Platform - April 28 WebinarOpenIDM - Flexible Provisioning Platform - April 28 Webinar
OpenIDM - Flexible Provisioning Platform - April 28 Webinar
ForgeRock
 
WSO2Con USA 2017: Enhancing Customer Experience with WSO2 Identity Server
WSO2Con USA 2017: Enhancing Customer Experience with WSO2 Identity ServerWSO2Con USA 2017: Enhancing Customer Experience with WSO2 Identity Server
WSO2Con USA 2017: Enhancing Customer Experience with WSO2 Identity Server
WSO2
 
ZubZib Black Coffee #9 - ASP.NET Identity
ZubZib Black Coffee #9 - ASP.NET IdentityZubZib Black Coffee #9 - ASP.NET Identity
ZubZib Black Coffee #9 - ASP.NET Identity
Non Intanon
 
WSO2Con USA 2017: Introduction to Security: End-to-End Identity Management
WSO2Con USA 2017: Introduction to Security: End-to-End Identity ManagementWSO2Con USA 2017: Introduction to Security: End-to-End Identity Management
WSO2Con USA 2017: Introduction to Security: End-to-End Identity Management
WSO2
 

Mais procurados (20)

OpenIDM - Flexible Provisioning Platform - April 28 Webinar
OpenIDM - Flexible Provisioning Platform - April 28 WebinarOpenIDM - Flexible Provisioning Platform - April 28 Webinar
OpenIDM - Flexible Provisioning Platform - April 28 Webinar
 
Integrating Apache Syncope with Apache CXF
Integrating Apache Syncope with Apache CXFIntegrating Apache Syncope with Apache CXF
Integrating Apache Syncope with Apache CXF
 
Identity Manager Opensource OpenIDM Architecture
Identity Manager Opensource OpenIDM ArchitectureIdentity Manager Opensource OpenIDM Architecture
Identity Manager Opensource OpenIDM Architecture
 
Identity Management with midPoint
Identity Management with midPointIdentity Management with midPoint
Identity Management with midPoint
 
WSO2Con USA 2017: Enhancing Customer Experience with WSO2 Identity Server
WSO2Con USA 2017: Enhancing Customer Experience with WSO2 Identity ServerWSO2Con USA 2017: Enhancing Customer Experience with WSO2 Identity Server
WSO2Con USA 2017: Enhancing Customer Experience with WSO2 Identity Server
 
Asp.Net Identity
Asp.Net IdentityAsp.Net Identity
Asp.Net Identity
 
Deep thoughts from the real world of azure
Deep thoughts from the real world of azureDeep thoughts from the real world of azure
Deep thoughts from the real world of azure
 
Case Study: University of California, Berkeley and San Francisco
Case Study: University of California, Berkeley and San FranciscoCase Study: University of California, Berkeley and San Francisco
Case Study: University of California, Berkeley and San Francisco
 
ZubZib Black Coffee #9 - ASP.NET Identity
ZubZib Black Coffee #9 - ASP.NET IdentityZubZib Black Coffee #9 - ASP.NET Identity
ZubZib Black Coffee #9 - ASP.NET Identity
 
WSO2Con USA 2017: Building a Secure Enterprise
WSO2Con USA 2017: Building a Secure EnterpriseWSO2Con USA 2017: Building a Secure Enterprise
WSO2Con USA 2017: Building a Secure Enterprise
 
Authentication & Authorization in ASPdotNet MVC
Authentication & Authorization in ASPdotNet MVCAuthentication & Authorization in ASPdotNet MVC
Authentication & Authorization in ASPdotNet MVC
 
OpenIDM - An Introduction
OpenIDM - An IntroductionOpenIDM - An Introduction
OpenIDM - An Introduction
 
Case Study: Plus Retail - Moving from the Old World to the New World
Case Study: Plus Retail - Moving from the Old World to the New WorldCase Study: Plus Retail - Moving from the Old World to the New World
Case Study: Plus Retail - Moving from the Old World to the New World
 
2015.04.23 Azure Mobile Services
2015.04.23 Azure Mobile Services2015.04.23 Azure Mobile Services
2015.04.23 Azure Mobile Services
 
Introduction to Azure AD and Azure AD B2C
Introduction to Azure AD and Azure AD B2CIntroduction to Azure AD and Azure AD B2C
Introduction to Azure AD and Azure AD B2C
 
WSO2Con USA 2017: Introduction to Security: End-to-End Identity Management
WSO2Con USA 2017: Introduction to Security: End-to-End Identity ManagementWSO2Con USA 2017: Introduction to Security: End-to-End Identity Management
WSO2Con USA 2017: Introduction to Security: End-to-End Identity Management
 
There is REST and then there is "REST"
There is REST and then there is "REST"There is REST and then there is "REST"
There is REST and then there is "REST"
 
iPlanet presentation
iPlanet presentationiPlanet presentation
iPlanet presentation
 
Directories for the REST of Us: REST to LDAP in OpenDJ 2.6
Directories for the REST of Us: REST to LDAP in OpenDJ 2.6Directories for the REST of Us: REST to LDAP in OpenDJ 2.6
Directories for the REST of Us: REST to LDAP in OpenDJ 2.6
 
Building a document e-signing workflow with Azure Durable Functions
Building a document e-signing workflow with Azure Durable FunctionsBuilding a document e-signing workflow with Azure Durable Functions
Building a document e-signing workflow with Azure Durable Functions
 

Semelhante a Apache Syncope and Tirasa

Api centric enterprises
Api centric enterprisesApi centric enterprises
Api centric enterprises
WSO2
 
DevSecOps: The Open Source Way
DevSecOps: The Open Source WayDevSecOps: The Open Source Way
DevSecOps: The Open Source Way
Gordon Haff
 
Programming for non tech entrepreneurs
Programming for non tech entrepreneursProgramming for non tech entrepreneurs
Programming for non tech entrepreneurs
Rodrigo Gil
 
Big Brother for Enterprises - The WSO2 Advantage
Big Brother for Enterprises - The WSO2 AdvantageBig Brother for Enterprises - The WSO2 Advantage
Big Brother for Enterprises - The WSO2 Advantage
WSO2
 
Deep Visibility: Logging From Distributed Microservices
Deep Visibility: Logging From Distributed MicroservicesDeep Visibility: Logging From Distributed Microservices
Deep Visibility: Logging From Distributed Microservices
AaronLieberman5
 

Semelhante a Apache Syncope and Tirasa (20)

Dynatech presentation for TSI Career Day
Dynatech presentation for TSI Career DayDynatech presentation for TSI Career Day
Dynatech presentation for TSI Career Day
 
[Workshop] Managing the API lifecycle with Open Source Technologies
[Workshop] Managing the API lifecycle with Open Source Technologies[Workshop] Managing the API lifecycle with Open Source Technologies
[Workshop] Managing the API lifecycle with Open Source Technologies
 
Webinar: OpenIDM 3.1
Webinar: OpenIDM 3.1Webinar: OpenIDM 3.1
Webinar: OpenIDM 3.1
 
Evolveum: About the company and its product - midPoint
Evolveum: About the company and its product - midPointEvolveum: About the company and its product - midPoint
Evolveum: About the company and its product - midPoint
 
BarCamp Hong Kong 2015 - AuthBucket - Open Source Identity Management System
BarCamp Hong Kong 2015 - AuthBucket - Open Source Identity Management SystemBarCamp Hong Kong 2015 - AuthBucket - Open Source Identity Management System
BarCamp Hong Kong 2015 - AuthBucket - Open Source Identity Management System
 
Single Sign On (SSO) Services with Free/Open Source Software
Single Sign On (SSO) Services with Free/Open Source SoftwareSingle Sign On (SSO) Services with Free/Open Source Software
Single Sign On (SSO) Services with Free/Open Source Software
 
API Management within a Microservice Architecture
API Management within a Microservice ArchitectureAPI Management within a Microservice Architecture
API Management within a Microservice Architecture
 
API Management Within a Microservices Architecture
API Management Within a Microservices Architecture API Management Within a Microservices Architecture
API Management Within a Microservices Architecture
 
Api centric enterprises
Api centric enterprisesApi centric enterprises
Api centric enterprises
 
[OW2con'21] Hosting Identity in the Cloud with OW2 free softwares
[OW2con'21] Hosting Identity in the Cloud with OW2 free softwares[OW2con'21] Hosting Identity in the Cloud with OW2 free softwares
[OW2con'21] Hosting Identity in the Cloud with OW2 free softwares
 
DevSecOps: The Open Source Way
DevSecOps: The Open Source WayDevSecOps: The Open Source Way
DevSecOps: The Open Source Way
 
JIO and WebViewers: interoperability for Javascript and Web Applications
JIO and WebViewers: interoperability for Javascript and Web ApplicationsJIO and WebViewers: interoperability for Javascript and Web Applications
JIO and WebViewers: interoperability for Javascript and Web Applications
 
Programming for non tech entrepreneurs
Programming for non tech entrepreneursProgramming for non tech entrepreneurs
Programming for non tech entrepreneurs
 
[Workshop] API-driven Integration
[Workshop] API-driven Integration[Workshop] API-driven Integration
[Workshop] API-driven Integration
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 
Oow2016 review--paas-microservices-
Oow2016 review--paas-microservices-Oow2016 review--paas-microservices-
Oow2016 review--paas-microservices-
 
Big Brother for Enterprises - The WSO2 Advantage
Big Brother for Enterprises - The WSO2 AdvantageBig Brother for Enterprises - The WSO2 Advantage
Big Brother for Enterprises - The WSO2 Advantage
 
Deep Visibility: Logging From Distributed Microservices
Deep Visibility: Logging From Distributed MicroservicesDeep Visibility: Logging From Distributed Microservices
Deep Visibility: Logging From Distributed Microservices
 
Not my problem - Delegating responsibility to infrastructure
Not my problem - Delegating responsibility to infrastructureNot my problem - Delegating responsibility to infrastructure
Not my problem - Delegating responsibility to infrastructure
 
Privileged Access Management
Privileged Access ManagementPrivileged Access Management
Privileged Access Management
 

Mais de Francesco Chicchiriccò

Open source identity management 20121106 - apache con eu
Open source identity management 20121106 - apache con euOpen source identity management 20121106 - apache con eu
Open source identity management 20121106 - apache con eu
Francesco Chicchiriccò
 

Mais de Francesco Chicchiriccò (11)

Perché mai Tirasa? Career Day 2017 - UnivAQ
Perché mai Tirasa? Career Day 2017 - UnivAQPerché mai Tirasa? Career Day 2017 - UnivAQ
Perché mai Tirasa? Career Day 2017 - UnivAQ
 
DevOps practices and tools of a small company in love with open source
DevOps practices and tools of a small company in love with open sourceDevOps practices and tools of a small company in love with open source
DevOps practices and tools of a small company in love with open source
 
Open source identity management 20121106 - apache con eu
Open source identity management 20121106 - apache con euOpen source identity management 20121106 - apache con eu
Open source identity management 20121106 - apache con eu
 
Apache Syncope Identity Manager 20120623 confsl
Apache Syncope Identity Manager 20120623 confslApache Syncope Identity Manager 20120623 confsl
Apache Syncope Identity Manager 20120623 confsl
 
20100327 Triduo Pasquale
20100327 Triduo Pasquale20100327 Triduo Pasquale
20100327 Triduo Pasquale
 
Sviluppo DTT e Sofia
Sviluppo DTT e SofiaSviluppo DTT e Sofia
Sviluppo DTT e Sofia
 
Scrum: una metodologia agile
Scrum: una metodologia agileScrum: una metodologia agile
Scrum: una metodologia agile
 
Service Delivery Network
Service Delivery NetworkService Delivery Network
Service Delivery Network
 
Automatic Server Provisioning
Automatic Server ProvisioningAutomatic Server Provisioning
Automatic Server Provisioning
 
Workflow e dintorni
Workflow e dintorniWorkflow e dintorni
Workflow e dintorni
 
Hands On Cocoon
Hands On CocoonHands On Cocoon
Hands On Cocoon
 

Último

一比一原版奥兹学院毕业证如何办理
一比一原版奥兹学院毕业证如何办理一比一原版奥兹学院毕业证如何办理
一比一原版奥兹学院毕业证如何办理
F
 
100^%)( POLOKWANE))(*((+27838792658))*))௹ )Abortion Pills for Sale in Sibasa,...
100^%)( POLOKWANE))(*((+27838792658))*))௹ )Abortion Pills for Sale in Sibasa,...100^%)( POLOKWANE))(*((+27838792658))*))௹ )Abortion Pills for Sale in Sibasa,...
100^%)( POLOKWANE))(*((+27838792658))*))௹ )Abortion Pills for Sale in Sibasa,...
musaddumba454
 
一比一原版英国格林多大学毕业证如何办理
一比一原版英国格林多大学毕业证如何办理一比一原版英国格林多大学毕业证如何办理
一比一原版英国格林多大学毕业证如何办理
AS
 
一比一原版澳大利亚迪肯大学毕业证如何办理
一比一原版澳大利亚迪肯大学毕业证如何办理一比一原版澳大利亚迪肯大学毕业证如何办理
一比一原版澳大利亚迪肯大学毕业证如何办理
SS
 
一比一原版(NYU毕业证书)美国纽约大学毕业证学位证书
一比一原版(NYU毕业证书)美国纽约大学毕业证学位证书一比一原版(NYU毕业证书)美国纽约大学毕业证学位证书
一比一原版(NYU毕业证书)美国纽约大学毕业证学位证书
c6eb683559b3
 
一比一定制波士顿学院毕业证学位证书
一比一定制波士顿学院毕业证学位证书一比一定制波士顿学院毕业证学位证书
一比一定制波士顿学院毕业证学位证书
A
 
原版定制(Glasgow毕业证书)英国格拉斯哥大学毕业证原件一模一样
原版定制(Glasgow毕业证书)英国格拉斯哥大学毕业证原件一模一样原版定制(Glasgow毕业证书)英国格拉斯哥大学毕业证原件一模一样
原版定制(Glasgow毕业证书)英国格拉斯哥大学毕业证原件一模一样
AS
 
一比一原版(毕业证书)新西兰怀特克利夫艺术设计学院毕业证原件一模一样
一比一原版(毕业证书)新西兰怀特克利夫艺术设计学院毕业证原件一模一样一比一原版(毕业证书)新西兰怀特克利夫艺术设计学院毕业证原件一模一样
一比一原版(毕业证书)新西兰怀特克利夫艺术设计学院毕业证原件一模一样
AS
 
一比一原版桑佛德大学毕业证成绩单申请学校Offer快速办理
一比一原版桑佛德大学毕业证成绩单申请学校Offer快速办理一比一原版桑佛德大学毕业证成绩单申请学校Offer快速办理
一比一原版桑佛德大学毕业证成绩单申请学校Offer快速办理
apekaom
 
一比一原版美国北卡罗莱纳大学毕业证如何办理
一比一原版美国北卡罗莱纳大学毕业证如何办理一比一原版美国北卡罗莱纳大学毕业证如何办理
一比一原版美国北卡罗莱纳大学毕业证如何办理
A
 
一比一原版(Polytechnic毕业证书)新加坡理工学院毕业证原件一模一样
一比一原版(Polytechnic毕业证书)新加坡理工学院毕业证原件一模一样一比一原版(Polytechnic毕业证书)新加坡理工学院毕业证原件一模一样
一比一原版(Polytechnic毕业证书)新加坡理工学院毕业证原件一模一样
AS
 
一比一原版罗切斯特大学毕业证如何办理
一比一原版罗切斯特大学毕业证如何办理一比一原版罗切斯特大学毕业证如何办理
一比一原版罗切斯特大学毕业证如何办理
F
 
一比一原版田纳西大学毕业证如何办理
一比一原版田纳西大学毕业证如何办理一比一原版田纳西大学毕业证如何办理
一比一原版田纳西大学毕业证如何办理
F
 
@OBAT ABORSI 3 BULAN@ OBAT PENGGUGUR KANDUNGAN 3 BULAN (087776558899)
@OBAT ABORSI 3 BULAN@ OBAT PENGGUGUR KANDUNGAN 3 BULAN (087776558899)@OBAT ABORSI 3 BULAN@ OBAT PENGGUGUR KANDUNGAN 3 BULAN (087776558899)
@OBAT ABORSI 3 BULAN@ OBAT PENGGUGUR KANDUNGAN 3 BULAN (087776558899)
Obat Cytotec
 

Último (20)

一比一原版奥兹学院毕业证如何办理
一比一原版奥兹学院毕业证如何办理一比一原版奥兹学院毕业证如何办理
一比一原版奥兹学院毕业证如何办理
 
100^%)( POLOKWANE))(*((+27838792658))*))௹ )Abortion Pills for Sale in Sibasa,...
100^%)( POLOKWANE))(*((+27838792658))*))௹ )Abortion Pills for Sale in Sibasa,...100^%)( POLOKWANE))(*((+27838792658))*))௹ )Abortion Pills for Sale in Sibasa,...
100^%)( POLOKWANE))(*((+27838792658))*))௹ )Abortion Pills for Sale in Sibasa,...
 
一比一原版英国格林多大学毕业证如何办理
一比一原版英国格林多大学毕业证如何办理一比一原版英国格林多大学毕业证如何办理
一比一原版英国格林多大学毕业证如何办理
 
一比一原版澳大利亚迪肯大学毕业证如何办理
一比一原版澳大利亚迪肯大学毕业证如何办理一比一原版澳大利亚迪肯大学毕业证如何办理
一比一原版澳大利亚迪肯大学毕业证如何办理
 
[Hackersuli] Élő szövet a fémvázon: Python és gépi tanulás a Zeek platformon
[Hackersuli] Élő szövet a fémvázon: Python és gépi tanulás a Zeek platformon[Hackersuli] Élő szövet a fémvázon: Python és gépi tanulás a Zeek platformon
[Hackersuli] Élő szövet a fémvázon: Python és gépi tanulás a Zeek platformon
 
一比一原版(NYU毕业证书)美国纽约大学毕业证学位证书
一比一原版(NYU毕业证书)美国纽约大学毕业证学位证书一比一原版(NYU毕业证书)美国纽约大学毕业证学位证书
一比一原版(NYU毕业证书)美国纽约大学毕业证学位证书
 
Beyond Inbound: Unlocking the Secrets of API Egress Traffic Management
Beyond Inbound: Unlocking the Secrets of API Egress Traffic ManagementBeyond Inbound: Unlocking the Secrets of API Egress Traffic Management
Beyond Inbound: Unlocking the Secrets of API Egress Traffic Management
 
一比一定制波士顿学院毕业证学位证书
一比一定制波士顿学院毕业证学位证书一比一定制波士顿学院毕业证学位证书
一比一定制波士顿学院毕业证学位证书
 
原版定制(Glasgow毕业证书)英国格拉斯哥大学毕业证原件一模一样
原版定制(Glasgow毕业证书)英国格拉斯哥大学毕业证原件一模一样原版定制(Glasgow毕业证书)英国格拉斯哥大学毕业证原件一模一样
原版定制(Glasgow毕业证书)英国格拉斯哥大学毕业证原件一模一样
 
APNIC Updates presented by Paul Wilson at CaribNOG 27
APNIC Updates presented by Paul Wilson at CaribNOG 27APNIC Updates presented by Paul Wilson at CaribNOG 27
APNIC Updates presented by Paul Wilson at CaribNOG 27
 
一比一原版(毕业证书)新西兰怀特克利夫艺术设计学院毕业证原件一模一样
一比一原版(毕业证书)新西兰怀特克利夫艺术设计学院毕业证原件一模一样一比一原版(毕业证书)新西兰怀特克利夫艺术设计学院毕业证原件一模一样
一比一原版(毕业证书)新西兰怀特克利夫艺术设计学院毕业证原件一模一样
 
一比一原版桑佛德大学毕业证成绩单申请学校Offer快速办理
一比一原版桑佛德大学毕业证成绩单申请学校Offer快速办理一比一原版桑佛德大学毕业证成绩单申请学校Offer快速办理
一比一原版桑佛德大学毕业证成绩单申请学校Offer快速办理
 
一比一原版美国北卡罗莱纳大学毕业证如何办理
一比一原版美国北卡罗莱纳大学毕业证如何办理一比一原版美国北卡罗莱纳大学毕业证如何办理
一比一原版美国北卡罗莱纳大学毕业证如何办理
 
一比一原版(Polytechnic毕业证书)新加坡理工学院毕业证原件一模一样
一比一原版(Polytechnic毕业证书)新加坡理工学院毕业证原件一模一样一比一原版(Polytechnic毕业证书)新加坡理工学院毕业证原件一模一样
一比一原版(Polytechnic毕业证书)新加坡理工学院毕业证原件一模一样
 
一比一原版罗切斯特大学毕业证如何办理
一比一原版罗切斯特大学毕业证如何办理一比一原版罗切斯特大学毕业证如何办理
一比一原版罗切斯特大学毕业证如何办理
 
Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...
Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...
Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...
 
Down bad crying at the gym t shirtsDown bad crying at the gym t shirts
Down bad crying at the gym t shirtsDown bad crying at the gym t shirtsDown bad crying at the gym t shirtsDown bad crying at the gym t shirts
Down bad crying at the gym t shirtsDown bad crying at the gym t shirts
 
一比一原版田纳西大学毕业证如何办理
一比一原版田纳西大学毕业证如何办理一比一原版田纳西大学毕业证如何办理
一比一原版田纳西大学毕业证如何办理
 
Loker Pemandu Lagu LC Semarang 085746015303
Loker Pemandu Lagu LC Semarang 085746015303Loker Pemandu Lagu LC Semarang 085746015303
Loker Pemandu Lagu LC Semarang 085746015303
 
@OBAT ABORSI 3 BULAN@ OBAT PENGGUGUR KANDUNGAN 3 BULAN (087776558899)
@OBAT ABORSI 3 BULAN@ OBAT PENGGUGUR KANDUNGAN 3 BULAN (087776558899)@OBAT ABORSI 3 BULAN@ OBAT PENGGUGUR KANDUNGAN 3 BULAN (087776558899)
@OBAT ABORSI 3 BULAN@ OBAT PENGGUGUR KANDUNGAN 3 BULAN (087776558899)
 

Apache Syncope and Tirasa

  • 1. OpenSource Identity Management with Apache Syncope Viale D'Annunzio, 267 - 65127 Pescara Partita IVA 01974100685 N. REA 143460 Tel +39 0859116307 / FAX +39 0859111173 http://www.tirasa.net info@tirasa.net
  • 2. Agenda ● Identity and Access Management ● Vendor Vs Open Source solutions ● Apache Syncope ● Tirasa: Apache Syncope Enterprise support
  • 3. What's IdM about? ● Data records that contains a collection of data about a person ● “Data record” → Account ● “A person” → Identity ● The joint effort of business process and IT to manage user data on systems and applications.
  • 4. IdM technologies ● Identity Stores ● Storage of user information ● Provisioning ● Synchronize account data across identity stores and a broad range of data formats, models, meanings and purposes ● Access Management ● Security mechanisms that take place when a user is accessing a specific system or functionality
  • 5. Identity Stores ● Examples ● LDAP / Active Directory ● RDBMS ● Meta and Virtual Directories ● Accounts can be created and managed in one place only ● Each application manages authentication separately ● Users may use the same password for all connected applications
  • 6. Aren't Identity Stores enough? ● Heterogeneity of systems ● Lack of a single source of information ● HR for corporate id, Groupware for mail address, ... ● Need for a local user database ● Inconsistent policies ● Lack of workflow management ● Hidden infrastructure management cost, growing with organization size
  • 7. Provisioning ● Keeping identity stores as synchronized as possible ● Need to be customizable and flexible ● Priority: non-intrusiveness ● Focused on application back-end ● Communication: ● Connectors ● Agents
  • 9. Access Management ● Mediator to all access to all applications ● Focused on application front-end ● Aspects ● Authentication (Single SignOn) ● Authorization ● Federation (SAML, Liberty, OAuth, OpenID, ...) ● Mainly applicable to web applications ● Difficult integration with pre-existing apps
  • 10. IdM in practice: before...
  • 11. IdM in practice: ...after!
  • 12. Vendor products ● Oracle (with addition of ex-Sun suite) ● Novell ● IBM (Tivoli) ● Microsoft (Forefront) ● Niche players ● Ping ● NetIQ ● SailPoint ● Quest (now Dell)
  • 13. Open Source non-ASF products Identity Stores Access Management Provisioning
  • 14. Open Source ASF projects ● Identity Stores ● Apache Directory ● Provisioning ● Apache Syncope ● Access Management ● Apache Shiro
  • 15. Apache Syncope ● Inception by Tirasa in 2010 ● Entered ASF incubator in February 2012 ● Graduated as TLP in November 2012 ● Active community ● 13 committers, 5 contributors ● ~130 mailing list subscribers, stable traffic
  • 16. Syncope: features ● Workflow-based provisioning engine of users and roles ● Account / Password policies ● Agentless connection with Identity Stores ● Auditing & Reporting ● Shining admin console ● Customizable and extensible by design
  • 19. Syncope and the external world
  • 20. Syncope: connectors ● Based on ConnId, hosted at GitHub, new home of Sun's Identity Connectors ● Ready-to-use bundles: ● LDAP ● Active Directory ● Database ● CSV Directory ● SOAP ● Google Apps ● UNIX ● Write your own bundle PPrroovviissiioonniinngg EEnnggiinnee AAPPII SSPPII Common Code Objects & Utils Using Connectors
  • 21. Syncope: roadmap ● Security realms (multi-tenant scenarios) ● SCIM interface ● Concurrent / Asynchronous communication with external resources ● Access Management features ● More at http://s.apache.org/SyncopeRoadmap
  • 23. ● Italian limited company established in 2011 ● Small, highly skilled staff ● Deliverying IAM solutions for Sun Microsystems for 10 years ● Instructors of IdM, Access Manager and Directory Server for Sun Microsystem's courses ● Creates and leverages Open Source tools for Enterprise Integration ● ConnId ● Hippo Cocoon Toolkit
  • 24. Syncope: enterprise services ● Product evaluation – Introductory workshop – Proof of Concept (PoC) ● Development support ● Production support ● Syncope Compliance Dashboard ● More at http://syncope.tirasa.net
  • 25. Syncope: trying it out ● Online http://syncopedemo.tirasa.net ● Virtual Machine image ● Ubuntu Juju / Microsoft Azure ● .deb packages ● Standalone distribution ● Quickstart projects on GitHub ● Maven Archetype