SlideShare uma empresa Scribd logo

WSO2 Identity Server

Prabath Siriwardena
Prabath Siriwardena

WSO2 Identity Server - the presentation done at the first round of NBQSA 2011

Tecnologia
1 de 47
Prabath Siriwardena Software Architect & Senior Manager[Carbon Platform & Security] NBQSA  ~  2011  ~  18th/Aug/2011  
An  open  source  Identity  &  Entitlement   management  server   NBQSA  ~  2011  
Authentication An  open  source  Identity  &  Entitlement   management  server   LDAP AD JDBC NBQSA  ~  2011  
Authentication   NBQSA  ~  2011  
Authentication Single Sign On An  open  source  Identity  &  Entitlement   management  server   SAML2 Kerberos NBQSA  ~  2011  
Single  Sign  On   NBQSA  ~  2011  
Provisioning Authentication Single Sign On An  open  source  Identity  &  Entitlement   management  server   SPML SCIM NBQSA  ~  2011  
Provisioning   NBQSA  ~  2011  
Provisioning Authentication Single Sign On An  open  source  Identity  &  Entitlement   management  server   Auditing XDAS NBQSA  ~  2011  
Auditing   NBQSA  ~  2011  
Provisioning Authentication Single Sign On An  open  source  Identity  &  Entitlement   management  server   Auditing Delegation WS-TRUST NBQSA  ~  2011  
Delegation   NBQSA  ~  2011  
Provisioning Authentication Single Sign On An  open  source  Identity  &  Entitlement   management  server   Federation Auditing Delegation SAML2 WS-TRUST NBQSA  ~  2011  
Federation   NBQSA  ~  2011  
Role Based Access Control An  open  source  Identity  &  Entitlement   management  server   NBQSA  ~  2011  
Attribute Based Access Control Role Based Access Control An  open  source  Identity  &  Entitlement   management  server   NBQSA  ~  2011  
Attribute Based Access Control Role Based Access Control An  open  source  Identity  &  Entitlement   management  server   Policy Based Access Control XACML NBQSA  ~  2011  
Attribute Based Access Control Role Based Access Control An  open  source  Identity  &  Entitlement   management  server   SOAP Policy Based Access Control XACML / WS-XACML NBQSA  ~  2011  
Attribute Based Access Control Role Based Access Control REST An  open  source  Identity  &  Entitlement   management  server   SOAP Policy Based Access Control XACML NBQSA  ~  2011  
An  open  source  Identity  &  Entitlement   management  server   Web based management console NBQSA  ~  2011  
An  open  source  Identity  &  Entitlement   management  server   SOAP based API Web based management console NBQSA  ~  2011  
¡  User  stores  with  LDAP/AD/JDBC   ¡  OpenID   ¡   SAML2   ¡   Kerberos   ¡   Information  Cards     ¡   XACML   ¡   OAuth   ¡   Security  Token  Service  with  WS-­‐Trust   NBQSA  ~  2011  
¡  SCIM   ¡  XDAS   ¡   WS-­‐XACML   NBQSA  ~  2011  
NBQSA  ~  2011  
¡  Open  source  &  open  standards   ¡  Lean   ¡  No  vendor  lock-­‐in   ¡  All  in  a  single  product   ¡  Interoperability   ¡  Extensibility   ¡  The  power  of  WSO2  SOA  stack   ¡  Short  learning  curve   NBQSA  ~  2011  
¡  Decentralized  Single  Sign  On   ¡  Single  user  profile   ¡  Widely  used  for  community  &   collaboration  aspects     ¡  Multifactor  Authentication   [Infocard,  XMPP]   ¡  OpenID  relying  party  components     NBQSA  ~  2011  
¡  Single  Sign  On  /  Single  Logout   ¡  Widely  used  *aaS  providers            [Google  Apps,  Salesforce]   ¡   SAML2  Web  SSO  Profile   ¡  Used  in  WSO2  StratosLive   NBQSA  ~  2011  
¡  Key  Distribution  Center  [KDC]   NBQSA  ~  2011  
¡  The  de-­‐facto  standard  for  authorization   ¡  Support  for  multiple  PIPs   ¡  Policy  distribution   ¡  Decision  /  Attribute  caching   ¡  UI  wizard  for  defining  policies   ¡  Notifications  on  policy  updates   ¡  TryIt  tool   NBQSA  ~  2011  
EntitlementService     EntitlementPolicyAdminService     SOAP   SOAP   Attribute Finder Policy Decision Point Extensions Decision Policy Extensions Administration Cache Attribute Point Cache XACML Engine Default Finder Policy Cache LDAP NBQSA  ~  2011  
NBQSA  ~  2011  
NBQSA  ~  2011  
NBQSA  ~  2011  
¡   Identity  Delegation   ¡  Securing  RESTful  services   ¡   2-­‐legged  &  3-­‐legged  OAuth   ¡   XACML  integration  with  OAuth   ¡  OAuth  2.0  support    in  progress   NBQSA  ~  2011  
Consumer  App   Registers  consumer  key/secret   Obtains  request  token   Obtains  authorized  request  token   NBQSA  ~  2011  
Consumer  App   Obtains  access  token   access  token   Validates   Resource   NBQSA  ~  2011  
¡  Supports  WS-­‐Trust  1.3/1.4   ¡  SAML  1.0/1.1/2.0  token  profiles   ¡   Claim  management   NBQSA  ~  2011  
Resource   Security Token Service Consumer  App   Domain  A   Domain  B   NBQSA  ~  2011  
¡  Pluggable  authenticators   ¡  XACML  attribute  finders  and  designators   ¡  SAML  attribute  finders  for  STS   ¡  Clustering  support  for  HA   NBQSA  ~  2011  
¡  Entitlement  Mediator  for  XACML   ¡  OAuth  Mediator   ¡  SAML2  Identity  Provider   NBQSA  ~  2011  
European  Identity  Awards  2011  ~   under  Cloud  Offerings  for  XACML   and  OpenID  implementations         NBQSA  ~  2011  
¡  Open  and  agile   ¡  Apache  Software  License     ¡  Source  code  repository  (Subversion)   §  https://svn.wso2.org/repos/wso2   ¡  Issue  tracker  (JIRA)   §  http://wso2.org/jira   ¡  Continuous  integration   ¡  Public  mailing  lists   NBQSA  ~  2011  
¡  Downloadable  documentation  distribution   ¡  On-­‐line  documentation   §  http://wso2.org/project/solutions/identity/3.2.0/docs/   §  Articles,  webinars  and  tutorials  on  WSO2  Oxygen  Tank          http://wso2.org/library/security   §  Blogs          http://blog.facilelogin.com          http://blog.thilinamb.com          http://pathberiya.blogspot.com          http://hasini-­‐gunasinghe.blogspot.com                       NBQSA  ~  2011  
¡  Webinars   §  Six  identity  &  security  webinars  -­‐  2011   ¡  Work  shops   §  WSO2  Security  Workshop  –  March  2011  (NY,  DC,  TX)   §   WSO2  Security  Workshop  -­‐    May  2011  (London,  Paris,   Frankfurt,  Zurich)   §  WSO2  Security  Workshop  –  June  2011  (Palo  Alt0  –  US)   §  WSO2  Cloud  Security  Workshop  –  Aug  2011  (Palo  Alt0   –  US)     NBQSA  ~  2011  
¡  Articles  and  white  papers   ¡  Conferences   §  WSO2Con   §  OSCON   §  QCON   §  ApacheCon     NBQSA  ~  2011  
¡  W3C   ¡  OASIS   ¡  OpenID  Foundation   ¡  Infocard  Foundation   ¡  Microsoft’s  Interop  Vendor  Alliance   NBQSA  ~  2011  
NBQSA  ~  2011  

Recomendados

IdM in Smart Applications on Virtual Infrastructure
IdM in Smart Applications on Virtual InfrastructureIdM in Smart Applications on Virtual Infrastructure
IdM in Smart Applications on Virtual Infrastructure
Mohammad Faraji
 
4. tmg 2010 e uag 2010
4. tmg 2010 e uag 20104. tmg 2010 e uag 2010
4. tmg 2010 e uag 2010
Fabrizio Volpe
 
Dave Carroll Application Services Salesforce
Dave Carroll Application Services SalesforceDave Carroll Application Services Salesforce
Dave Carroll Application Services Salesforce
deimos
 
Everything You Need to Know about Diagnostics and Debugging on Microsoft Inte...
Everything You Need to Know about Diagnostics and Debugging on Microsoft Inte...Everything You Need to Know about Diagnostics and Debugging on Microsoft Inte...
Everything You Need to Know about Diagnostics and Debugging on Microsoft Inte...
goodfriday
 
Workshop: Advanced Federation Use-Cases with PingFederate
Workshop: Advanced Federation Use-Cases with PingFederateWorkshop: Advanced Federation Use-Cases with PingFederate
Workshop: Advanced Federation Use-Cases with PingFederate
Craig Wu
 
CIS 2012 - Going Mobile with PingFederate and OAuth 2
CIS 2012 - Going Mobile with PingFederate and OAuth 2CIS 2012 - Going Mobile with PingFederate and OAuth 2
CIS 2012 - Going Mobile with PingFederate and OAuth 2
scotttomilson
 
Building the Services Ecosystem (GlobusWorld Tour - STFC)
Building the Services Ecosystem (GlobusWorld Tour - STFC)Building the Services Ecosystem (GlobusWorld Tour - STFC)
Building the Services Ecosystem (GlobusWorld Tour - STFC)
Globus
 
Building Research Data Portals (GlobusWorld Tour - UMich)
Building Research Data Portals (GlobusWorld Tour - UMich)Building Research Data Portals (GlobusWorld Tour - UMich)
Building Research Data Portals (GlobusWorld Tour - UMich)
Globus
 

Recomendados

IdM in Smart Applications on Virtual Infrastructure
IdM in Smart Applications on Virtual InfrastructureIdM in Smart Applications on Virtual Infrastructure
IdM in Smart Applications on Virtual Infrastructure
Mohammad Faraji
 
4. tmg 2010 e uag 2010
4. tmg 2010 e uag 20104. tmg 2010 e uag 2010
4. tmg 2010 e uag 2010
Fabrizio Volpe
 
Dave Carroll Application Services Salesforce
Dave Carroll Application Services SalesforceDave Carroll Application Services Salesforce
Dave Carroll Application Services Salesforce
deimos
 
Everything You Need to Know about Diagnostics and Debugging on Microsoft Inte...
Everything You Need to Know about Diagnostics and Debugging on Microsoft Inte...Everything You Need to Know about Diagnostics and Debugging on Microsoft Inte...
Everything You Need to Know about Diagnostics and Debugging on Microsoft Inte...
goodfriday
 
Workshop: Advanced Federation Use-Cases with PingFederate
Workshop: Advanced Federation Use-Cases with PingFederateWorkshop: Advanced Federation Use-Cases with PingFederate
Workshop: Advanced Federation Use-Cases with PingFederate
Craig Wu
 
CIS 2012 - Going Mobile with PingFederate and OAuth 2
CIS 2012 - Going Mobile with PingFederate and OAuth 2CIS 2012 - Going Mobile with PingFederate and OAuth 2
CIS 2012 - Going Mobile with PingFederate and OAuth 2
scotttomilson
 
Building the Services Ecosystem (GlobusWorld Tour - STFC)
Building the Services Ecosystem (GlobusWorld Tour - STFC)Building the Services Ecosystem (GlobusWorld Tour - STFC)
Building the Services Ecosystem (GlobusWorld Tour - STFC)
Globus
 
Building Research Data Portals (GlobusWorld Tour - UMich)
Building Research Data Portals (GlobusWorld Tour - UMich)Building Research Data Portals (GlobusWorld Tour - UMich)
Building Research Data Portals (GlobusWorld Tour - UMich)
Globus
 
CIS14: Best Practices You Must Apply to Secure Your APIs
CIS14: Best Practices You Must Apply to Secure Your APIsCIS14: Best Practices You Must Apply to Secure Your APIs
CIS14: Best Practices You Must Apply to Secure Your APIs
CloudIDSummit
 
CIS14: Early Peek at PingFederate Administrative REST API
CIS14: Early Peek at PingFederate Administrative REST APICIS14: Early Peek at PingFederate Administrative REST API
CIS14: Early Peek at PingFederate Administrative REST API
CloudIDSummit
 
Automated testing of complex service oriented architectures
Automated testing of complex service oriented architecturesAutomated testing of complex service oriented architectures
Automated testing of complex service oriented architectures
Dr. Alexander Schwartz
 
Layer 7 and Oracle -
Layer 7 and Oracle - Layer 7 and Oracle -
Layer 7 and Oracle -
CA API Management
 
apiGrove
apiGroveapiGrove
apiGrove
gmthomps
 
Seasonal Burst Handling Using Hybrid Cloud Infrastructure from Cloud Security...
Seasonal Burst Handling Using Hybrid Cloud Infrastructure from Cloud Security...Seasonal Burst Handling Using Hybrid Cloud Infrastructure from Cloud Security...
Seasonal Burst Handling Using Hybrid Cloud Infrastructure from Cloud Security...
CA API Management
 
CIS13: Introduction to OAuth 2.0
CIS13: Introduction to OAuth 2.0CIS13: Introduction to OAuth 2.0
CIS13: Introduction to OAuth 2.0
CloudIDSummit
 
API Days 2012 - 1 billion SMS through an API !
API Days 2012 - 1 billion SMS through an API !API Days 2012 - 1 billion SMS through an API !
API Days 2012 - 1 billion SMS through an API !
Guilhem Ensuque
 
Introducing SOA and Oracle SOA Suite 11g for Database Professionals
Introducing SOA and Oracle SOA Suite 11g for Database ProfessionalsIntroducing SOA and Oracle SOA Suite 11g for Database Professionals
Introducing SOA and Oracle SOA Suite 11g for Database Professionals
Lucas Jellema
 
SSO with the WSO2 Identity Server
SSO with the WSO2 Identity ServerSSO with the WSO2 Identity Server
SSO with the WSO2 Identity Server
WSO2
 
WSO2 Identity Server - Product Overview
WSO2 Identity Server - Product OverviewWSO2 Identity Server - Product Overview
WSO2 Identity Server - Product Overview
WSO2
 
WSO2 Identity Server 5.3.0 - Product Release Webinar
WSO2 Identity Server 5.3.0 - Product Release WebinarWSO2 Identity Server 5.3.0 - Product Release Webinar
WSO2 Identity Server 5.3.0 - Product Release Webinar
WSO2
 
WSO2 Identity Server
WSO2 Identity Server WSO2 Identity Server
WSO2 Identity Server
WSO2
 
WSO2Con US 2013 - Identity Management Best Practices with WSO2 Identity Server
WSO2Con US 2013 - Identity Management Best Practices with WSO2 Identity ServerWSO2Con US 2013 - Identity Management Best Practices with WSO2 Identity Server
WSO2Con US 2013 - Identity Management Best Practices with WSO2 Identity Server
WSO2
 
WSO2 Identity Server 2.0 Introduction
WSO2 Identity Server 2.0 IntroductionWSO2 Identity Server 2.0 Introduction
WSO2 Identity Server 2.0 Introduction
Prabath Siriwardena
 
Scalable Deployment Patterns in WSO2 API Manager
Scalable Deployment Patterns in WSO2 API Manager Scalable Deployment Patterns in WSO2 API Manager
Scalable Deployment Patterns in WSO2 API Manager
WSO2
 
Understanding OpenID
Understanding OpenIDUnderstanding OpenID
Understanding OpenID
Prabath Siriwardena
 
Practical Federated Identity
Practical Federated Identity Practical Federated Identity
Practical Federated Identity
WSO2
 
Customizing the API Store & Publisher in WSO2 API Manager
Customizing the API Store & Publisher in WSO2 API ManagerCustomizing the API Store & Publisher in WSO2 API Manager
Customizing the API Store & Publisher in WSO2 API Manager
WSO2
 
WSO2Con USA 2014 - Identity Server Tutorial
WSO2Con USA 2014 - Identity Server TutorialWSO2Con USA 2014 - Identity Server Tutorial
WSO2Con USA 2014 - Identity Server Tutorial
Prabath Siriwardena
 
Single sign on using WSO2 identity server
Single sign on using WSO2 identity serverSingle sign on using WSO2 identity server
Single sign on using WSO2 identity server
WSO2
 
Optimizing Java Performance
Optimizing Java PerformanceOptimizing Java Performance
Optimizing Java Performance
Konstantin Pavlov
 

Mais conteúdo relacionado

Mais procurados

Introducing SOA and Oracle SOA Suite 11g for Database Professionals
Introducing SOA and Oracle SOA Suite 11g for Database ProfessionalsIntroducing SOA and Oracle SOA Suite 11g for Database Professionals
Introducing SOA and Oracle SOA Suite 11g for Database Professionals
Lucas Jellema
 

Mais procurados (9)

CIS14: Best Practices You Must Apply to Secure Your APIs
CIS14: Best Practices You Must Apply to Secure Your APIsCIS14: Best Practices You Must Apply to Secure Your APIs
CIS14: Best Practices You Must Apply to Secure Your APIs
 
CIS14: Early Peek at PingFederate Administrative REST API
CIS14: Early Peek at PingFederate Administrative REST APICIS14: Early Peek at PingFederate Administrative REST API
CIS14: Early Peek at PingFederate Administrative REST API
 
Automated testing of complex service oriented architectures
Automated testing of complex service oriented architecturesAutomated testing of complex service oriented architectures
Automated testing of complex service oriented architectures
 
Layer 7 and Oracle -
Layer 7 and Oracle - Layer 7 and Oracle -
Layer 7 and Oracle -
 
apiGrove
apiGroveapiGrove
apiGrove
 
Seasonal Burst Handling Using Hybrid Cloud Infrastructure from Cloud Security...
Seasonal Burst Handling Using Hybrid Cloud Infrastructure from Cloud Security...Seasonal Burst Handling Using Hybrid Cloud Infrastructure from Cloud Security...
Seasonal Burst Handling Using Hybrid Cloud Infrastructure from Cloud Security...
 
CIS13: Introduction to OAuth 2.0
CIS13: Introduction to OAuth 2.0CIS13: Introduction to OAuth 2.0
CIS13: Introduction to OAuth 2.0
 
API Days 2012 - 1 billion SMS through an API !
API Days 2012 - 1 billion SMS through an API !API Days 2012 - 1 billion SMS through an API !
API Days 2012 - 1 billion SMS through an API !
 
Introducing SOA and Oracle SOA Suite 11g for Database Professionals
Introducing SOA and Oracle SOA Suite 11g for Database ProfessionalsIntroducing SOA and Oracle SOA Suite 11g for Database Professionals
Introducing SOA and Oracle SOA Suite 11g for Database Professionals
 

Destaque

SSO with the WSO2 Identity Server
SSO with the WSO2 Identity ServerSSO with the WSO2 Identity Server
SSO with the WSO2 Identity Server
WSO2
 
WSO2 Identity Server 5.3.0 - Product Release Webinar
WSO2 Identity Server 5.3.0 - Product Release WebinarWSO2 Identity Server 5.3.0 - Product Release Webinar
WSO2 Identity Server 5.3.0 - Product Release Webinar
WSO2
 
WSO2 Identity Server
WSO2 Identity Server WSO2 Identity Server
WSO2 Identity Server
WSO2
 
WSO2Con US 2013 - Identity Management Best Practices with WSO2 Identity Server
WSO2Con US 2013 - Identity Management Best Practices with WSO2 Identity ServerWSO2Con US 2013 - Identity Management Best Practices with WSO2 Identity Server
WSO2Con US 2013 - Identity Management Best Practices with WSO2 Identity Server
WSO2
 
Scalable Deployment Patterns in WSO2 API Manager
Scalable Deployment Patterns in WSO2 API Manager Scalable Deployment Patterns in WSO2 API Manager
Scalable Deployment Patterns in WSO2 API Manager
WSO2
 
Practical Federated Identity
Practical Federated Identity Practical Federated Identity
Practical Federated Identity
WSO2
 
Customizing the API Store & Publisher in WSO2 API Manager
Customizing the API Store & Publisher in WSO2 API ManagerCustomizing the API Store & Publisher in WSO2 API Manager
Customizing the API Store & Publisher in WSO2 API Manager
WSO2
 
Single sign on using WSO2 identity server
Single sign on using WSO2 identity serverSingle sign on using WSO2 identity server
Single sign on using WSO2 identity server
WSO2
 
Creating High Performance Big Data Applications with the Java Persistence API
Creating High Performance Big Data Applications with the Java Persistence APICreating High Performance Big Data Applications with the Java Persistence API
Creating High Performance Big Data Applications with the Java Persistence API
DATAVERSITY
 
Performance van Java 8 en verder - Jeroen Borgers
Performance van Java 8 en verder - Jeroen BorgersPerformance van Java 8 en verder - Jeroen Borgers
Performance van Java 8 en verder - Jeroen Borgers
NLJUG
 
Java Performance
Java PerformanceJava Performance
Java Performance
SSA KPI
 

Destaque (20)

SSO with the WSO2 Identity Server
SSO with the WSO2 Identity ServerSSO with the WSO2 Identity Server
SSO with the WSO2 Identity Server
 
WSO2 Identity Server - Product Overview
WSO2 Identity Server - Product OverviewWSO2 Identity Server - Product Overview
WSO2 Identity Server - Product Overview
 
WSO2 Identity Server 5.3.0 - Product Release Webinar
WSO2 Identity Server 5.3.0 - Product Release WebinarWSO2 Identity Server 5.3.0 - Product Release Webinar
WSO2 Identity Server 5.3.0 - Product Release Webinar
 
WSO2 Identity Server
WSO2 Identity Server WSO2 Identity Server
WSO2 Identity Server
 
WSO2Con US 2013 - Identity Management Best Practices with WSO2 Identity Server
WSO2Con US 2013 - Identity Management Best Practices with WSO2 Identity ServerWSO2Con US 2013 - Identity Management Best Practices with WSO2 Identity Server
WSO2Con US 2013 - Identity Management Best Practices with WSO2 Identity Server
 
WSO2 Identity Server 2.0 Introduction
WSO2 Identity Server 2.0 IntroductionWSO2 Identity Server 2.0 Introduction
WSO2 Identity Server 2.0 Introduction
 
Scalable Deployment Patterns in WSO2 API Manager
Scalable Deployment Patterns in WSO2 API Manager Scalable Deployment Patterns in WSO2 API Manager
Scalable Deployment Patterns in WSO2 API Manager
 
Understanding OpenID
Understanding OpenIDUnderstanding OpenID
Understanding OpenID
 
Practical Federated Identity
Practical Federated Identity Practical Federated Identity
Practical Federated Identity
 
Customizing the API Store & Publisher in WSO2 API Manager
Customizing the API Store & Publisher in WSO2 API ManagerCustomizing the API Store & Publisher in WSO2 API Manager
Customizing the API Store & Publisher in WSO2 API Manager
 
WSO2Con USA 2014 - Identity Server Tutorial
WSO2Con USA 2014 - Identity Server TutorialWSO2Con USA 2014 - Identity Server Tutorial
WSO2Con USA 2014 - Identity Server Tutorial
 
Single sign on using WSO2 identity server
Single sign on using WSO2 identity serverSingle sign on using WSO2 identity server
Single sign on using WSO2 identity server
 
Optimizing Java Performance
Optimizing Java PerformanceOptimizing Java Performance
Optimizing Java Performance
 
Creating High Performance Big Data Applications with the Java Persistence API
Creating High Performance Big Data Applications with the Java Persistence APICreating High Performance Big Data Applications with the Java Persistence API
Creating High Performance Big Data Applications with the Java Persistence API
 
Java performance
Java performanceJava performance
Java performance
 
High Performance With Java
High Performance With JavaHigh Performance With Java
High Performance With Java
 
Performance van Java 8 en verder - Jeroen Borgers
Performance van Java 8 en verder - Jeroen BorgersPerformance van Java 8 en verder - Jeroen Borgers
Performance van Java 8 en verder - Jeroen Borgers
 
High Performance Web Design
High Performance Web DesignHigh Performance Web Design
High Performance Web Design
 
Java Performance
Java PerformanceJava Performance
Java Performance
 
Java Performance & Profiling
Java Performance & ProfilingJava Performance & Profiling
Java Performance & Profiling
 

Semelhante a WSO2 Identity Server

Identity Manager in Cloud with Openflow Switches
Identity Manager in Cloud with Openflow SwitchesIdentity Manager in Cloud with Openflow Switches
Identity Manager in Cloud with Openflow Switches
Mohammad Faraji
 
OpenStack at Xen summit Asia
OpenStack at Xen summit Asia OpenStack at Xen summit Asia
OpenStack at Xen summit Asia
Jaesuk Ahn
 
Websphere Portal V6.1 Security Overview
Websphere Portal V6.1 Security OverviewWebsphere Portal V6.1 Security Overview
Websphere Portal V6.1 Security Overview
Munish Gupta
 

Semelhante a WSO2 Identity Server (12)

Identity Manager in Cloud with Openflow Switches
Identity Manager in Cloud with Openflow SwitchesIdentity Manager in Cloud with Openflow Switches
Identity Manager in Cloud with Openflow Switches
 
Cisco Study: State of Web Security
Cisco Study: State of Web Security Cisco Study: State of Web Security
Cisco Study: State of Web Security
 
Embedding Jaspersoft into your PHP application
Embedding Jaspersoft into your PHP applicationEmbedding Jaspersoft into your PHP application
Embedding Jaspersoft into your PHP application
 
Layer 7: The Importance of Standards for Enterprise SOA and Cloud Security
Layer 7: The Importance of Standards for Enterprise SOA and Cloud SecurityLayer 7: The Importance of Standards for Enterprise SOA and Cloud Security
Layer 7: The Importance of Standards for Enterprise SOA and Cloud Security
 
Enterprise Access Control Patterns for Rest and Web APIs
Enterprise Access Control Patterns for Rest and Web APIsEnterprise Access Control Patterns for Rest and Web APIs
Enterprise Access Control Patterns for Rest and Web APIs
 
OpenStack Security
OpenStack SecurityOpenStack Security
OpenStack Security
 
What’s new in windows server 2012
What’s new in windows server 2012What’s new in windows server 2012
What’s new in windows server 2012
 
OpenStack at Xen summit Asia
OpenStack at Xen summit Asia OpenStack at Xen summit Asia
OpenStack at Xen summit Asia
 
oracle-osb
oracle-osboracle-osb
oracle-osb
 
Websphere Portal V6.1 Security Overview
Websphere Portal V6.1 Security OverviewWebsphere Portal V6.1 Security Overview
Websphere Portal V6.1 Security Overview
 
SANS Institute Product Review: Oracle Entitlements Server
SANS Institute Product Review: Oracle Entitlements ServerSANS Institute Product Review: Oracle Entitlements Server
SANS Institute Product Review: Oracle Entitlements Server
 
Windows Azure for Developers - Building Block Services
Windows Azure for Developers - Building Block ServicesWindows Azure for Developers - Building Block Services
Windows Azure for Developers - Building Block Services
 

Mais de Prabath Siriwardena

Best Practices in Building an API Security Ecosystem
Best Practices in Building an API Security EcosystemBest Practices in Building an API Security Ecosystem
Best Practices in Building an API Security Ecosystem
Prabath Siriwardena
 
Connected Identity : Benefits, Risks & Challenges
Connected Identity : Benefits, Risks & ChallengesConnected Identity : Benefits, Risks & Challenges
Connected Identity : Benefits, Risks & Challenges
Prabath Siriwardena
 

Mais de Prabath Siriwardena (20)

Microservices Security Landscape
Microservices Security LandscapeMicroservices Security Landscape
Microservices Security Landscape
 
Cloud Native Identity with SPIFFE
Cloud Native Identity with SPIFFECloud Native Identity with SPIFFE
Cloud Native Identity with SPIFFE
 
API Security Best Practices & Guidelines
API Security Best Practices & GuidelinesAPI Security Best Practices & Guidelines
API Security Best Practices & Guidelines
 
Identity is Eating the World!
Identity is Eating the World!Identity is Eating the World!
Identity is Eating the World!
 
Microservices Security Landscape
Microservices Security LandscapeMicroservices Security Landscape
Microservices Security Landscape
 
OAuth 2.0 Threat Landscape
OAuth 2.0 Threat LandscapeOAuth 2.0 Threat Landscape
OAuth 2.0 Threat Landscape
 
GDPR for Identity Architects
GDPR for Identity ArchitectsGDPR for Identity Architects
GDPR for Identity Architects
 
Blockchain-based Solutions for Identity & Access Management
Blockchain-based Solutions for Identity & Access ManagementBlockchain-based Solutions for Identity & Access Management
Blockchain-based Solutions for Identity & Access Management
 
OAuth 2.0 Threat Landscapes
OAuth 2.0 Threat LandscapesOAuth 2.0 Threat Landscapes
OAuth 2.0 Threat Landscapes
 
OAuth 2.0 for Web and Native (Mobile) App Developers
OAuth 2.0 for Web and Native (Mobile) App DevelopersOAuth 2.0 for Web and Native (Mobile) App Developers
OAuth 2.0 for Web and Native (Mobile) App Developers
 
Identity Management for Web Application Developers
Identity Management for Web Application DevelopersIdentity Management for Web Application Developers
Identity Management for Web Application Developers
 
API Security Best Practices & Guidelines
API Security Best Practices & GuidelinesAPI Security Best Practices & Guidelines
API Security Best Practices & Guidelines
 
Open Standards in Identity Management
Open Standards in Identity ManagementOpen Standards in Identity Management
Open Standards in Identity Management
 
Securing Single-Page Applications with OAuth 2.0
Securing Single-Page Applications with OAuth 2.0Securing Single-Page Applications with OAuth 2.0
Securing Single-Page Applications with OAuth 2.0
 
API Security : Patterns and Practices
API Security : Patterns and PracticesAPI Security : Patterns and Practices
API Security : Patterns and Practices
 
Best Practices in Building an API Security Ecosystem
Best Practices in Building an API Security EcosystemBest Practices in Building an API Security Ecosystem
Best Practices in Building an API Security Ecosystem
 
Connected Identity : The Role of the Identity Bus
Connected Identity : The Role of the Identity BusConnected Identity : The Role of the Identity Bus
Connected Identity : The Role of the Identity Bus
 
Connected Identity : Benefits, Risks & Challenges
Connected Identity : Benefits, Risks & ChallengesConnected Identity : Benefits, Risks & Challenges
Connected Identity : Benefits, Risks & Challenges
 
The Evolution of Internet Identity
The Evolution of Internet IdentityThe Evolution of Internet Identity
The Evolution of Internet Identity
 
Next-Gen Apps with IoT and Cloud
Next-Gen Apps with IoT and CloudNext-Gen Apps with IoT and Cloud
Next-Gen Apps with IoT and Cloud
 

Último

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
Overkill Security
 

Último (20)

Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
A Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source MilvusA Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source Milvus
 
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu SubbuApidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
 
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot ModelNavi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 

WSO2 Identity Server

  • 1. Prabath Siriwardena Software Architect & Senior Manager[Carbon Platform & Security] NBQSA  ~  2011  ~  18th/Aug/2011  
  • 2. An  open  source  Identity  &  Entitlement   management  server   NBQSA  ~  2011  
  • 3. Authentication An  open  source  Identity  &  Entitlement   management  server   LDAP AD JDBC NBQSA  ~  2011  
  • 5. Authentication Single Sign On An  open  source  Identity  &  Entitlement   management  server   SAML2 Kerberos NBQSA  ~  2011  
  • 6. Single  Sign  On   NBQSA  ~  2011  
  • 7. Provisioning Authentication Single Sign On An  open  source  Identity  &  Entitlement   management  server   SPML SCIM NBQSA  ~  2011  
  • 9. Provisioning Authentication Single Sign On An  open  source  Identity  &  Entitlement   management  server   Auditing XDAS NBQSA  ~  2011  
  • 11. Provisioning Authentication Single Sign On An  open  source  Identity  &  Entitlement   management  server   Auditing Delegation WS-TRUST NBQSA  ~  2011  
  • 13. Provisioning Authentication Single Sign On An  open  source  Identity  &  Entitlement   management  server   Federation Auditing Delegation SAML2 WS-TRUST NBQSA  ~  2011  
  • 15. Role Based Access Control An  open  source  Identity  &  Entitlement   management  server   NBQSA  ~  2011  
  • 16. Attribute Based Access Control Role Based Access Control An  open  source  Identity  &  Entitlement   management  server   NBQSA  ~  2011  
  • 17. Attribute Based Access Control Role Based Access Control An  open  source  Identity  &  Entitlement   management  server   Policy Based Access Control XACML NBQSA  ~  2011  
  • 18. Attribute Based Access Control Role Based Access Control An  open  source  Identity  &  Entitlement   management  server   SOAP Policy Based Access Control XACML / WS-XACML NBQSA  ~  2011  
  • 19. Attribute Based Access Control Role Based Access Control REST An  open  source  Identity  &  Entitlement   management  server   SOAP Policy Based Access Control XACML NBQSA  ~  2011  
  • 20. An  open  source  Identity  &  Entitlement   management  server   Web based management console NBQSA  ~  2011  
  • 21. An  open  source  Identity  &  Entitlement   management  server   SOAP based API Web based management console NBQSA  ~  2011  
  • 22. ¡  User  stores  with  LDAP/AD/JDBC   ¡  OpenID   ¡   SAML2   ¡   Kerberos   ¡   Information  Cards     ¡   XACML   ¡   OAuth   ¡   Security  Token  Service  with  WS-­‐Trust   NBQSA  ~  2011  
  • 23. ¡  SCIM   ¡  XDAS   ¡   WS-­‐XACML   NBQSA  ~  2011  
  • 25. ¡  Open  source  &  open  standards   ¡  Lean   ¡  No  vendor  lock-­‐in   ¡  All  in  a  single  product   ¡  Interoperability   ¡  Extensibility   ¡  The  power  of  WSO2  SOA  stack   ¡  Short  learning  curve   NBQSA  ~  2011  
  • 26. ¡  Decentralized  Single  Sign  On   ¡  Single  user  profile   ¡  Widely  used  for  community  &   collaboration  aspects     ¡  Multifactor  Authentication   [Infocard,  XMPP]   ¡  OpenID  relying  party  components     NBQSA  ~  2011  
  • 27. ¡  Single  Sign  On  /  Single  Logout   ¡  Widely  used  *aaS  providers            [Google  Apps,  Salesforce]   ¡   SAML2  Web  SSO  Profile   ¡  Used  in  WSO2  StratosLive   NBQSA  ~  2011  
  • 28. ¡  Key  Distribution  Center  [KDC]   NBQSA  ~  2011  
  • 29. ¡  The  de-­‐facto  standard  for  authorization   ¡  Support  for  multiple  PIPs   ¡  Policy  distribution   ¡  Decision  /  Attribute  caching   ¡  UI  wizard  for  defining  policies   ¡  Notifications  on  policy  updates   ¡  TryIt  tool   NBQSA  ~  2011  
  • 30. EntitlementService     EntitlementPolicyAdminService     SOAP   SOAP   Attribute Finder Policy Decision Point Extensions Decision Policy Extensions Administration Cache Attribute Point Cache XACML Engine Default Finder Policy Cache LDAP NBQSA  ~  2011  
  • 34. ¡   Identity  Delegation   ¡  Securing  RESTful  services   ¡   2-­‐legged  &  3-­‐legged  OAuth   ¡   XACML  integration  with  OAuth   ¡  OAuth  2.0  support    in  progress   NBQSA  ~  2011  
  • 35. Consumer  App   Registers  consumer  key/secret   Obtains  request  token   Obtains  authorized  request  token   NBQSA  ~  2011  
  • 36. Consumer  App   Obtains  access  token   access  token   Validates   Resource   NBQSA  ~  2011  
  • 37. ¡  Supports  WS-­‐Trust  1.3/1.4   ¡  SAML  1.0/1.1/2.0  token  profiles   ¡   Claim  management   NBQSA  ~  2011  
  • 38. Resource   Security Token Service Consumer  App   Domain  A   Domain  B   NBQSA  ~  2011  
  • 39. ¡  Pluggable  authenticators   ¡  XACML  attribute  finders  and  designators   ¡  SAML  attribute  finders  for  STS   ¡  Clustering  support  for  HA   NBQSA  ~  2011  
  • 40. ¡  Entitlement  Mediator  for  XACML   ¡  OAuth  Mediator   ¡  SAML2  Identity  Provider   NBQSA  ~  2011  
  • 41. European  Identity  Awards  2011  ~   under  Cloud  Offerings  for  XACML   and  OpenID  implementations         NBQSA  ~  2011  
  • 42. ¡  Open  and  agile   ¡  Apache  Software  License     ¡  Source  code  repository  (Subversion)   §  https://svn.wso2.org/repos/wso2   ¡  Issue  tracker  (JIRA)   §  http://wso2.org/jira   ¡  Continuous  integration   ¡  Public  mailing  lists   NBQSA  ~  2011  
  • 43. ¡  Downloadable  documentation  distribution   ¡  On-­‐line  documentation   §  http://wso2.org/project/solutions/identity/3.2.0/docs/   §  Articles,  webinars  and  tutorials  on  WSO2  Oxygen  Tank          http://wso2.org/library/security   §  Blogs          http://blog.facilelogin.com          http://blog.thilinamb.com          http://pathberiya.blogspot.com          http://hasini-­‐gunasinghe.blogspot.com                       NBQSA  ~  2011  
  • 44. ¡  Webinars   §  Six  identity  &  security  webinars  -­‐  2011   ¡  Work  shops   §  WSO2  Security  Workshop  –  March  2011  (NY,  DC,  TX)   §   WSO2  Security  Workshop  -­‐    May  2011  (London,  Paris,   Frankfurt,  Zurich)   §  WSO2  Security  Workshop  –  June  2011  (Palo  Alt0  –  US)   §  WSO2  Cloud  Security  Workshop  –  Aug  2011  (Palo  Alt0   –  US)     NBQSA  ~  2011  
  • 45. ¡  Articles  and  white  papers   ¡  Conferences   §  WSO2Con   §  OSCON   §  QCON   §  ApacheCon     NBQSA  ~  2011  
  • 46. ¡  W3C   ¡  OASIS   ¡  OpenID  Foundation   ¡  Infocard  Foundation   ¡  Microsoft’s  Interop  Vendor  Alliance   NBQSA  ~  2011