SlideShare a Scribd company logo

The gluu in an nstic pilot

Download as PPTX, PDF
G
Gluu

So what is the Gluu Server going to do to help make this magic happen? For those who have never heard of Gluu, we publish free open source Internet security software that is used by universities, government agencies and companies to enable Web and mobile applications to securely identify a person, and manage what information they are allowed to access.

Software
1 of 5
Last week, there was a lot of press around the the announcement of this year’s NSTIC pilots. Here at Gluu, we are excited to participate in one of these projects, and are hopeful that it will be a nice showcase for free open source wam software and the power of open standards for two factor security. The goal of this blog is to shed some light on how the Gluu Server will help this project come to life. Note, these are my thoughts as CEO of Gluu, and don’t necessarily reflect the opinion of MorpoTrust, the lead contractor, NIST, the State of North Carolina, or any of the other contractors.
So what is this pilot about? In my opinion, it’s about one thing: electronic enrollment. You can think of enrollment as a kind of online registration. You know the drill–you need an account on a website, you fill out a form, pick a password, validate some “CAPTCHA”, perhaps validate your email, and you’re off to the races. However this ritual has a few weaknesses: there is not a strong link to an actual person. With a plethora of ways for hackers (or your friends) to figure out your passwords, control of an email account hardly provides much of an assurance that the actual person filled out the registration form. In identity geek parlance, we call “identity proofing” the process where you correlate a person to an electronic credential. Email validation is a very weak form of identity proofing, sufficient for only low value transactions. Today, in many situations, identity proofing requires you to show a printed government issued ID. As a person needs to transact more important business online, the strength of that identity-proofing process needs to also increase. Here is an extreme example, but it makes a point. Recently I was issued a US Dept. of Interior smart card. It was really a pain in the neck. I had to drive to Temple TX from Austin, which is 70 miles north. This was the nearest DOI office that was authorized to issue these cards. I presented two forms of valid ID. At that meeting, they collected high quality biometrics ( fingerprint and photo). Subsequently I was interviewed by the FBI at my office, and I provided contact information for my family and childhood friends. After background checks, my ID was ready. I asked for it to be FedEx’s.
No way… I had to drive 70 miles back to Temple, TX. At which point, they verified the previously collected biometrics. And after some chit-chat, I was handed my smart card– 280 miles and four hours of driving later. I’ll say one thing: they were pretty darn sure that they handed that ID to Michael Schwartz. But it was an expensive and inconvenient process. The North Carolina Food and Nutrition Services Program online also needs to issue electronic credentials to citizens. As I understand it, some people in North Carolina who need the benefits offered by this program might be quite far from a physical office. Wouldn’t it be great if there was some way we could save them the drive? There are many reasons why this makes sense. But there is only one problem: there is no alternative to the “in person” identity proof. The magic in this pilot would be to develop an alternative to the in person identity proof by leveraging the sensors of a mobile device. Can the camera of a mobile device collect enough data to identify me as well as a person could do it? It’s not that far-fetched, especially for me (when I passed age 40, let’s just say my visual acuity isn’t what it used to be…) The precedent for electronic “non-in person” enrollment just doesn’t exist. But once it does, we could see many services that required in person identity proofing–like voting–have a better chance of becoming a reality.
So what is the Gluu Server going to do to help make this magic happen? For those who have never heard of Gluu, we publish free open source Internet security software that is used by universities, government agencies and companies to enable Web and mobile applications to securely identify a person, and manage what information they are allowed to access. In this pilot, there are two critical authentications: the first time you enroll, we need to identify you using information gathered from the mobile device, and compared against information held by the State of North Carolina, and other contextual information (like your location). This authentication might be a little bit inconvenient, but it may save you hours of driving! After this initial authentication, we will use crypto techniques to enable you to re-authenticate very conveniently–without even using a password. The algorithms to do this identification (to do the image processing for example), or to detect fraud, are proprietary. I understand that these will be supplied by MorphoTrust and the University of Texas Identity Center.
The Gluu Server is used to communicate with the mobile device, to communicate with servers that analyze the data secured inside the state environment. It is the “glue” (no pun intended) between the mobile device and the backend identification engine. Identifying a person is only half the battle. The second half of the battle is authorizing the person to web access management tools software certain protected APIs that will be used by the mobile application to do its business. The Gluu Sever provides a way for a domain (in this case the State of North Carolina), to define policies that can control which people, using which devices, can access which APIs. IT veterans may not be impressed. Oracle, IBM, and Computer Associates all have software that can perform this function. However, the Gluu Server is the only free open source platform that uses open standards to enable centralized access management. Ultimately, the vision of Gluu, and the vision of NSTIC area aligned: to make the Internet a safer place. It’s an honor to participate in such an effort, and we’re looking forward to serving the citizens of North Carolina to the best of our ability. Article resource:-https://sites.google.com/site/thegluuserver/the-gluu-in-an-nstic-pilot

Recommended

Red Logica 2
Red Logica 2Red Logica 2
Red Logica 2guestc36c19
 
AYUDA VIRTUAL PARA LA SUSTENTACION DEL PROYECTO
AYUDA VIRTUAL PARA LA SUSTENTACION DEL PROYECTOAYUDA VIRTUAL PARA LA SUSTENTACION DEL PROYECTO
AYUDA VIRTUAL PARA LA SUSTENTACION DEL PROYECTOguesteca319e4
 
Declaracion final sobre soberania alimentaria
Declaracion final sobre soberania alimentariaDeclaracion final sobre soberania alimentaria
Declaracion final sobre soberania alimentariaKlaudia Botero
 
Plaza Offices Catete Salas comerciais
Plaza Offices Catete Salas comerciaisPlaza Offices Catete Salas comerciais
Plaza Offices Catete Salas comerciaisLancamentosrj
 
Iemat encontrando o caminho
Iemat encontrando o caminhoIemat encontrando o caminho
Iemat encontrando o caminholarissse
 
Gavea Golf Sao Conrado
Gavea Golf Sao ConradoGavea Golf Sao Conrado
Gavea Golf Sao ConradoLancamentosrj
 
Betonarme yapilar
Betonarme yapilarBetonarme yapilar
Betonarme yapilarEmir Yaralı
 
Jeanine imoveis leblon
Jeanine imoveis leblonJeanine imoveis leblon
Jeanine imoveis leblonLancamentosrj
 

Recommended

Red Logica 2
Red Logica 2Red Logica 2
Red Logica 2guestc36c19
 
AYUDA VIRTUAL PARA LA SUSTENTACION DEL PROYECTO
AYUDA VIRTUAL PARA LA SUSTENTACION DEL PROYECTOAYUDA VIRTUAL PARA LA SUSTENTACION DEL PROYECTO
AYUDA VIRTUAL PARA LA SUSTENTACION DEL PROYECTOguesteca319e4
 
Declaracion final sobre soberania alimentaria
Declaracion final sobre soberania alimentariaDeclaracion final sobre soberania alimentaria
Declaracion final sobre soberania alimentariaKlaudia Botero
 
Plaza Offices Catete Salas comerciais
Plaza Offices Catete Salas comerciaisPlaza Offices Catete Salas comerciais
Plaza Offices Catete Salas comerciaisLancamentosrj
 
Iemat encontrando o caminho
Iemat encontrando o caminhoIemat encontrando o caminho
Iemat encontrando o caminholarissse
 
Gavea Golf Sao Conrado
Gavea Golf Sao ConradoGavea Golf Sao Conrado
Gavea Golf Sao ConradoLancamentosrj
 
Betonarme yapilar
Betonarme yapilarBetonarme yapilar
Betonarme yapilarEmir Yaralı
 
Jeanine imoveis leblon
Jeanine imoveis leblonJeanine imoveis leblon
Jeanine imoveis leblonLancamentosrj
 
Milaap 2006 Presentation Mail V2
Milaap 2006 Presentation Mail V2Milaap 2006 Presentation Mail V2
Milaap 2006 Presentation Mail V2Murty NSN
 
VampirTrace und Vampir
VampirTrace und VampirVampirTrace und Vampir
VampirTrace und VampirAndreas Schreiber
 
Poemas
PoemasPoemas
Poemasameliafreire
 
PyModESt: A Python Framework for Staging of Geo-referenced Data on the Coll...
PyModESt: A Python Framework for Staging of Geo-referenced Data on the Coll...PyModESt: A Python Framework for Staging of Geo-referenced Data on the Coll...
PyModESt: A Python Framework for Staging of Geo-referenced Data on the Coll...Andreas Schreiber
 
PPT belum jadi
PPT belum jadiPPT belum jadi
PPT belum jadiNur Alfiyatur Rochmah
 
Paradigma
ParadigmaParadigma
ParadigmaLou Borghetti
 
Retrospectiva 2010
Retrospectiva 2010Retrospectiva 2010
Retrospectiva 2010lihederson
 
El proceso de fotosíntesis
El proceso de fotosíntesisEl proceso de fotosíntesis
El proceso de fotosíntesisgladysfortunata
 
Visconde de Maua
Visconde de MauaVisconde de Maua
Visconde de MauaLancamentosrj
 
In officina vulcani
In officina vulcaniIn officina vulcani
In officina vulcaniÓscar Ramos
 
Die Kunst des Software Design - Java
Die Kunst des Software Design - JavaDie Kunst des Software Design - Java
Die Kunst des Software Design - JavaStephan Schmidt
 
Presentatie InstantModules
Presentatie InstantModulesPresentatie InstantModules
Presentatie InstantModulesChristian van der Ven
 
Vbasic6
Vbasic6Vbasic6
Vbasic6Lucilene Pitanga
 
Bibliotheekstandaarden bekeken door het web
Bibliotheekstandaarden bekeken door het webBibliotheekstandaarden bekeken door het web
Bibliotheekstandaarden bekeken door het webRosemie Callewaert
 
Pedoman beasiswa-bbp-ppa-2014
Pedoman beasiswa-bbp-ppa-2014Pedoman beasiswa-bbp-ppa-2014
Pedoman beasiswa-bbp-ppa-2014Nur Alfiyatur Rochmah
 
Gluu server for educational institutions
Gluu server for educational institutionsGluu server for educational institutions
Gluu server for educational institutionsGluu
 
Pr from our recent nstic pilot award
Pr from our recent nstic pilot awardPr from our recent nstic pilot award
Pr from our recent nstic pilot awardGluu
 
The currency of identifiers
The currency of identifiersThe currency of identifiers
The currency of identifiersGluu
 
Gluu founder and ceo, mike schwartz, to host open id connect 1.0 session at r...
Gluu founder and ceo, mike schwartz, to host open id connect 1.0 session at r...Gluu founder and ceo, mike schwartz, to host open id connect 1.0 session at r...
Gluu founder and ceo, mike schwartz, to host open id connect 1.0 session at r...Gluu
 
Gluu sxsw 2015 interactive picks
Gluu sxsw 2015 interactive picksGluu sxsw 2015 interactive picks
Gluu sxsw 2015 interactive picksGluu
 
17 recommended requirements for an identity and access management poc
17 recommended requirements for an identity and access management poc17 recommended requirements for an identity and access management poc
17 recommended requirements for an identity and access management pocGluu
 
Top 10 applications for multi factor authentication in higher education
Top 10 applications for multi factor authentication in higher educationTop 10 applications for multi factor authentication in higher education
Top 10 applications for multi factor authentication in higher educationGluu
 

More Related Content

Viewers also liked

Milaap 2006 Presentation Mail V2
Milaap 2006 Presentation Mail V2Milaap 2006 Presentation Mail V2
Milaap 2006 Presentation Mail V2Murty NSN
 
PyModESt: A Python Framework for Staging of Geo-referenced Data on the Coll...
PyModESt: A Python Framework for Staging of Geo-referenced Data on the Coll...PyModESt: A Python Framework for Staging of Geo-referenced Data on the Coll...
PyModESt: A Python Framework for Staging of Geo-referenced Data on the Coll...Andreas Schreiber
 
Retrospectiva 2010
Retrospectiva 2010Retrospectiva 2010
Retrospectiva 2010lihederson
 
El proceso de fotosíntesis
El proceso de fotosíntesisEl proceso de fotosíntesis
El proceso de fotosíntesisgladysfortunata
 
In officina vulcani
In officina vulcaniIn officina vulcani
In officina vulcaniÓscar Ramos
 
Die Kunst des Software Design - Java
Die Kunst des Software Design - JavaDie Kunst des Software Design - Java
Die Kunst des Software Design - JavaStephan Schmidt
 
Bibliotheekstandaarden bekeken door het web
Bibliotheekstandaarden bekeken door het webBibliotheekstandaarden bekeken door het web
Bibliotheekstandaarden bekeken door het webRosemie Callewaert
 

Viewers also liked (15)

Milaap 2006 Presentation Mail V2
Milaap 2006 Presentation Mail V2Milaap 2006 Presentation Mail V2
Milaap 2006 Presentation Mail V2
 
VampirTrace und Vampir
VampirTrace und VampirVampirTrace und Vampir
VampirTrace und Vampir
 
Poemas
PoemasPoemas
Poemas
 
PyModESt: A Python Framework for Staging of Geo-referenced Data on the Coll...
PyModESt: A Python Framework for Staging of Geo-referenced Data on the Coll...PyModESt: A Python Framework for Staging of Geo-referenced Data on the Coll...
PyModESt: A Python Framework for Staging of Geo-referenced Data on the Coll...
 
PPT belum jadi
PPT belum jadiPPT belum jadi
PPT belum jadi
 
Paradigma
ParadigmaParadigma
Paradigma
 
Retrospectiva 2010
Retrospectiva 2010Retrospectiva 2010
Retrospectiva 2010
 
El proceso de fotosíntesis
El proceso de fotosíntesisEl proceso de fotosíntesis
El proceso de fotosíntesis
 
Visconde de Maua
Visconde de MauaVisconde de Maua
Visconde de Maua
 
In officina vulcani
In officina vulcaniIn officina vulcani
In officina vulcani
 
Die Kunst des Software Design - Java
Die Kunst des Software Design - JavaDie Kunst des Software Design - Java
Die Kunst des Software Design - Java
 
Presentatie InstantModules
Presentatie InstantModulesPresentatie InstantModules
Presentatie InstantModules
 
Vbasic6
Vbasic6Vbasic6
Vbasic6
 
Bibliotheekstandaarden bekeken door het web
Bibliotheekstandaarden bekeken door het webBibliotheekstandaarden bekeken door het web
Bibliotheekstandaarden bekeken door het web
 
Pedoman beasiswa-bbp-ppa-2014
Pedoman beasiswa-bbp-ppa-2014Pedoman beasiswa-bbp-ppa-2014
Pedoman beasiswa-bbp-ppa-2014
 

More from Gluu

Gluu server for educational institutions
Gluu server for educational institutionsGluu server for educational institutions
Gluu server for educational institutionsGluu
 
Pr from our recent nstic pilot award
Pr from our recent nstic pilot awardPr from our recent nstic pilot award
Pr from our recent nstic pilot awardGluu
 
The currency of identifiers
The currency of identifiersThe currency of identifiers
The currency of identifiersGluu
 
Gluu founder and ceo, mike schwartz, to host open id connect 1.0 session at r...
Gluu founder and ceo, mike schwartz, to host open id connect 1.0 session at r...Gluu founder and ceo, mike schwartz, to host open id connect 1.0 session at r...
Gluu founder and ceo, mike schwartz, to host open id connect 1.0 session at r...Gluu
 
Gluu sxsw 2015 interactive picks
Gluu sxsw 2015 interactive picksGluu sxsw 2015 interactive picks
Gluu sxsw 2015 interactive picksGluu
 
17 recommended requirements for an identity and access management poc
17 recommended requirements for an identity and access management poc17 recommended requirements for an identity and access management poc
17 recommended requirements for an identity and access management pocGluu
 
Top 10 applications for multi factor authentication in higher education
Top 10 applications for multi factor authentication in higher educationTop 10 applications for multi factor authentication in higher education
Top 10 applications for multi factor authentication in higher educationGluu
 
First o auth 2.0 and saml identity federation platform to be shown by gluu
First o auth 2.0 and saml identity federation platform to be shown by gluuFirst o auth 2.0 and saml identity federation platform to be shown by gluu
First o auth 2.0 and saml identity federation platform to be shown by gluuGluu
 
How & why gluu’s open source authorization and authentication platform was ch...
How & why gluu’s open source authorization and authentication platform was ch...How & why gluu’s open source authorization and authentication platform was ch...
How & why gluu’s open source authorization and authentication platform was ch...Gluu
 
East hackathon api’s for art
East hackathon api’s for artEast hackathon api’s for art
East hackathon api’s for artGluu
 
Gluu’s vision
Gluu’s visionGluu’s vision
Gluu’s visionGluu
 
Gluu and canonical to demonstrate instant application security using ubuntu j...
Gluu and canonical to demonstrate instant application security using ubuntu j...Gluu and canonical to demonstrate instant application security using ubuntu j...
Gluu and canonical to demonstrate instant application security using ubuntu j...Gluu
 
Currency of identifiers ii
Currency of identifiers iiCurrency of identifiers ii
Currency of identifiers iiGluu
 
Shibboleth identity provider (idp) what it is, and why you should consider a ...
Shibboleth identity provider (idp) what it is, and why you should consider a ...Shibboleth identity provider (idp) what it is, and why you should consider a ...
Shibboleth identity provider (idp) what it is, and why you should consider a ...Gluu
 
Federated identity and open id connect why higher ed needs ox
Federated identity and open id connect why higher ed needs oxFederated identity and open id connect why higher ed needs ox
Federated identity and open id connect why higher ed needs oxGluu
 
Web access management using o auth2 and saml – wam 2.0
Web access management using o auth2 and saml – wam 2.0Web access management using o auth2 and saml – wam 2.0
Web access management using o auth2 and saml – wam 2.0Gluu
 
Packt publishing book proposal api and mobile access management
Packt publishing book proposal api and mobile access managementPackt publishing book proposal api and mobile access management
Packt publishing book proposal api and mobile access managementGluu
 
Gluu oscon submission
Gluu oscon submissionGluu oscon submission
Gluu oscon submissionGluu
 
Go west young federation
Go west young federationGo west young federation
Go west young federationGluu
 
 Use case for asimba as saml proxy
 Use case for asimba as saml proxy Use case for asimba as saml proxy
 Use case for asimba as saml proxyGluu
 

More from Gluu (20)

Gluu server for educational institutions
Gluu server for educational institutionsGluu server for educational institutions
Gluu server for educational institutions
 
Pr from our recent nstic pilot award
Pr from our recent nstic pilot awardPr from our recent nstic pilot award
Pr from our recent nstic pilot award
 
The currency of identifiers
The currency of identifiersThe currency of identifiers
The currency of identifiers
 
Gluu founder and ceo, mike schwartz, to host open id connect 1.0 session at r...
Gluu founder and ceo, mike schwartz, to host open id connect 1.0 session at r...Gluu founder and ceo, mike schwartz, to host open id connect 1.0 session at r...
Gluu founder and ceo, mike schwartz, to host open id connect 1.0 session at r...
 
Gluu sxsw 2015 interactive picks
Gluu sxsw 2015 interactive picksGluu sxsw 2015 interactive picks
Gluu sxsw 2015 interactive picks
 
17 recommended requirements for an identity and access management poc
17 recommended requirements for an identity and access management poc17 recommended requirements for an identity and access management poc
17 recommended requirements for an identity and access management poc
 
Top 10 applications for multi factor authentication in higher education
Top 10 applications for multi factor authentication in higher educationTop 10 applications for multi factor authentication in higher education
Top 10 applications for multi factor authentication in higher education
 
First o auth 2.0 and saml identity federation platform to be shown by gluu
First o auth 2.0 and saml identity federation platform to be shown by gluuFirst o auth 2.0 and saml identity federation platform to be shown by gluu
First o auth 2.0 and saml identity federation platform to be shown by gluu
 
How & why gluu’s open source authorization and authentication platform was ch...
How & why gluu’s open source authorization and authentication platform was ch...How & why gluu’s open source authorization and authentication platform was ch...
How & why gluu’s open source authorization and authentication platform was ch...
 
East hackathon api’s for art
East hackathon api’s for artEast hackathon api’s for art
East hackathon api’s for art
 
Gluu’s vision
Gluu’s visionGluu’s vision
Gluu’s vision
 
Gluu and canonical to demonstrate instant application security using ubuntu j...
Gluu and canonical to demonstrate instant application security using ubuntu j...Gluu and canonical to demonstrate instant application security using ubuntu j...
Gluu and canonical to demonstrate instant application security using ubuntu j...
 
Currency of identifiers ii
Currency of identifiers iiCurrency of identifiers ii
Currency of identifiers ii
 
Shibboleth identity provider (idp) what it is, and why you should consider a ...
Shibboleth identity provider (idp) what it is, and why you should consider a ...Shibboleth identity provider (idp) what it is, and why you should consider a ...
Shibboleth identity provider (idp) what it is, and why you should consider a ...
 
Federated identity and open id connect why higher ed needs ox
Federated identity and open id connect why higher ed needs oxFederated identity and open id connect why higher ed needs ox
Federated identity and open id connect why higher ed needs ox
 
Web access management using o auth2 and saml – wam 2.0
Web access management using o auth2 and saml – wam 2.0Web access management using o auth2 and saml – wam 2.0
Web access management using o auth2 and saml – wam 2.0
 
Packt publishing book proposal api and mobile access management
Packt publishing book proposal api and mobile access managementPackt publishing book proposal api and mobile access management
Packt publishing book proposal api and mobile access management
 
Gluu oscon submission
Gluu oscon submissionGluu oscon submission
Gluu oscon submission
 
Go west young federation
Go west young federationGo west young federation
Go west young federation
 
 Use case for asimba as saml proxy
 Use case for asimba as saml proxy Use case for asimba as saml proxy
 Use case for asimba as saml proxy
 

Recently uploaded

Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsJhone kinadey
 
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language ModelsUnlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Modelsaagamshah0812
 
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideChristina Lin
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxComplianceQuest1
 
Hand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxHand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxbodapatigopi8531
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsArshad QA
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdfWave PLM
 
Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...OnePlan Solutions
 
How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsAndolasoft Inc
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...OnePlan Solutions
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...ICS
 
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdfThe Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdfkalichargn70th171
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providermohitmore19
 
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AISyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AIABDERRAOUF MEHENNI
 
DNT_Corporate presentation know about us
DNT_Corporate presentation know about usDNT_Corporate presentation know about us
DNT_Corporate presentation know about usDynamic Netsoft
 
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerThousandEyes
 
Professional Resume Template for Software Developers
Professional Resume Template for Software DevelopersProfessional Resume Template for Software Developers
Professional Resume Template for Software DevelopersVinodh Ram
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...MyIntelliSource, Inc.
 
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...gurkirankumar98700
 
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...stazi3110
 

Recently uploaded (20)

Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial Goals
 
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language ModelsUnlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Models
 
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docx
 
Hand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxHand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptx
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview Questions
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf
 
Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...
 
How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.js
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
 
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdfThe Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service provider
 
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AISyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
 
DNT_Corporate presentation know about us
DNT_Corporate presentation know about usDNT_Corporate presentation know about us
DNT_Corporate presentation know about us
 
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
 
Professional Resume Template for Software Developers
Professional Resume Template for Software DevelopersProfessional Resume Template for Software Developers
Professional Resume Template for Software Developers
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
 
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
 
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
 

The gluu in an nstic pilot

  • 1. Last week, there was a lot of press around the the announcement of this year’s NSTIC pilots. Here at Gluu, we are excited to participate in one of these projects, and are hopeful that it will be a nice showcase for free open source wam software and the power of open standards for two factor security. The goal of this blog is to shed some light on how the Gluu Server will help this project come to life. Note, these are my thoughts as CEO of Gluu, and don’t necessarily reflect the opinion of MorpoTrust, the lead contractor, NIST, the State of North Carolina, or any of the other contractors.
  • 2. So what is this pilot about? In my opinion, it’s about one thing: electronic enrollment. You can think of enrollment as a kind of online registration. You know the drill–you need an account on a website, you fill out a form, pick a password, validate some “CAPTCHA”, perhaps validate your email, and you’re off to the races. However this ritual has a few weaknesses: there is not a strong link to an actual person. With a plethora of ways for hackers (or your friends) to figure out your passwords, control of an email account hardly provides much of an assurance that the actual person filled out the registration form. In identity geek parlance, we call “identity proofing” the process where you correlate a person to an electronic credential. Email validation is a very weak form of identity proofing, sufficient for only low value transactions. Today, in many situations, identity proofing requires you to show a printed government issued ID. As a person needs to transact more important business online, the strength of that identity-proofing process needs to also increase. Here is an extreme example, but it makes a point. Recently I was issued a US Dept. of Interior smart card. It was really a pain in the neck. I had to drive to Temple TX from Austin, which is 70 miles north. This was the nearest DOI office that was authorized to issue these cards. I presented two forms of valid ID. At that meeting, they collected high quality biometrics ( fingerprint and photo). Subsequently I was interviewed by the FBI at my office, and I provided contact information for my family and childhood friends. After background checks, my ID was ready. I asked for it to be FedEx’s.
  • 3. No way… I had to drive 70 miles back to Temple, TX. At which point, they verified the previously collected biometrics. And after some chit-chat, I was handed my smart card– 280 miles and four hours of driving later. I’ll say one thing: they were pretty darn sure that they handed that ID to Michael Schwartz. But it was an expensive and inconvenient process. The North Carolina Food and Nutrition Services Program online also needs to issue electronic credentials to citizens. As I understand it, some people in North Carolina who need the benefits offered by this program might be quite far from a physical office. Wouldn’t it be great if there was some way we could save them the drive? There are many reasons why this makes sense. But there is only one problem: there is no alternative to the “in person” identity proof. The magic in this pilot would be to develop an alternative to the in person identity proof by leveraging the sensors of a mobile device. Can the camera of a mobile device collect enough data to identify me as well as a person could do it? It’s not that far-fetched, especially for me (when I passed age 40, let’s just say my visual acuity isn’t what it used to be…) The precedent for electronic “non-in person” enrollment just doesn’t exist. But once it does, we could see many services that required in person identity proofing–like voting–have a better chance of becoming a reality.
  • 4. So what is the Gluu Server going to do to help make this magic happen? For those who have never heard of Gluu, we publish free open source Internet security software that is used by universities, government agencies and companies to enable Web and mobile applications to securely identify a person, and manage what information they are allowed to access. In this pilot, there are two critical authentications: the first time you enroll, we need to identify you using information gathered from the mobile device, and compared against information held by the State of North Carolina, and other contextual information (like your location). This authentication might be a little bit inconvenient, but it may save you hours of driving! After this initial authentication, we will use crypto techniques to enable you to re-authenticate very conveniently–without even using a password. The algorithms to do this identification (to do the image processing for example), or to detect fraud, are proprietary. I understand that these will be supplied by MorphoTrust and the University of Texas Identity Center.
  • 5. The Gluu Server is used to communicate with the mobile device, to communicate with servers that analyze the data secured inside the state environment. It is the “glue” (no pun intended) between the mobile device and the backend identification engine. Identifying a person is only half the battle. The second half of the battle is authorizing the person to web access management tools software certain protected APIs that will be used by the mobile application to do its business. The Gluu Sever provides a way for a domain (in this case the State of North Carolina), to define policies that can control which people, using which devices, can access which APIs. IT veterans may not be impressed. Oracle, IBM, and Computer Associates all have software that can perform this function. However, the Gluu Server is the only free open source platform that uses open standards to enable centralized access management. Ultimately, the vision of Gluu, and the vision of NSTIC area aligned: to make the Internet a safer place. It’s an honor to participate in such an effort, and we’re looking forward to serving the citizens of North Carolina to the best of our ability. Article resource:-https://sites.google.com/site/thegluuserver/the-gluu-in-an-nstic-pilot