A RESTful Approach to Identity-based Web Services
|
|
- Kristina Cross
- 5 years ago
- Views:
Transcription
1 A RESTful Approach to Identity-based Web Services Marc J. Hadley Hubert A. Le Van Gong Sun Microsystems, Inc. 1
2 Outline > Identity-based web services intro > RESTful ID-WSF > OAuth Extensions > Permissioned Data Sharing 2 2
3 Identity-based Web Services? 3 3
4 Identity-based Web Services? Who Identifying the parties Sender Invoker Recipient Target 3 3
5 Identity-based Web Services? Who Identifying the parties Sender Invoker Recipient Target What Resource Locating Addressing 3 3
6 Identity-based Web Services? Who Identifying the parties Sender Invoker Recipient Target What Resource Locating Addressing How Framework Transport Philosophy Security 3 3
7 Identity-based Web Services? Who Identifying the parties Sender Invoker Recipient Target What Resource Locating Addressing How Framework Transport Philosophy Security Why Agreement Policy Privacy 3 3
8 One way to look at it > You surf the web Authenticated once Seamlessly logged in to other sites Single sign-on > You purchase airline tickets & move to another country Your online calendar is updated Your magazine subscription follows Delegated Authorization 4 4
9 # my identities Evolution & Issues # online apps # online relationships 5 5
10 # my identities Evolution & Issues 1 Web browsing, search... # online apps # online relationships 5 5
11 # my identities Evolution & Issues Online banking, n 1 Web browsing, search... n # online apps # online relationships 5 5
12 Evolution & Issues # my identities y Photo sharing, blogs, IM... 3 n Online banking, Web browsing, search... n x # online apps z # online relationships 5 5
13 Evolution & Issues # my identities y Photo sharing, blogs, IM... 3 n Online banking, Web browsing, search... n x # online apps z 4 What we want!! # online relationships 5 5
14 A Continuum of Solutions > Delegated Authentication Single Sign On > Attribute Exchange WS-Federation OpenID SAML Liberty ID-WSF > Delegated Authorization Sharing of attributes OAuth WS-* Some cover it all
15 RESTful? REST is an Architectural Style Set of constraints you apply to the architecture of a distributed system to induce desirable properties RESTful Web Services Application of REST architectural style to services that utilize Web standards Key elements Resources identified by URIs Standard set of methods with well-defined semantics Resource representation format identified with media types Responses contain links that clients traverse to navigate application state Stateless communications 7 7
16 Reduced coupling 8 Why RESTful? Reach Services easily consumed by a variety of clients Alignment Services are part of the Web Services work well with existing infrastructure Bookmark-able Browser friendly Scalable Horizontal scaling Cache friendly Straightforward failover 8
17 First Foray: RESTful ID-WSF > Starting point: Liberty ID-WSF 2.0 Identity-based Web Services Framework Builds on top of Identity federation (e.g. SAML) Provides framework for Data sharing Privacy & security protection Some nice features like Data service template (DST) Interaction service People service 9 9
18 First Foray: RESTful ID-WSF Typical Scenario 10 10
19 First Foray: RESTful ID-WSF Same overall approach Service Association 1 Service Discovery 2 Service Invocation 3 But
20 RESTful Approach - Some key differences > Resource location Resource in SOAP == service endpoint + owner identity Resource in REST == represented by an endpoint (URI) > URI (a resource) MUST be cachable & bookmarkable Correlation issues that potentially require additional security mechanisms > Resource Access SOAP operations define in, say Liberty ID-WSF, overlap with HTTPʼs CRUD operations 12 12
21 RESTful ID-WSF - Service Association > A 2-steps process Registration of a service metadata to a Discovery Service 13 13
22 RESTful ID-WSF - Service Association 14 14
23 RESTful ID-WSF - Service Discovery 15 15
24 RESTful ID-WSF - Service Invocation > Classic use of HTTP CRUD operations but... Add a security token obtained at discovery time Possible use of XPATH-based queries Within the body of the message As parameters of the URI 16 16
25 First Foray: RESTful ID-WSF 17 17
26 Approaching from Another Angle: Extending OAuth OAuth in a Jiffy... HTTP-based protocol Delegated Authorization Allow a service consumer to access a resource hosted at a service provider Browser and non-browser based user authz / consent Signature mechanism to secure HTTP messages However, OAuth core does not support our use cases
27 Approaching from Another Angle: Extending OAuth What follows are ideas being worked on Conveying identity tokens Provisioning & discovering services Leveraging XRDS to describe a userʼs services VRM / Permissioned based data sharing 19 19
28 Extending OAuth - Conveying Identities Alice Hike.com (Alice) Event.com (Bob) 20 20
29 Extending OAuth - Conveying Identities Alice Hike.com (Alice) hiking friends Portable Contact Event.com (Bob) 20 20
30 Extending OAuth - Conveying Identities Alice Hike.com (Alice) hiking friends Portable Contact Event.com (Bob) 20 20
31 Extending OAuth - Conveying Identities Alice Hike.com (Alice) hiking friends Portable Contact ID token A IdP/OP (Alice) ID token A Event.com (Bob) 20 20
32 Extending OAuth - Conveying Identities Alice Hike.com (Alice) hiking friends Portable Contact ID token A IdP/OP (Alice) ID token A ID token A OpenID ID or A... Event.com (Bob) 20 20
33 Extending OAuth - Conveying Identities Alice Hike.com (Alice) hiking friends Portable Contact ID token A IdP/OP (Alice) ID token A ID token A OpenID ID or A... Event.com (Bob) membership query Is A in set for B? Portable Contact 20 20
34 Extending OAuth - Service Provisioning 21 21
35 Permissioned Data Sharing disclose site that consumes data 22 22
36 Typical Federated-Identity Solution identity provider, discovery service... authorize disclose store consumer, relying party, web service consumer... service provider, attribute authority, web service provider
37 OAuth Solution disclose store consumer authorize service provider 24 24
38 Functional Requirements > Support the notion of a "relationship management" service that an individual can access as an interface mode separate from authenticating to networked applications > Allow an individual to select policies and enforceable contract terms that govern the granting of responding-service access to requesting services > Allow an individual to conduct short-term and long-term management of access relationships, including modifying the conditions of access or terminating the relationship entirely > Allow an individual to audit and monitor various aspects of access relationships > Allow requesting services to interact directly with responding services in a fashion guided by policy while an individual is offline, reserving real-time user approval for extraordinary circumstances > Allow requesting services to interact with multiple responding services associated with the same individual 25 25
39 Relationship Manager Solution disclose store consumer contract authorize service provider relationship manager 26 26
40 Relationship Manager Solution disclose store consumer contract authorize service provider relationship manager identity provider, discovery service 26 26
41 High-Level Overview of Interactions 27 27
42 Next Steps for This Work Further use case development IIW and other venues... Protocol development in Kantara Coordinating with related communities OAuth, CX, XACML, uapprove, Mine!, Mydex, r-cards... Seeking collaboration on implementations OpenSSOʼs OAuth extension (imminently) Other open source projects 28 28
43 Useful Technologies... > Jersey ( RESTful framework for Java developers > OAuth Signature Library (both client & server) Java-based - smooth integration with Jersey (filters) RESTful implementation. > OpenSSO ( Access management, SSO etc
44 Conclusion > Still early days for this work > Lots of compelling use cases > Protocols under active developments OAuth (community & IETF), Kantara Initiative etc. XRDS
45 Marc J. Hadley Hubert A. Le Van Gong marc.hadley at Sun.Com hubert.levangong at Sun.Com
UMA and Dynamic Client Registration. Thomas Hardjono on behalf of the UMA Work Group
UMA and Dynamic Client Registration Thomas Hardjono on behalf of the UMA Work Group 1 UMA is... A web protocol that lets you control authorization of data sharing and service access made on your behalf
More informationREST/SOAP Harmonization proposal for Identity-based Web-Services
1 2 3 4 5 6 7 8 9 REST/SOAP Harmonization proposal for Identity-based Web-Services Version: 0.4 Date: 2012-10-16 10 11 Editor: Contributors: Gaël Gourmelen, Orange 12 13 14 15 16 17 18 19 20 21 22 23 24
More informationAdvanced Client Conor P. Cahill Systems Technology Lab Intel Corporation
Advanced Client Conor P. Cahill Systems Technology Lab Intel Corporation Disclaimer This presentation discusses work-in-progress within the Liberty Alliance Technology Expert Group. The end result of the
More informationThe Business of Identity: Business Drivers and Use Cases of Identity Web Services
The Business of Identity: Business Drivers and Use Cases of Identity Web Services Roger Sullivan, Vice President, Liberty Alliance Vice President, Oracle Corporation Liberty s Architecture Liberty Identity
More informationMashing Up, Wiring Up, Gearing Up: Solving Multi-Protocol Problems in Identity
www.oasis-open.org Mashing Up, Wiring Up, Gearing Up: Solving Multi-Protocol Problems in Identity Eve Maler eve.maler@sun.com 1 A few notes about me and this talk Some relevant affiliations/perspectives:
More informationISA 767, Secure Electronic Commerce Xinwen Zhang, George Mason University
Identity Management and Federated ID (Liberty Alliance) ISA 767, Secure Electronic Commerce Xinwen Zhang, xzhang6@gmu.edu George Mason University Identity Identity is the fundamental concept of uniquely
More informationGlobal Reference Architecture: Overview of National Standards. Michael Jacobson, SEARCH Diane Graski, NCSC Oct. 3, 2013 Arizona ewarrants
Global Reference Architecture: Overview of National Standards Michael Jacobson, SEARCH Diane Graski, NCSC Oct. 3, 2013 Arizona ewarrants Goals for this Presentation Define the Global Reference Architecture
More informationUser-Managed Access (UMA)
User-Managed Access (UMA) Joni Brennan, Kantara Managing Director Eve Maler, PayPal, UMA WG chair ITU-T Q10/17 Identity Summit 10 December 2010 (feel free to send questions to @xmlgrrl) 1 Privacy is not
More informationTutorial: Building the Services Ecosystem
Tutorial: Building the Services Ecosystem GlobusWorld 2018 Steve Tuecke tuecke@globus.org What is a services ecosystem? Anybody can build services with secure REST APIs App Globus Transfer Your Service
More informationWarm Up to Identity Protocol Soup
Warm Up to Identity Protocol Soup David Waite Principal Technical Architect 1 Topics What is Digital Identity? What are the different technologies? How are they useful? Where is this space going? 2 Digital
More informationIdentity management. Tuomas Aura CSE-C3400 Information security. Aalto University, autumn 2014
Identity management Tuomas Aura CSE-C3400 Information security Aalto University, autumn 2014 Outline 1. Single sign-on 2. SAML and Shibboleth 3. OpenId 4. OAuth 5. (Corporate IAM) 6. Strong identity 2
More informationMoving Digital Identity to the Cloud, a Fundamental Shift in rethinking the enterprise collaborative model.
TEG Progress Update Moving Digital Identity to the Cloud, a Fundamental Shift in rethinking the enterprise collaborative model. Fulup Ar Foll Master Architect Sun Microsystems Fulup@sun.com 1 What is the
More informationFederated Web Services with Mobile Devices
Federated Web Services with Mobile Devices Rajeev Angal Architect Sun Microsystems Pat Patterson Architect Sun Microsystems Session TS-6673 Copyright 2006, Sun Microsystems, Inc., All rights reserved.
More information[GSoC Proposal] Securing Airavata API
[GSoC Proposal] Securing Airavata API TITLE: Securing AIRAVATA API ABSTRACT: The goal of this project is to design and implement the solution for securing AIRAVATA API. Particularly, this includes authenticating
More informationSentinet for BizTalk Server SENTINET
Sentinet for BizTalk Server SENTINET Sentinet for BizTalk Server 1 Contents Introduction... 2 Sentinet Benefits... 3 SOA and API Repository... 4 Security... 4 Mediation and Virtualization... 5 Authentication
More informationAuthentication in the Cloud. Stefan Seelmann
Authentication in the Cloud Stefan Seelmann Agenda Use Cases View Points Existing Solutions Upcoming Solutions Use Cases End user needs login to a site or service End user wants to share access to resources
More informationINDIGO AAI An overview and status update!
RIA-653549 INDIGO DataCloud INDIGO AAI An overview and status update! Andrea Ceccanti (INFN) on behalf of the INDIGO AAI Task Force! indigo-aai-tf@lists.indigo-datacloud.org INDIGO Datacloud An H2020 project
More informationConsuming Office 365 REST API. Paolo Pialorsi PiaSys.com
Consuming Office 365 REST API Paolo Pialorsi paolo@pialorsi.com PiaSys.com About me Project Manager, Consultant, Trainer About 50 Microsoft certification exams passed, including MC(S)M MVP Office 365 Focused
More informationLiferay Security Features Overview. How Liferay Approaches Security
Liferay Security Features Overview How Liferay Approaches Security Table of Contents Executive Summary.......................................... 1 Transport Security............................................
More informationSAML-Based SSO Solution
About SAML SSO Solution, page 1 SAML-Based SSO Features, page 2 Basic Elements of a SAML SSO Solution, page 2 SAML SSO Web Browsers, page 3 Cisco Unified Communications Applications that Support SAML SSO,
More informationRESTful API Design APIs your consumers will love
RESTful API Design APIs your consumers will love Matthias Biehl RESTful API Design Copyright 2016 by Matthias Biehl All rights reserved, including the right to reproduce this book or portions thereof in
More informationIdentität und Autorisierung als Grundlage für sichere Web-Services. Dr. Hannes P. Lubich IT Security Strategist
Identität und Autorisierung als Grundlage für sichere Web-Services Dr. Hannes P. Lubich IT Security Strategist The Web Services Temptation For every $1 spent on software $3 to $5 is spent on integration
More informationTAS 3 Architecture. Sampo Kellomäki Symlabs , ServiceWave, Stockholm
TAS 3 Architecture Sampo Kellomäki (sampo@symlabs.com), Symlabs 23.11.2009, ServiceWave, Stockholm The research leading to these results has received funding from the European Community s Seventh Framework
More informationOPENID CONNECT 101 WHITE PAPER
OPENID CONNECT 101 TABLE OF CONTENTS 03 04 EXECUTIVE OVERVIEW WHAT IS OPENID CONNECT? Connect Terminology Relationship to OAuth 08 Relationship to SAML CONNECT IN MORE DETAIL Trust Model Discovery Dynamic
More informationSAML-Based SSO Solution
About SAML SSO Solution, page 1 Single Sign on Single Service Provider Agreement, page 2 SAML-Based SSO Features, page 2 Basic Elements of a SAML SSO Solution, page 3 Cisco Unified Communications Applications
More informationIntroduction to Web Services & SOA
References: Web Services, A Technical Introduction, Deitel & Deitel Building Scalable and High Performance Java Web Applications, Barish Web Service Definition The term "Web Services" can be confusing.
More information1 Copyright 2011, Oracle and/or its affiliates. All rights reserved.
1 Copyright 2011, Oracle and/or its affiliates. All rights Web Services and SOA Integration Options for Oracle E-Business Suite Rajesh Ghosh, Group Manager, Applications Technology Group Abhishek Verma,
More informationMajor SAML 2.0 Changes. Nate Klingenstein Internet2 EuroCAMP 2007 Helsinki April 17, 2007
Major SAML 2.0 Changes Nate Klingenstein Internet2 EuroCAMP 2007 Helsinki April 17, 2007 Tokens, Protocols, Bindings, and Profiles Tokens are requests and assertions Protocols bindings are communication
More informationChapter 17 Web Services Additional Topics
Prof. Dr.-Ing. Stefan Deßloch AG Heterogene Informationssysteme Geb. 36, Raum 329 Tel. 0631/205 3275 dessloch@informatik.uni-kl.de Chapter 17 Web Services Additional Topics Prof. Dr.-Ing. Stefan Deßloch
More informationBuilding the Modern Research Data Portal using the Globus Platform. Rachana Ananthakrishnan GlobusWorld 2017
Building the Modern Research Data Portal using the Globus Platform Rachana Ananthakrishnan rachana@globus.org GlobusWorld 2017 Platform Questions How do you leverage Globus services in your own applications?
More informationKerberos for the Web Current State and Leverage Points
Kerberos for the Web Current State and Leverage Points Executive Advisory Board Meeting and Financial Services Security Summit New York, 3-4 November 2008. Towards Kerberizing Web Identity and Services
More informationBest Practices: Authentication & Authorization Infrastructure. Massimo Benini HPCAC - April,
Best Practices: Authentication & Authorization Infrastructure Massimo Benini HPCAC - April, 03 2019 Agenda - Common Vocabulary - Keycloak Overview - OAUTH2 and OIDC - Microservices Auth/Authz techniques
More informationCitrix Analytics Data Governance Collection, storage, and retention of logs generated in connection with Citrix Analytics service.
Citrix Analytics Data Governance Collection, storage, and retention of logs generated in connection with Citrix Analytics service. Citrix.com Data Governance For up-to-date information visit: This section
More informationIntroduction to Web Services & SOA
References: Web Services, A Technical Introduction, Deitel & Deitel Building Scalable and High Performance Java Web Applications, Barish Service-Oriented Programming (SOP) SOP A programming paradigm that
More informationTechnical Overview. Version March 2018 Author: Vittorio Bertola
Technical Overview Version 1.2.3 26 March 2018 Author: Vittorio Bertola vittorio.bertola@open-xchange.com This document is copyrighted by its authors and is released under a CC-BY-ND-3.0 license, which
More informationPrivacy-Enabled NFTs: User-Mintable, Non-Fungible Tokens With Private Off-Chain Data
Privacy-Enabled NFTs: User-Mintable, Non-Fungible Tokens With Private Off-Chain Data Philip Stehlik Lucas Vogelsang August 8, 2018 1 Abstract Privacy-enabled NFTs (non-fungible tokens) are user-mintable
More informationMicrosoft Architecting Microsoft Azure Solutions.
Microsoft 70-535 Architecting Microsoft Azure Solutions https://killexams.com/pass4sure/exam-detail/70-535 QUESTION: 106 Your organization has developed and deployed several Azure App Service Web and API
More informationNovell Access Manager 3.1
Technical White Paper IDENTITY AND SECURITY www.novell.com Novell Access Manager 3.1 Access Control, Policy Management and Compliance Assurance Novell Access Manager 3.1 Table of Contents: 2..... Complete
More informationIdentity management. Tuomas Aura T Information security technology. Aalto University, autumn 2011
Identity management Tuomas Aura T-110.4206 Information security technology Aalto University, autumn 2011 Outline 1. Single sign-on 2. OpenId 3. SAML and Shibboleth 4. Corporate IAM 5. Strong identity 2
More informationNetwork Security Essentials
Network Security Essentials Fifth Edition by William Stallings Chapter 4 Key Distribution and User Authentication No Singhalese, whether man or woman, would venture out of the house without a bunch of
More informationDirect, DirectTrust, and FHIR: A Value Proposition
Direct, DirectTrust, and FHIR: A Value Proposition August 10, 2017 Authors: Grahame Grieve, HL7 Product Director for FHIR; David Kibbe, Luis Maas, Greg Meyer, and Bruce Schreiber, members of the DirectTrust
More informationSOLUTION ARCHITECTURE AND TECHNICAL OVERVIEW. Decentralized platform for coordination and administration of healthcare and benefits
SOLUTION ARCHITECTURE AND TECHNICAL OVERVIEW Decentralized platform for coordination and administration of healthcare and benefits ENABLING TECHNOLOGIES Blockchain Distributed ledgers Smart Contracts Relationship
More informationGmail Integration for Salesforce and Dynamics 365
Gmail Integration for Salesforce and Dynamics 365 PRIVACY POLICY LAST MODIFIED: MARCH 12, 2019 2019 Introduction Welcome to Gmail Integration for Salesforce and Dynamics 365, a service provided by Akvelon,
More informationEnterprise SOA Experience Workshop. Module 8: Operating an enterprise SOA Landscape
Enterprise SOA Experience Workshop Module 8: Operating an enterprise SOA Landscape Agenda 1. Authentication and Authorization 2. Web Services and Security 3. Web Services and Change Management 4. Summary
More informationIntegration Guide. SafeNet Authentication Service. Using SAS as an Identity Provider for Better MDM
SafeNet Authentication Service Integration Guide Technical Manual Template Release 1.0, PN: 000-000000-000, Rev. A, March 2013, Copyright 2013 SafeNet, Inc. All rights reserved. 1 Document Information
More informationLesson 13 Securing Web Services (WS-Security, SAML)
Lesson 13 Securing Web Services (WS-Security, SAML) Service Oriented Architectures Module 2 - WS Security Unit 1 Auxiliary Protocols Ernesto Damiani Università di Milano element This element
More informationThe Identity Web An Overview of XNS and the OASIS XRI TC
The Identity Web An Overview of XNS and the OASIS XRI TC XML WG December 17, 2002 Marc LeMaitre VP Technology Strategy OneName Corporation Goals of this presentation Introduce the idea of the Identity
More informationAPI Security Management SENTINET
API Security Management SENTINET Overview 1 Contents Introduction... 2 Security Models... 2 Authentication... 2 Authorization... 3 Security Mediation and Translation... 5 Bidirectional Security Management...
More informationINTRODUCTION TO THE STATE OF MICHIGAN S SHAREPOINT ENVIRONMENT
INTRODUCTION TO THE STATE OF MICHIGAN S SHAREPOINT ENVIRONMENT WHAT IS SHAREPOINT? The State of Michigan is using SharePoint services to create intranet sites and team rooms to share information and foster
More informationSee What's Coming in Oracle CPQ Cloud
See What's Coming in Oracle CPQ Cloud Release 2015 R1 Release Content Document 1 TABLE OF CONTENTS ORACLE CPQ CLOUD... 3 End User Enhancements... 3 Desktop Performance Enhancements... 3 Easy Administration...
More informationPartner Center: Secure application model
Partner Center: Secure application model The information provided in this document is provided "as is" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including
More information04 Webservices. Web APIs REST Coulouris. Roy Fielding, Aphrodite, chp.9. Chp 5/6
04 Webservices Web APIs REST Coulouris chp.9 Roy Fielding, 2000 Chp 5/6 Aphrodite, 2002 http://www.xml.com/pub/a/2004/12/01/restful-web.html http://www.restapitutorial.com Webservice "A Web service is
More informationBT Assure Cloud Identity Annex to the General Service Schedule
1 Defined Terms The following definitions apply, in addition to those in the General Terms and Conditions and the General Service Schedule of the Agreement. Administrator means a Customer-authorised person
More informationForgeRock Access Management Core Concepts AM-400 Course Description. Revision B
ForgeRock Access Management Core Concepts AM-400 Course Description Revision B ForgeRock Access Management Core Concepts AM-400 Description This structured course comprises a mix of instructor-led lessons
More informationAllowing the user to define the attribute release 21 May 2014
Allowing the user to define the attribute release policy @TNC2014 21 May 2014 Program Introduction to User Managed Access (UMA) Demo A GN3+ JRA3T2 work item User Managed Access Kantara project.. address
More informationWEB-202: Building End-to-end Security for XML Web Services Applied Techniques, Patterns and Best Practices
WEB-202: Building End-to-end Security for XML Web Services Applied Techniques, Patterns and Best Practices Chris Steel, Ramesh Nagappan, Ray Lai www.coresecuritypatterns.com February 16, 2005 15:25 16:35
More informationSecuring APIs and Microservices with OAuth and OpenID Connect
Securing APIs and Microservices with OAuth and OpenID Connect By Travis Spencer, CEO @travisspencer, @curityio Organizers and founders ü All API Conferences ü API Community ü Active blogosphere 2018 Platform
More informationDistribution and web services
Chair of Software Engineering Carlo A. Furia, Bertrand Meyer Distribution and web services From concurrent to distributed systems Node configuration Multiprocessor Multicomputer Distributed system CPU
More informationUser Guide. Version R94. English
AuthAnvil User Guide Version R94 English March 8, 2017 Copyright Agreement The purchase and use of all Software and Services is subject to the Agreement as defined in Kaseya s Click-Accept EULATOS as updated
More informationCA SiteMinder Web Services Security
CA SiteMinder Web Services Security Policy Configuration Guide 12.52 This Documentation, which includes embedded help systems and electronically distributed materials, (hereinafter referred to as the Documentation
More informationIntroduction to application management
Introduction to application management To deploy web and mobile applications, add the application from the Centrify App Catalog, modify the application settings, and assign roles to the application to
More informationIBM Security Access Manager Version 9.0 October Product overview IBM
IBM Security Access Manager Version 9.0 October 2015 Product overview IBM IBM Security Access Manager Version 9.0 October 2015 Product overview IBM ii IBM Security Access Manager Version 9.0 October 2015:
More informationColligo Console. Administrator Guide
Colligo Console Administrator Guide Contents About this guide... 6 Audience... 6 Requirements... 6 Colligo Technical Support... 6 Introduction... 7 Colligo Console Overview... 8 Colligo Console Home Page...
More informationMiddleware, Ten Years In: Vapority into Reality into Virtuality
Middleware, Ten Years In: Vapority into Reality into Virtuality Dr. Ken Klingenstein, Senior Director, Middleware and Security, Internet2 Technologist, University of Colorado at Boulder Topics Middleware,
More informationICENI: An Open Grid Service Architecture Implemented with Jini Nathalie Furmento, William Lee, Anthony Mayer, Steven Newhouse, and John Darlington
ICENI: An Open Grid Service Architecture Implemented with Jini Nathalie Furmento, William Lee, Anthony Mayer, Steven Newhouse, and John Darlington ( Presentation by Li Zao, 01-02-2005, Univercité Claude
More informationAttribute Aggregation in Federated Identity Management. David Chadwick, George Inman, Stijn Lievens University of Kent
Attribute Aggregation in Federated Identity Management David Chadwick, George Inman, Stijn Lievens University of Kent Acknowledgements Project originally funded by UK JISC, called Shintau http://sec.cs.kent.ac.uk/shintau/
More informationImplementing a Ground Service- Oriented Architecture (SOA) March 28, 2006
Implementing a Ground Service- Oriented Architecture (SOA) March 28, 2006 John Hohwald Slide 1 Definitions and Terminology What is SOA? SOA is an architectural style whose goal is to achieve loose coupling
More informationNimsoft Service Desk. Single Sign-On Configuration Guide. [assign the version number for your book]
Nimsoft Service Desk Single Sign-On Configuration Guide [assign the version number for your book] Legal Notices Copyright 2012, CA. All rights reserved. Warranty The material contained in this document
More informationDIX BOF Digital Identity exchange. 65 th IETF, Dallas March 21 st 2006
DIX BOF Digital Identity exchange 65 th IETF, Dallas March 21 st 2006 Welcome and Introductions Chair Scott Hollenbeck, shollenbeck@verisign.com Chair John Merrells, merrells@sxip.com Wiki http://dixs.org
More informationGDPR, PSD2, CIAM, and the Role of User-Managed Access 2.0
GDPR, PSD2, CIAM, and the Role of User-Managed Access 2.0 Eve Maler VP Innovation & Emerging Technology, ForgeRock @xmlgrrl eve.maler@forgerock.com Chair and founder, Kantara UMA Work Group @UMAWG tinyurl.com/umawg
More informationConnect. explained. Vladimir Dzhuvinov. :
Connect explained Vladimir Dzhuvinov Email: vladimir@dzhuvinov.com : Twitter: @dzhivinov Married for 15 years to Java C Python JavaScript JavaScript on a bad day So what is OpenID Connect? OpenID Connect
More informationSingle Sign-On for PCF. User's Guide
Single Sign-On for PCF Version 1.2 User's Guide 2018 Pivotal Software, Inc. Table of Contents Table of Contents Single Sign-On Overview Installation Getting Started with Single Sign-On Manage Service Plans
More informationScience-as-a-Service
Science-as-a-Service The iplant Foundation Rion Dooley Edwin Skidmore Dan Stanzione Steve Terry Matthew Vaughn Outline Why, why, why! When duct tape isn t enough Building an API for the web Core services
More informationCirius Secure Messaging Enterprise Dedicated Cloud
Secure messaging and message control that is flexible to data jurisdiction, integrates rapidly into Office 365 and Outlook, and supports regulatory compliance. Enterprise organizations are recognizing
More informationOMA Web Services Network Identity Architecture
OMA Web Services Network Identity Architecture Candidate Version 1.0 20 Dec 2005 Open Mobile Alliance OMA-AD-OWSER_NI-V1_0-20051220-C OMA-AD-OWSER_NI-V1_0-20051220-C Page 2 (25) Use of this document is
More informationBEYOND AUTHENTICATION IDENTITY AND ACCESS MANAGEMENT FOR THE MODERN ENTERPRISE
BEYOND AUTHENTICATION IDENTITY AND ACCESS MANAGEMENT FOR THE MODERN ENTERPRISE OUR ORGANISATION AND SPECIALIST SKILLS Focused on delivery, integration and managed services around Identity and Access Management.
More informationAPI Security Management with Sentinet SENTINET
API Security Management with Sentinet SENTINET Overview 1 Contents Introduction... 2 Security Mediation and Translation... 3 Security Models... 3 Authentication... 4 Authorization... 5 Bidirectional Security
More informationWill open standards increase ecommerce?
Liberty Alliance Project Open Standards for Network Identity Will open standards increase ecommerce? Bill Smith Director, Liberty Alliance Technology Sun Microsystems Permissions The author has graciously
More informationNIELSEN API PORTAL USER REGISTRATION GUIDE
NIELSEN API PORTAL USER REGISTRATION GUIDE 1 INTRODUCTION In order to access the Nielsen API Portal services, there are three steps that need to be followed sequentially by the user: 1. User Registration
More informationIdentity Provider for SAP Single Sign-On and SAP Identity Management
Implementation Guide Document Version: 1.0 2017-05-15 PUBLIC Identity Provider for SAP Single Sign-On and SAP Identity Management Content 1....4 1.1 What is SAML 2.0.... 5 SSO with SAML 2.0.... 6 SLO with
More informationBuilding the Modern Research Data Portal. Developer Tutorial
Building the Modern Research Data Portal Developer Tutorial Thank you to our sponsors! U. S. DEPARTMENT OF ENERGY 2 Presentation material available at www.globusworld.org/workshop2016 bit.ly/globus-2016
More informationSUN. Java Platform Enterprise Edition 6 Web Services Developer Certified Professional
SUN 311-232 Java Platform Enterprise Edition 6 Web Services Developer Certified Professional Download Full Version : http://killexams.com/pass4sure/exam-detail/311-232 QUESTION: 109 What are three best
More informationFrom UseCases to Specifications
From UseCases to Specifications Fulup Ar Foll Liberty Technical Expert Group Master Architect, Global Software Practice Sun Microsystems Why Identity Related Services? Identity-enabling: Exposes identity
More informationGrid Middleware and Globus Toolkit Architecture
Grid Middleware and Globus Toolkit Architecture Lisa Childers Argonne National Laboratory University of Chicago 2 Overview Grid Middleware The problem: supporting Virtual Organizations equirements Capabilities
More informationCloud Access Manager Configuration Guide
Cloud Access Manager 8.1.3 Configuration Guide Copyright 2017 One Identity LLC. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described in this guide
More informationEnhancing cloud applications by using external authentication services. 2015, 2016 IBM Corporation
Enhancing cloud applications by using external authentication services After you complete this section, you should understand: Terminology such as authentication, identity, and ID token The benefits of
More information5 OAuth EssEntiAls for APi AccEss control layer7.com
5 OAuth Essentials for API Access Control layer7.com 5 OAuth Essentials for API Access Control P.2 Introduction: How a Web Standard Enters the Enterprise OAuth s Roots in the Social Web OAuth puts the
More informationDatapower is both a security appliance & can provide a firewall mechanism to get into Systems of Record
1 2 3 Datapower is both a security appliance & can provide a firewall mechanism to get into Systems of Record 5 White boxes show the access points for different kinds of security. That s what we will
More informationDeveloping Microsoft Azure Solutions (70-532) Syllabus
Developing Microsoft Azure Solutions (70-532) Syllabus Cloud Computing Introduction What is Cloud Computing Cloud Characteristics Cloud Computing Service Models Deployment Models in Cloud Computing Advantages
More informationCipherPost Pro Enterprise Dedicated Cloud
Feature Sheet CipherPost Pro Enterprise Dedicated Cloud Secure messaging and message control that is flexible to data jurisdiction, integrates rapidly into Office 365 and Outlook and supports regulatory
More informationCentrify for Dropbox Deployment Guide
CENTRIFY DEPLOYMENT GUIDE Centrify for Dropbox Deployment Guide Abstract Centrify provides mobile device management and single sign-on services that you can trust and count on as a critical component of
More informationThe EGI AAI CheckIn Service
The EGI AAI CheckIn Service Kostas Koumantaros- GRNET On behalf of EGI-Engage JRA1.1 www.egi.eu EGI-Engage is co-funded by the Horizon 2020 Framework Programme of the European Union under grant number
More informationHow to use or not use the AWS API Gateway for Microservices
How to use or not use the AWS API Gateway for Microservices Presented by Dr. Martin Merck Wednesday 26 September 2018 What is an API Gateway Traits AWS API Gateway Features of API gateway OAuth2.0 Agenda
More informationDeveloping Microsoft Azure Solutions (70-532) Syllabus
Developing Microsoft Azure Solutions (70-532) Syllabus Cloud Computing Introduction What is Cloud Computing Cloud Characteristics Cloud Computing Service Models Deployment Models in Cloud Computing Advantages
More informationSlack Connector. Version 2.0. User Guide
Slack Connector Version 2.0 User Guide 2015 Ping Identity Corporation. All rights reserved. PingFederate Slack Connector User Guide Version 2.0 December, 2015 Ping Identity Corporation 1001 17th Street,
More informationINTEGRATING OKTA: VMWARE WORKSPACE ONE OPERATIONAL TUTORIAL VMware Workspace ONE
GUIDE AUGUST 2018 PRINTED 4 MARCH 2019 INTEGRATING OKTA: VMWARE WORKSPACE ONE OPERATIONAL TUTORIAL VMware Workspace ONE Table of Contents Overview Introduction Purpose Audience Integrating Okta with VMware
More informationebusiness Suite goes SOA
ebusiness Suite goes SOA Ulrich Janke Oracle Consulting Safe Harbor Statement The following is intended to outline our general product direction. It is intended for information purposes only, and may not
More informationExpose Existing z Systems Assets as APIs to extend your Customer Reach
Expose Existing z Systems Assets as APIs to extend your Customer Reach Unlocking mainframe assets for mobile and cloud applications Asit Dan z Services API Management, Chief Architect asit@us.ibm.com Insert
More informationOracle Developer Day
Oracle Developer Day Sponsored by: Track # 1: Session #2 Web Services Speaker 1 Agenda Developing Web services Architecture, development and interoperability Quality of service Security, reliability, management
More informationAccess Control Service Oriented Architecture
http://www.cse.wustl.edu/~jain/cse571-09/ftp/soa/index.html 1 of 13 Access Control Service Oriented Architecture Security Yoon Jae Kim, yj1dreamer AT gmail.com (A project report written under the guidance
More information