SlideShare ist ein Scribd-Unternehmen logo

Layer 7: Identity Enabled SOA Governance

CA API Management
CA API Management

Ross Altman, CTO, SOA and BI, Sun Microsystems and Adam Vincent, Federal Technical Director, Layer7 Technologies present SOA Governacne

Technologie
1 von 18
Ross Altman - CTO, SOA and BI, Sun Microsystems Adam Vincent – Federal Technical Director, Layer7 Technologies Identity-Enabled SOA Governance
What is SOA Governance? ,[object Object],[object Object],[object Object],[object Object]
What’s included in SOA Governance? ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Why is SOA Governance important? ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Why is SOA Governance important? ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
An SOA Governance Scenario ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Benefits of SOA Governance IT Benefits ,[object Object],[object Object],[object Object],[object Object],[object Object],Business Benefits ,[object Object],[object Object],[object Object],[object Object],[object Object]
Policy-Centric Governance ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Run Time SOA Governance Enforces Governance Service Rules - Policies ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Runtime Policy Framework Corporate Policy Drivers (Inputs) - Governance - Compliance - Security Security - WS - Security - X509TokenProfile - SAMLTokenProfile - XML Encryption - XML Signatures Runtime Policy Framework Corporate Architectural Drivers (Inputs) - Flexibility and Reuse - Platform Independence - Integration with existing infrastructure - Security, Scalability, Availability, Performance Transport - HTTP - TLS - JMS SLA - Response Time - Availability - IP Range, ToD - Throughput Limits - Non - repudiation Message X - Form - Versioning - Localization - DS (ACORD, FIX) Reliability - WS - RM Threat Protection - Schema Validation - Virus Scanning - Attachments Platform - Load Balancing - WS - Addressing Registry/Repository (metadata)
Policy Central to SOA Governance Define and author corporate policies: Privacy, Integrity, Non-repudiation Identity, Access control, Credentials Reliability, performance, scalability Reusability/Discoverability Compliance to industry and corporate standards Conformance to technical standards – WS-I, SOAP, WSDL, WS-S, WSRM etc. Deploy and configure services according to policies: Physical endpoints Routing, load balancing, transport Service Level Agreements Identity stores, Access decision points Enforce policies at the edge and in the core: Alerts, Reports, Audit trails Monitor compliance with policies: Manage alerts Generate reports Forensics and Audit trails
Identity Crucial to SOA Governance ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Policy-centric SOA Governance Architectural View Policy Enforcement Policy Definition XML Gateway (policy enforcement)‏ XML VPN (client policy coordination)‏ Consumer Service XML VPN (client policy coordination)‏ Last Mile Extender (endpoint agent)‏ Last Mile Extender (endpoint agent)‏ Identity / Trust Identity / Trust Policy Definition Reg / Rep Sun Layer7
Scenario: Richer Credential Options L7 + Sun FAM ,[object Object],[object Object],[object Object],[object Object]
Scenario: Advanced SAML Processing Blue’s Identity Server Organization Green Michelle Dimitri Program X Green’s Identity Server Organization Blue Trust Federation ID Provider & Security Token Service Authentication Responsibility STS Token Orchestration & Caching Layer Federation Policy Enforcement Point Federation Policy Application Point Federation ID Provider & Security Token Service SAML
Secure SOA Solution
Summary ,[object Object],[object Object],[object Object],[object Object]
Q & A

Empfohlen

SAML Executive Overview
SAML Executive OverviewSAML Executive Overview
SAML Executive Overview
PortalGuard
 
CYBERSECURITY, RISK & COMPLIANCE | AMPCUS INC.
CYBERSECURITY, RISK & COMPLIANCE | AMPCUS INC.CYBERSECURITY, RISK & COMPLIANCE | AMPCUS INC.
CYBERSECURITY, RISK & COMPLIANCE | AMPCUS INC.
Unified11
 
Connecting Access Governance and Privileged Access Management
Connecting Access Governance and Privileged Access ManagementConnecting Access Governance and Privileged Access Management
Connecting Access Governance and Privileged Access Management
EMC
 
How It All Ties Together Sun Idm Roadshow For Sun
How It All Ties Together Sun Idm Roadshow For SunHow It All Ties Together Sun Idm Roadshow For Sun
How It All Ties Together Sun Idm Roadshow For Sun
vijaychn
 
Dit yvol3iss33
Dit yvol3iss33Dit yvol3iss33
Dit yvol3iss33
Rick Lemieux
 
Powering SOX, NERC, FERC Compliance -Energy Industry
Powering SOX, NERC, FERC Compliance -Energy Industry Powering SOX, NERC, FERC Compliance -Energy Industry
Powering SOX, NERC, FERC Compliance -Energy Industry
MetricStream Inc
 
Seeds for new design principles
Seeds for new design principlesSeeds for new design principles
Seeds for new design principles
SOFIProject
 
Cloud monitoring overview
Cloud monitoring overviewCloud monitoring overview
Cloud monitoring overview
Dr. Ramkumar Lakshminarayanan
 

Empfohlen

SAML Executive Overview
SAML Executive OverviewSAML Executive Overview
SAML Executive Overview
PortalGuard
 
CYBERSECURITY, RISK & COMPLIANCE | AMPCUS INC.
CYBERSECURITY, RISK & COMPLIANCE | AMPCUS INC.CYBERSECURITY, RISK & COMPLIANCE | AMPCUS INC.
CYBERSECURITY, RISK & COMPLIANCE | AMPCUS INC.
Unified11
 
Connecting Access Governance and Privileged Access Management
Connecting Access Governance and Privileged Access ManagementConnecting Access Governance and Privileged Access Management
Connecting Access Governance and Privileged Access Management
EMC
 
How It All Ties Together Sun Idm Roadshow For Sun
How It All Ties Together Sun Idm Roadshow For SunHow It All Ties Together Sun Idm Roadshow For Sun
How It All Ties Together Sun Idm Roadshow For Sun
vijaychn
 
Dit yvol3iss33
Dit yvol3iss33Dit yvol3iss33
Dit yvol3iss33
Rick Lemieux
 
Powering SOX, NERC, FERC Compliance -Energy Industry
Powering SOX, NERC, FERC Compliance -Energy Industry Powering SOX, NERC, FERC Compliance -Energy Industry
Powering SOX, NERC, FERC Compliance -Energy Industry
MetricStream Inc
 
Seeds for new design principles
Seeds for new design principlesSeeds for new design principles
Seeds for new design principles
SOFIProject
 
Cloud monitoring overview
Cloud monitoring overviewCloud monitoring overview
Cloud monitoring overview
Dr. Ramkumar Lakshminarayanan
 
Lecture 01 - Motivation
Lecture 01 - MotivationLecture 01 - Motivation
Lecture 01 - Motivation
phanleson
 
Managed It Services
Managed It ServicesManaged It Services
Managed It Services
Gss America
 
Business-Driven Identity and Access Governance: Why This New Approach Matters
Business-Driven Identity and Access Governance: Why This New Approach MattersBusiness-Driven Identity and Access Governance: Why This New Approach Matters
Business-Driven Identity and Access Governance: Why This New Approach Matters
EMC
 
adaptivesoa
adaptivesoaadaptivesoa
adaptivesoa
Ken Bagnal
 
SOC 2/SOC 3 Whitepaper
SOC 2/SOC 3 WhitepaperSOC 2/SOC 3 Whitepaper
SOC 2/SOC 3 Whitepaper
DTIMMERMAN
 
Lecture 2 - SOA
Lecture 2 - SOALecture 2 - SOA
Lecture 2 - SOA
phanleson
 
Why Coordination And Transactions Are Key To Building An Operational Soa
Why Coordination And Transactions Are Key To Building An Operational SoaWhy Coordination And Transactions Are Key To Building An Operational Soa
Why Coordination And Transactions Are Key To Building An Operational Soa
David Linthicum
 
Occam’s Razor Needs a New Blade: On the Social Limits to Enterprise SOA
Occam’s Razor Needs a New Blade: On the Social Limits to Enterprise SOAOccam’s Razor Needs a New Blade: On the Social Limits to Enterprise SOA
Occam’s Razor Needs a New Blade: On the Social Limits to Enterprise SOA
Nathaniel Palmer
 
Soa 101
Soa 101Soa 101
Soa 101
David Linthicum
 
Is Cloud relevant for SOA?
Is Cloud relevant for SOA?Is Cloud relevant for SOA?
Is Cloud relevant for SOA?
Netcetera
 
I T E007 Warner 091807
I T E007 Warner 091807I T E007 Warner 091807
I T E007 Warner 091807
Dreamforce07
 
Layer 7: Automated SOA Policy Enforcement
Layer 7: Automated SOA Policy EnforcementLayer 7: Automated SOA Policy Enforcement
Layer 7: Automated SOA Policy Enforcement
CA API Management
 
Malta soa infrastructure
Malta soa infrastructureMalta soa infrastructure
Malta soa infrastructure
Angel Knight
 
SOA in banking issues and remedies
SOA in banking issues and remediesSOA in banking issues and remedies
SOA in banking issues and remedies
Debajani Mohanty
 
Security in Semantic Web Services
Security in Semantic Web ServicesSecurity in Semantic Web Services
Security in Semantic Web Services
Nima Dokoohaki
 
Successful Approaches To Achieving Real Results With Soa
Successful Approaches To Achieving Real Results With SoaSuccessful Approaches To Achieving Real Results With Soa
Successful Approaches To Achieving Real Results With Soa
stevendearborn
 
A Guide to SOA Governance | Torry Harris Whitepaper
A Guide to SOA Governance | Torry Harris WhitepaperA Guide to SOA Governance | Torry Harris Whitepaper
A Guide to SOA Governance | Torry Harris Whitepaper
Torry Harris Business Solutions
 
Hausi Müller - Towards Self-Adaptive Software-Intensive Systems
Hausi Müller - Towards Self-Adaptive Software-Intensive SystemsHausi Müller - Towards Self-Adaptive Software-Intensive Systems
Hausi Müller - Towards Self-Adaptive Software-Intensive Systems
CHOOSE
 
Challenges and recommendations to control an SOA operating environment
Challenges and recommendations to control an SOA operating environmentChallenges and recommendations to control an SOA operating environment
Challenges and recommendations to control an SOA operating environment
Dav Hol
 
Value of SOA Governance for Cloud Computing
Value of SOA Governance for Cloud ComputingValue of SOA Governance for Cloud Computing
Value of SOA Governance for Cloud Computing
CA API Management
 
WDSI 2015-Design and Implementation of a Policy-based Service-oriented DRM Sy...
WDSI 2015-Design and Implementation of a Policy-based Service-oriented DRM Sy...WDSI 2015-Design and Implementation of a Policy-based Service-oriented DRM Sy...
WDSI 2015-Design and Implementation of a Policy-based Service-oriented DRM Sy...
育弘 林
 
Les DSI face au Tsunami Cloud
Les DSI face au Tsunami Cloud Les DSI face au Tsunami Cloud
Les DSI face au Tsunami Cloud
Club Alliances
 

Weitere ähnliche Inhalte

Was ist angesagt?

SOC 2/SOC 3 Whitepaper
SOC 2/SOC 3 WhitepaperSOC 2/SOC 3 Whitepaper
SOC 2/SOC 3 Whitepaper
DTIMMERMAN
 
Why Coordination And Transactions Are Key To Building An Operational Soa
Why Coordination And Transactions Are Key To Building An Operational SoaWhy Coordination And Transactions Are Key To Building An Operational Soa
Why Coordination And Transactions Are Key To Building An Operational Soa
David Linthicum
 
Occam’s Razor Needs a New Blade: On the Social Limits to Enterprise SOA
Occam’s Razor Needs a New Blade: On the Social Limits to Enterprise SOAOccam’s Razor Needs a New Blade: On the Social Limits to Enterprise SOA
Occam’s Razor Needs a New Blade: On the Social Limits to Enterprise SOA
Nathaniel Palmer
 
Is Cloud relevant for SOA?
Is Cloud relevant for SOA?Is Cloud relevant for SOA?
Is Cloud relevant for SOA?
Netcetera
 

Was ist angesagt? (10)

Lecture 01 - Motivation
Lecture 01 - MotivationLecture 01 - Motivation
Lecture 01 - Motivation
 
Managed It Services
Managed It ServicesManaged It Services
Managed It Services
 
Business-Driven Identity and Access Governance: Why This New Approach Matters
Business-Driven Identity and Access Governance: Why This New Approach MattersBusiness-Driven Identity and Access Governance: Why This New Approach Matters
Business-Driven Identity and Access Governance: Why This New Approach Matters
 
adaptivesoa
adaptivesoaadaptivesoa
adaptivesoa
 
SOC 2/SOC 3 Whitepaper
SOC 2/SOC 3 WhitepaperSOC 2/SOC 3 Whitepaper
SOC 2/SOC 3 Whitepaper
 
Lecture 2 - SOA
Lecture 2 - SOALecture 2 - SOA
Lecture 2 - SOA
 
Why Coordination And Transactions Are Key To Building An Operational Soa
Why Coordination And Transactions Are Key To Building An Operational SoaWhy Coordination And Transactions Are Key To Building An Operational Soa
Why Coordination And Transactions Are Key To Building An Operational Soa
 
Occam’s Razor Needs a New Blade: On the Social Limits to Enterprise SOA
Occam’s Razor Needs a New Blade: On the Social Limits to Enterprise SOAOccam’s Razor Needs a New Blade: On the Social Limits to Enterprise SOA
Occam’s Razor Needs a New Blade: On the Social Limits to Enterprise SOA
 
Soa 101
Soa 101Soa 101
Soa 101
 
Is Cloud relevant for SOA?
Is Cloud relevant for SOA?Is Cloud relevant for SOA?
Is Cloud relevant for SOA?
 

Ähnlich wie Layer 7: Identity Enabled SOA Governance

Malta soa infrastructure
Malta soa infrastructureMalta soa infrastructure
Malta soa infrastructure
Angel Knight
 
SOA in banking issues and remedies
SOA in banking issues and remediesSOA in banking issues and remedies
SOA in banking issues and remedies
Debajani Mohanty
 
Value of SOA Governance for Cloud Computing
Value of SOA Governance for Cloud ComputingValue of SOA Governance for Cloud Computing
Value of SOA Governance for Cloud Computing
CA API Management
 
Ws Soa V6 Theory And Practice
Ws Soa V6 Theory And PracticeWs Soa V6 Theory And Practice
Ws Soa V6 Theory And Practice
Pini Cohen
 
10 Steps to Simplify and Improve Service-Oriented Architecture Governance
10 Steps to Simplify and Improve Service-Oriented Architecture Governance10 Steps to Simplify and Improve Service-Oriented Architecture Governance
10 Steps to Simplify and Improve Service-Oriented Architecture Governance
Perficient, Inc.
 

Ähnlich wie Layer 7: Identity Enabled SOA Governance (20)

I T E007 Warner 091807
I T E007 Warner 091807I T E007 Warner 091807
I T E007 Warner 091807
 
Layer 7: Automated SOA Policy Enforcement
Layer 7: Automated SOA Policy EnforcementLayer 7: Automated SOA Policy Enforcement
Layer 7: Automated SOA Policy Enforcement
 
Malta soa infrastructure
Malta soa infrastructureMalta soa infrastructure
Malta soa infrastructure
 
SOA in banking issues and remedies
SOA in banking issues and remediesSOA in banking issues and remedies
SOA in banking issues and remedies
 
Security in Semantic Web Services
Security in Semantic Web ServicesSecurity in Semantic Web Services
Security in Semantic Web Services
 
Successful Approaches To Achieving Real Results With Soa
Successful Approaches To Achieving Real Results With SoaSuccessful Approaches To Achieving Real Results With Soa
Successful Approaches To Achieving Real Results With Soa
 
A Guide to SOA Governance | Torry Harris Whitepaper
A Guide to SOA Governance | Torry Harris WhitepaperA Guide to SOA Governance | Torry Harris Whitepaper
A Guide to SOA Governance | Torry Harris Whitepaper
 
Hausi Müller - Towards Self-Adaptive Software-Intensive Systems
Hausi Müller - Towards Self-Adaptive Software-Intensive SystemsHausi Müller - Towards Self-Adaptive Software-Intensive Systems
Hausi Müller - Towards Self-Adaptive Software-Intensive Systems
 
Challenges and recommendations to control an SOA operating environment
Challenges and recommendations to control an SOA operating environmentChallenges and recommendations to control an SOA operating environment
Challenges and recommendations to control an SOA operating environment
 
Value of SOA Governance for Cloud Computing
Value of SOA Governance for Cloud ComputingValue of SOA Governance for Cloud Computing
Value of SOA Governance for Cloud Computing
 
WDSI 2015-Design and Implementation of a Policy-based Service-oriented DRM Sy...
WDSI 2015-Design and Implementation of a Policy-based Service-oriented DRM Sy...WDSI 2015-Design and Implementation of a Policy-based Service-oriented DRM Sy...
WDSI 2015-Design and Implementation of a Policy-based Service-oriented DRM Sy...
 
Les DSI face au Tsunami Cloud
Les DSI face au Tsunami Cloud Les DSI face au Tsunami Cloud
Les DSI face au Tsunami Cloud
 
SOA in Financial Services
SOA in Financial ServicesSOA in Financial Services
SOA in Financial Services
 
M.Phil Computer Science Server Computing Projects
M.Phil Computer Science Server Computing ProjectsM.Phil Computer Science Server Computing Projects
M.Phil Computer Science Server Computing Projects
 
M phil-computer-science-server-computing-projects
M phil-computer-science-server-computing-projectsM phil-computer-science-server-computing-projects
M phil-computer-science-server-computing-projects
 
Migration and Security in SOA | Torry Harris Whitepaper
Migration and Security in SOA | Torry Harris WhitepaperMigration and Security in SOA | Torry Harris Whitepaper
Migration and Security in SOA | Torry Harris Whitepaper
 
Ws Soa V6 Theory And Practice
Ws Soa V6 Theory And PracticeWs Soa V6 Theory And Practice
Ws Soa V6 Theory And Practice
 
10 Steps to Simplify and Improve Service-Oriented Architecture Governance
10 Steps to Simplify and Improve Service-Oriented Architecture Governance10 Steps to Simplify and Improve Service-Oriented Architecture Governance
10 Steps to Simplify and Improve Service-Oriented Architecture Governance
 
Soa Testing An Approach For Testing Security Aspects Of Soa Based Application
Soa Testing An Approach For Testing Security Aspects Of Soa Based ApplicationSoa Testing An Approach For Testing Security Aspects Of Soa Based Application
Soa Testing An Approach For Testing Security Aspects Of Soa Based Application
 
Graham Bath - SOA: Whats in it for Testers?
Graham Bath - SOA: Whats in it for Testers?Graham Bath - SOA: Whats in it for Testers?
Graham Bath - SOA: Whats in it for Testers?
 

Mehr von CA API Management

Takeaways from API Security Breaches Webinar
Takeaways from API Security Breaches WebinarTakeaways from API Security Breaches Webinar
Takeaways from API Security Breaches Webinar
CA API Management
 
API Design Methodology - Mike Amundsen, Director of API Architecture, API Aca...
API Design Methodology - Mike Amundsen, Director of API Architecture, API Aca...API Design Methodology - Mike Amundsen, Director of API Architecture, API Aca...
API Design Methodology - Mike Amundsen, Director of API Architecture, API Aca...
CA API Management
 
Liberating the API Economy with Scale-Free Networks - Mike Amundsen, Director...
Liberating the API Economy with Scale-Free Networks - Mike Amundsen, Director...Liberating the API Economy with Scale-Free Networks - Mike Amundsen, Director...
Liberating the API Economy with Scale-Free Networks - Mike Amundsen, Director...
CA API Management
 
API360 – A How-To Guide for Enterprise APIs - Learn how to position your ente...
API360 – A How-To Guide for Enterprise APIs - Learn how to position your ente...API360 – A How-To Guide for Enterprise APIs - Learn how to position your ente...
API360 – A How-To Guide for Enterprise APIs - Learn how to position your ente...
CA API Management
 
Revisiting Geddes' Outlook Tower - Mike Amundsen, Director of API Architectur...
Revisiting Geddes' Outlook Tower - Mike Amundsen, Director of API Architectur...Revisiting Geddes' Outlook Tower - Mike Amundsen, Director of API Architectur...
Revisiting Geddes' Outlook Tower - Mike Amundsen, Director of API Architectur...
CA API Management
 
Managing Identity by Giving Up Control - Scott Morrison, SVP & Distinguished ...
Managing Identity by Giving Up Control - Scott Morrison, SVP & Distinguished ...Managing Identity by Giving Up Control - Scott Morrison, SVP & Distinguished ...
Managing Identity by Giving Up Control - Scott Morrison, SVP & Distinguished ...
CA API Management
 
Enabling the Multi-Device Universe
Enabling the Multi-Device UniverseEnabling the Multi-Device Universe
Enabling the Multi-Device Universe
CA API Management
 
5 steps end to end security consumer apps
5 steps end to end security consumer apps5 steps end to end security consumer apps
5 steps end to end security consumer apps
CA API Management
 
Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...
Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...
Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...
CA API Management
 
Drones, Phones & Pwns the Promise & Dangers of IoT APIs: Use APIs to Securely...
Drones, Phones & Pwns the Promise & Dangers of IoT APIs: Use APIs to Securely...Drones, Phones & Pwns the Promise & Dangers of IoT APIs: Use APIs to Securely...
Drones, Phones & Pwns the Promise & Dangers of IoT APIs: Use APIs to Securely...
CA API Management
 
Using APIs to Create an Omni-Channel Retail Experience
Using APIs to Create an Omni-Channel Retail ExperienceUsing APIs to Create an Omni-Channel Retail Experience
Using APIs to Create an Omni-Channel Retail Experience
CA API Management
 

Mehr von CA API Management (20)

Api architectures for the modern enterprise
Api architectures for the modern enterpriseApi architectures for the modern enterprise
Api architectures for the modern enterprise
 
Mastering Digital Channels with APIs
Mastering Digital Channels with APIsMastering Digital Channels with APIs
Mastering Digital Channels with APIs
 
Takeaways from API Security Breaches Webinar
Takeaways from API Security Breaches WebinarTakeaways from API Security Breaches Webinar
Takeaways from API Security Breaches Webinar
 
API Design Methodology - Mike Amundsen, Director of API Architecture, API Aca...
API Design Methodology - Mike Amundsen, Director of API Architecture, API Aca...API Design Methodology - Mike Amundsen, Director of API Architecture, API Aca...
API Design Methodology - Mike Amundsen, Director of API Architecture, API Aca...
 
Liberating the API Economy with Scale-Free Networks - Mike Amundsen, Director...
Liberating the API Economy with Scale-Free Networks - Mike Amundsen, Director...Liberating the API Economy with Scale-Free Networks - Mike Amundsen, Director...
Liberating the API Economy with Scale-Free Networks - Mike Amundsen, Director...
 
API360 – A How-To Guide for Enterprise APIs - Learn how to position your ente...
API360 – A How-To Guide for Enterprise APIs - Learn how to position your ente...API360 – A How-To Guide for Enterprise APIs - Learn how to position your ente...
API360 – A How-To Guide for Enterprise APIs - Learn how to position your ente...
 
API Monetization: Unlock the Value of Your Data
API Monetization: Unlock the Value of Your DataAPI Monetization: Unlock the Value of Your Data
API Monetization: Unlock the Value of Your Data
 
Revisiting Geddes' Outlook Tower - Mike Amundsen, Director of API Architectur...
Revisiting Geddes' Outlook Tower - Mike Amundsen, Director of API Architectur...Revisiting Geddes' Outlook Tower - Mike Amundsen, Director of API Architectur...
Revisiting Geddes' Outlook Tower - Mike Amundsen, Director of API Architectur...
 
Managing Identity by Giving Up Control - Scott Morrison, SVP & Distinguished ...
Managing Identity by Giving Up Control - Scott Morrison, SVP & Distinguished ...Managing Identity by Giving Up Control - Scott Morrison, SVP & Distinguished ...
Managing Identity by Giving Up Control - Scott Morrison, SVP & Distinguished ...
 
Enabling the Multi-Device Universe
Enabling the Multi-Device UniverseEnabling the Multi-Device Universe
Enabling the Multi-Device Universe
 
Building APIs That Last for Decades - Irakli Nadareishvili, Director of API S...
Building APIs That Last for Decades - Irakli Nadareishvili, Director of API S...Building APIs That Last for Decades - Irakli Nadareishvili, Director of API S...
Building APIs That Last for Decades - Irakli Nadareishvili, Director of API S...
 
The Art of API Design - Ronnie Mitra, Director of API Design, API Academy at ...
The Art of API Design - Ronnie Mitra, Director of API Design, API Academy at ...The Art of API Design - Ronnie Mitra, Director of API Design, API Academy at ...
The Art of API Design - Ronnie Mitra, Director of API Design, API Academy at ...
 
APIs Fueling the Connected Car Opportunity - Scott Morrison, SVP & Distinguis...
APIs Fueling the Connected Car Opportunity - Scott Morrison, SVP & Distinguis...APIs Fueling the Connected Car Opportunity - Scott Morrison, SVP & Distinguis...
APIs Fueling the Connected Car Opportunity - Scott Morrison, SVP & Distinguis...
 
Adapting to Digital Change: Use APIs to Delight Customers & Win
Adapting to Digital Change: Use APIs to Delight Customers & WinAdapting to Digital Change: Use APIs to Delight Customers & Win
Adapting to Digital Change: Use APIs to Delight Customers & Win
 
Balancing Security & Developer Enablement in Enterprise Mobility - Jaime Ryan...
Balancing Security & Developer Enablement in Enterprise Mobility - Jaime Ryan...Balancing Security & Developer Enablement in Enterprise Mobility - Jaime Ryan...
Balancing Security & Developer Enablement in Enterprise Mobility - Jaime Ryan...
 
5 steps end to end security consumer apps
5 steps end to end security consumer apps5 steps end to end security consumer apps
5 steps end to end security consumer apps
 
Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...
Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...
Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...
 
Drones, Phones & Pwns the Promise & Dangers of IoT APIs: Use APIs to Securely...
Drones, Phones & Pwns the Promise & Dangers of IoT APIs: Use APIs to Securely...Drones, Phones & Pwns the Promise & Dangers of IoT APIs: Use APIs to Securely...
Drones, Phones & Pwns the Promise & Dangers of IoT APIs: Use APIs to Securely...
 
Gartner AADI Summit Sydney 2014 Implementing the Layer 7 API Management Pla...
Gartner AADI Summit Sydney 2014 Implementing the Layer 7 API Management Pla...Gartner AADI Summit Sydney 2014 Implementing the Layer 7 API Management Pla...
Gartner AADI Summit Sydney 2014 Implementing the Layer 7 API Management Pla...
 
Using APIs to Create an Omni-Channel Retail Experience
Using APIs to Create an Omni-Channel Retail ExperienceUsing APIs to Create an Omni-Channel Retail Experience
Using APIs to Create an Omni-Channel Retail Experience
 

Kürzlich hochgeladen

08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
Delhi Call girls
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Igalia
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
giselly40
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
Enterprise Knowledge
 

Kürzlich hochgeladen (20)

What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 

Layer 7: Identity Enabled SOA Governance

  • 1. Ross Altman - CTO, SOA and BI, Sun Microsystems Adam Vincent – Federal Technical Director, Layer7 Technologies Identity-Enabled SOA Governance
  • 2.
  • 3.
  • 4.
  • 5.
  • 6.
  • 7.
  • 8.
  • 9.
  • 10. Runtime Policy Framework Corporate Policy Drivers (Inputs) - Governance - Compliance - Security Security - WS - Security - X509TokenProfile - SAMLTokenProfile - XML Encryption - XML Signatures Runtime Policy Framework Corporate Architectural Drivers (Inputs) - Flexibility and Reuse - Platform Independence - Integration with existing infrastructure - Security, Scalability, Availability, Performance Transport - HTTP - TLS - JMS SLA - Response Time - Availability - IP Range, ToD - Throughput Limits - Non - repudiation Message X - Form - Versioning - Localization - DS (ACORD, FIX) Reliability - WS - RM Threat Protection - Schema Validation - Virus Scanning - Attachments Platform - Load Balancing - WS - Addressing Registry/Repository (metadata)
  • 11. Policy Central to SOA Governance Define and author corporate policies: Privacy, Integrity, Non-repudiation Identity, Access control, Credentials Reliability, performance, scalability Reusability/Discoverability Compliance to industry and corporate standards Conformance to technical standards – WS-I, SOAP, WSDL, WS-S, WSRM etc. Deploy and configure services according to policies: Physical endpoints Routing, load balancing, transport Service Level Agreements Identity stores, Access decision points Enforce policies at the edge and in the core: Alerts, Reports, Audit trails Monitor compliance with policies: Manage alerts Generate reports Forensics and Audit trails
  • 12.
  • 13. Policy-centric SOA Governance Architectural View Policy Enforcement Policy Definition XML Gateway (policy enforcement)‏ XML VPN (client policy coordination)‏ Consumer Service XML VPN (client policy coordination)‏ Last Mile Extender (endpoint agent)‏ Last Mile Extender (endpoint agent)‏ Identity / Trust Identity / Trust Policy Definition Reg / Rep Sun Layer7
  • 14.
  • 15. Scenario: Advanced SAML Processing Blue’s Identity Server Organization Green Michelle Dimitri Program X Green’s Identity Server Organization Blue Trust Federation ID Provider & Security Token Service Authentication Responsibility STS Token Orchestration & Caching Layer Federation Policy Enforcement Point Federation Policy Application Point Federation ID Provider & Security Token Service SAML
  • 17.
  • 18. Q & A

Hinweis der Redaktion

  1. NOTE: This is a high-level presentation of Sun's offerings for Software Infrastructure. The purpose is to introduce customers and prospects to Sun's Identity Management and Java Composite Application Platform Suites for their software infrastructure. You should add/delete slides for your appropriate audience, and if more details are needed, you should use the Sun Identity Management and Business Integration customer overview presentations. Welcome. I'm here to talk to you today about Sun's offerings for Software Infrastructure.