SlideShare a Scribd company logo

CIS14: Identity Management for the Cloud

CloudIDSummit
CloudIDSummit

Jim Scharf, Amazon What’s different in providing identity and access management for one of the largest cloud providers, some of the key technology and design decisions made along the way, and how AWS is working to make it even easier to federate with existing social and enterprise identity providers.

Technology
1 of 40
Download to read offline
Jim Scharf @jim_scharf 7/22/2014 Identity Management in the AWS Cloud
Introductions Jim Scharf General Manager, AWS Identity and Access Management Joined AWS in 2004
Agenda Identity Requirements For: Infrastructure Services Platform Services Enterprise Applications Mobile Internet of Things Challenges
AWS Overview
Infrastructure Foundation Services Regions Availability Zones Storage (Object, Block and Archive) Networking Security & Access Control Platform Services Databases Relational NoSQL Caching Analytics Hadoop Real-time Data warehouse App Services Queuing Orchestration App streaming Transcoding Email Search Deployment & Management Containers Dev/ops Tools Resource Templates Mobile Services Identity Sync Mobile Analytics Notifications Enterprise Applications Virtual Desktops Data Workflows Usage Tracking Monitoring and Logs Compute (VMs, Auto-scaling and Load Balancing) CDN and Points of Presence Collaboration and Sharing
Global Availability 10 AWS Regions Worldwide 26 Availability Zones 51 Edge Locations
Infrastructure Services
Last Year @CIS… Discussed things that made AWS Identity and Access Management a bit different from traditional corporate IAM: –  Scale –  Resources –  Customers
AWS Identity and Access Management http://aws.amazon.com/iam 55-min Talk: http://bit.ly/1eZrtbX Two Minute Overview: http://youtu.be/Ul6FW4UANGc
The Cloud isn’t an ‘All or Nothing’ Choice Corporate Data Centers On-Premises Resources Cloud Resources IntegrationSAML 2.0
Identity Federation Partners
Identity Requirements: Infrastructure Services Infrastructure Identities IT, DevOps Scale 1 – 100+ Identity Providers Cloud Provider, Corporate Security Controls Privileged user controls Admin/ Integration Needs Federation
Platform Services
Elastic Beanstalk OpsWorks CloudFormation Application Container Application Automation Templated Provisioning
Identity Requirements: Platform Services Platform Identities Developers Scale 1 – 1,000+ Identity Providers Cloud Provider, Corporate, Web/Social Security Controls Start open, then tighten Admin/ Integration Needs Simple programming model
Enterprise Applications
Delivering on the promise of desktop virtualization •  Infrastructure & admin tools •  End user desktop and mobile apps Fully managed, secure document storage and sharing service for the Enterprise •  Share documents and folders •  Corporate directory integration •  Set user sharing policies •  Audit logs for document and user activity
Identity Requirements: Enterprise Applications Applications Identities Employees Scale 10 – 100K+ Identity Providers Corporate Security Controls Enterprise controls, security, audit Admin/ Integration Needs Federation
Mobile
Powering Popular Mobile Businesses Today Mobile Startups on AWS Mobile Apps within Enterprises
Managing Identities Across Devices Keeping Data in Sync The Challenge of Multiple Devices
Amazon Cognito Fully Managed User Identity and Data Synchronization Service SecurityIdentity Synchronization + +
Manage unique identities Supports multiple login providers Amazon Cognito and Identity
Store app data, preferences & state Work offline via local data store Seamlessly sync across devices Amazon Cognito and Sync
Implement security best practices Safeguard AWS credentials Set granular access permissions on AWS resources Amazon Cognito and Security
Fully Integrated AWS Mobile SDK •  No back-end programming required •  Common authentication mechanism across all services •  Automatically handle intermittent network connections •  Cross-platform Support: Android, iOS, Fire OS •  Secure access to global AWS services
Identity Requirements: Mobile Apps Mobile: Enterprise Mobile: Consumer Identities Employees Consumers Scale 10 – 100K+ 1 M – 1B Identity Providers Corporate Web/Social Security Controls Enterprise controls, security, audit Auto per-user isolation Admin/ Integration Needs Simple programming model, Federation A few lines of client-side code
Internet of Things
Amazon Cognito for Unauthenticated Identities Unique Identifier for Your “Things” “Headless” connected devices can also securely access cloud services. Save Data to the Cloud Save app and device data to the cloud and merge them after login Guest User Access Securely access AWS resources and leverage app features without the need to create an account or logging in Visitor Preferences Cognito Store Guest EC2 S3 DynamoDB Kinesis
Identity Requirements: Internet of Things IoT Identities Devices Scale 50 B Identity Providers Web/Social/ Personal? Security Controls Varies Admin/ Integration Needs Class/attribute based controls
Recap
Identities Developers Employees Consumers DevicesIT, DevOps
IaaS PaaS SaaS Mobile: Enterprise Mobile: Consumer IoT Time ScaleIdentities 101 102 103 104 105 106 107 108 109 1010
Identity Providers AWS Web/Social Corporate
Security Controls
Identity Requirements Infrastructure Platform Applications Mobile: Enterprise Mobile: Consumer IoT Identities IT, DevOps Developers Employees Employees Consumers Devices Scale 1 – 100+ 1 – 1,000+ 10 – 100K+ 10 – 100K+ 1 M – 1B 50 B Identity Providers Cloud Provider, Corporate Cloud Provider, Corporate, Web/Social Corporate Corporate Web/Social Web/ Social/ Personal? Security Controls Privileged user controls Start open, then tighten Enterprise controls, security, audit Enterprise controls, security, audit Auto per-user isolation Varies Admin/ Integration Needs Federation Simple programming model Federation Simple programming model, Federation A few lines of client-side code Class/ attribute based controls
Challenges •  Billions of identities •  Millions of authentications/second, latencies ~1ms •  Becomes a large scale distributed systems challenge •  Authorizing trillions of resources •  Audit becomes a big data problem •  Global, high-availability system •  Constant tension of security vs. eventual consistency
http://reinvent.awsevents.com/
Thank You For more information: Website: http://aws.amazon.com/iam AWS Security Blog: http://blogs.aws.amazon.com/security/ Follow: @AWSIdentity

Recommended

Easy Auth Overview - Tokyo Azure Meetup - Feb 2018
Easy Auth Overview - Tokyo Azure Meetup - Feb 2018Easy Auth Overview - Tokyo Azure Meetup - Feb 2018
Easy Auth Overview - Tokyo Azure Meetup - Feb 2018
Chris Gillum
 
Add User Sign in and Management to your Apps with Amazon Cognito
Add User Sign in and Management to your Apps with Amazon CognitoAdd User Sign in and Management to your Apps with Amazon Cognito
Add User Sign in and Management to your Apps with Amazon Cognito
Amazon Web Services
 
AWS Mobile Services & SDK Introduction & Demo
AWS Mobile Services & SDK Introduction & DemoAWS Mobile Services & SDK Introduction & Demo
AWS Mobile Services & SDK Introduction & Demo
Amazon Web Services
 
Delivering Mobile Apps Using AWS Mobile Services
Delivering Mobile Apps Using AWS Mobile ServicesDelivering Mobile Apps Using AWS Mobile Services
Delivering Mobile Apps Using AWS Mobile Services
Amazon Web Services
 
AWS Mobile Hub Overview
AWS Mobile Hub OverviewAWS Mobile Hub Overview
AWS Mobile Hub Overview
Amazon Web Services
 
Journey Through the Cloud - Mobile & Social Apps
Journey Through the Cloud - Mobile & Social AppsJourney Through the Cloud - Mobile & Social Apps
Journey Through the Cloud - Mobile & Social Apps
Amazon Web Services
 
Cloud-powered Cross-platform Mobile Apps on AWS
Cloud-powered Cross-platform Mobile Apps on AWSCloud-powered Cross-platform Mobile Apps on AWS
Cloud-powered Cross-platform Mobile Apps on AWS
Danilo Poccia
 
Build Your Mobile App with AWS Mobile Services
Build Your Mobile App with AWS Mobile ServicesBuild Your Mobile App with AWS Mobile Services
Build Your Mobile App with AWS Mobile Services
Amazon Web Services
 

Recommended

Easy Auth Overview - Tokyo Azure Meetup - Feb 2018
Easy Auth Overview - Tokyo Azure Meetup - Feb 2018Easy Auth Overview - Tokyo Azure Meetup - Feb 2018
Easy Auth Overview - Tokyo Azure Meetup - Feb 2018
Chris Gillum
 
Add User Sign in and Management to your Apps with Amazon Cognito
Add User Sign in and Management to your Apps with Amazon CognitoAdd User Sign in and Management to your Apps with Amazon Cognito
Add User Sign in and Management to your Apps with Amazon Cognito
Amazon Web Services
 
AWS Mobile Services & SDK Introduction & Demo
AWS Mobile Services & SDK Introduction & DemoAWS Mobile Services & SDK Introduction & Demo
AWS Mobile Services & SDK Introduction & Demo
Amazon Web Services
 
Delivering Mobile Apps Using AWS Mobile Services
Delivering Mobile Apps Using AWS Mobile ServicesDelivering Mobile Apps Using AWS Mobile Services
Delivering Mobile Apps Using AWS Mobile Services
Amazon Web Services
 
AWS Mobile Hub Overview
AWS Mobile Hub OverviewAWS Mobile Hub Overview
AWS Mobile Hub Overview
Amazon Web Services
 
Journey Through the Cloud - Mobile & Social Apps
Journey Through the Cloud - Mobile & Social AppsJourney Through the Cloud - Mobile & Social Apps
Journey Through the Cloud - Mobile & Social Apps
Amazon Web Services
 
Cloud-powered Cross-platform Mobile Apps on AWS
Cloud-powered Cross-platform Mobile Apps on AWSCloud-powered Cross-platform Mobile Apps on AWS
Cloud-powered Cross-platform Mobile Apps on AWS
Danilo Poccia
 
Build Your Mobile App with AWS Mobile Services
Build Your Mobile App with AWS Mobile ServicesBuild Your Mobile App with AWS Mobile Services
Build Your Mobile App with AWS Mobile Services
Amazon Web Services
 
Amazon Cognito Deep Dive
Amazon Cognito Deep DiveAmazon Cognito Deep Dive
Amazon Cognito Deep Dive
Amazon Web Services
 
Microsoft Azure Overview
Microsoft Azure OverviewMicrosoft Azure Overview
Microsoft Azure Overview
Shahriar Hossain
 
(MBL310) Workshop: Build iOS Apps Using AWS Mobile Services | AWS re:Invent 2014
(MBL310) Workshop: Build iOS Apps Using AWS Mobile Services | AWS re:Invent 2014(MBL310) Workshop: Build iOS Apps Using AWS Mobile Services | AWS re:Invent 2014
(MBL310) Workshop: Build iOS Apps Using AWS Mobile Services | AWS re:Invent 2014
Amazon Web Services
 
AWS September Webinar Series - Build Cross-Platform Mobile Apps with AWS and...
AWS September Webinar Series - Build Cross-Platform Mobile Apps with AWS and...AWS September Webinar Series - Build Cross-Platform Mobile Apps with AWS and...
AWS September Webinar Series - Build Cross-Platform Mobile Apps with AWS and...
Amazon Web Services
 
Build Your Mobile App Faster with AWS Mobile Services
Build Your Mobile App Faster with AWS Mobile ServicesBuild Your Mobile App Faster with AWS Mobile Services
Build Your Mobile App Faster with AWS Mobile Services
Amazon Web Services
 
Build Your Mobile App Faster with AWS Mobile Services (Cognito, Lambda, SNS, ...
Build Your Mobile App Faster with AWS Mobile Services (Cognito, Lambda, SNS, ...Build Your Mobile App Faster with AWS Mobile Services (Cognito, Lambda, SNS, ...
Build Your Mobile App Faster with AWS Mobile Services (Cognito, Lambda, SNS, ...
Amazon Web Services
 
Integrating an App with Amazon Web Services SimpleDB - A Matter of Choices
Integrating an App with Amazon Web Services SimpleDB - A Matter of ChoicesIntegrating an App with Amazon Web Services SimpleDB - A Matter of Choices
Integrating an App with Amazon Web Services SimpleDB - A Matter of Choices
Mark Maslyn
 
Build Your Mobile App Faster with AWS Mobile Services
Build Your Mobile App Faster with AWS Mobile ServicesBuild Your Mobile App Faster with AWS Mobile Services
Build Your Mobile App Faster with AWS Mobile Services
Amazon Web Services
 
(MBL311) Workshop: Build an Android App Using AWS Mobile Services | AWS re:In...
(MBL311) Workshop: Build an Android App Using AWS Mobile Services | AWS re:In...(MBL311) Workshop: Build an Android App Using AWS Mobile Services | AWS re:In...
(MBL311) Workshop: Build an Android App Using AWS Mobile Services | AWS re:In...
Amazon Web Services
 
Streamline Identity Management & Administration on AWS
Streamline Identity Management & Administration on AWSStreamline Identity Management & Administration on AWS
Streamline Identity Management & Administration on AWS
Amazon Web Services
 
20160400 Technet- Hybrid identity and access management with Azure AD Premium
20160400 Technet- Hybrid identity and access management with Azure AD Premium20160400 Technet- Hybrid identity and access management with Azure AD Premium
20160400 Technet- Hybrid identity and access management with Azure AD Premium
Robin Vermeirsch
 
Build a mobile app serverless with AWS Lambda
Build a mobile app serverless with AWS LambdaBuild a mobile app serverless with AWS Lambda
Build a mobile app serverless with AWS Lambda
TheFamily
 
Amazon Cognito
Amazon CognitoAmazon Cognito
Amazon Cognito
Amazon Web Services
 
High Quality Mobile Apps Using AWS Device Farm - DevDay Los Angeles 2017
High Quality Mobile Apps Using AWS Device Farm - DevDay Los Angeles 2017High Quality Mobile Apps Using AWS Device Farm - DevDay Los Angeles 2017
High Quality Mobile Apps Using AWS Device Farm - DevDay Los Angeles 2017
Amazon Web Services
 
AWS Cloud Kata 2014 | Jakarta - 2-2 Mobile
AWS Cloud Kata 2014 | Jakarta - 2-2 MobileAWS Cloud Kata 2014 | Jakarta - 2-2 Mobile
AWS Cloud Kata 2014 | Jakarta - 2-2 Mobile
Amazon Web Services
 
AWS Partner Webcast - Get Closer to the Cloud with Federated Single Sign-On
AWS Partner Webcast - Get Closer to the Cloud with Federated Single Sign-OnAWS Partner Webcast - Get Closer to the Cloud with Federated Single Sign-On
AWS Partner Webcast - Get Closer to the Cloud with Federated Single Sign-On
Amazon Web Services
 
AWS Mobile Services: Amazon Cognito - Identity Broker and Synchronization Ser...
AWS Mobile Services: Amazon Cognito - Identity Broker and Synchronization Ser...AWS Mobile Services: Amazon Cognito - Identity Broker and Synchronization Ser...
AWS Mobile Services: Amazon Cognito - Identity Broker and Synchronization Ser...
Amazon Web Services
 
Getting Started with AWS Security
Getting Started with AWS SecurityGetting Started with AWS Security
Getting Started with AWS Security
Amazon Web Services
 
Add End User Sign-in, User Management, and Security to Your Mobile and Web Ap...
Add End User Sign-in, User Management, and Security to Your Mobile and Web Ap...Add End User Sign-in, User Management, and Security to Your Mobile and Web Ap...
Add End User Sign-in, User Management, and Security to Your Mobile and Web Ap...
Amazon Web Services
 
Cloud-powered Mobile Apps
Cloud-powered Mobile AppsCloud-powered Mobile Apps
Cloud-powered Mobile Apps
Danilo Poccia
 
2. Day 2 - Identify and SSO
2. Day 2 - Identify and SSO2. Day 2 - Identify and SSO
2. Day 2 - Identify and SSO
Huy Pham
 
CIS14: Trusted Tokens: An Identity Game Changer
CIS14: Trusted Tokens: An Identity Game ChangerCIS14: Trusted Tokens: An Identity Game Changer
CIS14: Trusted Tokens: An Identity Game Changer
CloudIDSummit
 

More Related Content

What's hot

Amazon Cognito Deep Dive
Amazon Cognito Deep DiveAmazon Cognito Deep Dive
Amazon Cognito Deep Dive
Amazon Web Services
 
(MBL310) Workshop: Build iOS Apps Using AWS Mobile Services | AWS re:Invent 2014
(MBL310) Workshop: Build iOS Apps Using AWS Mobile Services | AWS re:Invent 2014(MBL310) Workshop: Build iOS Apps Using AWS Mobile Services | AWS re:Invent 2014
(MBL310) Workshop: Build iOS Apps Using AWS Mobile Services | AWS re:Invent 2014
Amazon Web Services
 
Build Your Mobile App Faster with AWS Mobile Services (Cognito, Lambda, SNS, ...
Build Your Mobile App Faster with AWS Mobile Services (Cognito, Lambda, SNS, ...Build Your Mobile App Faster with AWS Mobile Services (Cognito, Lambda, SNS, ...
Build Your Mobile App Faster with AWS Mobile Services (Cognito, Lambda, SNS, ...
Amazon Web Services
 
(MBL311) Workshop: Build an Android App Using AWS Mobile Services | AWS re:In...
(MBL311) Workshop: Build an Android App Using AWS Mobile Services | AWS re:In...(MBL311) Workshop: Build an Android App Using AWS Mobile Services | AWS re:In...
(MBL311) Workshop: Build an Android App Using AWS Mobile Services | AWS re:In...
Amazon Web Services
 
Streamline Identity Management & Administration on AWS
Streamline Identity Management & Administration on AWSStreamline Identity Management & Administration on AWS
Streamline Identity Management & Administration on AWS
Amazon Web Services
 
20160400 Technet- Hybrid identity and access management with Azure AD Premium
20160400 Technet- Hybrid identity and access management with Azure AD Premium20160400 Technet- Hybrid identity and access management with Azure AD Premium
20160400 Technet- Hybrid identity and access management with Azure AD Premium
Robin Vermeirsch
 
AWS Partner Webcast - Get Closer to the Cloud with Federated Single Sign-On
AWS Partner Webcast - Get Closer to the Cloud with Federated Single Sign-OnAWS Partner Webcast - Get Closer to the Cloud with Federated Single Sign-On
AWS Partner Webcast - Get Closer to the Cloud with Federated Single Sign-On
Amazon Web Services
 
AWS Mobile Services: Amazon Cognito - Identity Broker and Synchronization Ser...
AWS Mobile Services: Amazon Cognito - Identity Broker and Synchronization Ser...AWS Mobile Services: Amazon Cognito - Identity Broker and Synchronization Ser...
AWS Mobile Services: Amazon Cognito - Identity Broker and Synchronization Ser...
Amazon Web Services
 
Getting Started with AWS Security
Getting Started with AWS SecurityGetting Started with AWS Security
Getting Started with AWS Security
Amazon Web Services
 

What's hot (20)

Amazon Cognito Deep Dive
Amazon Cognito Deep DiveAmazon Cognito Deep Dive
Amazon Cognito Deep Dive
 
Microsoft Azure Overview
Microsoft Azure OverviewMicrosoft Azure Overview
Microsoft Azure Overview
 
(MBL310) Workshop: Build iOS Apps Using AWS Mobile Services | AWS re:Invent 2014
(MBL310) Workshop: Build iOS Apps Using AWS Mobile Services | AWS re:Invent 2014(MBL310) Workshop: Build iOS Apps Using AWS Mobile Services | AWS re:Invent 2014
(MBL310) Workshop: Build iOS Apps Using AWS Mobile Services | AWS re:Invent 2014
 
AWS September Webinar Series - Build Cross-Platform Mobile Apps with AWS and...
AWS September Webinar Series - Build Cross-Platform Mobile Apps with AWS and...AWS September Webinar Series - Build Cross-Platform Mobile Apps with AWS and...
AWS September Webinar Series - Build Cross-Platform Mobile Apps with AWS and...
 
Build Your Mobile App Faster with AWS Mobile Services
Build Your Mobile App Faster with AWS Mobile ServicesBuild Your Mobile App Faster with AWS Mobile Services
Build Your Mobile App Faster with AWS Mobile Services
 
Build Your Mobile App Faster with AWS Mobile Services (Cognito, Lambda, SNS, ...
Build Your Mobile App Faster with AWS Mobile Services (Cognito, Lambda, SNS, ...Build Your Mobile App Faster with AWS Mobile Services (Cognito, Lambda, SNS, ...
Build Your Mobile App Faster with AWS Mobile Services (Cognito, Lambda, SNS, ...
 
Integrating an App with Amazon Web Services SimpleDB - A Matter of Choices
Integrating an App with Amazon Web Services SimpleDB - A Matter of ChoicesIntegrating an App with Amazon Web Services SimpleDB - A Matter of Choices
Integrating an App with Amazon Web Services SimpleDB - A Matter of Choices
 
Build Your Mobile App Faster with AWS Mobile Services
Build Your Mobile App Faster with AWS Mobile ServicesBuild Your Mobile App Faster with AWS Mobile Services
Build Your Mobile App Faster with AWS Mobile Services
 
(MBL311) Workshop: Build an Android App Using AWS Mobile Services | AWS re:In...
(MBL311) Workshop: Build an Android App Using AWS Mobile Services | AWS re:In...(MBL311) Workshop: Build an Android App Using AWS Mobile Services | AWS re:In...
(MBL311) Workshop: Build an Android App Using AWS Mobile Services | AWS re:In...
 
Streamline Identity Management & Administration on AWS
Streamline Identity Management & Administration on AWSStreamline Identity Management & Administration on AWS
Streamline Identity Management & Administration on AWS
 
20160400 Technet- Hybrid identity and access management with Azure AD Premium
20160400 Technet- Hybrid identity and access management with Azure AD Premium20160400 Technet- Hybrid identity and access management with Azure AD Premium
20160400 Technet- Hybrid identity and access management with Azure AD Premium
 
Build a mobile app serverless with AWS Lambda
Build a mobile app serverless with AWS LambdaBuild a mobile app serverless with AWS Lambda
Build a mobile app serverless with AWS Lambda
 
Amazon Cognito
Amazon CognitoAmazon Cognito
Amazon Cognito
 
High Quality Mobile Apps Using AWS Device Farm - DevDay Los Angeles 2017
High Quality Mobile Apps Using AWS Device Farm - DevDay Los Angeles 2017High Quality Mobile Apps Using AWS Device Farm - DevDay Los Angeles 2017
High Quality Mobile Apps Using AWS Device Farm - DevDay Los Angeles 2017
 
AWS Cloud Kata 2014 | Jakarta - 2-2 Mobile
AWS Cloud Kata 2014 | Jakarta - 2-2 MobileAWS Cloud Kata 2014 | Jakarta - 2-2 Mobile
AWS Cloud Kata 2014 | Jakarta - 2-2 Mobile
 
AWS Partner Webcast - Get Closer to the Cloud with Federated Single Sign-On
AWS Partner Webcast - Get Closer to the Cloud with Federated Single Sign-OnAWS Partner Webcast - Get Closer to the Cloud with Federated Single Sign-On
AWS Partner Webcast - Get Closer to the Cloud with Federated Single Sign-On
 
AWS Mobile Services: Amazon Cognito - Identity Broker and Synchronization Ser...
AWS Mobile Services: Amazon Cognito - Identity Broker and Synchronization Ser...AWS Mobile Services: Amazon Cognito - Identity Broker and Synchronization Ser...
AWS Mobile Services: Amazon Cognito - Identity Broker and Synchronization Ser...
 
Getting Started with AWS Security
Getting Started with AWS SecurityGetting Started with AWS Security
Getting Started with AWS Security
 
Add End User Sign-in, User Management, and Security to Your Mobile and Web Ap...
Add End User Sign-in, User Management, and Security to Your Mobile and Web Ap...Add End User Sign-in, User Management, and Security to Your Mobile and Web Ap...
Add End User Sign-in, User Management, and Security to Your Mobile and Web Ap...
 
Cloud-powered Mobile Apps
Cloud-powered Mobile AppsCloud-powered Mobile Apps
Cloud-powered Mobile Apps
 

Viewers also liked

2. Day 2 - Identify and SSO
2. Day 2 - Identify and SSO2. Day 2 - Identify and SSO
2. Day 2 - Identify and SSO
Huy Pham
 
Cis14 google's account chooser
Cis14 google's account chooserCis14 google's account chooser
Cis14 google's account chooser
CloudIDSummit
 

Viewers also liked (19)

2. Day 2 - Identify and SSO
2. Day 2 - Identify and SSO2. Day 2 - Identify and SSO
2. Day 2 - Identify and SSO
 
CIS14: Trusted Tokens: An Identity Game Changer
CIS14: Trusted Tokens: An Identity Game ChangerCIS14: Trusted Tokens: An Identity Game Changer
CIS14: Trusted Tokens: An Identity Game Changer
 
CIS14: Authentication: Elderly People's Ankles
CIS14: Authentication: Elderly People's AnklesCIS14: Authentication: Elderly People's Ankles
CIS14: Authentication: Elderly People's Ankles
 
CIS13: How IAM Improved Sallie Mae's Compliance and Risk Posture
CIS13: How IAM Improved Sallie Mae's Compliance and Risk PostureCIS13: How IAM Improved Sallie Mae's Compliance and Risk Posture
CIS13: How IAM Improved Sallie Mae's Compliance and Risk Posture
 
CIS14: SCIM: Why It’s More Important, and More Simple, Than You Think
CIS14: SCIM: Why It’s More Important, and More Simple, Than You ThinkCIS14: SCIM: Why It’s More Important, and More Simple, Than You Think
CIS14: SCIM: Why It’s More Important, and More Simple, Than You Think
 
CIS14: Securing the Internet of Things with Open Standards
CIS14: Securing the Internet of Things with Open StandardsCIS14: Securing the Internet of Things with Open Standards
CIS14: Securing the Internet of Things with Open Standards
 
Cis14 google's account chooser
Cis14 google's account chooserCis14 google's account chooser
Cis14 google's account chooser
 
CIS14: Baking Fine-Grained Authorization Into Your Apps and APIs using ALFA, ...
CIS14: Baking Fine-Grained Authorization Into Your Apps and APIs using ALFA, ...CIS14: Baking Fine-Grained Authorization Into Your Apps and APIs using ALFA, ...
CIS14: Baking Fine-Grained Authorization Into Your Apps and APIs using ALFA, ...
 
CIS14: Zen and the Art of Cloud Adoption—a Practitioner’s Viewpoint on Findin...
CIS14: Zen and the Art of Cloud Adoption—a Practitioner’s Viewpoint on Findin...CIS14: Zen and the Art of Cloud Adoption—a Practitioner’s Viewpoint on Findin...
CIS14: Zen and the Art of Cloud Adoption—a Practitioner’s Viewpoint on Findin...
 
CIS13 - What if Identity Was Pass-By-Reference?
CIS13 - What if Identity Was Pass-By-Reference?CIS13 - What if Identity Was Pass-By-Reference?
CIS13 - What if Identity Was Pass-By-Reference?
 
CIS14: Continuous Authentication: Don’t Even Think about It
CIS14: Continuous Authentication: Don’t Even Think about ItCIS14: Continuous Authentication: Don’t Even Think about It
CIS14: Continuous Authentication: Don’t Even Think about It
 
CIS14: Id.me
CIS14: Id.meCIS14: Id.me
CIS14: Id.me
 
CIS14: User-Managed Access
CIS14: User-Managed AccessCIS14: User-Managed Access
CIS14: User-Managed Access
 
CIS 2014: Azure Active Directory (Sean Deuby)
CIS 2014: Azure Active Directory (Sean Deuby)CIS 2014: Azure Active Directory (Sean Deuby)
CIS 2014: Azure Active Directory (Sean Deuby)
 
CIS14: Identity Souffle: Creating a Well-baked Identity Lifecycle
CIS14: Identity Souffle: Creating a Well-baked Identity LifecycleCIS14: Identity Souffle: Creating a Well-baked Identity Lifecycle
CIS14: Identity Souffle: Creating a Well-baked Identity Lifecycle
 
CIS14: PingAccess in Action
CIS14: PingAccess in ActionCIS14: PingAccess in Action
CIS14: PingAccess in Action
 
CIS14: Identity Souffle: Creating a Well-baked Identity Lifecycle
CIS14: Identity Souffle: Creating a Well-baked Identity LifecycleCIS14: Identity Souffle: Creating a Well-baked Identity Lifecycle
CIS14: Identity Souffle: Creating a Well-baked Identity Lifecycle
 
Security, Identity, and Access Management - Module 3 Part 1 - AWSome Day 2017
Security, Identity, and Access Management - Module 3 Part 1 - AWSome Day 2017Security, Identity, and Access Management - Module 3 Part 1 - AWSome Day 2017
Security, Identity, and Access Management - Module 3 Part 1 - AWSome Day 2017
 
CIS14: Google's Identity Toolkit
CIS14: Google's Identity ToolkitCIS14: Google's Identity Toolkit
CIS14: Google's Identity Toolkit
 

Similar to CIS14: Identity Management for the Cloud

Getting Started with Windows Workloads on Amazon EC2 - Toronto
Getting Started with Windows Workloads on Amazon EC2 - Toronto Getting Started with Windows Workloads on Amazon EC2 - Toronto
Getting Started with Windows Workloads on Amazon EC2 - Toronto
Amazon Web Services
 
AWS re:Invent 2016: AWS Mobile State of the Union - Serverless, New User Expe...
AWS re:Invent 2016: AWS Mobile State of the Union - Serverless, New User Expe...AWS re:Invent 2016: AWS Mobile State of the Union - Serverless, New User Expe...
AWS re:Invent 2016: AWS Mobile State of the Union - Serverless, New User Expe...
Amazon Web Services
 
선도 금융사들의 aws security 활용 방안 소개 :: Eugene Yu :: AWS Finance...
선도 금융사들의 aws security 활용 방안 소개 :: Eugene Yu :: AWS Finance...선도 금융사들의 aws security 활용 방안 소개 :: Eugene Yu :: AWS Finance...
선도 금융사들의 aws security 활용 방안 소개 :: Eugene Yu :: AWS Finance...
Amazon Web Services Korea
 
CTU June 2011 - Windows Azure App Fabric
CTU June 2011 - Windows Azure App FabricCTU June 2011 - Windows Azure App Fabric
CTU June 2011 - Windows Azure App Fabric
Spiffy
 

Similar to CIS14: Identity Management for the Cloud (20)

Building Cloud-Powered Mobile Apps
Building Cloud-Powered Mobile AppsBuilding Cloud-Powered Mobile Apps
Building Cloud-Powered Mobile Apps
 
Building Cloud-powered Mobile Apps
Building Cloud-powered Mobile AppsBuilding Cloud-powered Mobile Apps
Building Cloud-powered Mobile Apps
 
Scaling your Mobile App Development in the Cloud - DevNexus
Scaling your Mobile App Development in the Cloud - DevNexusScaling your Mobile App Development in the Cloud - DevNexus
Scaling your Mobile App Development in the Cloud - DevNexus
 
Build Your Mobile App Faster with AWS Mobile Services
Build Your Mobile App Faster with AWS Mobile ServicesBuild Your Mobile App Faster with AWS Mobile Services
Build Your Mobile App Faster with AWS Mobile Services
 
Warum ist Cloud-Sicherheit und Compliance wichtig?
Warum ist Cloud-Sicherheit und Compliance wichtig?Warum ist Cloud-Sicherheit und Compliance wichtig?
Warum ist Cloud-Sicherheit und Compliance wichtig?
 
Getting Started with Windows Workloads on Amazon EC2 - Toronto
Getting Started with Windows Workloads on Amazon EC2 - Toronto Getting Started with Windows Workloads on Amazon EC2 - Toronto
Getting Started with Windows Workloads on Amazon EC2 - Toronto
 
Building mobile apps on AWS
Building mobile apps on AWSBuilding mobile apps on AWS
Building mobile apps on AWS
 
Building mobile apps on aws
Building mobile apps on awsBuilding mobile apps on aws
Building mobile apps on aws
 
AWS Summit Seoul 2015 - 모바일 및 IoT 환경을 위한 AWS 클라우드 플랫폼의 진화 (윤석찬, Markku Lepisto)
AWS Summit Seoul 2015 - 모바일 및 IoT 환경을 위한 AWS 클라우드 플랫폼의 진화 (윤석찬, Markku Lepisto)AWS Summit Seoul 2015 - 모바일 및 IoT 환경을 위한 AWS 클라우드 플랫폼의 진화 (윤석찬, Markku Lepisto)
AWS Summit Seoul 2015 - 모바일 및 IoT 환경을 위한 AWS 클라우드 플랫폼의 진화 (윤석찬, Markku Lepisto)
 
AWS re:Invent 2016: AWS Mobile State of the Union - Serverless, New User Expe...
AWS re:Invent 2016: AWS Mobile State of the Union - Serverless, New User Expe...AWS re:Invent 2016: AWS Mobile State of the Union - Serverless, New User Expe...
AWS re:Invent 2016: AWS Mobile State of the Union - Serverless, New User Expe...
 
Intro & Security Update
Intro & Security UpdateIntro & Security Update
Intro & Security Update
 
선도 금융사들의 aws security 활용 방안 소개 :: Eugene Yu :: AWS Finance...
선도 금융사들의 aws security 활용 방안 소개 :: Eugene Yu :: AWS Finance...선도 금융사들의 aws security 활용 방안 소개 :: Eugene Yu :: AWS Finance...
선도 금융사들의 aws security 활용 방안 소개 :: Eugene Yu :: AWS Finance...
 
Security & Compliance in AWS
Security & Compliance in AWSSecurity & Compliance in AWS
Security & Compliance in AWS
 
Forge - DevCon 2016: Developing & Deploying Secure, Scalable Applications on ...
Forge - DevCon 2016: Developing & Deploying Secure, Scalable Applications on ...Forge - DevCon 2016: Developing & Deploying Secure, Scalable Applications on ...
Forge - DevCon 2016: Developing & Deploying Secure, Scalable Applications on ...
 
CTU June 2011 - Windows Azure App Fabric
CTU June 2011 - Windows Azure App FabricCTU June 2011 - Windows Azure App Fabric
CTU June 2011 - Windows Azure App Fabric
 
Aberdeen Oil & Gas Event - Enterprise Cloud Adoption Patterns
Aberdeen Oil & Gas Event - Enterprise Cloud Adoption PatternsAberdeen Oil & Gas Event - Enterprise Cloud Adoption Patterns
Aberdeen Oil & Gas Event - Enterprise Cloud Adoption Patterns
 
Deep Dive on AWS Mobile Hub for Enterprise Mobile Applications
Deep Dive on AWS Mobile Hub for Enterprise Mobile Applications Deep Dive on AWS Mobile Hub for Enterprise Mobile Applications
Deep Dive on AWS Mobile Hub for Enterprise Mobile Applications
 
AWS on Splunk, Splunk on AWS
AWS on Splunk, Splunk on AWSAWS on Splunk, Splunk on AWS
AWS on Splunk, Splunk on AWS
 
SID201 Overview of AWS Identity, Directory, and Access Services
SID201 Overview of AWS Identity, Directory, and Access Services SID201 Overview of AWS Identity, Directory, and Access Services
SID201 Overview of AWS Identity, Directory, and Access Services
 
AWS Webcast - Discover Cloud Computing for Government
AWS Webcast - Discover Cloud Computing for GovernmentAWS Webcast - Discover Cloud Computing for Government
AWS Webcast - Discover Cloud Computing for Government
 

More from CloudIDSummit

CIS 2015 Security Without Borders: Taming the Cloud and Mobile Frontier - And...
CIS 2015 Security Without Borders: Taming the Cloud and Mobile Frontier - And...CIS 2015 Security Without Borders: Taming the Cloud and Mobile Frontier - And...
CIS 2015 Security Without Borders: Taming the Cloud and Mobile Frontier - And...
CloudIDSummit
 
Mobile security, identity & authentication reasons for optimism 20150607 v2
Mobile security, identity & authentication reasons for optimism 20150607 v2Mobile security, identity & authentication reasons for optimism 20150607 v2
Mobile security, identity & authentication reasons for optimism 20150607 v2
CloudIDSummit
 
CIS 2015 Mobile Security, Identity & Authentication: Reasons for Optimism - R...
CIS 2015 Mobile Security, Identity & Authentication: Reasons for Optimism - R...CIS 2015 Mobile Security, Identity & Authentication: Reasons for Optimism - R...
CIS 2015 Mobile Security, Identity & Authentication: Reasons for Optimism - R...
CloudIDSummit
 
CIS 2015 Deploying Strong Authentication to a Global Enterprise: A Comedy in ...
CIS 2015 Deploying Strong Authentication to a Global Enterprise: A Comedy in ...CIS 2015 Deploying Strong Authentication to a Global Enterprise: A Comedy in ...
CIS 2015 Deploying Strong Authentication to a Global Enterprise: A Comedy in ...
CloudIDSummit
 
CIS 2015 How to secure the Internet of Things? Hannes Tschofenig
CIS 2015 How to secure the Internet of Things? Hannes TschofenigCIS 2015 How to secure the Internet of Things? Hannes Tschofenig
CIS 2015 How to secure the Internet of Things? Hannes Tschofenig
CloudIDSummit
 
CIS 2015 Session Management at Scale - Scott Tomilson & Jamshid Khosravian
CIS 2015 Session Management at Scale - Scott Tomilson & Jamshid KhosravianCIS 2015 Session Management at Scale - Scott Tomilson & Jamshid Khosravian
CIS 2015 Session Management at Scale - Scott Tomilson & Jamshid Khosravian
CloudIDSummit
 

More from CloudIDSummit (20)

CIS 2016 Content Highlights
CIS 2016 Content HighlightsCIS 2016 Content Highlights
CIS 2016 Content Highlights
 
Top 6 Reasons You Should Attend Cloud Identity Summit 2016
Top 6 Reasons You Should Attend Cloud Identity Summit 2016Top 6 Reasons You Should Attend Cloud Identity Summit 2016
Top 6 Reasons You Should Attend Cloud Identity Summit 2016
 
CIS 2015 Security Without Borders: Taming the Cloud and Mobile Frontier - And...
CIS 2015 Security Without Borders: Taming the Cloud and Mobile Frontier - And...CIS 2015 Security Without Borders: Taming the Cloud and Mobile Frontier - And...
CIS 2015 Security Without Borders: Taming the Cloud and Mobile Frontier - And...
 
Mobile security, identity & authentication reasons for optimism 20150607 v2
Mobile security, identity & authentication reasons for optimism 20150607 v2Mobile security, identity & authentication reasons for optimism 20150607 v2
Mobile security, identity & authentication reasons for optimism 20150607 v2
 
CIS 2015 Mobile Security, Identity & Authentication: Reasons for Optimism - R...
CIS 2015 Mobile Security, Identity & Authentication: Reasons for Optimism - R...CIS 2015 Mobile Security, Identity & Authentication: Reasons for Optimism - R...
CIS 2015 Mobile Security, Identity & Authentication: Reasons for Optimism - R...
 
CIS 2015 Virtual Identity: The Vision, Challenges and Experiences in Driving ...
CIS 2015 Virtual Identity: The Vision, Challenges and Experiences in Driving ...CIS 2015 Virtual Identity: The Vision, Challenges and Experiences in Driving ...
CIS 2015 Virtual Identity: The Vision, Challenges and Experiences in Driving ...
 
CIS 2015 Deploying Strong Authentication to a Global Enterprise: A Comedy in ...
CIS 2015 Deploying Strong Authentication to a Global Enterprise: A Comedy in ...CIS 2015 Deploying Strong Authentication to a Global Enterprise: A Comedy in ...
CIS 2015 Deploying Strong Authentication to a Global Enterprise: A Comedy in ...
 
CIS 2015 Without Great Security, Digital Identity is Not Worth the Electrons ...
CIS 2015 Without Great Security, Digital Identity is Not Worth the Electrons ...CIS 2015 Without Great Security, Digital Identity is Not Worth the Electrons ...
CIS 2015 Without Great Security, Digital Identity is Not Worth the Electrons ...
 
CIS 2015 Mergers & Acquisitions in a Cloud Enabled World - Brian Puhl
CIS 2015 Mergers & Acquisitions in a Cloud Enabled World - Brian PuhlCIS 2015 Mergers & Acquisitions in a Cloud Enabled World - Brian Puhl
CIS 2015 Mergers & Acquisitions in a Cloud Enabled World - Brian Puhl
 
CIS 2015 IoT and IDM in your Mobile Enterprise - Brian Katz
CIS 2015 IoT and IDM in your Mobile Enterprise - Brian KatzCIS 2015 IoT and IDM in your Mobile Enterprise - Brian Katz
CIS 2015 IoT and IDM in your Mobile Enterprise - Brian Katz
 
CIS 2015 Practical Deployments Enterprise Cloud Access Management Platform - ...
CIS 2015 Practical Deployments Enterprise Cloud Access Management Platform - ...CIS 2015 Practical Deployments Enterprise Cloud Access Management Platform - ...
CIS 2015 Practical Deployments Enterprise Cloud Access Management Platform - ...
 
CIS 2015 What I Learned From Pitching IAM To My CIO - Steve Tout
CIS 2015 What I Learned From Pitching IAM To My CIO - Steve ToutCIS 2015 What I Learned From Pitching IAM To My CIO - Steve Tout
CIS 2015 What I Learned From Pitching IAM To My CIO - Steve Tout
 
CIS 2015 How to secure the Internet of Things? Hannes Tschofenig
CIS 2015 How to secure the Internet of Things? Hannes TschofenigCIS 2015 How to secure the Internet of Things? Hannes Tschofenig
CIS 2015 How to secure the Internet of Things? Hannes Tschofenig
 
CIS 2015 The IDaaS Dating Game - Sean Deuby
CIS 2015 The IDaaS Dating Game - Sean DeubyCIS 2015 The IDaaS Dating Game - Sean Deuby
CIS 2015 The IDaaS Dating Game - Sean Deuby
 
CIS 2015 SSO for Mobile and Web Apps Ashish Jain
CIS 2015 SSO for Mobile and Web Apps Ashish JainCIS 2015 SSO for Mobile and Web Apps Ashish Jain
CIS 2015 SSO for Mobile and Web Apps Ashish Jain
 
The Industrial Internet, the Identity of Everything and the Industrial Enterp...
The Industrial Internet, the Identity of Everything and the Industrial Enterp...The Industrial Internet, the Identity of Everything and the Industrial Enterp...
The Industrial Internet, the Identity of Everything and the Industrial Enterp...
 
CIS 2015 SAML-IN / SAML-OUT - Scott Tomilson & John Dasilva
CIS 2015 SAML-IN / SAML-OUT - Scott Tomilson & John DasilvaCIS 2015 SAML-IN / SAML-OUT - Scott Tomilson & John Dasilva
CIS 2015 SAML-IN / SAML-OUT - Scott Tomilson & John Dasilva
 
CIS 2015 Session Management at Scale - Scott Tomilson & Jamshid Khosravian
CIS 2015 Session Management at Scale - Scott Tomilson & Jamshid KhosravianCIS 2015 Session Management at Scale - Scott Tomilson & Jamshid Khosravian
CIS 2015 Session Management at Scale - Scott Tomilson & Jamshid Khosravian
 
CIS 2015 So you want to SSO … Scott Tomilson & John Dasilva
CIS 2015 So you want to SSO … Scott Tomilson & John DasilvaCIS 2015 So you want to SSO … Scott Tomilson & John Dasilva
CIS 2015 So you want to SSO … Scott Tomilson & John Dasilva
 
CIS 2015 Identity Relationship Management in the Internet of Things
CIS 2015 Identity Relationship Management in the Internet of ThingsCIS 2015 Identity Relationship Management in the Internet of Things
CIS 2015 Identity Relationship Management in the Internet of Things
 

Recently uploaded

Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
UiPathCommunity
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Orbitshub
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Angeliki Cooney
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Victor Rentea
 

Recently uploaded (20)

Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 

CIS14: Identity Management for the Cloud

  • 2. Introductions Jim Scharf General Manager, AWS Identity and Access Management Joined AWS in 2004
  • 3. Agenda Identity Requirements For: Infrastructure Services Platform Services Enterprise Applications Mobile Internet of Things Challenges
  • 5. Infrastructure Foundation Services Regions Availability Zones Storage (Object, Block and Archive) Networking Security & Access Control Platform Services Databases Relational NoSQL Caching Analytics Hadoop Real-time Data warehouse App Services Queuing Orchestration App streaming Transcoding Email Search Deployment & Management Containers Dev/ops Tools Resource Templates Mobile Services Identity Sync Mobile Analytics Notifications Enterprise Applications Virtual Desktops Data Workflows Usage Tracking Monitoring and Logs Compute (VMs, Auto-scaling and Load Balancing) CDN and Points of Presence Collaboration and Sharing
  • 6.
  • 7. Global Availability 10 AWS Regions Worldwide 26 Availability Zones 51 Edge Locations
  • 9. Last Year @CIS… Discussed things that made AWS Identity and Access Management a bit different from traditional corporate IAM: –  Scale –  Resources –  Customers
  • 10. AWS Identity and Access Management http://aws.amazon.com/iam 55-min Talk: http://bit.ly/1eZrtbX Two Minute Overview: http://youtu.be/Ul6FW4UANGc
  • 11. The Cloud isn’t an ‘All or Nothing’ Choice Corporate Data Centers On-Premises Resources Cloud Resources IntegrationSAML 2.0
  • 13. Identity Requirements: Infrastructure Services Infrastructure Identities IT, DevOps Scale 1 – 100+ Identity Providers Cloud Provider, Corporate Security Controls Privileged user controls Admin/ Integration Needs Federation
  • 15. Elastic Beanstalk OpsWorks CloudFormation Application Container Application Automation Templated Provisioning
  • 16. Identity Requirements: Platform Services Platform Identities Developers Scale 1 – 1,000+ Identity Providers Cloud Provider, Corporate, Web/Social Security Controls Start open, then tighten Admin/ Integration Needs Simple programming model
  • 18. Delivering on the promise of desktop virtualization •  Infrastructure & admin tools •  End user desktop and mobile apps Fully managed, secure document storage and sharing service for the Enterprise •  Share documents and folders •  Corporate directory integration •  Set user sharing policies •  Audit logs for document and user activity
  • 19. Identity Requirements: Enterprise Applications Applications Identities Employees Scale 10 – 100K+ Identity Providers Corporate Security Controls Enterprise controls, security, audit Admin/ Integration Needs Federation
  • 21. Powering Popular Mobile Businesses Today Mobile Startups on AWS Mobile Apps within Enterprises
  • 22. Managing Identities Across Devices Keeping Data in Sync The Challenge of Multiple Devices
  • 23. Amazon Cognito Fully Managed User Identity and Data Synchronization Service SecurityIdentity Synchronization + +
  • 24. Manage unique identities Supports multiple login providers Amazon Cognito and Identity
  • 25. Store app data, preferences & state Work offline via local data store Seamlessly sync across devices Amazon Cognito and Sync
  • 26. Implement security best practices Safeguard AWS credentials Set granular access permissions on AWS resources Amazon Cognito and Security
  • 27. Fully Integrated AWS Mobile SDK •  No back-end programming required •  Common authentication mechanism across all services •  Automatically handle intermittent network connections •  Cross-platform Support: Android, iOS, Fire OS •  Secure access to global AWS services
  • 28. Identity Requirements: Mobile Apps Mobile: Enterprise Mobile: Consumer Identities Employees Consumers Scale 10 – 100K+ 1 M – 1B Identity Providers Corporate Web/Social Security Controls Enterprise controls, security, audit Auto per-user isolation Admin/ Integration Needs Simple programming model, Federation A few lines of client-side code
  • 30. Amazon Cognito for Unauthenticated Identities Unique Identifier for Your “Things” “Headless” connected devices can also securely access cloud services. Save Data to the Cloud Save app and device data to the cloud and merge them after login Guest User Access Securely access AWS resources and leverage app features without the need to create an account or logging in Visitor Preferences Cognito Store Guest EC2 S3 DynamoDB Kinesis
  • 31. Identity Requirements: Internet of Things IoT Identities Devices Scale 50 B Identity Providers Web/Social/ Personal? Security Controls Varies Admin/ Integration Needs Class/attribute based controls
  • 32. Recap
  • 37. Identity Requirements Infrastructure Platform Applications Mobile: Enterprise Mobile: Consumer IoT Identities IT, DevOps Developers Employees Employees Consumers Devices Scale 1 – 100+ 1 – 1,000+ 10 – 100K+ 10 – 100K+ 1 M – 1B 50 B Identity Providers Cloud Provider, Corporate Cloud Provider, Corporate, Web/Social Corporate Corporate Web/Social Web/ Social/ Personal? Security Controls Privileged user controls Start open, then tighten Enterprise controls, security, audit Enterprise controls, security, audit Auto per-user isolation Varies Admin/ Integration Needs Federation Simple programming model Federation Simple programming model, Federation A few lines of client-side code Class/ attribute based controls
  • 38. Challenges •  Billions of identities •  Millions of authentications/second, latencies ~1ms •  Becomes a large scale distributed systems challenge •  Authorizing trillions of resources •  Audit becomes a big data problem •  Global, high-availability system •  Constant tension of security vs. eventual consistency
  • 40. Thank You For more information: Website: http://aws.amazon.com/iam AWS Security Blog: http://blogs.aws.amazon.com/security/ Follow: @AWSIdentity