SlideShare ist ein Scribd-Unternehmen logo

Authentication & Authorization for the Microservices World

ForgeRock
ForgeRock

With an increasing number of microservices, the complexity of adding security and identity capabilities to each of them can quickly get out of hand. By externalizing and centralizing IAM, organizations can ensure a secure and consistent IAM across on-premises and cloud infrastructures, as well as promote DevOps best practices.

Technologie
1 von 18
Downloaden Sie, um offline zu lesen
© 2017 ForgeRock. All rights reserved.
© 2017 ForgeRock. All rights reserved. Joachim Andres Director, Product Management Authentication & Authorization for the Microservices World KuppingerCole Webinar, Dec 5th , 2017
© 2017 ForgeRock. All rights reserved. HTTP(S) / MQTT / COAP / MQTTHTTP(S) User Identities Device Identities Thing Identities User Identities Device Identities Thing Identities User Identities Device Identities Thing Identities Region 1 Region 2 Region 3 Data Replication High Availability Data Replication High Availability DIRECTORY SERVICES Agent / Proxy / Standards / REST Edge Controller / Message Broker REST / LDAP ForgeRock: Driving Relationships Across People, Services, Things Partner Run Customer Run Privacy First Offers modern privacy and consent tools including a Profile and Privacy Management dashboard, UMA 2.0 support for compliance with GDPR, PSD2, Open Banking, etc Identity Intelligence Platform that enables relationships, access, policy, lifecycle across users, devices and things Persistent Identity Eliminate digital silos and create unified experience – people, services, things Run Anywhere Run across multiple landscapes Massive Scale Highly-performant, highly available, database for managing millions of relationships ACCESS MANAGEMENT Fine-grained, adaptive authentication, etc IDENTITY MANAGEMENT Profile & privacy management, relationships, etc
© 2017 ForgeRock. All rights reserved. The Microservices World
© 2017 ForgeRock. All rights reserved. Authentication vs. Authorization MS1MS0 MS3MS2 MS6 MS4 MS5 Service Authentication Authorization AuthN AuthZ AuthN / AuthZ Provider People (and devices) Services and Things
© 2017 ForgeRock. All rights reserved. Characteristics of a sound security strategy
© 2017 ForgeRock. All rights reserved. Simplicity
© 2017 ForgeRock. All rights reserved. Consistency
© 2017 ForgeRock. All rights reserved. Modernizing
© 2017 ForgeRock. All rights reserved. Adaptable
© 2017 ForgeRock. All rights reserved. Simplicity Consistency Modernizing Adaptable
© 2017 ForgeRock. All rights reserved. Bringing security to life
© 2017 ForgeRock. All rights reserved. Microservices Gateway MS1MS0 MS3MS2 MS6MS5 MS8MS7 Microservices Gateway ForgeRock Identity Gateway MS4 Authentication and Authorization Service ForgeRock Access Management Caller • Token Issuance • Token Validation • Token Exchange • Enforce token validity • Caching • Signature Validation
© 2017 ForgeRock. All rights reserved. Microservices Segmentation MS1MS0 MS3 MS2 MS6MS5 MS8MS7 Microservices Gateway ForgeRock Identity Gateway MS4 Caller Authentication and Authorization Service ForgeRock Access Management • Token Issuance • Token Validation • Token Exchange • Enforce token validity • Caching • Signature Validation • All gateways point to AM Microservices Gateway ForgeRock Identity Gateway
© 2017 ForgeRock. All rights reserved. µGateway ForgeRock IG µGateway ForgeRock IG Microgateways MS1MS0 Caller µGateway ForgeRock IG µGateway ForgeRock IG MS3MS2 µGateway ForgeRock IG MS4 µGateway ForgeRock IG µGateway ForgeRock IG MS6MS5 µGateway ForgeRock IG µGateway ForgeRock IG MS8MS7 Authentication and Authorization Service ForgeRock Access Management • Token Issuance • Token Validation • Token Exchange • Enforce token validity • Caching • Signature Validation • All gateways point to AM
© 2017 ForgeRock. All rights reserved. Microservices in PaaS environments Client Load Balancer ForgeRock Access Management ForgeRock Identity Gateway ForgeRock Service Broker IDENTITY PLATFORM CF Route Service MS1MS0 MS2 MS3 CF Router 1 2 36 4 5 7 8
© 2017 ForgeRock. All rights reserved. Benefits of Externalizing Security Think globally, act locally Download the ForgeRock Identity Platform white paper at www.forgerock.com/platform/ Got questions? Contact us at www.forgerock.com/contact/ Execute a sound security strategy Leverage a solution that’s simple, consistent, modernizing, and adaptable. Support DevOps and innovation Deploy authentication and authorization where you need it, when you need it. Holistic approach with persistent identity Integrate identity across apps and services for increased security and scale.
© 2017 ForgeRock. All rights reserved. Thank You

Empfohlen

Digital Identities in the Internet of Things - Securely Manage Devices at Scale
Digital Identities in the Internet of Things - Securely Manage Devices at ScaleDigital Identities in the Internet of Things - Securely Manage Devices at Scale
Digital Identities in the Internet of Things - Securely Manage Devices at ScaleForgeRock
 
Get the Exact Identity Solution You Need - In the Cloud - AWS and Beyond
Get the Exact Identity Solution You Need - In the Cloud - AWS and BeyondGet the Exact Identity Solution You Need - In the Cloud - AWS and Beyond
Get the Exact Identity Solution You Need - In the Cloud - AWS and BeyondForgeRock
 
Identity Live Sydney: Identity Management - A Strategic Opportunity
Identity Live Sydney: Identity Management - A Strategic OpportunityIdentity Live Sydney: Identity Management - A Strategic Opportunity
Identity Live Sydney: Identity Management - A Strategic OpportunityForgeRock
 
Identity Live Singapore: Transform Your Cybersecurity Capability
Identity Live Singapore: Transform Your Cybersecurity CapabilityIdentity Live Singapore: Transform Your Cybersecurity Capability
Identity Live Singapore: Transform Your Cybersecurity CapabilityForgeRock
 
Identity Live Singapore 2018 Keynote Presentation
Identity Live Singapore 2018 Keynote PresentationIdentity Live Singapore 2018 Keynote Presentation
Identity Live Singapore 2018 Keynote PresentationForgeRock
 
Identity Live Sydney 2018 Keynote Presentation
Identity Live Sydney 2018 Keynote PresentationIdentity Live Sydney 2018 Keynote Presentation
Identity Live Sydney 2018 Keynote PresentationForgeRock
 
Identity Live Singapore: Just Ask 'Em
Identity Live Singapore: Just Ask 'EmIdentity Live Singapore: Just Ask 'Em
Identity Live Singapore: Just Ask 'EmForgeRock
 
Identity Live Singapore: Building Trust & Privacy in a Connected Society
Identity Live Singapore: Building Trust & Privacy in a Connected SocietyIdentity Live Singapore: Building Trust & Privacy in a Connected Society
Identity Live Singapore: Building Trust & Privacy in a Connected SocietyForgeRock
 

Empfohlen

Digital Identities in the Internet of Things - Securely Manage Devices at Scale
Digital Identities in the Internet of Things - Securely Manage Devices at ScaleDigital Identities in the Internet of Things - Securely Manage Devices at Scale
Digital Identities in the Internet of Things - Securely Manage Devices at ScaleForgeRock
 
Get the Exact Identity Solution You Need - In the Cloud - AWS and Beyond
Get the Exact Identity Solution You Need - In the Cloud - AWS and BeyondGet the Exact Identity Solution You Need - In the Cloud - AWS and Beyond
Get the Exact Identity Solution You Need - In the Cloud - AWS and BeyondForgeRock
 
Identity Live Sydney: Identity Management - A Strategic Opportunity
Identity Live Sydney: Identity Management - A Strategic OpportunityIdentity Live Sydney: Identity Management - A Strategic Opportunity
Identity Live Sydney: Identity Management - A Strategic OpportunityForgeRock
 
Identity Live Singapore: Transform Your Cybersecurity Capability
Identity Live Singapore: Transform Your Cybersecurity CapabilityIdentity Live Singapore: Transform Your Cybersecurity Capability
Identity Live Singapore: Transform Your Cybersecurity CapabilityForgeRock
 
Identity Live Singapore 2018 Keynote Presentation
Identity Live Singapore 2018 Keynote PresentationIdentity Live Singapore 2018 Keynote Presentation
Identity Live Singapore 2018 Keynote PresentationForgeRock
 
Identity Live Sydney 2018 Keynote Presentation
Identity Live Sydney 2018 Keynote PresentationIdentity Live Sydney 2018 Keynote Presentation
Identity Live Sydney 2018 Keynote PresentationForgeRock
 
Identity Live Singapore: Just Ask 'Em
Identity Live Singapore: Just Ask 'EmIdentity Live Singapore: Just Ask 'Em
Identity Live Singapore: Just Ask 'EmForgeRock
 
Identity Live Singapore: Building Trust & Privacy in a Connected Society
Identity Live Singapore: Building Trust & Privacy in a Connected SocietyIdentity Live Singapore: Building Trust & Privacy in a Connected Society
Identity Live Singapore: Building Trust & Privacy in a Connected SocietyForgeRock
 
Identity Live Sydney: Intelligent Authentication
Identity Live Sydney: Intelligent Authentication Identity Live Sydney: Intelligent Authentication
Identity Live Sydney: Intelligent Authentication ForgeRock
 
Identity Live Sydney: Building Trust and Privacy in a Connected Society
Identity Live Sydney: Building Trust and Privacy in a Connected SocietyIdentity Live Sydney: Building Trust and Privacy in a Connected Society
Identity Live Sydney: Building Trust and Privacy in a Connected SocietyForgeRock
 
Get the Exact Identity Solution you Need in the Cloud - Deep Dive
Get the Exact Identity Solution you Need in the Cloud - Deep DiveGet the Exact Identity Solution you Need in the Cloud - Deep Dive
Get the Exact Identity Solution you Need in the Cloud - Deep DiveForgeRock
 
Get the Exact Identity Solution You Need - In the Cloud - Overview
Get the Exact Identity Solution You Need - In the Cloud - OverviewGet the Exact Identity Solution You Need - In the Cloud - Overview
Get the Exact Identity Solution You Need - In the Cloud - OverviewForgeRock
 
ForgeRock and Trusona - Simplifying the Multi-factor User Experience
ForgeRock and Trusona - Simplifying the Multi-factor User ExperienceForgeRock and Trusona - Simplifying the Multi-factor User Experience
ForgeRock and Trusona - Simplifying the Multi-factor User ExperienceForgeRock
 
Opening Keynote (Identity Live Berlin 2018)
Opening Keynote (Identity Live Berlin 2018)Opening Keynote (Identity Live Berlin 2018)
Opening Keynote (Identity Live Berlin 2018)ForgeRock
 
Steinberg - Customer identity as the cornerstone of our approach to digitaliz...
Steinberg - Customer identity as the cornerstone of our approach to digitaliz...Steinberg - Customer identity as the cornerstone of our approach to digitaliz...
Steinberg - Customer identity as the cornerstone of our approach to digitaliz...ForgeRock
 
BMW Group - Identity Enables the Next 100 Years.. (Identity Live Berlin 2018)
BMW Group - Identity Enables the Next 100 Years.. (Identity Live Berlin 2018)BMW Group - Identity Enables the Next 100 Years.. (Identity Live Berlin 2018)
BMW Group - Identity Enables the Next 100 Years.. (Identity Live Berlin 2018)ForgeRock
 
Trust is Everything - The Future of Identity and the ForgeRock Platform (Iden...
Trust is Everything - The Future of Identity and the ForgeRock Platform (Iden...Trust is Everything - The Future of Identity and the ForgeRock Platform (Iden...
Trust is Everything - The Future of Identity and the ForgeRock Platform (Iden...ForgeRock
 
Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...
Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...
Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...ForgeRock
 
Shift from GDPR readiness to sustained compliance to improve your business an...
Shift from GDPR readiness to sustained compliance to improve your business an...Shift from GDPR readiness to sustained compliance to improve your business an...
Shift from GDPR readiness to sustained compliance to improve your business an...ForgeRock
 
Intelligent Authentication (Identity Live Berlin 2018)
Intelligent Authentication (Identity Live Berlin 2018)Intelligent Authentication (Identity Live Berlin 2018)
Intelligent Authentication (Identity Live Berlin 2018)ForgeRock
 
Customer Safeguarding, Fraud and GDPR: Manah Khalil
Customer Safeguarding, Fraud and GDPR: Manah KhalilCustomer Safeguarding, Fraud and GDPR: Manah Khalil
Customer Safeguarding, Fraud and GDPR: Manah KhalilForgeRock
 
Applying Innovative Tools for GDPR Success
Applying Innovative Tools for GDPR SuccessApplying Innovative Tools for GDPR Success
Applying Innovative Tools for GDPR SuccessForgeRock
 
What the Internet of Things Means for Consumer Privacy: Veronica Lara
What the Internet of Things Means for Consumer Privacy: Veronica LaraWhat the Internet of Things Means for Consumer Privacy: Veronica Lara
What the Internet of Things Means for Consumer Privacy: Veronica LaraForgeRock
 
Identity Live in Austin Keynote
Identity Live in Austin Keynote Identity Live in Austin Keynote
Identity Live in Austin Keynote ForgeRock
 
The Value of User and Data Centricity Beyond IoT Devices: Stein Myrseth and G...
The Value of User and Data Centricity Beyond IoT Devices: Stein Myrseth and G...The Value of User and Data Centricity Beyond IoT Devices: Stein Myrseth and G...
The Value of User and Data Centricity Beyond IoT Devices: Stein Myrseth and G...ForgeRock
 
Where Biometrics, Blockchains, and Bots are Taking Digital Identity: David Birch
Where Biometrics, Blockchains, and Bots are Taking Digital Identity: David BirchWhere Biometrics, Blockchains, and Bots are Taking Digital Identity: David Birch
Where Biometrics, Blockchains, and Bots are Taking Digital Identity: David BirchForgeRock
 
The Road to Intelligent Authentication Journeys
The Road to Intelligent Authentication JourneysThe Road to Intelligent Authentication Journeys
The Road to Intelligent Authentication JourneysForgeRock
 
Go Beyond PSD2 Compliance with Digital Identity
Go Beyond PSD2 Compliance with Digital Identity Go Beyond PSD2 Compliance with Digital Identity
Go Beyond PSD2 Compliance with Digital Identity ForgeRock
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 

Weitere ähnliche Inhalte

Mehr von ForgeRock

Identity Live Sydney: Intelligent Authentication
Identity Live Sydney: Intelligent Authentication Identity Live Sydney: Intelligent Authentication
Identity Live Sydney: Intelligent Authentication ForgeRock
 
Identity Live Sydney: Building Trust and Privacy in a Connected Society
Identity Live Sydney: Building Trust and Privacy in a Connected SocietyIdentity Live Sydney: Building Trust and Privacy in a Connected Society
Identity Live Sydney: Building Trust and Privacy in a Connected SocietyForgeRock
 
Get the Exact Identity Solution you Need in the Cloud - Deep Dive
Get the Exact Identity Solution you Need in the Cloud - Deep DiveGet the Exact Identity Solution you Need in the Cloud - Deep Dive
Get the Exact Identity Solution you Need in the Cloud - Deep DiveForgeRock
 
Get the Exact Identity Solution You Need - In the Cloud - Overview
Get the Exact Identity Solution You Need - In the Cloud - OverviewGet the Exact Identity Solution You Need - In the Cloud - Overview
Get the Exact Identity Solution You Need - In the Cloud - OverviewForgeRock
 
ForgeRock and Trusona - Simplifying the Multi-factor User Experience
ForgeRock and Trusona - Simplifying the Multi-factor User ExperienceForgeRock and Trusona - Simplifying the Multi-factor User Experience
ForgeRock and Trusona - Simplifying the Multi-factor User ExperienceForgeRock
 
Opening Keynote (Identity Live Berlin 2018)
Opening Keynote (Identity Live Berlin 2018)Opening Keynote (Identity Live Berlin 2018)
Opening Keynote (Identity Live Berlin 2018)ForgeRock
 
Steinberg - Customer identity as the cornerstone of our approach to digitaliz...
Steinberg - Customer identity as the cornerstone of our approach to digitaliz...Steinberg - Customer identity as the cornerstone of our approach to digitaliz...
Steinberg - Customer identity as the cornerstone of our approach to digitaliz...ForgeRock
 
BMW Group - Identity Enables the Next 100 Years.. (Identity Live Berlin 2018)
BMW Group - Identity Enables the Next 100 Years.. (Identity Live Berlin 2018)BMW Group - Identity Enables the Next 100 Years.. (Identity Live Berlin 2018)
BMW Group - Identity Enables the Next 100 Years.. (Identity Live Berlin 2018)ForgeRock
 
Trust is Everything - The Future of Identity and the ForgeRock Platform (Iden...
Trust is Everything - The Future of Identity and the ForgeRock Platform (Iden...Trust is Everything - The Future of Identity and the ForgeRock Platform (Iden...
Trust is Everything - The Future of Identity and the ForgeRock Platform (Iden...ForgeRock
 
Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...
Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...
Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...ForgeRock
 
Shift from GDPR readiness to sustained compliance to improve your business an...
Shift from GDPR readiness to sustained compliance to improve your business an...Shift from GDPR readiness to sustained compliance to improve your business an...
Shift from GDPR readiness to sustained compliance to improve your business an...ForgeRock
 
Intelligent Authentication (Identity Live Berlin 2018)
Intelligent Authentication (Identity Live Berlin 2018)Intelligent Authentication (Identity Live Berlin 2018)
Intelligent Authentication (Identity Live Berlin 2018)ForgeRock
 
Customer Safeguarding, Fraud and GDPR: Manah Khalil
Customer Safeguarding, Fraud and GDPR: Manah KhalilCustomer Safeguarding, Fraud and GDPR: Manah Khalil
Customer Safeguarding, Fraud and GDPR: Manah KhalilForgeRock
 
Applying Innovative Tools for GDPR Success
Applying Innovative Tools for GDPR SuccessApplying Innovative Tools for GDPR Success
Applying Innovative Tools for GDPR SuccessForgeRock
 
What the Internet of Things Means for Consumer Privacy: Veronica Lara
What the Internet of Things Means for Consumer Privacy: Veronica LaraWhat the Internet of Things Means for Consumer Privacy: Veronica Lara
What the Internet of Things Means for Consumer Privacy: Veronica LaraForgeRock
 
Identity Live in Austin Keynote
Identity Live in Austin Keynote Identity Live in Austin Keynote
Identity Live in Austin Keynote ForgeRock
 
The Value of User and Data Centricity Beyond IoT Devices: Stein Myrseth and G...
The Value of User and Data Centricity Beyond IoT Devices: Stein Myrseth and G...The Value of User and Data Centricity Beyond IoT Devices: Stein Myrseth and G...
The Value of User and Data Centricity Beyond IoT Devices: Stein Myrseth and G...ForgeRock
 
Where Biometrics, Blockchains, and Bots are Taking Digital Identity: David Birch
Where Biometrics, Blockchains, and Bots are Taking Digital Identity: David BirchWhere Biometrics, Blockchains, and Bots are Taking Digital Identity: David Birch
Where Biometrics, Blockchains, and Bots are Taking Digital Identity: David BirchForgeRock
 
The Road to Intelligent Authentication Journeys
The Road to Intelligent Authentication JourneysThe Road to Intelligent Authentication Journeys
The Road to Intelligent Authentication JourneysForgeRock
 
Go Beyond PSD2 Compliance with Digital Identity
Go Beyond PSD2 Compliance with Digital Identity Go Beyond PSD2 Compliance with Digital Identity
Go Beyond PSD2 Compliance with Digital Identity ForgeRock
 

Mehr von ForgeRock (20)

Identity Live Sydney: Intelligent Authentication
Identity Live Sydney: Intelligent Authentication Identity Live Sydney: Intelligent Authentication
Identity Live Sydney: Intelligent Authentication
 
Identity Live Sydney: Building Trust and Privacy in a Connected Society
Identity Live Sydney: Building Trust and Privacy in a Connected SocietyIdentity Live Sydney: Building Trust and Privacy in a Connected Society
Identity Live Sydney: Building Trust and Privacy in a Connected Society
 
Get the Exact Identity Solution you Need in the Cloud - Deep Dive
Get the Exact Identity Solution you Need in the Cloud - Deep DiveGet the Exact Identity Solution you Need in the Cloud - Deep Dive
Get the Exact Identity Solution you Need in the Cloud - Deep Dive
 
Get the Exact Identity Solution You Need - In the Cloud - Overview
Get the Exact Identity Solution You Need - In the Cloud - OverviewGet the Exact Identity Solution You Need - In the Cloud - Overview
Get the Exact Identity Solution You Need - In the Cloud - Overview
 
ForgeRock and Trusona - Simplifying the Multi-factor User Experience
ForgeRock and Trusona - Simplifying the Multi-factor User ExperienceForgeRock and Trusona - Simplifying the Multi-factor User Experience
ForgeRock and Trusona - Simplifying the Multi-factor User Experience
 
Opening Keynote (Identity Live Berlin 2018)
Opening Keynote (Identity Live Berlin 2018)Opening Keynote (Identity Live Berlin 2018)
Opening Keynote (Identity Live Berlin 2018)
 
Steinberg - Customer identity as the cornerstone of our approach to digitaliz...
Steinberg - Customer identity as the cornerstone of our approach to digitaliz...Steinberg - Customer identity as the cornerstone of our approach to digitaliz...
Steinberg - Customer identity as the cornerstone of our approach to digitaliz...
 
BMW Group - Identity Enables the Next 100 Years.. (Identity Live Berlin 2018)
BMW Group - Identity Enables the Next 100 Years.. (Identity Live Berlin 2018)BMW Group - Identity Enables the Next 100 Years.. (Identity Live Berlin 2018)
BMW Group - Identity Enables the Next 100 Years.. (Identity Live Berlin 2018)
 
Trust is Everything - The Future of Identity and the ForgeRock Platform (Iden...
Trust is Everything - The Future of Identity and the ForgeRock Platform (Iden...Trust is Everything - The Future of Identity and the ForgeRock Platform (Iden...
Trust is Everything - The Future of Identity and the ForgeRock Platform (Iden...
 
Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...
Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...
Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...
 
Shift from GDPR readiness to sustained compliance to improve your business an...
Shift from GDPR readiness to sustained compliance to improve your business an...Shift from GDPR readiness to sustained compliance to improve your business an...
Shift from GDPR readiness to sustained compliance to improve your business an...
 
Intelligent Authentication (Identity Live Berlin 2018)
Intelligent Authentication (Identity Live Berlin 2018)Intelligent Authentication (Identity Live Berlin 2018)
Intelligent Authentication (Identity Live Berlin 2018)
 
Customer Safeguarding, Fraud and GDPR: Manah Khalil
Customer Safeguarding, Fraud and GDPR: Manah KhalilCustomer Safeguarding, Fraud and GDPR: Manah Khalil
Customer Safeguarding, Fraud and GDPR: Manah Khalil
 
Applying Innovative Tools for GDPR Success
Applying Innovative Tools for GDPR SuccessApplying Innovative Tools for GDPR Success
Applying Innovative Tools for GDPR Success
 
What the Internet of Things Means for Consumer Privacy: Veronica Lara
What the Internet of Things Means for Consumer Privacy: Veronica LaraWhat the Internet of Things Means for Consumer Privacy: Veronica Lara
What the Internet of Things Means for Consumer Privacy: Veronica Lara
 
Identity Live in Austin Keynote
Identity Live in Austin Keynote Identity Live in Austin Keynote
Identity Live in Austin Keynote
 
The Value of User and Data Centricity Beyond IoT Devices: Stein Myrseth and G...
The Value of User and Data Centricity Beyond IoT Devices: Stein Myrseth and G...The Value of User and Data Centricity Beyond IoT Devices: Stein Myrseth and G...
The Value of User and Data Centricity Beyond IoT Devices: Stein Myrseth and G...
 
Where Biometrics, Blockchains, and Bots are Taking Digital Identity: David Birch
Where Biometrics, Blockchains, and Bots are Taking Digital Identity: David BirchWhere Biometrics, Blockchains, and Bots are Taking Digital Identity: David Birch
Where Biometrics, Blockchains, and Bots are Taking Digital Identity: David Birch
 
The Road to Intelligent Authentication Journeys
The Road to Intelligent Authentication JourneysThe Road to Intelligent Authentication Journeys
The Road to Intelligent Authentication Journeys
 
Go Beyond PSD2 Compliance with Digital Identity
Go Beyond PSD2 Compliance with Digital Identity Go Beyond PSD2 Compliance with Digital Identity
Go Beyond PSD2 Compliance with Digital Identity
 

Kürzlich hochgeladen

New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...itnewsafrica
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch TuesdayIvanti
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPathCommunity
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI AgeCprime
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality AssuranceInflectra
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Farhan Tariq
 
React Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkReact Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkPixlogix Infotech
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observabilityitnewsafrica
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentPim van der Noll
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationKnoldus Inc.
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructureitnewsafrica
 
Generative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptxGenerative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptxfnnc6jmgwh
 

Kürzlich hochgeladen (20)

New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch Tuesday
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to Hero
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI Age
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...
 
React Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkReact Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App Framework
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog Presentation
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
 
Generative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptxGenerative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptx
 

Authentication & Authorization for the Microservices World

  • 1. © 2017 ForgeRock. All rights reserved.
  • 2. © 2017 ForgeRock. All rights reserved. Joachim Andres Director, Product Management Authentication & Authorization for the Microservices World KuppingerCole Webinar, Dec 5th , 2017
  • 3. © 2017 ForgeRock. All rights reserved. HTTP(S) / MQTT / COAP / MQTTHTTP(S) User Identities Device Identities Thing Identities User Identities Device Identities Thing Identities User Identities Device Identities Thing Identities Region 1 Region 2 Region 3 Data Replication High Availability Data Replication High Availability DIRECTORY SERVICES Agent / Proxy / Standards / REST Edge Controller / Message Broker REST / LDAP ForgeRock: Driving Relationships Across People, Services, Things Partner Run Customer Run Privacy First Offers modern privacy and consent tools including a Profile and Privacy Management dashboard, UMA 2.0 support for compliance with GDPR, PSD2, Open Banking, etc Identity Intelligence Platform that enables relationships, access, policy, lifecycle across users, devices and things Persistent Identity Eliminate digital silos and create unified experience – people, services, things Run Anywhere Run across multiple landscapes Massive Scale Highly-performant, highly available, database for managing millions of relationships ACCESS MANAGEMENT Fine-grained, adaptive authentication, etc IDENTITY MANAGEMENT Profile & privacy management, relationships, etc
  • 4. © 2017 ForgeRock. All rights reserved. The Microservices World
  • 5. © 2017 ForgeRock. All rights reserved. Authentication vs. Authorization MS1MS0 MS3MS2 MS6 MS4 MS5 Service Authentication Authorization AuthN AuthZ AuthN / AuthZ Provider People (and devices) Services and Things
  • 6. © 2017 ForgeRock. All rights reserved. Characteristics of a sound security strategy
  • 7. © 2017 ForgeRock. All rights reserved. Simplicity
  • 8. © 2017 ForgeRock. All rights reserved. Consistency
  • 9. © 2017 ForgeRock. All rights reserved. Modernizing
  • 10. © 2017 ForgeRock. All rights reserved. Adaptable
  • 11. © 2017 ForgeRock. All rights reserved. Simplicity Consistency Modernizing Adaptable
  • 12. © 2017 ForgeRock. All rights reserved. Bringing security to life
  • 13. © 2017 ForgeRock. All rights reserved. Microservices Gateway MS1MS0 MS3MS2 MS6MS5 MS8MS7 Microservices Gateway ForgeRock Identity Gateway MS4 Authentication and Authorization Service ForgeRock Access Management Caller • Token Issuance • Token Validation • Token Exchange • Enforce token validity • Caching • Signature Validation
  • 14. © 2017 ForgeRock. All rights reserved. Microservices Segmentation MS1MS0 MS3 MS2 MS6MS5 MS8MS7 Microservices Gateway ForgeRock Identity Gateway MS4 Caller Authentication and Authorization Service ForgeRock Access Management • Token Issuance • Token Validation • Token Exchange • Enforce token validity • Caching • Signature Validation • All gateways point to AM Microservices Gateway ForgeRock Identity Gateway
  • 15. © 2017 ForgeRock. All rights reserved. µGateway ForgeRock IG µGateway ForgeRock IG Microgateways MS1MS0 Caller µGateway ForgeRock IG µGateway ForgeRock IG MS3MS2 µGateway ForgeRock IG MS4 µGateway ForgeRock IG µGateway ForgeRock IG MS6MS5 µGateway ForgeRock IG µGateway ForgeRock IG MS8MS7 Authentication and Authorization Service ForgeRock Access Management • Token Issuance • Token Validation • Token Exchange • Enforce token validity • Caching • Signature Validation • All gateways point to AM
  • 16. © 2017 ForgeRock. All rights reserved. Microservices in PaaS environments Client Load Balancer ForgeRock Access Management ForgeRock Identity Gateway ForgeRock Service Broker IDENTITY PLATFORM CF Route Service MS1MS0 MS2 MS3 CF Router 1 2 36 4 5 7 8
  • 17. © 2017 ForgeRock. All rights reserved. Benefits of Externalizing Security Think globally, act locally Download the ForgeRock Identity Platform white paper at www.forgerock.com/platform/ Got questions? Contact us at www.forgerock.com/contact/ Execute a sound security strategy Leverage a solution that’s simple, consistent, modernizing, and adaptable. Support DevOps and innovation Deploy authentication and authorization where you need it, when you need it. Holistic approach with persistent identity Integrate identity across apps and services for increased security and scale.
  • 18. © 2017 ForgeRock. All rights reserved. Thank You