SlideShare ist ein Scribd-Unternehmen logo

OIS Roadmap

Als PPTX, PDF herunterladen
ForgeRock
ForgeRock

Presented by John Barco, VP of Product Management at ForgeRock Open Identity Stack Summit, France 2013. Learn more about ForgeRock Access Management: https://www.forgerock.com/platform/access-management/ Learn more about ForgeRock Identity Management: https://www.forgerock.com/platform/identity-management/

TechnologieBildung
1 von 29
Open Identity Stack Roadmap John Barco, Ludo Poitou, Johnny Cope, Victor Ake Product Management
OpenAM … Making Secure Connections 2
OpenAM: What does it do?  Access Management   Protects an organization by providing the right people with the right access at the right time Federation  Allows identity and entitlements to be portable across autonomous domains 3
OpenAM 11.0 Highlights ■ New Session Fail-Over with optimized architecture ■ OpenID Connect for developer friendly Federation ■ Developer friendly REST APIs enhancements ■ Access Management for Mobile ■ Adaptive Authentication Device Fingerprinting ■ Updated agents v3.3; New Varnish policy agent ■ IPv6 Support ■ Java 7 Support 4
Scaling for the Modern Web 10K 100M Users Users 5K 5M Concurrent sessions Concurrent sessions 50 2,500 AuthN/Sec AuthN/Sec 5
Scalability & High Availability 6
New Session Fail-Over ■ Next generation design – Removed the need of additional components (Message queue and Berkely DB) ■ Based on OpenDJ performance and replication capabilities ■ Built for simplicity, scale and replication ■ Easy to configure and set up 7
OpenID Connect = Identity, Authentication + OAuth • REST-based, friendly and secure federation, built on top of OAuth 2.0 • Ideal for Mobile and lightweight devices • Full implementation in OpenAM 11.0 (all flows including session mgmt) 8
REST Enhancements ■ Authentication REST API got better ■ Not only user & password ■ Any authentication module (x.509, Multi-factor, etc) ■ Password Reset REST API ■ Customers can build their own user interface ■ REST APIs part of the OpenAM standard offering 9
■ ■ Securely enable access to on-prem or SaaS applications from any device Platform independent support for Android, iOS, and other mobile using REST APIs ■ OpenAM provides OATH and HOTP for strong AuthN ■ Native App Native App Web App Web App REST/OAuth2/OpenID Connect OpenAM Mobile Risk-based authentication to enhance security Login App 10
Adaptive Authentication Device Fingerprinting ■ Adaptive Authentication can be added when authenticating using a mobile, or desktop ■ New Device Fingerprinting feature adds additional risk assessment to validate if the device is trusted 11
Summary Simple - Single package solution, easy to install and POC Breadth - Most features and standards support in a single product Flexible / Extensible - Open standard, APIs enable complete customization Scale - Built for managing millions of user identities 12
OpenIDM Overview
OpenIDM … Building Relationships 14
OpenIDM: What does it do?  Manage Identities   Centrally manage account lifecycle, audit & report entitlements and enable self service cost savings Embedded  RESTful interface easily integrates into modern application stacks to manage identities 15
OpenIDM 3.0 Highlights ■ Roles ■ Common User Interface ■ Reference implementation for Reporting ■ Continued support of OpenICF – Google Apps, Workday, Powershell & Scripted REST – Contribution of Advanced Connectors (RACF, SAP & TAM) ■ Multi-Tenant deployment model ■ IAG coverage with BrainWave partnership ■ Emerging opportunities in BaaS & Cloud Brokers 16
Summary Simple - Single package solution, easy to install and prove Open - The only supported open source provisioning solution in the market Modular & Extensible - Standards-based, embeddable featuring REST interfaces Scale - Built for managing millions of user identities 17
Bridge SPE Overview
Bridge SPE Overview ■ On-premise appliance to… – Synchronize identities into SaaS providers – Provide SSO / IWA – …that’s super easy to setup ■ v1 uni-directional AD-to-Salesforce ■ Bi-directional support and multisource/target ■ OEM business model 19
Bridge SPE: How does it work? ■ Lightweight install – .zip file ■ Configure source & target – Source properties & target OAuth ■ Synchronize users – Attribute Mapping ■ SSO with Kerberos / IWA 20
OpenDJ Overview
22
High Level Strategy ■ Providing the Identity repository for the hybrid cloudenterprise. ■ Made easy for the Administrators and the developers ■ Customers want a reliable, highly available directory service that scales vertically and horizontally anywhere. 23
Ubiquitous Directories Service cloud Amazon EC2 Company IDP Headquarter London San Francisco 24
REST to LDAP ■ Provides a new way to access the directory data ■ One familiar to most developers : – HTTP / REST / JSON ■ SCIM like (and soon compliant) ■ Available embedded in OpenDJ or web application 25
Scaling for the Cloud ■ Horizontal and elastic scalability ■ Complete support for multi-tenants 26
What you need to know ■ OpenDJ 2.6.0 released end of June 2013 ■ OpenDJ 3.0 will come mid 2014, with Proxy services ■ REST to LDAP is a game changer. – Try it now and give us feedback. 27
Summary Developer Friendly - LDAP, REST/JSON, WEB Services 100% Pure Java - Runs Anywhere, Embeddable Very High Performance - For both READS and WRITES Highly Scalable and Available - Scale to 100M+ users, Multi-Master Replication for HA / Geo Avail. 28
Thanks!

Empfohlen

WSO2 Product Release Webinar Introducing WSO2 API Manager for Complete API ...
WSO2 Product Release Webinar Introducing WSO2 API Manager for Complete API ...WSO2 Product Release Webinar Introducing WSO2 API Manager for Complete API ...
WSO2 Product Release Webinar Introducing WSO2 API Manager for Complete API ...
WSO2
 
How APIs Can Be Secured in Mobile Environments
How APIs Can Be Secured in Mobile EnvironmentsHow APIs Can Be Secured in Mobile Environments
How APIs Can Be Secured in Mobile Environments
WSO2
 
WSO2Con USA 2017: Managing Verifone’s New Payment Device “Carbon” with WSO2’s...
WSO2Con USA 2017: Managing Verifone’s New Payment Device “Carbon” with WSO2’s...WSO2Con USA 2017: Managing Verifone’s New Payment Device “Carbon” with WSO2’s...
WSO2Con USA 2017: Managing Verifone’s New Payment Device “Carbon” with WSO2’s...
WSO2
 
Anypoint platform security components
Anypoint platform security componentsAnypoint platform security components
Anypoint platform security components
D.Rajesh Kumar
 
MQ Messaging
MQ MessagingMQ Messaging
MQ Messaging
Carolyn Crowe
 
Framework WSo2 orientato ai servizi
Framework WSo2 orientato ai serviziFramework WSo2 orientato ai servizi
Framework WSo2 orientato ai servizi
Profesia Srl, Lynx Group
 
WSO2 Application Server - 5.0.0
WSO2 Application Server - 5.0.0WSO2 Application Server - 5.0.0
WSO2 Application Server - 5.0.0
WSO2
 
Directory Services with the ForgeRock Identity Platform - So What’s New?
Directory Services with the ForgeRock Identity Platform - So What’s New?Directory Services with the ForgeRock Identity Platform - So What’s New?
Directory Services with the ForgeRock Identity Platform - So What’s New?
ForgeRock
 

Empfohlen

WSO2 Product Release Webinar Introducing WSO2 API Manager for Complete API ...
WSO2 Product Release Webinar Introducing WSO2 API Manager for Complete API ...WSO2 Product Release Webinar Introducing WSO2 API Manager for Complete API ...
WSO2 Product Release Webinar Introducing WSO2 API Manager for Complete API ...
WSO2
 
How APIs Can Be Secured in Mobile Environments
How APIs Can Be Secured in Mobile EnvironmentsHow APIs Can Be Secured in Mobile Environments
How APIs Can Be Secured in Mobile Environments
WSO2
 
WSO2Con USA 2017: Managing Verifone’s New Payment Device “Carbon” with WSO2’s...
WSO2Con USA 2017: Managing Verifone’s New Payment Device “Carbon” with WSO2’s...WSO2Con USA 2017: Managing Verifone’s New Payment Device “Carbon” with WSO2’s...
WSO2Con USA 2017: Managing Verifone’s New Payment Device “Carbon” with WSO2’s...
WSO2
 
Anypoint platform security components
Anypoint platform security componentsAnypoint platform security components
Anypoint platform security components
D.Rajesh Kumar
 
MQ Messaging
MQ MessagingMQ Messaging
MQ Messaging
Carolyn Crowe
 
Framework WSo2 orientato ai servizi
Framework WSo2 orientato ai serviziFramework WSo2 orientato ai servizi
Framework WSo2 orientato ai servizi
Profesia Srl, Lynx Group
 
WSO2 Application Server - 5.0.0
WSO2 Application Server - 5.0.0WSO2 Application Server - 5.0.0
WSO2 Application Server - 5.0.0
WSO2
 
Directory Services with the ForgeRock Identity Platform - So What’s New?
Directory Services with the ForgeRock Identity Platform - So What’s New?Directory Services with the ForgeRock Identity Platform - So What’s New?
Directory Services with the ForgeRock Identity Platform - So What’s New?
ForgeRock
 
APIConnect Security Best Practice
APIConnect Security Best PracticeAPIConnect Security Best Practice
APIConnect Security Best Practice
Shiu-Fun Poon
 
Integration Solution Patterns
Integration Solution Patterns Integration Solution Patterns
Integration Solution Patterns
WSO2
 
Heterogeneous Enterprise and Cloud Systems
Heterogeneous Enterprise and Cloud SystemsHeterogeneous Enterprise and Cloud Systems
Heterogeneous Enterprise and Cloud Systems
WSO2
 
Token vs Cookies (DevoxxMA 2015)
Token vs Cookies (DevoxxMA 2015)Token vs Cookies (DevoxxMA 2015)
Token vs Cookies (DevoxxMA 2015)
Markus Schlichting
 
Building A Cloud Platform
Building A Cloud PlatformBuilding A Cloud Platform
Building A Cloud Platform
WSO2
 
iPlanet presentation
iPlanet presentationiPlanet presentation
iPlanet presentation
rogerkellerman
 
Summer School - Demonstrating Cloud Value
Summer School - Demonstrating Cloud Value Summer School - Demonstrating Cloud Value
Summer School - Demonstrating Cloud Value
WSO2
 
How to integration DataPower with Zos
How to integration DataPower with ZosHow to integration DataPower with Zos
How to integration DataPower with Zos
Shiu-Fun Poon
 
Gateway/APIC security
Gateway/APIC securityGateway/APIC security
Gateway/APIC security
Shiu-Fun Poon
 
API Security In Cloud Native Era
API Security In Cloud Native EraAPI Security In Cloud Native Era
API Security In Cloud Native Era
WSO2
 
WSO2 Cloud and Platform as a Service Strategy
WSO2 Cloud and Platform as a Service StrategyWSO2 Cloud and Platform as a Service Strategy
WSO2 Cloud and Platform as a Service Strategy
Imesh Gunaratne
 
Introducing WSO2 API Manager for Mobile Applications and Rapid Integration
Introducing WSO2 API Manager for Mobile Applications and Rapid IntegrationIntroducing WSO2 API Manager for Mobile Applications and Rapid Integration
Introducing WSO2 API Manager for Mobile Applications and Rapid Integration
WSO2
 
Mule security
Mule securityMule security
Mule security
D.Rajesh Kumar
 
Webinar: Access Management with the ForgeRock Identity Platform - So What’s N...
Webinar: Access Management with the ForgeRock Identity Platform - So What’s N...Webinar: Access Management with the ForgeRock Identity Platform - So What’s N...
Webinar: Access Management with the ForgeRock Identity Platform - So What’s N...
ForgeRock
 
A Walk through SSO
A Walk through SSOA Walk through SSO
A Walk through SSO
WSO2
 
WSO2 Product Release Webinar - Whats new in the WSO2 API Manager
WSO2 Product Release Webinar - Whats new in the WSO2 API ManagerWSO2 Product Release Webinar - Whats new in the WSO2 API Manager
WSO2 Product Release Webinar - Whats new in the WSO2 API Manager
WSO2
 
WSO2 API microgateway introduction
WSO2 API microgateway introductionWSO2 API microgateway introduction
WSO2 API microgateway introduction
Chanaka Fernando
 
Open Identity Stack Roadmap
Open Identity Stack RoadmapOpen Identity Stack Roadmap
Open Identity Stack Roadmap
ForgeRock
 
CIS14: Building a Plug-in with the PingAccess SDK
CIS14: Building a Plug-in with the PingAccess SDKCIS14: Building a Plug-in with the PingAccess SDK
CIS14: Building a Plug-in with the PingAccess SDK
CloudIDSummit
 
Real-time Monitoring of API Architectures
Real-time Monitoring of API ArchitecturesReal-time Monitoring of API Architectures
Real-time Monitoring of API Architectures
Profesia Srl, Lynx Group
 
Red Hat Openshift on Microsoft Azure
Red Hat Openshift on Microsoft AzureRed Hat Openshift on Microsoft Azure
Red Hat Openshift on Microsoft Azure
John Archer
 
API Management within a Microservice Architecture
API Management within a Microservice ArchitectureAPI Management within a Microservice Architecture
API Management within a Microservice Architecture
WSO2
 

Weitere ähnliche Inhalte

Was ist angesagt?

Integration Solution Patterns
Integration Solution Patterns Integration Solution Patterns
Integration Solution Patterns
WSO2
 
Heterogeneous Enterprise and Cloud Systems
Heterogeneous Enterprise and Cloud SystemsHeterogeneous Enterprise and Cloud Systems
Heterogeneous Enterprise and Cloud Systems
WSO2
 
Building A Cloud Platform
Building A Cloud PlatformBuilding A Cloud Platform
Building A Cloud Platform
WSO2
 
Summer School - Demonstrating Cloud Value
Summer School - Demonstrating Cloud Value Summer School - Demonstrating Cloud Value
Summer School - Demonstrating Cloud Value
WSO2
 
API Security In Cloud Native Era
API Security In Cloud Native EraAPI Security In Cloud Native Era
API Security In Cloud Native Era
WSO2
 
Introducing WSO2 API Manager for Mobile Applications and Rapid Integration
Introducing WSO2 API Manager for Mobile Applications and Rapid IntegrationIntroducing WSO2 API Manager for Mobile Applications and Rapid Integration
Introducing WSO2 API Manager for Mobile Applications and Rapid Integration
WSO2
 
A Walk through SSO
A Walk through SSOA Walk through SSO
A Walk through SSO
WSO2
 
WSO2 Product Release Webinar - Whats new in the WSO2 API Manager
WSO2 Product Release Webinar - Whats new in the WSO2 API ManagerWSO2 Product Release Webinar - Whats new in the WSO2 API Manager
WSO2 Product Release Webinar - Whats new in the WSO2 API Manager
WSO2
 

Was ist angesagt? (20)

APIConnect Security Best Practice
APIConnect Security Best PracticeAPIConnect Security Best Practice
APIConnect Security Best Practice
 
Integration Solution Patterns
Integration Solution Patterns Integration Solution Patterns
Integration Solution Patterns
 
Heterogeneous Enterprise and Cloud Systems
Heterogeneous Enterprise and Cloud SystemsHeterogeneous Enterprise and Cloud Systems
Heterogeneous Enterprise and Cloud Systems
 
Token vs Cookies (DevoxxMA 2015)
Token vs Cookies (DevoxxMA 2015)Token vs Cookies (DevoxxMA 2015)
Token vs Cookies (DevoxxMA 2015)
 
Building A Cloud Platform
Building A Cloud PlatformBuilding A Cloud Platform
Building A Cloud Platform
 
iPlanet presentation
iPlanet presentationiPlanet presentation
iPlanet presentation
 
Summer School - Demonstrating Cloud Value
Summer School - Demonstrating Cloud Value Summer School - Demonstrating Cloud Value
Summer School - Demonstrating Cloud Value
 
How to integration DataPower with Zos
How to integration DataPower with ZosHow to integration DataPower with Zos
How to integration DataPower with Zos
 
Gateway/APIC security
Gateway/APIC securityGateway/APIC security
Gateway/APIC security
 
API Security In Cloud Native Era
API Security In Cloud Native EraAPI Security In Cloud Native Era
API Security In Cloud Native Era
 
WSO2 Cloud and Platform as a Service Strategy
WSO2 Cloud and Platform as a Service StrategyWSO2 Cloud and Platform as a Service Strategy
WSO2 Cloud and Platform as a Service Strategy
 
Introducing WSO2 API Manager for Mobile Applications and Rapid Integration
Introducing WSO2 API Manager for Mobile Applications and Rapid IntegrationIntroducing WSO2 API Manager for Mobile Applications and Rapid Integration
Introducing WSO2 API Manager for Mobile Applications and Rapid Integration
 
Mule security
Mule securityMule security
Mule security
 
Webinar: Access Management with the ForgeRock Identity Platform - So What’s N...
Webinar: Access Management with the ForgeRock Identity Platform - So What’s N...Webinar: Access Management with the ForgeRock Identity Platform - So What’s N...
Webinar: Access Management with the ForgeRock Identity Platform - So What’s N...
 
A Walk through SSO
A Walk through SSOA Walk through SSO
A Walk through SSO
 
WSO2 Product Release Webinar - Whats new in the WSO2 API Manager
WSO2 Product Release Webinar - Whats new in the WSO2 API ManagerWSO2 Product Release Webinar - Whats new in the WSO2 API Manager
WSO2 Product Release Webinar - Whats new in the WSO2 API Manager
 
WSO2 API microgateway introduction
WSO2 API microgateway introductionWSO2 API microgateway introduction
WSO2 API microgateway introduction
 
Open Identity Stack Roadmap
Open Identity Stack RoadmapOpen Identity Stack Roadmap
Open Identity Stack Roadmap
 
CIS14: Building a Plug-in with the PingAccess SDK
CIS14: Building a Plug-in with the PingAccess SDKCIS14: Building a Plug-in with the PingAccess SDK
CIS14: Building a Plug-in with the PingAccess SDK
 
Real-time Monitoring of API Architectures
Real-time Monitoring of API ArchitecturesReal-time Monitoring of API Architectures
Real-time Monitoring of API Architectures
 

Ähnlich wie OIS Roadmap

AWS Summit Singapore - Focus on your Business with Predictive Analytics, Cont...
AWS Summit Singapore - Focus on your Business with Predictive Analytics, Cont...AWS Summit Singapore - Focus on your Business with Predictive Analytics, Cont...
AWS Summit Singapore - Focus on your Business with Predictive Analytics, Cont...
Amazon Web Services
 
Securing Red Hat OpenShift Containerized Applications At Enterprise Scale
Securing Red Hat OpenShift Containerized Applications At Enterprise ScaleSecuring Red Hat OpenShift Containerized Applications At Enterprise Scale
Securing Red Hat OpenShift Containerized Applications At Enterprise Scale
DevOps.com
 
WSO2Con EU 2015: Case Study – Digital Transformation: To Monetise Business by...
WSO2Con EU 2015: Case Study – Digital Transformation: To Monetise Business by...WSO2Con EU 2015: Case Study – Digital Transformation: To Monetise Business by...
WSO2Con EU 2015: Case Study – Digital Transformation: To Monetise Business by...
WSO2
 
The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0
The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0
The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0
WSO2
 

Ähnlich wie OIS Roadmap (20)

Red Hat Openshift on Microsoft Azure
Red Hat Openshift on Microsoft AzureRed Hat Openshift on Microsoft Azure
Red Hat Openshift on Microsoft Azure
 
API Management within a Microservice Architecture
API Management within a Microservice ArchitectureAPI Management within a Microservice Architecture
API Management within a Microservice Architecture
 
API Management Within a Microservices Architecture
API Management Within a Microservices Architecture API Management Within a Microservices Architecture
API Management Within a Microservices Architecture
 
WSO2 Workshop Sydney 2016 - APIs
WSO2 Workshop Sydney 2016 - APIsWSO2 Workshop Sydney 2016 - APIs
WSO2 Workshop Sydney 2016 - APIs
 
Webinar: OpenIDM 3.1
Webinar: OpenIDM 3.1Webinar: OpenIDM 3.1
Webinar: OpenIDM 3.1
 
2014 q3-platform-update-v1.06.johnmathon
2014 q3-platform-update-v1.06.johnmathon2014 q3-platform-update-v1.06.johnmathon
2014 q3-platform-update-v1.06.johnmathon
 
DevOps on Steroids Featuring Red Hat & Alantiss - Pop-up Loft Tel Aviv
DevOps on Steroids Featuring Red Hat & Alantiss - Pop-up Loft Tel AvivDevOps on Steroids Featuring Red Hat & Alantiss - Pop-up Loft Tel Aviv
DevOps on Steroids Featuring Red Hat & Alantiss - Pop-up Loft Tel Aviv
 
AWS Summit Singapore - Focus on your Business with Predictive Analytics, Cont...
AWS Summit Singapore - Focus on your Business with Predictive Analytics, Cont...AWS Summit Singapore - Focus on your Business with Predictive Analytics, Cont...
AWS Summit Singapore - Focus on your Business with Predictive Analytics, Cont...
 
Securing Red Hat OpenShift Containerized Applications At Enterprise Scale
Securing Red Hat OpenShift Containerized Applications At Enterprise ScaleSecuring Red Hat OpenShift Containerized Applications At Enterprise Scale
Securing Red Hat OpenShift Containerized Applications At Enterprise Scale
 
WSO2Con EU 2015: Case Study – Digital Transformation: To Monetise Business by...
WSO2Con EU 2015: Case Study – Digital Transformation: To Monetise Business by...WSO2Con EU 2015: Case Study – Digital Transformation: To Monetise Business by...
WSO2Con EU 2015: Case Study – Digital Transformation: To Monetise Business by...
 
IBM Open Cloud Update XCITE Fall 2014
IBM Open Cloud Update XCITE Fall 2014IBM Open Cloud Update XCITE Fall 2014
IBM Open Cloud Update XCITE Fall 2014
 
Dev ops
Dev opsDev ops
Dev ops
 
[Workshop] API-driven Integration
[Workshop] API-driven Integration[Workshop] API-driven Integration
[Workshop] API-driven Integration
 
Oow2016 review--paas-microservices-
Oow2016 review--paas-microservices-Oow2016 review--paas-microservices-
Oow2016 review--paas-microservices-
 
The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0
The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0
The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0
 
.NET Cloud-Native Bootcamp- Los Angeles
.NET Cloud-Native Bootcamp- Los Angeles.NET Cloud-Native Bootcamp- Los Angeles
.NET Cloud-Native Bootcamp- Los Angeles
 
Digital Transformation: Connected API Ecosystems
Digital Transformation: Connected API EcosystemsDigital Transformation: Connected API Ecosystems
Digital Transformation: Connected API Ecosystems
 
Cloud Computing & Sun Vision 03262009
Cloud Computing & Sun Vision 03262009Cloud Computing & Sun Vision 03262009
Cloud Computing & Sun Vision 03262009
 
OpenShift Overview - Red Hat Open House 2017
OpenShift Overview - Red Hat Open House 2017OpenShift Overview - Red Hat Open House 2017
OpenShift Overview - Red Hat Open House 2017
 
Synergies across APIs and IAM
Synergies across APIs and IAMSynergies across APIs and IAM
Synergies across APIs and IAM
 

Mehr von ForgeRock

ForgeRock and Trusona - Simplifying the Multi-factor User Experience
ForgeRock and Trusona - Simplifying the Multi-factor User ExperienceForgeRock and Trusona - Simplifying the Multi-factor User Experience
ForgeRock and Trusona - Simplifying the Multi-factor User Experience
ForgeRock
 

Mehr von ForgeRock (20)

Digital Identities in the Internet of Things - Securely Manage Devices at Scale
Digital Identities in the Internet of Things - Securely Manage Devices at ScaleDigital Identities in the Internet of Things - Securely Manage Devices at Scale
Digital Identities in the Internet of Things - Securely Manage Devices at Scale
 
Get the Exact Identity Solution You Need - In the Cloud - AWS and Beyond
Get the Exact Identity Solution You Need - In the Cloud - AWS and BeyondGet the Exact Identity Solution You Need - In the Cloud - AWS and Beyond
Get the Exact Identity Solution You Need - In the Cloud - AWS and Beyond
 
Identity Live Sydney: Identity Management - A Strategic Opportunity
Identity Live Sydney: Identity Management - A Strategic OpportunityIdentity Live Sydney: Identity Management - A Strategic Opportunity
Identity Live Sydney: Identity Management - A Strategic Opportunity
 
Identity Live Singapore: Transform Your Cybersecurity Capability
Identity Live Singapore: Transform Your Cybersecurity CapabilityIdentity Live Singapore: Transform Your Cybersecurity Capability
Identity Live Singapore: Transform Your Cybersecurity Capability
 
Identity Live Singapore 2018 Keynote Presentation
Identity Live Singapore 2018 Keynote PresentationIdentity Live Singapore 2018 Keynote Presentation
Identity Live Singapore 2018 Keynote Presentation
 
Identity Live Sydney 2018 Keynote Presentation
Identity Live Sydney 2018 Keynote PresentationIdentity Live Sydney 2018 Keynote Presentation
Identity Live Sydney 2018 Keynote Presentation
 
Identity Live Singapore: Just Ask 'Em
Identity Live Singapore: Just Ask 'EmIdentity Live Singapore: Just Ask 'Em
Identity Live Singapore: Just Ask 'Em
 
Identity Live Singapore: Building Trust & Privacy in a Connected Society
Identity Live Singapore: Building Trust & Privacy in a Connected SocietyIdentity Live Singapore: Building Trust & Privacy in a Connected Society
Identity Live Singapore: Building Trust & Privacy in a Connected Society
 
Identity Live Sydney: Intelligent Authentication
Identity Live Sydney: Intelligent Authentication Identity Live Sydney: Intelligent Authentication
Identity Live Sydney: Intelligent Authentication
 
Identity Live Sydney: Building Trust and Privacy in a Connected Society
Identity Live Sydney: Building Trust and Privacy in a Connected SocietyIdentity Live Sydney: Building Trust and Privacy in a Connected Society
Identity Live Sydney: Building Trust and Privacy in a Connected Society
 
Get the Exact Identity Solution you Need in the Cloud - Deep Dive
Get the Exact Identity Solution you Need in the Cloud - Deep DiveGet the Exact Identity Solution you Need in the Cloud - Deep Dive
Get the Exact Identity Solution you Need in the Cloud - Deep Dive
 
Get the Exact Identity Solution You Need - In the Cloud - Overview
Get the Exact Identity Solution You Need - In the Cloud - OverviewGet the Exact Identity Solution You Need - In the Cloud - Overview
Get the Exact Identity Solution You Need - In the Cloud - Overview
 
ForgeRock and Trusona - Simplifying the Multi-factor User Experience
ForgeRock and Trusona - Simplifying the Multi-factor User ExperienceForgeRock and Trusona - Simplifying the Multi-factor User Experience
ForgeRock and Trusona - Simplifying the Multi-factor User Experience
 
Opening Keynote (Identity Live Berlin 2018)
Opening Keynote (Identity Live Berlin 2018)Opening Keynote (Identity Live Berlin 2018)
Opening Keynote (Identity Live Berlin 2018)
 
Steinberg - Customer identity as the cornerstone of our approach to digitaliz...
Steinberg - Customer identity as the cornerstone of our approach to digitaliz...Steinberg - Customer identity as the cornerstone of our approach to digitaliz...
Steinberg - Customer identity as the cornerstone of our approach to digitaliz...
 
BMW Group - Identity Enables the Next 100 Years.. (Identity Live Berlin 2018)
BMW Group - Identity Enables the Next 100 Years.. (Identity Live Berlin 2018)BMW Group - Identity Enables the Next 100 Years.. (Identity Live Berlin 2018)
BMW Group - Identity Enables the Next 100 Years.. (Identity Live Berlin 2018)
 
Trust is Everything - The Future of Identity and the ForgeRock Platform (Iden...
Trust is Everything - The Future of Identity and the ForgeRock Platform (Iden...Trust is Everything - The Future of Identity and the ForgeRock Platform (Iden...
Trust is Everything - The Future of Identity and the ForgeRock Platform (Iden...
 
Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...
Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...
Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...
 
Shift from GDPR readiness to sustained compliance to improve your business an...
Shift from GDPR readiness to sustained compliance to improve your business an...Shift from GDPR readiness to sustained compliance to improve your business an...
Shift from GDPR readiness to sustained compliance to improve your business an...
 
Intelligent Authentication (Identity Live Berlin 2018)
Intelligent Authentication (Identity Live Berlin 2018)Intelligent Authentication (Identity Live Berlin 2018)
Intelligent Authentication (Identity Live Berlin 2018)
 

Kürzlich hochgeladen

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Victor Rentea
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 

Kürzlich hochgeladen (20)

DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 

OIS Roadmap

  • 1. Open Identity Stack Roadmap John Barco, Ludo Poitou, Johnny Cope, Victor Ake Product Management
  • 3. OpenAM: What does it do?  Access Management   Protects an organization by providing the right people with the right access at the right time Federation  Allows identity and entitlements to be portable across autonomous domains 3
  • 4. OpenAM 11.0 Highlights ■ New Session Fail-Over with optimized architecture ■ OpenID Connect for developer friendly Federation ■ Developer friendly REST APIs enhancements ■ Access Management for Mobile ■ Adaptive Authentication Device Fingerprinting ■ Updated agents v3.3; New Varnish policy agent ■ IPv6 Support ■ Java 7 Support 4
  • 5. Scaling for the Modern Web 10K 100M Users Users 5K 5M Concurrent sessions Concurrent sessions 50 2,500 AuthN/Sec AuthN/Sec 5
  • 6. Scalability & High Availability 6
  • 7. New Session Fail-Over ■ Next generation design – Removed the need of additional components (Message queue and Berkely DB) ■ Based on OpenDJ performance and replication capabilities ■ Built for simplicity, scale and replication ■ Easy to configure and set up 7
  • 8. OpenID Connect = Identity, Authentication + OAuth • REST-based, friendly and secure federation, built on top of OAuth 2.0 • Ideal for Mobile and lightweight devices • Full implementation in OpenAM 11.0 (all flows including session mgmt) 8
  • 9. REST Enhancements ■ Authentication REST API got better ■ Not only user & password ■ Any authentication module (x.509, Multi-factor, etc) ■ Password Reset REST API ■ Customers can build their own user interface ■ REST APIs part of the OpenAM standard offering 9
  • 10. ■ ■ Securely enable access to on-prem or SaaS applications from any device Platform independent support for Android, iOS, and other mobile using REST APIs ■ OpenAM provides OATH and HOTP for strong AuthN ■ Native App Native App Web App Web App REST/OAuth2/OpenID Connect OpenAM Mobile Risk-based authentication to enhance security Login App 10
  • 11. Adaptive Authentication Device Fingerprinting ■ Adaptive Authentication can be added when authenticating using a mobile, or desktop ■ New Device Fingerprinting feature adds additional risk assessment to validate if the device is trusted 11
  • 12. Summary Simple - Single package solution, easy to install and POC Breadth - Most features and standards support in a single product Flexible / Extensible - Open standard, APIs enable complete customization Scale - Built for managing millions of user identities 12
  • 15. OpenIDM: What does it do?  Manage Identities   Centrally manage account lifecycle, audit & report entitlements and enable self service cost savings Embedded  RESTful interface easily integrates into modern application stacks to manage identities 15
  • 16. OpenIDM 3.0 Highlights ■ Roles ■ Common User Interface ■ Reference implementation for Reporting ■ Continued support of OpenICF – Google Apps, Workday, Powershell & Scripted REST – Contribution of Advanced Connectors (RACF, SAP & TAM) ■ Multi-Tenant deployment model ■ IAG coverage with BrainWave partnership ■ Emerging opportunities in BaaS & Cloud Brokers 16
  • 17. Summary Simple - Single package solution, easy to install and prove Open - The only supported open source provisioning solution in the market Modular & Extensible - Standards-based, embeddable featuring REST interfaces Scale - Built for managing millions of user identities 17
  • 19. Bridge SPE Overview ■ On-premise appliance to… – Synchronize identities into SaaS providers – Provide SSO / IWA – …that’s super easy to setup ■ v1 uni-directional AD-to-Salesforce ■ Bi-directional support and multisource/target ■ OEM business model 19
  • 20. Bridge SPE: How does it work? ■ Lightweight install – .zip file ■ Configure source & target – Source properties & target OAuth ■ Synchronize users – Attribute Mapping ■ SSO with Kerberos / IWA 20
  • 22. 22
  • 23. High Level Strategy ■ Providing the Identity repository for the hybrid cloudenterprise. ■ Made easy for the Administrators and the developers ■ Customers want a reliable, highly available directory service that scales vertically and horizontally anywhere. 23
  • 24. Ubiquitous Directories Service cloud Amazon EC2 Company IDP Headquarter London San Francisco 24
  • 25. REST to LDAP ■ Provides a new way to access the directory data ■ One familiar to most developers : – HTTP / REST / JSON ■ SCIM like (and soon compliant) ■ Available embedded in OpenDJ or web application 25
  • 26. Scaling for the Cloud ■ Horizontal and elastic scalability ■ Complete support for multi-tenants 26
  • 27. What you need to know ■ OpenDJ 2.6.0 released end of June 2013 ■ OpenDJ 3.0 will come mid 2014, with Proxy services ■ REST to LDAP is a game changer. – Try it now and give us feedback. 27
  • 28. Summary Developer Friendly - LDAP, REST/JSON, WEB Services 100% Pure Java - Runs Anywhere, Embeddable Very High Performance - For both READS and WRITES Highly Scalable and Available - Scale to 100M+ users, Multi-Master Replication for HA / Geo Avail. 28