This is the set of slides used in WSO2Con 2013 - tutorial session on the topic: "Enterprise Security and Identity Management Use Cases with WSO2 Identity Server", along with demos for each of these use cases.

1. Enterprise Security & Identity Management with WSO2 Identity Server
Prabath Siriwardena
Hasini Gunasinghe

2. Enterprise Security & Identity
Management Use Cases

3. Use cases taken from
Healthcare IT domain

4. Use Case 1
Managing identity and entitlements of the users
securely & efficiently.

5. Use Case 1 with WSO2 IS
User & role
management Active
Directory
Claim
management
LDAP
Profile
management
JDBC
Self service Custom
user
stores
Exposing over
standard APIs

6. Use Case 2
Create, maintain and terminate user accounts along
with user identities across multiple systems including
cloud applications.

7. Use Case 2 with WSO2 IS
LDAP Provisioning
system
Internal apps
Other cloud apps/services

8. Use Case 3
When there are multiple applications which require
authentication, users should be able to login at one place
and still have seamless access to all the other applications.

9. Use Case 3 with WSO2 IS

10. Use Case 4
Authorizing users to perform patient management operations
based on fine grained rules :
• Add – Allowed only for users in admin role
• Update – Allowed only for doctors of medicare.com during working hours
• View one – Allowed for doctors and nurses of medicare.com
• View all – Allowed only for doctors of medicare.com
• Delete – Allowed only for users in admin role

11. Use Case 4 with WSO2 Products

12. Use Case 5
A doctor from MediHealth – which is a partner of MediCare
should be able to view records of a patient under his/her
consultancy.

13. Use Case 5 with WSO2 Products
MediCare 4 Patient’s
Records:
Secure Token Name:
Service of Age:
MediHealth Medications:
2 Secured Proxy
3
MediHealth 1
credential
store
MediHealth

14. Use Case 6
Enable internal users as well as general public to authenticate
to the collaborative portal based on Liferay using a common
authentication mechanism.

15. Use Case 6 with WSO2 IS
2
1 3
3
1 – provide OpenID URL
2 – discover OpenID provider
3 – provide credentials and authenticate

16. Exercises
Question 1:
• Doctors of MediCare needs to retrieve their channeling appointment
details in their mobile phones from a backend REST service.

17. Exercises
Question 2:
• Doctors in a research role of MediCare needs to import electronic
medical records of patients into a web based analysis application from the
backend system.

18. Exercises
Question 3:
• External researcher who authenticates to the collaborative portal using
OpenID needs to access a BE service which requires a SAML token with
certain identity information, in order to obtain anonymized electronic
health records.

19. Exercises
Question 4:
• MediCare expands globally with many branches – each maintaining their
own user store and Identity Provider. How a doctor from SL branch can
access the patient management portal of the india branch?

20. Thank you