Diese Präsentation wurde erfolgreich gemeldet.
Wir verwenden Ihre LinkedIn Profilangaben und Informationen zu Ihren Aktivitäten, um Anzeigen zu personalisieren und Ihnen relevantere Inhalte anzuzeigen. Sie können Ihre Anzeigeneinstellungen jederzeit ändern.
Adding Identity Management and Access Control to your Application 
Joaquin Salvachua // Álvaro Alonso 
UPM – DIT 
Security...
Identity Manager 
2
Identity Manager 
3 
Account
Oauth 2.0 
Login with
FIWARE Account (Identity Manager) Demo 
5
OAuth 2.0 
6
Oauth 2.0 Message Flow 
redirect 
access-code 
Web App Account 
request access-token 
access-token 
7 
OAuth Library 
Requ...
Oauth 2.0 Libraries 
• http://oauth.net/2/ 
– PHP, Cocoa, iOS, Java, Ruby, Javascript, 
Python. 
• Example using Node.js 
...
Oauth 2.0 Demo 
9
Web Applications and GEs 
10 
Generic Enabler 
Account 
Request + 
access-token 
Oauth2 flows 
access-token 
OK + user inf...
Web Applications and GEs 
GET https://GE_URL HTTP/1.1 
Host: GE_hostname 
X-Auth-Token: access_token 
11
Securing your back-end 
Oauth2 flows 
access_token 
12 
Web App 
Back-end 
Apps 
Account 
Request + 
access-token 
Oauth L...
Securing your back-end 
• Level 1: Authentication 
– Check if a user has a FIWARE account 
• Level 2: Basic Authorization ...
Level 1: Authentication 
Oauth2 flows 
access_token 
14 
Web App 
Back-end 
Apps 
Account 
Request + 
access-token 
Oauth ...
Level 2: Basic Authorization 
Oauth2 flows 
access_token 
15 
Web App 
Back-end 
Apps 
Account 
Request + 
access-token 
O...
Level 3: Advanced Authorization 
Oauth2 flows 
access_token 
16 
Web App 
Back-end 
Apps 
Account 
Request + 
access-token...
FIWARE Proxy Demo 
17
Documentation 
• FIWARE Account: 
– Source Code: https://github.com/ging/fi-ware- 
idm 
– Documentation: https://github.co...
Adding Identity Management and Access Control to your Application 
Álvaro Alonso 
UPM – DIT 
Security Chapter. FIWARE 
aal...
Nächste SlideShare
Wird geladen in …5
×

Adding Identity Management and Access Control to your Application

2.759 Aufrufe

Veröffentlicht am

Adding Identity Management and Access Control to your Application in the FIWARE ecosystem

Veröffentlicht in: Technologie
  • Have you ever used the help of ⇒ www.HelpWriting.net ⇐? They can help you with any type of writing - from personal statement to research paper. Due to this service you'll save your time and get an essay without plagiarism.
       Antworten 
    Sind Sie sicher, dass Sie …  Ja  Nein
    Ihre Nachricht erscheint hier
  • If you have any problems with writing, feel free to ask our writers for help! ⇒ HelpWriting.net ⇐ is ready to help with any kind of academic writing!
       Antworten 
    Sind Sie sicher, dass Sie …  Ja  Nein
    Ihre Nachricht erscheint hier
  • DOWNLOAD THIS BOOKS INTO AVAILABLE FORMAT (2019 Update) ......................................................................................................................... ......................................................................................................................... Download Full PDF EBOOK here { https://tinyurl.com/wthwjf6 } ......................................................................................................................... Download Full EPUB Ebook here { https://tinyurl.com/wthwjf6 } ......................................................................................................................... Download Full doc Ebook here { https://tinyurl.com/wthwjf6 } ......................................................................................................................... Download PDF EBOOK here { https://tinyurl.com/wthwjf6 } ......................................................................................................................... Download EPUB Ebook here { https://tinyurl.com/wthwjf6 } ......................................................................................................................... Download doc Ebook here { https://tinyurl.com/wthwjf6 } ......................................................................................................................... .........................................................................................................................
       Antworten 
    Sind Sie sicher, dass Sie …  Ja  Nein
    Ihre Nachricht erscheint hier
  • DOWNLOAD THIS BOOKS INTO AVAILABLE FORMAT (2019 Update) ......................................................................................................................... ......................................................................................................................... Download Full PDF EBOOK here { https://tinyurl.com/wthwjf6 } ......................................................................................................................... Download Full EPUB Ebook here { https://tinyurl.com/wthwjf6 } ......................................................................................................................... Download Full doc Ebook here { https://tinyurl.com/wthwjf6 } ......................................................................................................................... Download PDF EBOOK here { https://tinyurl.com/wthwjf6 } ......................................................................................................................... Download EPUB Ebook here { https://tinyurl.com/wthwjf6 } ......................................................................................................................... Download doc Ebook here { https://tinyurl.com/wthwjf6 } ......................................................................................................................... .........................................................................................................................
       Antworten 
    Sind Sie sicher, dass Sie …  Ja  Nein
    Ihre Nachricht erscheint hier

Adding Identity Management and Access Control to your Application

  1. 1. Adding Identity Management and Access Control to your Application Joaquin Salvachua // Álvaro Alonso UPM – DIT Security Chapter. FIWARE jsalvachua@dit.upm.es, @jsalvachua aalonsog@dit.upm.es, @larsonalonso
  2. 2. Identity Manager 2
  3. 3. Identity Manager 3 Account
  4. 4. Oauth 2.0 Login with
  5. 5. FIWARE Account (Identity Manager) Demo 5
  6. 6. OAuth 2.0 6
  7. 7. Oauth 2.0 Message Flow redirect access-code Web App Account request access-token access-token 7 OAuth Library Request user info using access-token
  8. 8. Oauth 2.0 Libraries • http://oauth.net/2/ – PHP, Cocoa, iOS, Java, Ruby, Javascript, Python. • Example using Node.js – https://github.com/ging/oauth2-example-client 8
  9. 9. Oauth 2.0 Demo 9
  10. 10. Web Applications and GEs 10 Generic Enabler Account Request + access-token Oauth2 flows access-token OK + user info (roles) Web App OAuth Library access_token
  11. 11. Web Applications and GEs GET https://GE_URL HTTP/1.1 Host: GE_hostname X-Auth-Token: access_token 11
  12. 12. Securing your back-end Oauth2 flows access_token 12 Web App Back-end Apps Account Request + access-token Oauth Library Proxy access-token OK + user info (roles)
  13. 13. Securing your back-end • Level 1: Authentication – Check if a user has a FIWARE account • Level 2: Basic Authorization – Checks if a user has permissions to access a resource – HTTP verb + resource path • Level 3: Advanced Authorization – Custom XACML policies
  14. 14. Level 1: Authentication Oauth2 flows access_token 14 Web App Back-end Apps Account Request + access-token Oauth Library Proxy access-token OK + user info (roles)
  15. 15. Level 2: Basic Authorization Oauth2 flows access_token 15 Web App Back-end Apps Account Request + access-token Oauth Library Proxy access-token + verb + path OK + user info AC GE
  16. 16. Level 3: Advanced Authorization Oauth2 flows access_token 16 Web App Back-end Apps Account Request + access-token Oauth Library Proxy extension XACML policy OK + user info AC GE
  17. 17. FIWARE Proxy Demo 17
  18. 18. Documentation • FIWARE Account: – Source Code: https://github.com/ging/fi-ware- idm – Documentation: https://github.com/ging/fi-ware- idm/wiki • FIWARE Access Control – http://catalogue.fi-ware.org/enablers/access-control- tha-implementation/documentation • FIWARE OAuth2 Demo: – https://github.com/ging/oauth2-example-client • FIWARE Proxy: – https://github.com/ging/fi-ware-pep-proxy 18
  19. 19. Adding Identity Management and Access Control to your Application Álvaro Alonso UPM – DIT Security Chapter. FIWARE aalonsog@dit.upm.es, @larsonalonso

×