SlideShare ist ein Scribd-Unternehmen logo

Identity Management: Using OIDC to Empower the Next-Generation Apps

Als PPTX, PDF herunterladen
Tom Freestone
Tom Freestone

The document discusses using OpenID Connect (OIDC) to enable authentication for mobile and cloud applications. It outlines some challenges of moving to mobile and cloud platforms, such as how to reuse existing systems and maximize past investments. The document then presents OIDC as a solution, describing how it allows for flexible authentication of users across devices and applications through an open standard for identity federation. It provides examples of how OIDC improves upon traditional authentication methods for both service accounts and user-based access.

Internet
1 von 28
Identity Management: Using OIDC to Empower the Next-Generation of Applications Tom Freestone LDS Church © 2016 by Intellectual Reserve, Inc. All rights reserved.
The future computing platforms are MOBILE and CLOUD! Mobile Computing - present and the future 2.4 billion mobile devices in 2013 and 2.5 billion in 2014. 81+ billion apps downloaded in 2013. There are 6.8 billion people on the planet at present. 4 billion own mobile phones. Gartner Group - World Wide Devices Shipments Internet of Things In the Cloud EVERYTHING is an API. APIs are an integral part of what are arguably the three major forces currently transforming the Web and IT landscape —Mobile, Social and Cloud Computing. API © 2016 by Intellectual Reserve, Inc. All rights reserved.
• How do we design and develop solutions that meet the growth and the diversity of a global user base? • How do we move large enterprise solutions and systems to embrace mobile and cloud computing? • How do we maximize our past investments in technology solutions and embrace new and evolving industry technology advancements? • How do we significantly reduce costs and encourage greater reuse of core systems and services across the enterprise? Preparing for the future - MOBILE and CLOUD! © 2016 by Intellectual Reserve, Inc. All rights reserved.
Legacy Applications & Systems Monolithic Application-centric DB-coupled Component & Services Architecture Web Services Integrations Mobile/Web Components Mobile – Web - Device Platform as a Service Hybrid CloudData Center AWS Azure Cloud Mobile Application Architecture © 2016 by Intellectual Reserve, Inc. All rights reserved.
IdentityIdentity ? © 2016 by Intellectual Reserve, Inc. All rights reserved.
Identity ? AuthorizationAuthentication © 2016 by Intellectual Reserve, Inc. All rights reserved.
? Who is the user? Entity Claims Attributes Identity is a set of claims. © 2016 by Intellectual Reserve, Inc. All rights reserved.
Entity Attributes https://www.flickr.com/photos/74373690@N00/13949707621/ via Compfight (License: https://creativecommons.org/licenses/by-nc/2.0/)
What is the user allowed to do? Who What Why WhenHow Attributes Policy © 2016 by Intellectual Reserve, Inc. All rights reserved.
What is the user allowed to do? Authenticated Users Users that work for … Users that belong to Web Access Mgmt. © 2016 by Intellectual Reserve, Inc. All rights reserved.
Reverse Proxies • Passes Headers • Protects URL’s • Manages SSO Session • Data Center Co-location The Traditional Solution: Authorization/Authentication? © 2016 by Intellectual Reserve, Inc. All rights reserved.
The world of reverse proxies … protected, but ... https://www.flickr.com/photos/13748147@N02/2070083736/ via Compfight (License: https://creativecommons.org/licenses/by-nc-nd/2.0/)
The real world is complex and interconnected. http://steffondavis.com/visualizing-taste-in-art-with-big-data-curation-analysis-curalytics-and-curiator/
Enterprise SaaS Private Cloud PaaS (Cloud foundry) Development Stacks Web Services PaaS Web Services Public CloudPublic Cloud Hybrid Cloud Cloud Approach Hybrid Cloud: A cloud computing service that is composed of some combination of private, public, and community cloud services, from different service providers, for capacity or capability Cloud Mobile Integration • Must support existing systems (legacy) = Hybrid • Everything moving to “Services” (APIs) • Mobile/Web Development (Open Standards) • Services Oriented Architecture (SOA) • Migration/On Ramp (Security, SaaS, etc.) © 2016 by Intellectual Reserve, Inc. All rights reserved.
How do we move to the cloud and still authenticate our users? © 2016 by Intellectual Reserve, Inc. All rights reserved.
Federation © 2016 by Intellectual Reserve, Inc. All rights reserved.
Traditional vs. Federated Reverse Proxies • Passes Headers • Protects URL’s • Manages SSO Session • Data Center Colocation Application • Consumes attributes • Protects its own URL’s • Manages its own session • Data Center Independence © 2016 by Intellectual Reserve, Inc. All rights reserved.
Icon design by Paomedia and Ivan Boyko Interoperable Flexible Secure Simple OIDC Benefits © 2016 by Intellectual Reserve, Inc. All rights reserved.
Basic OIDC Protocol End User OIDC Provider Client 1. AuthN Request 2. AuthN & AuthZ 3. AuthN Response 4. UserInfo Request 5. UserInfo Response Abstract OIDC Protocol: 1.2 OIDC-Core Spec Client application requiring End-User Authentication and Claims from an OIDC Provider. Provides identity as a service using OIDC through the Token endpoint, UserInfo endpoint, & Authorization endpoint. Also referred to as the “User Agent,” meaning the browser. © 2016 by Intellectual Reserve, Inc. All rights reserved.
AntiPattern #1 LDAP Service Accounts Application / Client Get Use Protected API (Resource Server) LDAP 1. Request (Basic Auth username: password) 2. LDAP Bind username:password 3. Data © 2016 by Intellectual Reserve, Inc. All rights reserved.
Pattern #1 Service Account using OIDC Application / Client Get Use 1. Request Token (Client_id / userId) Token Token 2. 3. Make Request Protected API Authorization Server 4. Validate Token 5. Valid Token 7. Return Data Token © 2016 by Intellectual Reserve, Inc. All rights reserved.
Pattern #1 Service Account – Getting Tokens curl https://openam.example.com:8443/openam/.well-known/openid-configuration { "response_types_supported": [ "token id_token", "code token", "code token id_token", "token", "code id_token", "code", "id_token" ], "registration_endpoint": "https://ident.example.com:8443/openam/oauth2/connect/register", "token_endpoint": "https://ident.example.com:8443/openam/oauth2/access_token", "end_session_endpoint": "https://ident.example.com:8443/openam/oauth2/connect/endSession", "version": "3.0", "userinfo_endpoint": "https://ident.example.com:8443/openam/oauth2/userinfo", "subject_types_supported": [ "public" ], "issuer": "https://ident.example.com:8443/openam", "jwks_uri": "https://ident.example.com:8443/openam/oauth2/connect/jwk_uri?realm=/", "id_token_signing_alg_values_supported": [ "HS256", "HS512", "RS256", "HS384" ], "check_session_iframe": "https://ident.example.com:8443/openam/oauth2/connect/checkSession", "claims_supported": [ "phone", "email", "address", "openid", "profile" ], "authorization_endpoint": "https://ident.example.com:8443/openam/oauth2/authorize" } curl --request POST --user "masterClient:password" --data "grant_type=password&username=someUser&password=password" https://ident.example.com:8443/openam/oauth2/access_token { "expires_in": 59, "token_type": "Bearer", "refresh_token": "26938cd0-6870-4e31-ade9-df31afc37ee1", "access_token": "515d6551-4512-4279-98b6-c0ef3f03a722" } Authorization, Bearer 515d6551-4512-4279-98b6-c0ef3f03a722 © 2016 by Intellectual Reserve, Inc. All rights reserved.
1. Using App Client Login Page Owner 3. Post User/password to login page 4. Get cookies 5. Request Data 6. Data 2. Collect User/Password Get Use AntiPattern #2 Session Hijack © 2016 by Intellectual Reserve, Inc. All rights reserved
1. Using App Client Authorization Server Owner 3.Authorize 4. Authorization Code 5. Authorization Code Token 6. Resource Server Token Token7. Request Data 8. Validate Token 9. Valid Token10. Data 2. Redirect to Login Get Use Pattern #2 Service Provider Access Using OIDC [1]R. Boyd, Getting started with Oauth 2.0. Sebastopol, CA: O’Reilly, 2012.c © 2016 by Intellectual Reserve, Inc. All rights reserved.
Pattern #2 Service Provider Access -- Responses [2] Backstage.forgerock.com, ‘ForgeRock BackStage’, 2015. [Online]. Available: https://backstage.forgerock.com/#!/docs/ openam/12.0.0/admin-guide/chap- opened-connect. [Accessed: 08- Oct- 2015]. © 2016 by Intellectual Reserve, Inc. All rights reserved.
Legacy Applications & Systems Monolithic Application-centric DB-coupled Component & Services Architecture Web Services Integrations Mobile/Web Components Mobile – Web - Device Platform as a Service Hybrid CloudProvo/Church Data Center AWS Azure © 2016 by Intellectual Reserve, Inc. All rights reserved. Cloud Mobile Application Architecture
The future computing platforms are MOBILE and CLOUD! Mobile Computing - present and the future 2.4 billion mobile devices in 2013 and 2.5 billion in 2014. 81+ billion apps downloaded in 2013. There are 6.8 billion people on the planet at present. 4 billion own mobile phones. Gartner Group - World Wide Devices Shipments Internet of Things In the Cloud EVERYTHING is an API. APIs are an integral part of what are arguably the three major forces currently transforming the Web and IT landscape —Mobile, Social and Cloud Computing. API © 2016 by Intellectual Reserve, Inc. All rights reserved.
Questions? © 2016 by Intellectual Reserve, Inc. All rights reserved.

Empfohlen

Catalyst 2015: Patrick Harding
Catalyst 2015: Patrick HardingCatalyst 2015: Patrick Harding
Catalyst 2015: Patrick HardingPing Identity
 
Integrated social solutions, the power and pitfalls of mashups
Integrated social solutions, the power and pitfalls of mashupsIntegrated social solutions, the power and pitfalls of mashups
Integrated social solutions, the power and pitfalls of mashupsNordic APIs
 
You Can't Spell Enterprise Security without MFA
You Can't Spell Enterprise Security without MFA You Can't Spell Enterprise Security without MFA
You Can't Spell Enterprise Security without MFA Ping Identity
 
Connecting The Real World With The Virtual World
Connecting The Real World With The Virtual WorldConnecting The Real World With The Virtual World
Connecting The Real World With The Virtual WorldPing Identity
 
Mobile Single-Sign On: Extending SSO Out to the Client - Layer 7's CTO Scott ...
Mobile Single-Sign On: Extending SSO Out to the Client - Layer 7's CTO Scott ...Mobile Single-Sign On: Extending SSO Out to the Client - Layer 7's CTO Scott ...
Mobile Single-Sign On: Extending SSO Out to the Client - Layer 7's CTO Scott ...CA API Management
 
Identity-Defined Privacay & Security for Internet of Things
Identity-Defined Privacay & Security for Internet of ThingsIdentity-Defined Privacay & Security for Internet of Things
Identity-Defined Privacay & Security for Internet of ThingsPing Identity
 
User-Managed Access: Why and How? - Access Control in Digital Contract Contexts
User-Managed Access: Why and How? - Access Control in Digital Contract ContextsUser-Managed Access: Why and How? - Access Control in Digital Contract Contexts
User-Managed Access: Why and How? - Access Control in Digital Contract ContextsForgeRock
 
Gartner IAM London 2017 Session - Security, Standards & User Experience: The ...
Gartner IAM London 2017 Session - Security, Standards & User Experience: The ...Gartner IAM London 2017 Session - Security, Standards & User Experience: The ...
Gartner IAM London 2017 Session - Security, Standards & User Experience: The ...Ping Identity
 

Empfohlen

Catalyst 2015: Patrick Harding
Catalyst 2015: Patrick HardingCatalyst 2015: Patrick Harding
Catalyst 2015: Patrick HardingPing Identity
 
Integrated social solutions, the power and pitfalls of mashups
Integrated social solutions, the power and pitfalls of mashupsIntegrated social solutions, the power and pitfalls of mashups
Integrated social solutions, the power and pitfalls of mashupsNordic APIs
 
You Can't Spell Enterprise Security without MFA
You Can't Spell Enterprise Security without MFA You Can't Spell Enterprise Security without MFA
You Can't Spell Enterprise Security without MFA Ping Identity
 
Connecting The Real World With The Virtual World
Connecting The Real World With The Virtual WorldConnecting The Real World With The Virtual World
Connecting The Real World With The Virtual WorldPing Identity
 
Mobile Single-Sign On: Extending SSO Out to the Client - Layer 7's CTO Scott ...
Mobile Single-Sign On: Extending SSO Out to the Client - Layer 7's CTO Scott ...Mobile Single-Sign On: Extending SSO Out to the Client - Layer 7's CTO Scott ...
Mobile Single-Sign On: Extending SSO Out to the Client - Layer 7's CTO Scott ...CA API Management
 
Identity-Defined Privacay & Security for Internet of Things
Identity-Defined Privacay & Security for Internet of ThingsIdentity-Defined Privacay & Security for Internet of Things
Identity-Defined Privacay & Security for Internet of ThingsPing Identity
 
User-Managed Access: Why and How? - Access Control in Digital Contract Contexts
User-Managed Access: Why and How? - Access Control in Digital Contract ContextsUser-Managed Access: Why and How? - Access Control in Digital Contract Contexts
User-Managed Access: Why and How? - Access Control in Digital Contract ContextsForgeRock
 
Gartner IAM London 2017 Session - Security, Standards & User Experience: The ...
Gartner IAM London 2017 Session - Security, Standards & User Experience: The ...Gartner IAM London 2017 Session - Security, Standards & User Experience: The ...
Gartner IAM London 2017 Session - Security, Standards & User Experience: The ...Ping Identity
 
Standard Based API Security, Access Control and AI Based Attack - API Days Pa...
Standard Based API Security, Access Control and AI Based Attack - API Days Pa...Standard Based API Security, Access Control and AI Based Attack - API Days Pa...
Standard Based API Security, Access Control and AI Based Attack - API Days Pa...Ping Identity
 
Layer 7 Mobile Security Workshop with CA Technologies and Forrester Research ...
Layer 7 Mobile Security Workshop with CA Technologies and Forrester Research ...Layer 7 Mobile Security Workshop with CA Technologies and Forrester Research ...
Layer 7 Mobile Security Workshop with CA Technologies and Forrester Research ...CA API Management
 
Single sign-on Across Mobile Applications from RSAConference
Single sign-on Across Mobile Applications from RSAConferenceSingle sign-on Across Mobile Applications from RSAConference
Single sign-on Across Mobile Applications from RSAConferenceCA API Management
 
Identity Beyond Employees: How Customer Experience Impacts Your IAM Practices
Identity Beyond Employees: How Customer Experience Impacts Your IAM PracticesIdentity Beyond Employees: How Customer Experience Impacts Your IAM Practices
Identity Beyond Employees: How Customer Experience Impacts Your IAM PracticesPing Identity
 
Managing Identity without Boundaries
Managing Identity without BoundariesManaging Identity without Boundaries
Managing Identity without BoundariesPing Identity
 
Hitchhikers Guide to the Identiverse - How Federated Business will Rule the W...
Hitchhikers Guide to the Identiverse - How Federated Business will Rule the W...Hitchhikers Guide to the Identiverse - How Federated Business will Rule the W...
Hitchhikers Guide to the Identiverse - How Federated Business will Rule the W...Ping Identity
 
Hybrid IAM: Fuelling Agility in the Cloud Transformation Journey | Gartner IA...
Hybrid IAM: Fuelling Agility in the Cloud Transformation Journey | Gartner IA...Hybrid IAM: Fuelling Agility in the Cloud Transformation Journey | Gartner IA...
Hybrid IAM: Fuelling Agility in the Cloud Transformation Journey | Gartner IA...Ping Identity
 
OAuth 101 & Secure APIs 2012 Cloud Identity Summit
OAuth 101 & Secure APIs 2012 Cloud Identity SummitOAuth 101 & Secure APIs 2012 Cloud Identity Summit
OAuth 101 & Secure APIs 2012 Cloud Identity SummitBrian Campbell
 
RSA Conference 2016: Don't Use Two-Factor Authentication... Unless You Need It!
RSA Conference 2016: Don't Use Two-Factor Authentication... Unless You Need It!RSA Conference 2016: Don't Use Two-Factor Authentication... Unless You Need It!
RSA Conference 2016: Don't Use Two-Factor Authentication... Unless You Need It!Mike Schwartz
 
GDPR & Customer IAM: The Real Winners Won’t Stop At Compliance
GDPR & Customer IAM: The Real Winners Won’t Stop At ComplianceGDPR & Customer IAM: The Real Winners Won’t Stop At Compliance
GDPR & Customer IAM: The Real Winners Won’t Stop At CompliancePing Identity
 
The Case For Next Generation IAM
The Case For Next Generation IAM The Case For Next Generation IAM
The Case For Next Generation IAM Patrick Harding
 
Webinar: Consent 2.0: Applying User-Managed Access to the Privacy Challenge
Webinar: Consent 2.0: Applying User-Managed Access to the Privacy ChallengeWebinar: Consent 2.0: Applying User-Managed Access to the Privacy Challenge
Webinar: Consent 2.0: Applying User-Managed Access to the Privacy ChallengeForgeRock
 
How to Make Your IoT Devices Secure, Act Autonomously & Trusted Subjects
How to Make Your IoT Devices Secure, Act Autonomously & Trusted SubjectsHow to Make Your IoT Devices Secure, Act Autonomously & Trusted Subjects
How to Make Your IoT Devices Secure, Act Autonomously & Trusted SubjectsMaxim Salnikov
 
Successful Enterprise Single Sign-on: Addressing Deployment Challenges
Successful Enterprise Single Sign-on: Addressing Deployment ChallengesSuccessful Enterprise Single Sign-on: Addressing Deployment Challenges
Successful Enterprise Single Sign-on: Addressing Deployment ChallengesHitachi ID Systems, Inc.
 
OAuth 2.0 and the Internet of Things (IoT) (Jacob Ideskog)
OAuth 2.0 and the Internet of Things (IoT) (Jacob Ideskog)OAuth 2.0 and the Internet of Things (IoT) (Jacob Ideskog)
OAuth 2.0 and the Internet of Things (IoT) (Jacob Ideskog)Nordic APIs
 
Beyond MDM: 5 Things You Must do to Secure Mobile Devices in the Enterprise
Beyond MDM: 5 Things You Must do to Secure Mobile Devices in the EnterpriseBeyond MDM: 5 Things You Must do to Secure Mobile Devices in the Enterprise
Beyond MDM: 5 Things You Must do to Secure Mobile Devices in the EnterpriseCA API Management
 
Trust Elevation: Implementing an OAuth2 Infrastructure using OpenID Connect &...
Trust Elevation: Implementing an OAuth2 Infrastructure using OpenID Connect &...Trust Elevation: Implementing an OAuth2 Infrastructure using OpenID Connect &...
Trust Elevation: Implementing an OAuth2 Infrastructure using OpenID Connect &...Mike Schwartz
 
Implementing MITREid - CIS 2014 Presentation
Implementing MITREid - CIS 2014 PresentationImplementing MITREid - CIS 2014 Presentation
Implementing MITREid - CIS 2014 PresentationJustin Richer
 
OAuth 2.0 and Mobile Devices: Is that a token in your phone in your pocket or...
OAuth 2.0 and Mobile Devices: Is that a token in your phone in your pocket or...OAuth 2.0 and Mobile Devices: Is that a token in your phone in your pocket or...
OAuth 2.0 and Mobile Devices: Is that a token in your phone in your pocket or...Brian Campbell
 
CIS13: Bootcamp: PingOne as a Simple Identity Service
CIS13: Bootcamp: PingOne as a Simple Identity ServiceCIS13: Bootcamp: PingOne as a Simple Identity Service
CIS13: Bootcamp: PingOne as a Simple Identity ServiceCloudIDSummit
 
Mobile marketing.social media international studentsr1
Mobile marketing.social media international studentsr1Mobile marketing.social media international studentsr1
Mobile marketing.social media international studentsr1National University
 
Arab woman tv channel
Arab woman tv channelArab woman tv channel
Arab woman tv channelHalinaKhaled
 

Weitere ähnliche Inhalte

Was ist angesagt?

Standard Based API Security, Access Control and AI Based Attack - API Days Pa...
Standard Based API Security, Access Control and AI Based Attack - API Days Pa...Standard Based API Security, Access Control and AI Based Attack - API Days Pa...
Standard Based API Security, Access Control and AI Based Attack - API Days Pa...Ping Identity
 
Layer 7 Mobile Security Workshop with CA Technologies and Forrester Research ...
Layer 7 Mobile Security Workshop with CA Technologies and Forrester Research ...Layer 7 Mobile Security Workshop with CA Technologies and Forrester Research ...
Layer 7 Mobile Security Workshop with CA Technologies and Forrester Research ...CA API Management
 
Single sign-on Across Mobile Applications from RSAConference
Single sign-on Across Mobile Applications from RSAConferenceSingle sign-on Across Mobile Applications from RSAConference
Single sign-on Across Mobile Applications from RSAConferenceCA API Management
 
Identity Beyond Employees: How Customer Experience Impacts Your IAM Practices
Identity Beyond Employees: How Customer Experience Impacts Your IAM PracticesIdentity Beyond Employees: How Customer Experience Impacts Your IAM Practices
Identity Beyond Employees: How Customer Experience Impacts Your IAM PracticesPing Identity
 
Managing Identity without Boundaries
Managing Identity without BoundariesManaging Identity without Boundaries
Managing Identity without BoundariesPing Identity
 
Hitchhikers Guide to the Identiverse - How Federated Business will Rule the W...
Hitchhikers Guide to the Identiverse - How Federated Business will Rule the W...Hitchhikers Guide to the Identiverse - How Federated Business will Rule the W...
Hitchhikers Guide to the Identiverse - How Federated Business will Rule the W...Ping Identity
 
Hybrid IAM: Fuelling Agility in the Cloud Transformation Journey | Gartner IA...
Hybrid IAM: Fuelling Agility in the Cloud Transformation Journey | Gartner IA...Hybrid IAM: Fuelling Agility in the Cloud Transformation Journey | Gartner IA...
Hybrid IAM: Fuelling Agility in the Cloud Transformation Journey | Gartner IA...Ping Identity
 
OAuth 101 & Secure APIs 2012 Cloud Identity Summit
OAuth 101 & Secure APIs 2012 Cloud Identity SummitOAuth 101 & Secure APIs 2012 Cloud Identity Summit
OAuth 101 & Secure APIs 2012 Cloud Identity SummitBrian Campbell
 
RSA Conference 2016: Don't Use Two-Factor Authentication... Unless You Need It!
RSA Conference 2016: Don't Use Two-Factor Authentication... Unless You Need It!RSA Conference 2016: Don't Use Two-Factor Authentication... Unless You Need It!
RSA Conference 2016: Don't Use Two-Factor Authentication... Unless You Need It!Mike Schwartz
 
GDPR & Customer IAM: The Real Winners Won’t Stop At Compliance
GDPR & Customer IAM: The Real Winners Won’t Stop At ComplianceGDPR & Customer IAM: The Real Winners Won’t Stop At Compliance
GDPR & Customer IAM: The Real Winners Won’t Stop At CompliancePing Identity
 
The Case For Next Generation IAM
The Case For Next Generation IAM The Case For Next Generation IAM
The Case For Next Generation IAM Patrick Harding
 
Webinar: Consent 2.0: Applying User-Managed Access to the Privacy Challenge
Webinar: Consent 2.0: Applying User-Managed Access to the Privacy ChallengeWebinar: Consent 2.0: Applying User-Managed Access to the Privacy Challenge
Webinar: Consent 2.0: Applying User-Managed Access to the Privacy ChallengeForgeRock
 
How to Make Your IoT Devices Secure, Act Autonomously & Trusted Subjects
How to Make Your IoT Devices Secure, Act Autonomously & Trusted SubjectsHow to Make Your IoT Devices Secure, Act Autonomously & Trusted Subjects
How to Make Your IoT Devices Secure, Act Autonomously & Trusted SubjectsMaxim Salnikov
 
Successful Enterprise Single Sign-on: Addressing Deployment Challenges
Successful Enterprise Single Sign-on: Addressing Deployment ChallengesSuccessful Enterprise Single Sign-on: Addressing Deployment Challenges
Successful Enterprise Single Sign-on: Addressing Deployment ChallengesHitachi ID Systems, Inc.
 
OAuth 2.0 and the Internet of Things (IoT) (Jacob Ideskog)
OAuth 2.0 and the Internet of Things (IoT) (Jacob Ideskog)OAuth 2.0 and the Internet of Things (IoT) (Jacob Ideskog)
OAuth 2.0 and the Internet of Things (IoT) (Jacob Ideskog)Nordic APIs
 
Beyond MDM: 5 Things You Must do to Secure Mobile Devices in the Enterprise
Beyond MDM: 5 Things You Must do to Secure Mobile Devices in the EnterpriseBeyond MDM: 5 Things You Must do to Secure Mobile Devices in the Enterprise
Beyond MDM: 5 Things You Must do to Secure Mobile Devices in the EnterpriseCA API Management
 
Trust Elevation: Implementing an OAuth2 Infrastructure using OpenID Connect &...
Trust Elevation: Implementing an OAuth2 Infrastructure using OpenID Connect &...Trust Elevation: Implementing an OAuth2 Infrastructure using OpenID Connect &...
Trust Elevation: Implementing an OAuth2 Infrastructure using OpenID Connect &...Mike Schwartz
 
Implementing MITREid - CIS 2014 Presentation
Implementing MITREid - CIS 2014 PresentationImplementing MITREid - CIS 2014 Presentation
Implementing MITREid - CIS 2014 PresentationJustin Richer
 
OAuth 2.0 and Mobile Devices: Is that a token in your phone in your pocket or...
OAuth 2.0 and Mobile Devices: Is that a token in your phone in your pocket or...OAuth 2.0 and Mobile Devices: Is that a token in your phone in your pocket or...
OAuth 2.0 and Mobile Devices: Is that a token in your phone in your pocket or...Brian Campbell
 
CIS13: Bootcamp: PingOne as a Simple Identity Service
CIS13: Bootcamp: PingOne as a Simple Identity ServiceCIS13: Bootcamp: PingOne as a Simple Identity Service
CIS13: Bootcamp: PingOne as a Simple Identity ServiceCloudIDSummit
 

Was ist angesagt? (20)

Standard Based API Security, Access Control and AI Based Attack - API Days Pa...
Standard Based API Security, Access Control and AI Based Attack - API Days Pa...Standard Based API Security, Access Control and AI Based Attack - API Days Pa...
Standard Based API Security, Access Control and AI Based Attack - API Days Pa...
 
Layer 7 Mobile Security Workshop with CA Technologies and Forrester Research ...
Layer 7 Mobile Security Workshop with CA Technologies and Forrester Research ...Layer 7 Mobile Security Workshop with CA Technologies and Forrester Research ...
Layer 7 Mobile Security Workshop with CA Technologies and Forrester Research ...
 
Single sign-on Across Mobile Applications from RSAConference
Single sign-on Across Mobile Applications from RSAConferenceSingle sign-on Across Mobile Applications from RSAConference
Single sign-on Across Mobile Applications from RSAConference
 
Identity Beyond Employees: How Customer Experience Impacts Your IAM Practices
Identity Beyond Employees: How Customer Experience Impacts Your IAM PracticesIdentity Beyond Employees: How Customer Experience Impacts Your IAM Practices
Identity Beyond Employees: How Customer Experience Impacts Your IAM Practices
 
Managing Identity without Boundaries
Managing Identity without BoundariesManaging Identity without Boundaries
Managing Identity without Boundaries
 
Hitchhikers Guide to the Identiverse - How Federated Business will Rule the W...
Hitchhikers Guide to the Identiverse - How Federated Business will Rule the W...Hitchhikers Guide to the Identiverse - How Federated Business will Rule the W...
Hitchhikers Guide to the Identiverse - How Federated Business will Rule the W...
 
Hybrid IAM: Fuelling Agility in the Cloud Transformation Journey | Gartner IA...
Hybrid IAM: Fuelling Agility in the Cloud Transformation Journey | Gartner IA...Hybrid IAM: Fuelling Agility in the Cloud Transformation Journey | Gartner IA...
Hybrid IAM: Fuelling Agility in the Cloud Transformation Journey | Gartner IA...
 
OAuth 101 & Secure APIs 2012 Cloud Identity Summit
OAuth 101 & Secure APIs 2012 Cloud Identity SummitOAuth 101 & Secure APIs 2012 Cloud Identity Summit
OAuth 101 & Secure APIs 2012 Cloud Identity Summit
 
RSA Conference 2016: Don't Use Two-Factor Authentication... Unless You Need It!
RSA Conference 2016: Don't Use Two-Factor Authentication... Unless You Need It!RSA Conference 2016: Don't Use Two-Factor Authentication... Unless You Need It!
RSA Conference 2016: Don't Use Two-Factor Authentication... Unless You Need It!
 
GDPR & Customer IAM: The Real Winners Won’t Stop At Compliance
GDPR & Customer IAM: The Real Winners Won’t Stop At ComplianceGDPR & Customer IAM: The Real Winners Won’t Stop At Compliance
GDPR & Customer IAM: The Real Winners Won’t Stop At Compliance
 
The Case For Next Generation IAM
The Case For Next Generation IAM The Case For Next Generation IAM
The Case For Next Generation IAM
 
Webinar: Consent 2.0: Applying User-Managed Access to the Privacy Challenge
Webinar: Consent 2.0: Applying User-Managed Access to the Privacy ChallengeWebinar: Consent 2.0: Applying User-Managed Access to the Privacy Challenge
Webinar: Consent 2.0: Applying User-Managed Access to the Privacy Challenge
 
How to Make Your IoT Devices Secure, Act Autonomously & Trusted Subjects
How to Make Your IoT Devices Secure, Act Autonomously & Trusted SubjectsHow to Make Your IoT Devices Secure, Act Autonomously & Trusted Subjects
How to Make Your IoT Devices Secure, Act Autonomously & Trusted Subjects
 
Successful Enterprise Single Sign-on: Addressing Deployment Challenges
Successful Enterprise Single Sign-on: Addressing Deployment ChallengesSuccessful Enterprise Single Sign-on: Addressing Deployment Challenges
Successful Enterprise Single Sign-on: Addressing Deployment Challenges
 
OAuth 2.0 and the Internet of Things (IoT) (Jacob Ideskog)
OAuth 2.0 and the Internet of Things (IoT) (Jacob Ideskog)OAuth 2.0 and the Internet of Things (IoT) (Jacob Ideskog)
OAuth 2.0 and the Internet of Things (IoT) (Jacob Ideskog)
 
Beyond MDM: 5 Things You Must do to Secure Mobile Devices in the Enterprise
Beyond MDM: 5 Things You Must do to Secure Mobile Devices in the EnterpriseBeyond MDM: 5 Things You Must do to Secure Mobile Devices in the Enterprise
Beyond MDM: 5 Things You Must do to Secure Mobile Devices in the Enterprise
 
Trust Elevation: Implementing an OAuth2 Infrastructure using OpenID Connect &...
Trust Elevation: Implementing an OAuth2 Infrastructure using OpenID Connect &...Trust Elevation: Implementing an OAuth2 Infrastructure using OpenID Connect &...
Trust Elevation: Implementing an OAuth2 Infrastructure using OpenID Connect &...
 
Implementing MITREid - CIS 2014 Presentation
Implementing MITREid - CIS 2014 PresentationImplementing MITREid - CIS 2014 Presentation
Implementing MITREid - CIS 2014 Presentation
 
OAuth 2.0 and Mobile Devices: Is that a token in your phone in your pocket or...
OAuth 2.0 and Mobile Devices: Is that a token in your phone in your pocket or...OAuth 2.0 and Mobile Devices: Is that a token in your phone in your pocket or...
OAuth 2.0 and Mobile Devices: Is that a token in your phone in your pocket or...
 
CIS13: Bootcamp: PingOne as a Simple Identity Service
CIS13: Bootcamp: PingOne as a Simple Identity ServiceCIS13: Bootcamp: PingOne as a Simple Identity Service
CIS13: Bootcamp: PingOne as a Simple Identity Service
 

Andere mochten auch

Mobile marketing.social media international studentsr1
Mobile marketing.social media international studentsr1Mobile marketing.social media international studentsr1
Mobile marketing.social media international studentsr1National University
 
Arab woman tv channel
Arab woman tv channelArab woman tv channel
Arab woman tv channelHalinaKhaled
 
An Intro to Online Media File Types
An Intro to Online Media File TypesAn Intro to Online Media File Types
An Intro to Online Media File TypesDave Rizzio
 
ENSAYO SOBRE LAS REACCIONES QUIMICAS DEL ENAMORAMIENTO
ENSAYO SOBRE LAS REACCIONES QUIMICAS DEL ENAMORAMIENTOENSAYO SOBRE LAS REACCIONES QUIMICAS DEL ENAMORAMIENTO
ENSAYO SOBRE LAS REACCIONES QUIMICAS DEL ENAMORAMIENTOnalaOP
 
Setting up an llp in india by legal raasta
Setting up an llp in india by legal raastaSetting up an llp in india by legal raasta
Setting up an llp in india by legal raastaLegal Raasta
 
OpenID Connect - a simple[sic] single sign-on & identity layer on top of OAut...
OpenID Connect - a simple[sic] single sign-on & identity layer on top of OAut...OpenID Connect - a simple[sic] single sign-on & identity layer on top of OAut...
OpenID Connect - a simple[sic] single sign-on & identity layer on top of OAut...Brian Campbell
 
5 star hotel desing.compressed
5 star hotel desing.compressed5 star hotel desing.compressed
5 star hotel desing.compressedMehnaj Tabassum
 
OpenID Connect and Single Sign-On for Beginners
OpenID Connect and Single Sign-On for BeginnersOpenID Connect and Single Sign-On for Beginners
OpenID Connect and Single Sign-On for BeginnersSalesforce Developers
 

Andere mochten auch (15)

Mobile marketing.social media international studentsr1
Mobile marketing.social media international studentsr1Mobile marketing.social media international studentsr1
Mobile marketing.social media international studentsr1
 
Arab woman tv channel
Arab woman tv channelArab woman tv channel
Arab woman tv channel
 
An Intro to Online Media File Types
An Intro to Online Media File TypesAn Intro to Online Media File Types
An Intro to Online Media File Types
 
El universo
El universoEl universo
El universo
 
Xxi
XxiXxi
Xxi
 
Rgga bolivia
Rgga bolivia Rgga bolivia
Rgga bolivia
 
PTaxEnrollmentCertificate_2015-16
PTaxEnrollmentCertificate_2015-16PTaxEnrollmentCertificate_2015-16
PTaxEnrollmentCertificate_2015-16
 
Rash bolivia
Rash boliviaRash bolivia
Rash bolivia
 
ENSAYO SOBRE LAS REACCIONES QUIMICAS DEL ENAMORAMIENTO
ENSAYO SOBRE LAS REACCIONES QUIMICAS DEL ENAMORAMIENTOENSAYO SOBRE LAS REACCIONES QUIMICAS DEL ENAMORAMIENTO
ENSAYO SOBRE LAS REACCIONES QUIMICAS DEL ENAMORAMIENTO
 
Setting up an llp in india by legal raasta
Setting up an llp in india by legal raastaSetting up an llp in india by legal raasta
Setting up an llp in india by legal raasta
 
OpenID Connect - a simple[sic] single sign-on & identity layer on top of OAut...
OpenID Connect - a simple[sic] single sign-on & identity layer on top of OAut...OpenID Connect - a simple[sic] single sign-on & identity layer on top of OAut...
OpenID Connect - a simple[sic] single sign-on & identity layer on top of OAut...
 
IDRC 2014 Bukvic presentation
IDRC 2014 Bukvic presentationIDRC 2014 Bukvic presentation
IDRC 2014 Bukvic presentation
 
5 star hotel desing.compressed
5 star hotel desing.compressed5 star hotel desing.compressed
5 star hotel desing.compressed
 
OpenID Connect and Single Sign-On for Beginners
OpenID Connect and Single Sign-On for BeginnersOpenID Connect and Single Sign-On for Beginners
OpenID Connect and Single Sign-On for Beginners
 
Rotary Sociala media
Rotary Sociala mediaRotary Sociala media
Rotary Sociala media
 

Ähnlich wie Identity Management: Using OIDC to Empower the Next-Generation Apps

Securing your Applications for the Cloud Age
Securing your Applications for the Cloud AgeSecuring your Applications for the Cloud Age
Securing your Applications for the Cloud AgeArtur Alves
 
EduID Mobile App - Use-Cases, Concepts and Implementation
EduID Mobile App - Use-Cases, Concepts and ImplementationEduID Mobile App - Use-Cases, Concepts and Implementation
EduID Mobile App - Use-Cases, Concepts and ImplementationChristian Glahn
 
A Backstage Tour of Identity - Paris Identity Summit 2016
A Backstage Tour of Identity - Paris Identity Summit 2016A Backstage Tour of Identity - Paris Identity Summit 2016
A Backstage Tour of Identity - Paris Identity Summit 2016ForgeRock
 
Who’s Knocking? Identity for APIs, Web and Mobile
Who’s Knocking? Identity for APIs, Web and MobileWho’s Knocking? Identity for APIs, Web and Mobile
Who’s Knocking? Identity for APIs, Web and MobileNordic APIs
 
APIdays London 2019 - Why the Financial Industry Needs Intelligent API Securi...
APIdays London 2019 - Why the Financial Industry Needs Intelligent API Securi...APIdays London 2019 - Why the Financial Industry Needs Intelligent API Securi...
APIdays London 2019 - Why the Financial Industry Needs Intelligent API Securi...apidays
 
API, Integration, and SOA Convergence
API, Integration, and SOA ConvergenceAPI, Integration, and SOA Convergence
API, Integration, and SOA ConvergenceKasun Indrasiri
 
Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...
Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...
Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...CA API Management
 
#1922 rest-push2 ap-im-v6
#1922 rest-push2 ap-im-v6#1922 rest-push2 ap-im-v6
#1922 rest-push2 ap-im-v6Jack Carnes
 
Oauth and SharePoint 2013 Provider Hosted apps
Oauth and SharePoint 2013 Provider Hosted appsOauth and SharePoint 2013 Provider Hosted apps
Oauth and SharePoint 2013 Provider Hosted appsJames Tramel
 
OAuth for QuickBooks Online REST Services
OAuth for QuickBooks Online REST ServicesOAuth for QuickBooks Online REST Services
OAuth for QuickBooks Online REST ServicesIntuit Developer
 
Oracle: Building Cloud Native Applications
Oracle: Building Cloud Native ApplicationsOracle: Building Cloud Native Applications
Oracle: Building Cloud Native ApplicationsKelly Goetsch
 
AWS November meetup Slides
AWS November meetup SlidesAWS November meetup Slides
AWS November meetup SlidesJacksonMorgan9
 
Identity for IoT: An Authentication Framework for the IoT
Identity for IoT: An Authentication Framework for the IoTIdentity for IoT: An Authentication Framework for the IoT
Identity for IoT: An Authentication Framework for the IoTAllSeen Alliance
 
Cisco Connect Vancouver 2017 - Cloud and on premises collaboration security e...
Cisco Connect Vancouver 2017 - Cloud and on premises collaboration security e...Cisco Connect Vancouver 2017 - Cloud and on premises collaboration security e...
Cisco Connect Vancouver 2017 - Cloud and on premises collaboration security e...Cisco Canada
 
Identiverse - Microservices Security
Identiverse - Microservices SecurityIdentiverse - Microservices Security
Identiverse - Microservices SecurityBertrand Carlier
 
Cloud and On Premises Collaboration Security Explained
Cloud and On Premises Collaboration Security ExplainedCloud and On Premises Collaboration Security Explained
Cloud and On Premises Collaboration Security ExplainedCisco Canada
 
Trust No One: The New Security Model for Web APIs - SecTor talk by Greg Kliew...
Trust No One: The New Security Model for Web APIs - SecTor talk by Greg Kliew...Trust No One: The New Security Model for Web APIs - SecTor talk by Greg Kliew...
Trust No One: The New Security Model for Web APIs - SecTor talk by Greg Kliew...CA API Management
 

Ähnlich wie Identity Management: Using OIDC to Empower the Next-Generation Apps (20)

API Security with OAuth2.0.
API Security with OAuth2.0.API Security with OAuth2.0.
API Security with OAuth2.0.
 
Securing your Applications for the Cloud Age
Securing your Applications for the Cloud AgeSecuring your Applications for the Cloud Age
Securing your Applications for the Cloud Age
 
EduID Mobile App - Use-Cases, Concepts and Implementation
EduID Mobile App - Use-Cases, Concepts and ImplementationEduID Mobile App - Use-Cases, Concepts and Implementation
EduID Mobile App - Use-Cases, Concepts and Implementation
 
A Backstage Tour of Identity - Paris Identity Summit 2016
A Backstage Tour of Identity - Paris Identity Summit 2016A Backstage Tour of Identity - Paris Identity Summit 2016
A Backstage Tour of Identity - Paris Identity Summit 2016
 
Who’s Knocking? Identity for APIs, Web and Mobile
Who’s Knocking? Identity for APIs, Web and MobileWho’s Knocking? Identity for APIs, Web and Mobile
Who’s Knocking? Identity for APIs, Web and Mobile
 
APIdays London 2019 - Why the Financial Industry Needs Intelligent API Securi...
APIdays London 2019 - Why the Financial Industry Needs Intelligent API Securi...APIdays London 2019 - Why the Financial Industry Needs Intelligent API Securi...
APIdays London 2019 - Why the Financial Industry Needs Intelligent API Securi...
 
API, Integration, and SOA Convergence
API, Integration, and SOA ConvergenceAPI, Integration, and SOA Convergence
API, Integration, and SOA Convergence
 
Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...
Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...
Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...
 
#1922 rest-push2 ap-im-v6
#1922 rest-push2 ap-im-v6#1922 rest-push2 ap-im-v6
#1922 rest-push2 ap-im-v6
 
Oauth and SharePoint 2013 Provider Hosted apps
Oauth and SharePoint 2013 Provider Hosted appsOauth and SharePoint 2013 Provider Hosted apps
Oauth and SharePoint 2013 Provider Hosted apps
 
OAuth for QuickBooks Online REST Services
OAuth for QuickBooks Online REST ServicesOAuth for QuickBooks Online REST Services
OAuth for QuickBooks Online REST Services
 
OAuth 2.0 101
OAuth 2.0 101OAuth 2.0 101
OAuth 2.0 101
 
Oracle: Building Cloud Native Applications
Oracle: Building Cloud Native ApplicationsOracle: Building Cloud Native Applications
Oracle: Building Cloud Native Applications
 
AWS November meetup Slides
AWS November meetup SlidesAWS November meetup Slides
AWS November meetup Slides
 
AWS User Group November
AWS User Group NovemberAWS User Group November
AWS User Group November
 
Identity for IoT: An Authentication Framework for the IoT
Identity for IoT: An Authentication Framework for the IoTIdentity for IoT: An Authentication Framework for the IoT
Identity for IoT: An Authentication Framework for the IoT
 
Cisco Connect Vancouver 2017 - Cloud and on premises collaboration security e...
Cisco Connect Vancouver 2017 - Cloud and on premises collaboration security e...Cisco Connect Vancouver 2017 - Cloud and on premises collaboration security e...
Cisco Connect Vancouver 2017 - Cloud and on premises collaboration security e...
 
Identiverse - Microservices Security
Identiverse - Microservices SecurityIdentiverse - Microservices Security
Identiverse - Microservices Security
 
Cloud and On Premises Collaboration Security Explained
Cloud and On Premises Collaboration Security ExplainedCloud and On Premises Collaboration Security Explained
Cloud and On Premises Collaboration Security Explained
 
Trust No One: The New Security Model for Web APIs - SecTor talk by Greg Kliew...
Trust No One: The New Security Model for Web APIs - SecTor talk by Greg Kliew...Trust No One: The New Security Model for Web APIs - SecTor talk by Greg Kliew...
Trust No One: The New Security Model for Web APIs - SecTor talk by Greg Kliew...
 

Mehr von Tom Freestone

Apps storesandbrowsers
Apps storesandbrowsersApps storesandbrowsers
Apps storesandbrowsersTom Freestone
 
Understanding your Audience Through Numbers
Understanding your Audience Through NumbersUnderstanding your Audience Through Numbers
Understanding your Audience Through NumbersTom Freestone
 
Rapid deployment models for uPortal
Rapid deployment models for uPortalRapid deployment models for uPortal
Rapid deployment models for uPortalTom Freestone
 
Are portals really dead? “The reports of my death have been greatly exaggerat...
Are portals really dead? “The reports of my death have been greatly exaggerat...Are portals really dead? “The reports of my death have been greatly exaggerat...
Are portals really dead? “The reports of my death have been greatly exaggerat...Tom Freestone
 
Authentication, authorization and identity o my!
Authentication, authorization and identity o my!Authentication, authorization and identity o my!
Authentication, authorization and identity o my!Tom Freestone
 
06-13-2012 Can anyone use our portal?
06-13-2012 Can anyone use our portal?06-13-2012 Can anyone use our portal?
06-13-2012 Can anyone use our portal?Tom Freestone
 

Mehr von Tom Freestone (6)

Apps storesandbrowsers
Apps storesandbrowsersApps storesandbrowsers
Apps storesandbrowsers
 
Understanding your Audience Through Numbers
Understanding your Audience Through NumbersUnderstanding your Audience Through Numbers
Understanding your Audience Through Numbers
 
Rapid deployment models for uPortal
Rapid deployment models for uPortalRapid deployment models for uPortal
Rapid deployment models for uPortal
 
Are portals really dead? “The reports of my death have been greatly exaggerat...
Are portals really dead? “The reports of my death have been greatly exaggerat...Are portals really dead? “The reports of my death have been greatly exaggerat...
Are portals really dead? “The reports of my death have been greatly exaggerat...
 
Authentication, authorization and identity o my!
Authentication, authorization and identity o my!Authentication, authorization and identity o my!
Authentication, authorization and identity o my!
 
06-13-2012 Can anyone use our portal?
06-13-2012 Can anyone use our portal?06-13-2012 Can anyone use our portal?
06-13-2012 Can anyone use our portal?
 

Kürzlich hochgeladen

Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls DubaiDubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubaikojalkojal131
 
Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...
Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...
Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...roncy bisnoi
 
Real Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirtReal Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirtrahman018755
 
Yerawada ] Independent Escorts in Pune - Book 8005736733 Call Girls Available...
Yerawada ] Independent Escorts in Pune - Book 8005736733 Call Girls Available...Yerawada ] Independent Escorts in Pune - Book 8005736733 Call Girls Available...
Yerawada ] Independent Escorts in Pune - Book 8005736733 Call Girls Available...SUHANI PANDEY
 
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...Call Girls in Nagpur High Profile
 
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...SUHANI PANDEY
 
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)Delhi Call girls
 
💚😋 Bilaspur Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋
💚😋 Bilaspur Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋💚😋 Bilaspur Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋
💚😋 Bilaspur Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋nirzagarg
 
APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53APNIC
 
Pirangut | Call Girls Pune Phone No 8005736733 Elite Escort Service Available...
Pirangut | Call Girls Pune Phone No 8005736733 Elite Escort Service Available...Pirangut | Call Girls Pune Phone No 8005736733 Elite Escort Service Available...
Pirangut | Call Girls Pune Phone No 8005736733 Elite Escort Service Available...SUHANI PANDEY
 
在线制作约克大学毕业证(yu毕业证)在读证明认证可查
在线制作约克大学毕业证(yu毕业证)在读证明认证可查在线制作约克大学毕业证(yu毕业证)在读证明认证可查
在线制作约克大学毕业证(yu毕业证)在读证明认证可查ydyuyu
 
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...SUHANI PANDEY
 
Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...
Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...
Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...SUHANI PANDEY
 
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service AvailableCall Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service AvailableSeo
 
Real Escorts in Al Nahda +971524965298 Dubai Escorts Service
Real Escorts in Al Nahda +971524965298 Dubai Escorts ServiceReal Escorts in Al Nahda +971524965298 Dubai Escorts Service
Real Escorts in Al Nahda +971524965298 Dubai Escorts ServiceEscorts Call Girls
 
VIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 Bookingdharasingh5698
 
Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...
Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...
Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...SUHANI PANDEY
 
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdfMatthew Sinclair
 
Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...
Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...
Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...tanu pandey
 

Kürzlich hochgeladen (20)

Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls DubaiDubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
 
Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...
Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...
Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...
 
Real Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirtReal Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirt
 
Yerawada ] Independent Escorts in Pune - Book 8005736733 Call Girls Available...
Yerawada ] Independent Escorts in Pune - Book 8005736733 Call Girls Available...Yerawada ] Independent Escorts in Pune - Book 8005736733 Call Girls Available...
Yerawada ] Independent Escorts in Pune - Book 8005736733 Call Girls Available...
 
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
 
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
 
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
 
💚😋 Bilaspur Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋
💚😋 Bilaspur Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋💚😋 Bilaspur Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋
💚😋 Bilaspur Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋
 
APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53
 
Pirangut | Call Girls Pune Phone No 8005736733 Elite Escort Service Available...
Pirangut | Call Girls Pune Phone No 8005736733 Elite Escort Service Available...Pirangut | Call Girls Pune Phone No 8005736733 Elite Escort Service Available...
Pirangut | Call Girls Pune Phone No 8005736733 Elite Escort Service Available...
 
valsad Escorts Service ☎️ 6378878445 ( Sakshi Sinha ) High Profile Call Girls...
valsad Escorts Service ☎️ 6378878445 ( Sakshi Sinha ) High Profile Call Girls...valsad Escorts Service ☎️ 6378878445 ( Sakshi Sinha ) High Profile Call Girls...
valsad Escorts Service ☎️ 6378878445 ( Sakshi Sinha ) High Profile Call Girls...
 
在线制作约克大学毕业证(yu毕业证)在读证明认证可查
在线制作约克大学毕业证(yu毕业证)在读证明认证可查在线制作约克大学毕业证(yu毕业证)在读证明认证可查
在线制作约克大学毕业证(yu毕业证)在读证明认证可查
 
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...
 
Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...
Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...
Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...
 
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service AvailableCall Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
 
Real Escorts in Al Nahda +971524965298 Dubai Escorts Service
Real Escorts in Al Nahda +971524965298 Dubai Escorts ServiceReal Escorts in Al Nahda +971524965298 Dubai Escorts Service
Real Escorts in Al Nahda +971524965298 Dubai Escorts Service
 
VIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 Booking
 
Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...
Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...
Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...
 
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
 
Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...
Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...
Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...
 

Identity Management: Using OIDC to Empower the Next-Generation Apps

  • 1. Identity Management: Using OIDC to Empower the Next-Generation of Applications Tom Freestone LDS Church © 2016 by Intellectual Reserve, Inc. All rights reserved.
  • 2. The future computing platforms are MOBILE and CLOUD! Mobile Computing - present and the future 2.4 billion mobile devices in 2013 and 2.5 billion in 2014. 81+ billion apps downloaded in 2013. There are 6.8 billion people on the planet at present. 4 billion own mobile phones. Gartner Group - World Wide Devices Shipments Internet of Things In the Cloud EVERYTHING is an API. APIs are an integral part of what are arguably the three major forces currently transforming the Web and IT landscape —Mobile, Social and Cloud Computing. API © 2016 by Intellectual Reserve, Inc. All rights reserved.
  • 3. • How do we design and develop solutions that meet the growth and the diversity of a global user base? • How do we move large enterprise solutions and systems to embrace mobile and cloud computing? • How do we maximize our past investments in technology solutions and embrace new and evolving industry technology advancements? • How do we significantly reduce costs and encourage greater reuse of core systems and services across the enterprise? Preparing for the future - MOBILE and CLOUD! © 2016 by Intellectual Reserve, Inc. All rights reserved.
  • 4. Legacy Applications & Systems Monolithic Application-centric DB-coupled Component & Services Architecture Web Services Integrations Mobile/Web Components Mobile – Web - Device Platform as a Service Hybrid CloudData Center AWS Azure Cloud Mobile Application Architecture © 2016 by Intellectual Reserve, Inc. All rights reserved.
  • 5. IdentityIdentity ? © 2016 by Intellectual Reserve, Inc. All rights reserved.
  • 6. Identity ? AuthorizationAuthentication © 2016 by Intellectual Reserve, Inc. All rights reserved.
  • 7. ? Who is the user? Entity Claims Attributes Identity is a set of claims. © 2016 by Intellectual Reserve, Inc. All rights reserved.
  • 8. Entity Attributes https://www.flickr.com/photos/74373690@N00/13949707621/ via Compfight (License: https://creativecommons.org/licenses/by-nc/2.0/)
  • 9. What is the user allowed to do? Who What Why WhenHow Attributes Policy © 2016 by Intellectual Reserve, Inc. All rights reserved.
  • 10. What is the user allowed to do? Authenticated Users Users that work for … Users that belong to Web Access Mgmt. © 2016 by Intellectual Reserve, Inc. All rights reserved.
  • 11. Reverse Proxies • Passes Headers • Protects URL’s • Manages SSO Session • Data Center Co-location The Traditional Solution: Authorization/Authentication? © 2016 by Intellectual Reserve, Inc. All rights reserved.
  • 12. The world of reverse proxies … protected, but ... https://www.flickr.com/photos/13748147@N02/2070083736/ via Compfight (License: https://creativecommons.org/licenses/by-nc-nd/2.0/)
  • 13. The real world is complex and interconnected. http://steffondavis.com/visualizing-taste-in-art-with-big-data-curation-analysis-curalytics-and-curiator/
  • 14. Enterprise SaaS Private Cloud PaaS (Cloud foundry) Development Stacks Web Services PaaS Web Services Public CloudPublic Cloud Hybrid Cloud Cloud Approach Hybrid Cloud: A cloud computing service that is composed of some combination of private, public, and community cloud services, from different service providers, for capacity or capability Cloud Mobile Integration • Must support existing systems (legacy) = Hybrid • Everything moving to “Services” (APIs) • Mobile/Web Development (Open Standards) • Services Oriented Architecture (SOA) • Migration/On Ramp (Security, SaaS, etc.) © 2016 by Intellectual Reserve, Inc. All rights reserved.
  • 15. How do we move to the cloud and still authenticate our users? © 2016 by Intellectual Reserve, Inc. All rights reserved.
  • 16. Federation © 2016 by Intellectual Reserve, Inc. All rights reserved.
  • 17. Traditional vs. Federated Reverse Proxies • Passes Headers • Protects URL’s • Manages SSO Session • Data Center Colocation Application • Consumes attributes • Protects its own URL’s • Manages its own session • Data Center Independence © 2016 by Intellectual Reserve, Inc. All rights reserved.
  • 18. Icon design by Paomedia and Ivan Boyko Interoperable Flexible Secure Simple OIDC Benefits © 2016 by Intellectual Reserve, Inc. All rights reserved.
  • 19. Basic OIDC Protocol End User OIDC Provider Client 1. AuthN Request 2. AuthN & AuthZ 3. AuthN Response 4. UserInfo Request 5. UserInfo Response Abstract OIDC Protocol: 1.2 OIDC-Core Spec Client application requiring End-User Authentication and Claims from an OIDC Provider. Provides identity as a service using OIDC through the Token endpoint, UserInfo endpoint, & Authorization endpoint. Also referred to as the “User Agent,” meaning the browser. © 2016 by Intellectual Reserve, Inc. All rights reserved.
  • 20. AntiPattern #1 LDAP Service Accounts Application / Client Get Use Protected API (Resource Server) LDAP 1. Request (Basic Auth username: password) 2. LDAP Bind username:password 3. Data © 2016 by Intellectual Reserve, Inc. All rights reserved.
  • 21. Pattern #1 Service Account using OIDC Application / Client Get Use 1. Request Token (Client_id / userId) Token Token 2. 3. Make Request Protected API Authorization Server 4. Validate Token 5. Valid Token 7. Return Data Token © 2016 by Intellectual Reserve, Inc. All rights reserved.
  • 22. Pattern #1 Service Account – Getting Tokens curl https://openam.example.com:8443/openam/.well-known/openid-configuration { "response_types_supported": [ "token id_token", "code token", "code token id_token", "token", "code id_token", "code", "id_token" ], "registration_endpoint": "https://ident.example.com:8443/openam/oauth2/connect/register", "token_endpoint": "https://ident.example.com:8443/openam/oauth2/access_token", "end_session_endpoint": "https://ident.example.com:8443/openam/oauth2/connect/endSession", "version": "3.0", "userinfo_endpoint": "https://ident.example.com:8443/openam/oauth2/userinfo", "subject_types_supported": [ "public" ], "issuer": "https://ident.example.com:8443/openam", "jwks_uri": "https://ident.example.com:8443/openam/oauth2/connect/jwk_uri?realm=/", "id_token_signing_alg_values_supported": [ "HS256", "HS512", "RS256", "HS384" ], "check_session_iframe": "https://ident.example.com:8443/openam/oauth2/connect/checkSession", "claims_supported": [ "phone", "email", "address", "openid", "profile" ], "authorization_endpoint": "https://ident.example.com:8443/openam/oauth2/authorize" } curl --request POST --user "masterClient:password" --data "grant_type=password&username=someUser&password=password" https://ident.example.com:8443/openam/oauth2/access_token { "expires_in": 59, "token_type": "Bearer", "refresh_token": "26938cd0-6870-4e31-ade9-df31afc37ee1", "access_token": "515d6551-4512-4279-98b6-c0ef3f03a722" } Authorization, Bearer 515d6551-4512-4279-98b6-c0ef3f03a722 © 2016 by Intellectual Reserve, Inc. All rights reserved.
  • 23. 1. Using App Client Login Page Owner 3. Post User/password to login page 4. Get cookies 5. Request Data 6. Data 2. Collect User/Password Get Use AntiPattern #2 Session Hijack © 2016 by Intellectual Reserve, Inc. All rights reserved
  • 24. 1. Using App Client Authorization Server Owner 3.Authorize 4. Authorization Code 5. Authorization Code Token 6. Resource Server Token Token7. Request Data 8. Validate Token 9. Valid Token10. Data 2. Redirect to Login Get Use Pattern #2 Service Provider Access Using OIDC [1]R. Boyd, Getting started with Oauth 2.0. Sebastopol, CA: O’Reilly, 2012.c © 2016 by Intellectual Reserve, Inc. All rights reserved.
  • 25. Pattern #2 Service Provider Access -- Responses [2] Backstage.forgerock.com, ‘ForgeRock BackStage’, 2015. [Online]. Available: https://backstage.forgerock.com/#!/docs/ openam/12.0.0/admin-guide/chap- opened-connect. [Accessed: 08- Oct- 2015]. © 2016 by Intellectual Reserve, Inc. All rights reserved.
  • 26. Legacy Applications & Systems Monolithic Application-centric DB-coupled Component & Services Architecture Web Services Integrations Mobile/Web Components Mobile – Web - Device Platform as a Service Hybrid CloudProvo/Church Data Center AWS Azure © 2016 by Intellectual Reserve, Inc. All rights reserved. Cloud Mobile Application Architecture
  • 27. The future computing platforms are MOBILE and CLOUD! Mobile Computing - present and the future 2.4 billion mobile devices in 2013 and 2.5 billion in 2014. 81+ billion apps downloaded in 2013. There are 6.8 billion people on the planet at present. 4 billion own mobile phones. Gartner Group - World Wide Devices Shipments Internet of Things In the Cloud EVERYTHING is an API. APIs are an integral part of what are arguably the three major forces currently transforming the Web and IT landscape —Mobile, Social and Cloud Computing. API © 2016 by Intellectual Reserve, Inc. All rights reserved.
  • 28. Questions? © 2016 by Intellectual Reserve, Inc. All rights reserved.

Hinweis der Redaktion

  1. Develop an API First - Before you build your website, web, mobile or single page application you develop an API first, then you get to work on defining the channels you will be making the API resources available on. APIs are core to every cloud, social and mobile computing strategy. Everything and everyone will be API enabled. APIs are an economic imperative. Organizations must provide their core competence through APIs. Organizations must consume core competences of others through APIs. Comment on Internet of Things Over 50% of Internet connections are things. In 2011, there were over 15 billion things on the Web, with 50 billion+ intermittent connections. By 2020, there will be over 30 billion connected things, with over 200 billion with intermittent connections. Gartner Group – 2014 Trends How cool would it be to display your daily spiritual thought on your Microwave each morning? 
  2. “Why We need to be preparing for the Future in Cloud and Mobile. How do we design and develop solutions that meet the growth and diversity of a globally expanding Church? How does the Church move their large enterprise solutions and systems to embrace mobile and cloud computing? How do we maximize our past investments in technology solutions and embrace new and evolving industry technology advancements? How do we significantly reduce costs and encourage greater reuse of core systems and services across the Church?
  3. To meet the current and future needs of a globally diverse church we must embrace Mobile and Cloud Computing as the means to reach our world-wide audience. Mobile computing is the future – and in many ways is the only means we have to reach the world-wide population. Cloud computing distributes computing and storage services around the world in a way that wasn’t possible just a few years ago. To effectively leverage both mobile and cloud computing, Web Services (APIs) are required. APIs allow us to integrate with legacy systems, databases, and back-end enterprise systems. The Cloud Mobile Integration (CMI) Platform delivers the technologies, systems, principles, processes, patterns, and services that enable ICS and the Church to fully embrace the “Services and Component Architecture” to support Mobile and Cloud computing.
  4. Identity answers the questions: who is the user? What is that user allowed to do?
  5. Who the user is = authentication What the user is allowed to do = authorization
  6. Because of the large investment in enterprise (on-premise) systems, the need to maximize these investments requires we build web services to front-end these systems. As we build web services to expose key information and functionality, we are able to build new web services that use these existing systems while at the same time, can access public cloud systems to deliver the next generation cloud and mobile solutions. Because of our legacy infrastructure, the CMI platform is designed to run on-premise (within our own data centers) or off-premise (in public cloud data centers). This approach provides a consistent environment of security, governance, API management, and use. The CMI platform is designed to support the Hybrid Cloud model so that solutions that run on the CMI platform can leverage both on-premise computing and off-premise computing transparently.
  7. Maintain WAM approach, but standardizing it. OpenID allows us to authenticate/authorize applications in a standard way (as opposed to WAM—proprietary way)
  8. Oauth 2.0 provides the base protocol. OpenID Connect is the identity layer. And OpenAM provides our OIDC implementation.
  9. Maintain WAM approach, but standardizing it. OpenID allows us to authenticate/authorize applications in a standard way (as opposed to WAM—proprietary way) OpenID Connect is a federation standard Federated makes calls: agree upon a common language to share information WAM: force our variables on you. Your application has to use WAM’s infrastructure No longer protected by wall – have to protect yourself
  10. Interoperable Standard was to requesting to claims. Claim: Attribute or a piece of information about an entity’s identity Scope: Short hands for predefined sets of claims User Endpoint to Get Attributes about the user and to translate various tokens Flexible How do we deal with Web vs Mobile vs Web services vs …? Identity as Services (IDaaS) Profiles / flows Secure Crypto awesome Levels of Security Simple / mobile friendly Don’t need harder protocols to implement Use JSON / REST
  11. Request authentication Login page / consent page Access token Get attributes
  12. To meet the current and future needs of a globally diverse church we must embrace Mobile and Cloud Computing as the means to reach our world-wide audience. Mobile computing is the future – and in many ways is the only means we have to reach the world-wide population. Cloud computing distributes computing and storage services around the world in a way that wasn’t possible just a few years ago. To effectively leverage both mobile and cloud computing, Web Services (APIs) are required. APIs allow us to integrate with legacy systems, databases, and back-end enterprise systems. The Cloud Mobile Integration (CMI) Platform delivers the technologies, systems, principles, processes, patterns, and services that enable ICS and the Church to fully embrace the “Services and Component Architecture” to support Mobile and Cloud computing.
  13. Develop an API First - Before you build your website, web, mobile or single page application you develop an API first, then you get to work on defining the channels you will be making the API resources available on. APIs are core to every cloud, social and mobile computing strategy. Everything and everyone will be API enabled. APIs are an economic imperative. Organizations must provide their core competence through APIs. Organizations must consume core competences of others through APIs. Comment on Internet of Things Over 50% of Internet connections are things. In 2011, there were over 15 billion things on the Web, with 50 billion+ intermittent connections. By 2020, there will be over 30 billion connected things, with over 200 billion with intermittent connections. Gartner Group – 2014 Trends How cool would it be to display your daily spiritual thought on your Microwave each morning? 