42
Enterprise Iden,ty Management & Security Pa7erns and Prac,ces Prabath Siriwardena

Wso2con identity patterns

Embed Size (px)

Citation preview

Page 1: Wso2con identity patterns

Enterprise  Iden,ty  Management  &  Security  Pa7erns  and  Prac,ces  

                                   Prabath  Siriwardena    

Page 2: Wso2con identity patterns
Page 3: Wso2con identity patterns
Page 4: Wso2con identity patterns
Page 5: Wso2con identity patterns
Page 6: Wso2con identity patterns
Page 7: Wso2con identity patterns
Page 8: Wso2con identity patterns
Page 9: Wso2con identity patterns
Page 10: Wso2con identity patterns
Page 11: Wso2con identity patterns
Page 12: Wso2con identity patterns
Page 13: Wso2con identity patterns
Page 14: Wso2con identity patterns
Page 15: Wso2con identity patterns
Page 16: Wso2con identity patterns
Page 17: Wso2con identity patterns
Page 18: Wso2con identity patterns
Page 19: Wso2con identity patterns
Page 20: Wso2con identity patterns
Page 21: Wso2con identity patterns
Page 22: Wso2con identity patterns
Page 23: Wso2con identity patterns

Email

Page 24: Wso2con identity patterns

JIRA

Page 25: Wso2con identity patterns

SVN

Page 26: Wso2con identity patterns

Forrester  Iden2ty  Management  Maturity  Model  

Page 27: Wso2con identity patterns

Iden2ty  as  a  Service  

Page 28: Wso2con identity patterns

Single  Sign  On  

Page 29: Wso2con identity patterns

Provisioning  

Page 30: Wso2con identity patterns

Delega2on  

Page 31: Wso2con identity patterns

Federa2on  

Page 32: Wso2con identity patterns

Access  Control  

Page 33: Wso2con identity patterns

Audi2ng  

Page 34: Wso2con identity patterns

Principles  of  Iden2ty  Data  

Do  NOT  replicate  iden22es  

Page 35: Wso2con identity patterns

Principles  of  Iden2ty  Data  

Business  requirements  should    drive  iden2ty  replica2on  

Page 36: Wso2con identity patterns

Principles  of  Iden2ty  Data  

Replicated  iden22es  should  be  read-­‐only  

Page 37: Wso2con identity patterns

Principles  of  Iden2ty  Data  

Iden2ty  data  should  be  loca2on  transparent  

Page 38: Wso2con identity patterns

Principles  of  Iden2ty  Data  

Enforce  the  consistency  &  integrity    of  iden2ty  data  with  policies,  processes  &  tools    

Page 39: Wso2con identity patterns

Principles  of  Iden2ty  Data  

Use  open  standards  rather  than  proprietary  standards  

Page 40: Wso2con identity patterns

Principles  of  Iden2ty  Data  

Use  encryp2on  to  protect  sensi2ve  iden2ty  elements  

Page 41: Wso2con identity patterns

•  User  stores  with  LDAP/AD/JDBC  •  Mul2ple  user  store  support  •  OpenID  •  SAML2  •  Kerberos  •  Informa2on  Cards    •  XACML  2.0  /  3.0  •  OAuth  1.0  /  2.0  •  Security  Token  Service  with  WS-­‐Trust  •  SCIM  1.1  •  WS-­‐XACML  

WSO2  Iden2ty  Server  

Page 42: Wso2con identity patterns

Thank  you