Mobile Identity and Edge Security Forum Sentry Security Gateway. Jason Macy CTO, Forum Systems

Size: px
Start display at page:

Download "Mobile Identity and Edge Security Forum Sentry Security Gateway. Jason Macy CTO, Forum Systems jmacy@forumsys.com"

Transcription

1 Mobile Identity and Edge Security Forum Sentry Security Gateway Jason Macy CTO, Forum Systems

2 Evolution Evolution of Enterprise Identities Cloud Computing Iaas Infrastructure as a Service PaaS Platform as a Service Virtualization Taking physical resources and rendering virtual Operating Systems and Systems provided on-demand Service Oriented Architecture Paradigm for designing and developing software Combined Web Services for Loosely Coupled Architecture Web Services Re-usable service components Open standards Messaging and Protocols

3 Evolution Evolution of Enterprise Identities Cloud Computing Iaas Infrastructure as a Service PaaS Platform as a Service Mobile Apps Users / Portals B2B Cloud / 3 rd Party OAuth SAML WS-Tokens HTTP Basic HTTP Form Post Virtualization Taking physical resources and rendering virtual Operating Systems and Systems provided on-demand Service Oriented Architecture Paradigm for designing and developing software Combined Web Services for Loosely Coupled Architecture Web Services Re-usable service components Open standards Messaging and Protocols NTLM Kerberos X509 Mutual RSA SecureID Cookies

4 Enterprise Identities External FW B2B

5 Enterprise Identities External FW B2B

6 Enterprise Identities External FW Multiple Protocols Protocol Token Formats Message Token Formats

7 Enterprise Identities External FW Scalability Centralized Access Control Single Sign On

8 Gateway Architecture Edge Security / Identity

9 API Security Edge Deployment External FW Internal FW Mobile Apps Users / Portals B2B L O A D B A L A N C E R Secure API Protocol Break Forum Sentry SOAP, XML, REST, JSON, HTML, ebxml, SwA HTTP, FTP, SFTP, SMTP, JBOSS, IBM MQ, AS2, Tibco, Oracle, Active MQ, AMQP LOAD BALANCER DMZ Cloud / 3 rd Party Identity: Oauth, SAML, WS-Tokens, HTTP Form Post, HTTPBasic, HTTP Digest, NTLM, Kerberos, X509 Mutual, RSA SecureID, FTP Auth, SFTP Auth Mobile Services HTML Portal Servers REST Services FTP/SFTP Services XML Services SOAP Services ESB Services

10 SECURITY Threat Mitigation (IDP)?? Parse Detect Prevent Privacy Inbound Accountability Outbound ASIC Crypto Acceleration - Patent #7,516,333 PKI Infrastructure - DoD JITC Certified Security Architecture - FIPS Certified Integrity?

11 Identity Management IDENTITY Access Control Federation OAuth, SAML, Active Directory, LDAP, Siteminder, Tivoli AM, ClearTrust, Kerberos KDC, CoreID, JSAM, WS-Trust, REST

12 MEDIATION Standards PKI Protocols Comprehensive OASIS and W3C standards support Over 100 Task Processing Functions Mapping, Conversion, and Enrichment

13 Mobile Identity

14 Mobile Identity

15 Mobile Identity

16 Mobile Identity External FW

17 Single Sign On SAML SSO

18 SP-Initiated SSO Service Provider Mobile Apps Users / Portals

19 SP-Initiated SSO Service Provider Mobile Apps Users / Portals HTTP Redirect to IdP Identity Provider Javascript HTTP POST Redirect -- Signed SAML Request

20 SP-Initiated SSO Service Provider Mobile Apps Users / Portals Authentication Identity Provider

21 SP-Initiated SSO Service Provider Mobile Apps Users / Portals Redirect w/ Embedded Signed SAML Identity Provider

22 SP-Initiated SSO Service Provider Mobile Apps Users / Portals Access to Resource w/ SAML (allowed via DSIG Verify) Identity Provider

23 Mobile Authentication Use Case Distributed SSO

24 Mobile Authentication External FW HTTP / HTTPS Internal Apps Mobile Apps Basic Auth Cookie Auth Form Post Auth X509 Auth OAuth SAML SSO

25 Mobile Authentication - Direct External FW AUTH SESSION TOKEN Map User and Roles into request for back-end Internal Apps Forum Sentry Mobile Apps Intercept and provide authentication, access control, and session management No Agents, no central policy server calls Maximized performance, simpler architecture

26 Mobile Authentication 3 rd Party / Cloud Redirect w/signed SAML Request Mobile Device makes request Token is sent and validated by Sentry SAML parameters and DSIG are verified Internal Apps Forum Sentry Mobile Apps

27 Mobile Authentication 3 rd Party / Cloud SAML DSIG verify is used to validate trust And establish new SESSION Redirect w/signed SAML Response which Includes original target URI Internal Apps Forum Sentry Mobile Apps

28 Mobile API Security Identity Edge Deployment External FW Internal FW Mobile Apps Users / Portals B2B L O A D B A L A N C E R Forum Sentry HTML, XML, REST, JSON HTTP, FTP, SFTP, SMTP, JBOSS, IBM MQ, AS2, Tibco, Oracle, Active MQ, AMQP LOAD BALANCER DMZ Cloud / 3 rd Party Identity: Oauth, SAML, HTTP WS-Tokens, Form Post, HTTP Form Post, HTTPBasic, X509 HTTP Mutual, Digest, NTLM, RSA SecureID Kerberos, X509 Mutual, RSA SecureID, FTP Auth, SFTP Auth Mobile Services HTML Portal Servers REST Services FTP/SFTP Services ESB Services XML Services SOAP Services

29 What s Next Enhanced Mobile Device Identification Sentry Instance Auto-policy Enrollment Large Scale Secure Edge Caching & Persistence Geospatial Synchronization

30 Questions / Comments

Core Feature Comparison between. XML / SOA Gateways. and. Web Application Firewalls. Jason Macy jmacy@forumsys.com CTO, Forum Systems

Core Feature Comparison between. XML / SOA Gateways. and. Web Application Firewalls. Jason Macy jmacy@forumsys.com CTO, Forum Systems Core Feature Comparison between XML / SOA Gateways and Web Application Firewalls Jason Macy jmacy@forumsys.com CTO, Forum Systems XML Gateway vs Competitive XML Gateways or Complementary? and s are Complementary

More information

AGILE API SECURITY API SECURITY GATEWAY

AGILE API SECURITY API SECURITY GATEWAY AGILE API SECURITY API SECURITY GATEWAY ACCESS CONTROL SINGLE SIGN-ON (SSO) THREAT MITIGATION SECURE INTEGRATION Forum Systems www.forumsys.com 888.811.0060 2015 Forum Systems FORUM SENTRY BENEFITS AND

More information

How to Implement Enterprise SAML SSO

How to Implement Enterprise SAML SSO How to Implement Enterprise SSO THE LEADER IN API AND CLOUD GATEWAY TECHNOLOGY How to Implement Enterprise SSO Introduction Security Assertion Markup Language, or, provides numerous The advantages and

More information

Securely Managing and Exposing Web Services & Applications

Securely Managing and Exposing Web Services & Applications Securely Managing and Exposing Web Services & Applications Philip M Walston VP Product Management Layer 7 Technologies Layer 7 SecureSpan Products Suite of security and networking products to address the

More information

The Role of Identity Enabled Web Services in Cloud Computing

The Role of Identity Enabled Web Services in Cloud Computing The Role of Identity Enabled Web Services in Cloud Computing April 20, 2009 Patrick Harding CTO Agenda Web Services and the Cloud Identity Enabled Web Services Some Use Cases and Case Studies Questions

More information

Introduction to SAML

Introduction to SAML Introduction to THE LEADER IN API AND CLOUD GATEWAY TECHNOLOGY Introduction to Introduction In today s world of rapidly expanding and growing software development; organizations, enterprises and governments

More information

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Copyright 2012, Oracle and/or its affiliates. All rights reserved. 1 OTM and SOA Mark Hagan Principal Software Engineer Oracle Product Development Content What is SOA? What is Web Services Security? Web Services Security in OTM Futures 3 PARADIGM 4 Content What is SOA?

More information

INTEGRATE SALESFORCE.COM SINGLE SIGN-ON WITH THIRD-PARTY SINGLE SIGN-ON USING SENTRY A GUIDE TO SUCCESSFUL USE CASE

INTEGRATE SALESFORCE.COM SINGLE SIGN-ON WITH THIRD-PARTY SINGLE SIGN-ON USING SENTRY A GUIDE TO SUCCESSFUL USE CASE INTEGRATE SALESFORCE.COM SINGLE SIGN-ON WITH THIRD-PARTY SINGLE SIGN-ON USING SENTRY A GUIDE TO SUCCESSFUL USE CASE Legal Marks No portion of this document may be reproduced or copied in any form, or by

More information

PARTNER INTEGRATION GUIDE. Edition 1.0

PARTNER INTEGRATION GUIDE. Edition 1.0 PARTNER INTEGRATION GUIDE Edition 1.0 Last Revised December 11, 2014 Overview This document provides standards and guidance for USAA partners when considering integration with USAA. It is an overview of

More information

WebSphere Integration Solutions. IBM Day Minsk 2014. Anton Litvinov WebSphere Connectivity Professional Central Eastern Europe

WebSphere Integration Solutions. IBM Day Minsk 2014. Anton Litvinov WebSphere Connectivity Professional Central Eastern Europe WebSphere Integration Solutions IBM Day Minsk 2014 Ann Litvinov WebSphere Connectivity Professional Central Eastern Europe 1 Agenda 1 Understand vision for ESB capabilities 2 Understand DataPower Basics

More information

Flexible Identity Federation

Flexible Identity Federation Flexible Identity Federation Quick start guide version 1.0.1 Publication history Date Description Revision 2015.09.23 initial release 1.0.0 2015.12.11 minor updates 1.0.1 Copyright Orange Business Services

More information

AquaLogic Service Bus

AquaLogic Service Bus AquaLogic Bus Wolfgang Weigend Principal Systems Engineer BEA Systems 1 What to consider when looking at ESB? Number of planned business access points Reuse across organization Reduced cost of ownership

More information

Secure the Web: OpenSSO

Secure the Web: OpenSSO Secure the Web: OpenSSO Sang Shin, Technology Architect Sun Microsystems, Inc. javapassion.com Pat Patterson, Principal Engineer Sun Microsystems, Inc. blogs.sun.com/superpat 1 Agenda Need for identity-based

More information

The increasing popularity of mobile devices is rapidly changing how and where we

The increasing popularity of mobile devices is rapidly changing how and where we Mobile Security BACKGROUND The increasing popularity of mobile devices is rapidly changing how and where we consume business related content. Mobile workforce expectations are forcing organizations to

More information

Publishing Enterprise Mobile Services

Publishing Enterprise Mobile Services Information Systems Strategy Publishing Enterprise Mobile Services Anand Patel, Enterprise Architect, 23 rd May About Network Rail We are a Private Company of 35,500 People Revenue of around 6 billion

More information

API Management: Powered by SOA Software Dedicated Cloud

API Management: Powered by SOA Software Dedicated Cloud Software Dedicated Cloud The Challenge Smartphones, mobility and the IoT are changing the way users consume digital information. They re changing the expectations and experience of customers interacting

More information

Reverse Proxy for Trusted Web Environments > White Paper

Reverse Proxy for Trusted Web Environments > White Paper > White Paper ProxySG for Reverse Proxy Web-based solutions are being implemented for nearly every aspect of business operations, and increasingly for trusted environments with mission-critical business

More information

Integrasjon for mobile løsninger

Integrasjon for mobile løsninger Integrasjon for mobile løsninger Hvilke krav stiller mobile løsninger til din integrasjonsplattform? Per Anders Jørgensen Solution Architect Oracle Fusion Middleware Mobile Sept 4, 2014 Oracle Confidential

More information

Identity Federation: Bridging the Identity Gap. Michael Koyfman, Senior Global Security Solutions Architect

Identity Federation: Bridging the Identity Gap. Michael Koyfman, Senior Global Security Solutions Architect Identity Federation: Bridging the Identity Gap Michael Koyfman, Senior Global Security Solutions Architect The Need for Federation 5 key patterns that drive Federation evolution - Mary E. Ruddy, Gartner

More information

Ameritas Single Sign-On (SSO) and Enterprise SAML Standard. Architectural Implementation, Patterns and Usage Guidelines

Ameritas Single Sign-On (SSO) and Enterprise SAML Standard. Architectural Implementation, Patterns and Usage Guidelines Ameritas Single Sign-On (SSO) and Enterprise SAML Standard Architectural Implementation, Patterns and Usage Guidelines 1 Background and Overview... 3 Scope... 3 Glossary of Terms... 4 Architecture Components...

More information

PingFederate. SSO Integration Overview

PingFederate. SSO Integration Overview PingFederate SSO Integration Overview 2006-2012 Ping Identity Corporation. All rights reserved. PingFederate SSO Integration Overview Version 6.6 January, 2012 Ping Identity Corporation 1001 17th Street,

More information

Mobile Security. Policies, Standards, Frameworks, Guidelines

Mobile Security. Policies, Standards, Frameworks, Guidelines Mobile Security Policies, Standards, Frameworks, Guidelines Guidelines for Managing and Securing Mobile Devices in the Enterprise (SP 800-124 Rev. 1) http://csrc.nist.gov/publications/drafts/800-124r1/draft_sp800-124-rev1.pdf

More information

Federated single sign-on (SSO) and identity management. Secure mobile access. Social identity integration. Automated user provisioning.

Federated single sign-on (SSO) and identity management. Secure mobile access. Social identity integration. Automated user provisioning. PingFederate We went with PingFederate because it s based on standards like SAML, which are important for a secure implementation. John Davidson Senior Product Manager, Opower PingFederate is the leading

More information

Enable Your Applications for CAC and PIV Smart Cards

Enable Your Applications for CAC and PIV Smart Cards Enable Your Applications for CAC and PIV Smart Cards Executive Summary Since HSPD-2 was signed in 2004, government agencies have issued over 5 million identity badges. About 90% of government workers and

More information

PRACTICAL IDENTITY AND ACCESS MANAGEMENT FOR CLOUD - A PRIMER ON THREE COMMON ADOPTION PATTERNS FOR CLOUD SECURITY

PRACTICAL IDENTITY AND ACCESS MANAGEMENT FOR CLOUD - A PRIMER ON THREE COMMON ADOPTION PATTERNS FOR CLOUD SECURITY PRACTICAL IDENTITY AND ACCESS MANAGEMENT FOR CLOUD - A PRIMER ON THREE COMMON ADOPTION PATTERNS FOR CLOUD SECURITY Shane Weeden IBM Session ID: CLD-W01 Session Classification: Advanced Agenda Cloud security

More information

Using Layer 7 s API Gateway for vcloud Architectures How to achieve abstraction, security and management of vcloud APIs.

Using Layer 7 s API Gateway for vcloud Architectures How to achieve abstraction, security and management of vcloud APIs. Using Layer 7 s API Gateway for vcloud Architectures How to achieve abstraction, security and management of vcloud APIs White Paper Contents Executive Summary... 3 Why Use an API Gateway with vcloud...

More information

API Architecture. for the Data Interoperability at OSU initiative

API Architecture. for the Data Interoperability at OSU initiative API Architecture for the Data Interoperability at OSU initiative Introduction Principles and Standards OSU s current approach to data interoperability consists of low level access and custom data models

More information

SAML and OAUTH comparison

SAML and OAUTH comparison SAML and OAUTH comparison DevConf 2014, Brno JBoss by Red Hat Peter Škopek, pskopek@redhat.com, twitter: @pskopek Feb 7, 2014 Abstract SAML and OAuth are one of the most used protocols/standards for single

More information

GRAU DataSpace 2.0 THE SECURE COMMUNICATION PLATFORM FOR ENTERPRISES AND ORGANIZATIONS YOUR DATA. YOUR CONTROL

GRAU DataSpace 2.0 THE SECURE COMMUNICATION PLATFORM FOR ENTERPRISES AND ORGANIZATIONS YOUR DATA. YOUR CONTROL GRAU DataSpace 2.0 THE SECURE COMMUNICATION PLATFORM FOR ENTERPRISES AND ORGANIZATIONS YOUR DATA. YOUR CONTROL Introduction Global file sharing is a mega trend Sync & Share is a new product category Consumer

More information

Managing SOA Security and Operations with SecureSpan

Managing SOA Security and Operations with SecureSpan Managing SOA Security and Operations with SecureSpan Francois Lascelles Technical Director, Layer 7 Technologies 1 Customers Revenue About Layer 7 Layer 7 is the leading vendor of security and governance

More information

API-Security Gateway Dirk Krafzig

API-Security Gateway Dirk Krafzig API-Security Gateway Dirk Krafzig Intro Digital transformation accelerates application integration needs Dramatically increasing number of integration points Speed Security Industrial robustness Increasing

More information

Agenda. How to configure

Agenda. How to configure dlaw@esri.com Agenda Strongly Recommend: Knowledge of ArcGIS Server and Portal for ArcGIS Security in the context of ArcGIS Server/Portal for ArcGIS Access Authentication Authorization: securing web services

More information

Interwise Connect. Working with Reverse Proxy Version 7.x

Interwise Connect. Working with Reverse Proxy Version 7.x Working with Reverse Proxy Version 7.x Table of Contents BACKGROUND...3 Single Sign On (SSO)... 3 Interwise Connect... 3 INTERWISE CONNECT WORKING WITH REVERSE PROXY...4 Architecture... 4 Interwise Web

More information

CISCO ACE XML GATEWAY TO FORUM SENTRY MIGRATION GUIDE

CISCO ACE XML GATEWAY TO FORUM SENTRY MIGRATION GUIDE CISCO ACE XML GATEWAY TO FORUM SENTRY MIGRATION GUIDE Legal Marks No portion of this document may be reproduced or copied in any form, or by any means graphic, electronic, or mechanical, including photocopying,

More information

Mid-Project Report August 14 th, 2012. Nils Dussart 0961540

Mid-Project Report August 14 th, 2012. Nils Dussart 0961540 Mid-Project Report August 14 th, 2012 Nils Dussart 0961540 CONTENTS Project Proposal... 3 Project title... 3 Faculty Advisor... 3 Project Scope and Individual Student Learning Goals... 3 Proposed Product

More information

NIST s Guide to Secure Web Services

NIST s Guide to Secure Web Services NIST s Guide to Secure Web Services Presented by Gaspar Modelo-Howard and Ratsameetip Wita Secure and Dependable Web Services National Institute of Standards and Technology. Special Publication 800-95:

More information

Improving performance for security enabled web services. - Dr. Colm Ó héigeartaigh

Improving performance for security enabled web services. - Dr. Colm Ó héigeartaigh Improving performance for security enabled web services - Dr. Colm Ó héigeartaigh Agenda Introduction to Apache CXF WS-Security in CXF 3.0.0 Securing Attachments in CXF 3.0.0 RS-Security in CXF 3.0.0 Some

More information

HOL9449 Access Management: Secure web, mobile and cloud access

HOL9449 Access Management: Secure web, mobile and cloud access HOL9449 Access Management: Secure web, mobile and cloud access Kanishk Mahajan Principal Product Manager, Oracle September, 2014 Copyright 2014, Oracle and/or its affiliates. All rights reserved. Oracle

More information

Leveraging SAML for Federated Single Sign-on:

Leveraging SAML for Federated Single Sign-on: Leveraging SAML for Federated Single Sign-on: Seamless Integration with Web-based Applications whether cloudbased, private, on-premise, or behind a firewall Single Sign-on Layer v.3.2-006 PistolStar, Inc.

More information

Service Virtualization: Managing Change in a Service-Oriented Architecture

Service Virtualization: Managing Change in a Service-Oriented Architecture Service Virtualization: Managing Change in a Service-Oriented Architecture Abstract Load balancers, name servers (for example, Domain Name System [DNS]), and stock brokerage services are examples of virtual

More information

Apigee Edge API Services Manage, scale, secure, and build APIs and apps

Apigee Edge API Services Manage, scale, secure, and build APIs and apps Manage, scale, secure, and build APIs and apps Hex #FC4C02 Hex #54585A Manage, scale, secure, and build APIs and Apps with is designed to unite the best of Internet and enterprise technologies to provide

More information

JVA-122. Secure Java Web Development

JVA-122. Secure Java Web Development JVA-122. Secure Java Web Development Version 7.0 This comprehensive course shows experienced developers of Java EE applications how to secure those applications and to apply best practices with regard

More information

Creating a Strong Security Infrastructure for Exposing JBoss Services

Creating a Strong Security Infrastructure for Exposing JBoss Services Creating a Strong Security Infrastructure for Exposing JBoss Services JBoss Enterprise SOA Platform Service Clients Service Gateway Enterprise Services Blake Dournaee, Product Management, Intel SOA Products

More information

Final Project Report December 9, 2012. Cloud-based Authentication with Native Client Server Applications. Nils Dussart 0961540

Final Project Report December 9, 2012. Cloud-based Authentication with Native Client Server Applications. Nils Dussart 0961540 Final Project Report December 9, 2012 Cloud-based Authentication with Native Client Server Applications. Nils Dussart 0961540 CONTENTS Project Proposal... 4 Project title... 4 Faculty Advisor... 4 Introduction...

More information

Federated Identity and Single Sign-On using CA API Gateway

Federated Identity and Single Sign-On using CA API Gateway WHITE PAPER DECEMBER 2014 Federated Identity and Single Sign-On using Federation for websites, Web services, APIs and the Cloud K. Scott Morrison VP Engineering and Chief Architect 2 WHITE PAPER: FEDERATED

More information

Web Services Security: OpenSSO and Access Management for SOA. Sang Shin Java Technology Evangelist Sun Microsystems, Inc. javapassion.

Web Services Security: OpenSSO and Access Management for SOA. Sang Shin Java Technology Evangelist Sun Microsystems, Inc. javapassion. Web Services Security: OpenSSO and Access Management for SOA Sang Shin Java Technology Evangelist Sun Microsystems, Inc. javapassion.com 1 Agenda Need for Identity-based Web services security Single Sign-On

More information

Cloud Security/Access Control and Identity Management. Patrick McLaughlin, Oracle Fellow SAOUG: 14 November, 2011

Cloud Security/Access Control and Identity Management. Patrick McLaughlin, Oracle Fellow SAOUG: 14 November, 2011 Cloud Security/Access Control and Identity Management Patrick McLaughlin, Oracle Fellow SAOUG: 14 November, 2011 Agenda Evolution of IT and IdM Requirements Building and Securing Clouds Oracle Public Cloud

More information

THE NEW DIGITAL EXPERIENCE

THE NEW DIGITAL EXPERIENCE steffo.weber@oracle.com SECURING THE NEW DIGITAL EXPERIENCE Dr Steffo Weber, Oracle BridgFilling the UX gap for mobile enterprise applications. May,-2014 Latest Entries Protecting IDPs from malformed SAML

More information

UNIVERSITY OF COLORADO Procurement Service Center INTENT TO SOLE SOURCE PROCUREMENT CU-JL39027649-SS. Single Sign-On (SSO) Solution

UNIVERSITY OF COLORADO Procurement Service Center INTENT TO SOLE SOURCE PROCUREMENT CU-JL39027649-SS. Single Sign-On (SSO) Solution UNIVERSITY OF COLORADO Procurement Service Center INTENT TO SOLE SOURCE PROCUREMENT CU-JL39027649-SS Single Sign-On (SSO) Solution For University Information Systems (UIS) May 9, 2013 2 University of Colorado

More information

000-575. IBM Tivoli Federated Identity Manager V6.2.2 Implementation. Version: Demo. Page <<1/10>>

000-575. IBM Tivoli Federated Identity Manager V6.2.2 Implementation. Version: Demo. Page <<1/10>> 000-575 IBM Tivoli Federated Identity Manager V6.2.2 Implementation Version: Demo Page 1.What is the default file name of the IBM Tivoli Directory Integrator log? A. tdi.log B. ibmdi.log C. ibmdisrv.log

More information

Sharing Data with Customers and Suppliers

Sharing Data with Customers and Suppliers Sharing Data with Customers and Suppliers Assessing your future Web Services Infrastructure Graham Cunningham: SW Business Development graham.cunningham@w3partnership.com Agenda Business Outcomes The Business

More information

GENERAL OVERVIEW OF VARIOUS SSO SYSTEMS: ACTIVE DIRECTORY, GOOGLE & FACEBOOK

GENERAL OVERVIEW OF VARIOUS SSO SYSTEMS: ACTIVE DIRECTORY, GOOGLE & FACEBOOK Antti Pyykkö, Mikko Malinen, Oskari Miettinen GENERAL OVERVIEW OF VARIOUS SSO SYSTEMS: ACTIVE DIRECTORY, GOOGLE & FACEBOOK TJTSE54 Assignment 29.4.2008 Jyväskylä University Department of Computer Science

More information

Executive Summary. What is Authentication, Authorization, and Accounting? Why should I perform Authentication, Authorization, and Accounting?

Executive Summary. What is Authentication, Authorization, and Accounting? Why should I perform Authentication, Authorization, and Accounting? Executive Summary As the leader in Wide Area Application Delivery, Blue Coat products accelerate and secure applications within your WAN and across the Internet. Blue Coat provides a robust and flexible

More information

Get Success in Passing Your Certification Exam at first attempt!

Get Success in Passing Your Certification Exam at first attempt! Get Success in Passing Your Certification Exam at first attempt! Exam : C2150-575 Title : IBM Tivoli Federated Identity Manager V6.2.2 Implementation Version : Demo 1.What is the default file name of the

More information

Deploying RSA ClearTrust with the FirePass controller

Deploying RSA ClearTrust with the FirePass controller Deployment Guide Deploying RSA ClearTrust with the FirePass Controller Deploying RSA ClearTrust with the FirePass controller Welcome to the FirePass RSA ClearTrust Deployment Guide. This guide shows you

More information

Keeping access control while moving to the cloud. Presented by Zdenek Nejedly Computing & Communications Services University of Guelph

Keeping access control while moving to the cloud. Presented by Zdenek Nejedly Computing & Communications Services University of Guelph Keeping access control while moving to the cloud Presented by Zdenek Nejedly Computing & Communications Services University of Guelph 1 Keeping access control while moving to the cloud Presented by Zdenek

More information

Managed File Transfer

Managed File Transfer Managed File Transfer How do most organizations move files today? FTP Typically File Transfer Protocol (FTP) is combined with writing and maintaining homegrown code to address its limitations Limited Reliability

More information

Providing Single Signon (SSO) with Enterprise Identity Services and Directory Integration

Providing Single Signon (SSO) with Enterprise Identity Services and Directory Integration Providing Single Signon (SSO) with Enterprise Identity Services and Directory Integration Paulo Jorge Correia Technical Solutions Architect #clmel Agenda Identity Challenges and Market analysis Identity

More information

SAP Mobile - Webinar Series SAP Mobile Platform 3.0 Security Concepts and Features

SAP Mobile - Webinar Series SAP Mobile Platform 3.0 Security Concepts and Features SAP Mobile - Webinar Series SAP Mobile Platform 3.0 Security Concepts and Features Dirk Olderdissen Solution Expert, Regional Presales EMEA SAP Brought to you by the Customer Experience Group 2014 SAP

More information

Guide to Deploying NetScaler as an Active Directory Federation Services Proxy

Guide to Deploying NetScaler as an Active Directory Federation Services Proxy Deployment Guide Guide to Deploying NetScaler as an Active Directory Federation Services Proxy Enabling seamless authentication for Office 365 use cases Table of Contents Introduction 3 ADFS proxy deployment

More information

Access Management Analysis of some available solutions

Access Management Analysis of some available solutions Access Management Analysis of some available solutions Enterprise Security & Risk Management May 2015 Authors: Yogesh Kumar Sharma, Kinshuk De, Dr. Sundeep Oberoi Access Management - Analysis of some available

More information

An Oracle White Paper Dec 2013. Oracle Access Management Security Token Service

An Oracle White Paper Dec 2013. Oracle Access Management Security Token Service An Oracle White Paper Dec 2013 Oracle Access Management Security Token Service Disclaimer The following is intended to outline our general product direction. It is intended for information purposes only,

More information

Federated Identity Providers

Federated Identity Providers Federated Identity Providers and the Ipsilon project Simo Sorce Sr. Princ. Sw. Engineer, Red Hat 2015/02/06 What is Federation? In a nutshell: Dealing with users that you do not control on your own. To

More information

Copyright 2013, Oracle and/or its affiliates. All rights reserved.

Copyright 2013, Oracle and/or its affiliates. All rights reserved. 1 Integration Options for Oracle E-Business Suite Rekha Ayothi, Lead Product Manager, Oracle Safe Harbor Statement The following is intended to outline our general product direction. It is intended for

More information

Secure Identity in Cloud Computing

Secure Identity in Cloud Computing Secure Identity in Cloud Computing Michelle Carter The Aerospace Corporation March 20, 2013 The Aerospace Corporation 2013 All trademarks, service marks, and trade names are the property of their respective

More information

The bridge to delivering digital applications across cloud, mobile and partner channels

The bridge to delivering digital applications across cloud, mobile and partner channels Axway API Gateway The bridge to delivering digital applications across cloud, mobile and partner channels Axway API Gateway a foundational component in an API-first architecture for digital business provides

More information

The Challenges of Web single sign-on

The Challenges of Web single sign-on Serge Vereecke Security Architect IBM Security Services serge_vereecke@be.ibm.com The Challenges of Web single sign-on GSE Event September 7, 2012 Agenda Single sign-on technology Why single sign-on Challenges

More information

Intro to DataPower IBM WebSphere Connectivity and Integration Appliances

Intro to DataPower IBM WebSphere Connectivity and Integration Appliances José Angel Flores WW Business Partners Technical Professional jafloresg@es.ibm.com Intro to DataPower IBM WebSphere Connectivity and Integration Appliances Agenda What is a DataPower Appliance? Models

More information

Web Services Security with SOAP Security Proxies

Web Services Security with SOAP Security Proxies Web Services Security with Security Proxies Gerald Brose, PhD Technical Product Manager Xtradyne Technologies AG OMG Web Services Workshop USA 22 April 2003, Philadelphia Web Services Security Risks! Exposure

More information

PingFederate. Integration Overview

PingFederate. Integration Overview PingFederate Integration Overview 2008 Ping Identity Corporation. All rights reserved. Part Number 3007-321 January, 2008 Ping Identity Corporation 1099 18th Street, Suite 2950 Denver, CO 80202 U.S.A.

More information

SAML AS AN SSO STANDARD FOR CUSTOMER IDENTITY MANAGEMENT. How to Create a Frictionless, Secure Customer Identity Management Strategy

SAML AS AN SSO STANDARD FOR CUSTOMER IDENTITY MANAGEMENT. How to Create a Frictionless, Secure Customer Identity Management Strategy SAML AS AN SSO STANDARD FOR CUSTOMER IDENTITY MANAGEMENT How to Create a Frictionless, Secure Customer Identity Management Strategy PART 1: WHAT IS SAML? SAML in Context Security Assertion Markup Language

More information

CA SOA Security Manager

CA SOA Security Manager CA SOA Security Manager Implementation Guide r12.1 Second Edition This documentation and any related computer software help programs (hereinafter referred to as the "Documentation") are for your informational

More information

Building Secure Applications. James Tedrick

Building Secure Applications. James Tedrick Building Secure Applications James Tedrick What We re Covering Today: Accessing ArcGIS Resources ArcGIS Web App Topics covered: Using Token endpoints Using OAuth/SAML User login App login Portal ArcGIS

More information

Sentinet for BizTalk Server SENTINET

Sentinet for BizTalk Server SENTINET Sentinet for BizTalk Server SENTINET Sentinet for BizTalk Server 1 Contents Introduction... 2 Sentinet Benefits... 3 SOA and APIs Repository... 4 Security... 4 Mediation and Virtualization... 5 Authentication

More information

IBM WebSphere Application Server

IBM WebSphere Application Server IBM WebSphere Application Server OAuth 2.0 service provider and TAI 2012 IBM Corporation This presentation describes support for OAuth 2.0 included in IBM WebSphere Application Server V7.0.0.25. WASV70025_OAuth20.ppt

More information

From the Intranet to Mobile. By Divya Mehra and Stian Thorgersen

From the Intranet to Mobile. By Divya Mehra and Stian Thorgersen ENTERPRISE SECURITY WITH KEYCLOAK From the Intranet to Mobile By Divya Mehra and Stian Thorgersen PROJECT TIMELINE AGENDA THE OLD WAY Securing monolithic web app relatively easy Username and password

More information

OpenText Secure MFT Network and Firewall Requirements

OpenText Secure MFT Network and Firewall Requirements NETWORK OpenText Secure MFT Network and Firewall Requirements Secure MFT is a client-server solution that provides accelerated transfer of large files over any network connection. The solution architecture

More information

Apigee Gateway Specifications

Apigee Gateway Specifications Apigee Gateway Specifications Logging and Auditing Data Selection Request/response messages HTTP headers Simple Object Access Protocol (SOAP) headers Custom fragment selection via XPath Data Handling Encryption

More information

SAML: The Secret to Centralized Identity Management

SAML: The Secret to Centralized Identity Management 1 of 7 1/10/2007 9:05 AM December 2004 http://www.intelligententerprise.com/showarticle.jhtml?articleid=54200324 SAML: The Secret to Centralized Identity Management Complicated by too many systems, too

More information

SOA Design Patterns for VistA Evolution: Web Technologies Data Sharing for VistA Evolution

SOA Design Patterns for VistA Evolution: Web Technologies Data Sharing for VistA Evolution SOA Design Patterns for VistA Evolution: Web Technologies Data Sharing for VistA Evolution Office of Technology Strategies (OTS) Architecture, Strategy, and Design (ASD) Office of Information and Technology

More information

Meet the Cloud API The New Enterprise Control Point

Meet the Cloud API The New Enterprise Control Point Meet the Cloud API The New Enterprise Control Point Presented by: Katrina Kehlet Intel Application Security and Identity Products 1 Agenda Why Intel & McAfee- Security Connected Cloud Promise & Threat

More information

Corporate Bill Analyzer

Corporate Bill Analyzer Corporate Bill Analyzer Product Description V 3.1 Contents Contents Introduction Platform Overview Core features Bill/Invoice presentment Corporate hierarchy support Billing Account hierarchy support Call

More information

SAML SSO Configuration

SAML SSO Configuration SAML SSO Configuration Overview of Single Sign-, page 1 Benefits of Single Sign-, page 2 Overview of Setting Up SAML 2.0 Single Sign-, page 3 SAML 2.0 Single Sign- Differences Between Cloud-Based Meeting

More information

OpenSSO: Simplify Your Single-Sign-On Needs. Sang Shin Java Technology Architect Sun Microsystems, inc. javapassion.com

OpenSSO: Simplify Your Single-Sign-On Needs. Sang Shin Java Technology Architect Sun Microsystems, inc. javapassion.com OpenSSO: Simplify Your Single-Sign-On Needs Sang Shin Java Technology Architect Sun Microsystems, inc. javapassion.com 1 Agenda Enterprise security needs What is OpenSSO? OpenSSO features > > > > SSO and

More information

Donky Technical Overview

Donky Technical Overview Donky Technical Overview This document will provide the reader with an overview of the features offered and technologies used with the Donky Messaging Network. This document will give a good base level

More information

SSO Plugin. Release notes. J System Solutions. http://www.javasystemsolutions.com Version 3.6

SSO Plugin. Release notes. J System Solutions. http://www.javasystemsolutions.com Version 3.6 SSO Plugin Release notes J System Solutions Version 3.6 JSS SSO Plugin v3.6 Release notes What's new... 3 Improved Integrated Windows Authentication... 3 BMC ITSM self service... 3 Improved BMC ITSM Incident

More information

Helping organizations secure and govern application services for SOA, Web and the Cloud

Helping organizations secure and govern application services for SOA, Web and the Cloud Helping organizations secure and govern application services for SOA, Web and the Cloud SOA WEB CLOUD layer7tech.com info@layer7tech.com @layer7 Layer 7 offers industry-leading XML security, runtime SOA

More information

The Weakest Link : Securing large, complex, global Oracle ebusiness Suite solutions

The Weakest Link : Securing large, complex, global Oracle ebusiness Suite solutions The Weakest Link : Securing large, complex, global Oracle ebusiness Suite solutions Radomir Vranesevic Director and IT Architect Oracle Certified Master, CISSP Fusion Professionals 1 Agenda Introduction

More information

Oracle Security Developer Tools (OSDT) August 2008

<Insert Picture Here> Oracle Security Developer Tools (OSDT) August 2008 Oracle Security Developer Tools (OSDT) August 2008 Items Introduction OSDT 10g Architecture Business Benefits Oracle Products Currently Using OSDT 10g OSDT 10g APIs Description OSDT

More information

Novell Access Manager

Novell Access Manager Novell Access Manager Product Overview Kiran Mova Agenda Introduction Architecture IDP AG SSL VPN Administration Console How it works? Web SSO Federation SSO Protect HTTP Resources Protect non-http Resources

More information

The standards landscape in cloud

The standards landscape in cloud The standards landscape in cloud PRESENTATION computing TITLE GOES HERE Vincent Franceschini CTO Distributed Architectures, Hitachi Data System Chairman Emeritus, SNIA Governing Board Member, SNIA Cloud

More information

Glinda Cummings World Wide Tivoli Security Product Manager

Glinda Cummings World Wide Tivoli Security Product Manager Featured Speaker IBM Security Solutions! Glinda Cummings World Wide Tivoli Security Product Manager 2010 IBM Corporation IBM Security Solutions! How IBM defines Cloud Computing IBM Security Solutions!

More information

304 - APM TECHNOLOGY SPECIALIST

304 - APM TECHNOLOGY SPECIALIST ABOUT THE 304-APM TECHNOLOGY SPECIALIST EXAM. The 304-APM Technology Specialist exam is the required to achieve Certified F5 Technology Specialist, APM status. Successful completion of the APM Technology

More information

Big Data Driven Security for BYOD. Photo by Marc_Smith - Creative Commons Attribution License http://www.flickr.com/photos/49503165485@n01

Big Data Driven Security for BYOD. Photo by Marc_Smith - Creative Commons Attribution License http://www.flickr.com/photos/49503165485@n01 Big Data Driven Security for BYOD Photo by Marc_Smith - Creative Commons Attribution License http://www.flickr.com/photos/49503165485@n01 Created with Haiku Deck TABLE OF CONTENTS Securing Data in Motion

More information

New Single Sign-on Options for IBM Lotus Notes & Domino. 2012 IBM Corporation

New Single Sign-on Options for IBM Lotus Notes & Domino. 2012 IBM Corporation New Single Sign-on Options for IBM Lotus Notes & Domino 2012 IBM Corporation IBM s statements regarding its plans, directions, and intent are subject to change or withdrawal without notice at IBM s sole

More information

Security As A Service Leveraged by Apache Projects. Oliver Wulff, Talend

Security As A Service Leveraged by Apache Projects. Oliver Wulff, Talend Security As A Service Leveraged by Apache Projects Oliver Wulff, Talend Application Security Landscape 2 Solution Building blocks Apache CXF Fediz Single Sign On (WS-Federation) Attribute Based Access

More information

ESB solutions Title. BWUG & GSE Subtitle 2013-03-28. guy.crets@i8c.be. xx.yy@i8c.be

ESB solutions Title. BWUG & GSE Subtitle 2013-03-28. guy.crets@i8c.be. xx.yy@i8c.be ESB solutions Title BWUG & GSE Subtitle 2013-03-28 guy.crets@i8c.be xx.yy@i8c.be 1 I8C part of Cronos Integration consultancy ESB, SOA, BPMS, B2B, EAI, Composite Apps Vendor independent 40+ consultants

More information

TrustedX: eidas Platform

TrustedX: eidas Platform TrustedX: eidas Platform Identification, authentication and electronic signature platform for Web environments. Guarantees identity via adaptive authentication and the recognition of either corporate,

More information

Workspot Enables Spectrum of Trust. Photo by Marc_Smith - Creative Commons Attribution License http://www.flickr.com/photos/49503165485@n01

Workspot Enables Spectrum of Trust. Photo by Marc_Smith - Creative Commons Attribution License http://www.flickr.com/photos/49503165485@n01 Workspot Enables Spectrum of Trust Photo by Marc_Smith - Creative Commons Attribution License http://www.flickr.com/photos/49503165485@n01 Created with Haiku Deck TABLE OF CONTENTS Leadership Team Problem:

More information

Customer Cloud Architecture for Mobile. http://cloud-council.org/resource-hub.htm#customer-cloud-architecture-for-mobile

Customer Cloud Architecture for Mobile. http://cloud-council.org/resource-hub.htm#customer-cloud-architecture-for-mobile Customer Cloud Architecture for Mobile http://cloud-council.org/resource-hub.htm#customer-cloud-architecture-for-mobile June, 2015 1 Presenters Heather Kreger CTO International Standards, IBM US SC38 mirror

More information