goberlin a Trusted Cloud Marketplace for Governmental and Commercial Services
|
|
- Caren McLaughlin
- 8 years ago
- Views:
Transcription
1 goberlin a Trusted Cloud Marketplace for Governmental and Commercial Services Data Protection and Security Considerations in an egovernment Cloud in Germany Dr. Klaus-Peter Eckert Public Sector Cloud Forum London December 3 rd, 2014
2 Facts of the German Trusted Cloud Program Technology Program of the German Federal Ministry of Economics and Energy Goals: Develop innovative, secure and legal compliant Cloud Computing solutions Involve SMEs Demonstrate potential of Cloud Computing Develop innovation and market potential 14 projects (out of 116 proposals) have been selected and grouped in four clusters Development of basic technologies Applications for industry and craft Applications for health Applications for the public sector, e.g. goberlin Projects have started in 2011/12 and will run until end of 2014 Approx. 50 M from BMWi + 30 M from project partners Comprehensive research is done in four areas: Standardization, legal aspects, security, business models 3
3 Cluster - Public Sector The cluster "applications for the public sector" consists of two research projects with cloud-based services for citizens and public administrations for different application scenarios. Public administrations are entrusted with regulatory tasks and therefore have particularly high demands on the confidentiality, security and legal compliance of cloud applications. The two services are supporting the collaboration between government, businesses and citizens. Cloud Cycle provides a common standard for the entire lifecycle of cloud applications: from the cloud platform, which is used as a technical basis, via the creation of interoperable and portable applications to usage by the end user. (OASIS Topology and Orchestration Specification for Cloud Applications - TOSCA). Cloud Cycle develops an Education Cloud providing specific services for schools. goberlin builds a trustful app-marketplace that combines the services of the public administration with commercial offers of private enterprises. Apps are offered to citizens as SaaS and build by developers utilizing the PaaS support of goberlin. 7
4 Challenges Security, Trust Cloud service security, three perspectives Service provider perspective, e.g. iidentfy, authenticate, authorize service users Service user perspective, e.g. data privacy, SLA nonrepudiation Legal perspective, e.g. protection of data privacy Service specific security requirements Security as part of the marketplace infrastructure Security features to be integrated on demand Declarative security no hard-coded implementation Trust Credibility, Reliability Expectations Reputation 8
5 Matthias Heyde / / Fraunhofer FOKUS goberlin A trusted Service Marketplace in the Berlin City-Cloud goberlin orchestrates public and commercial eservices to Apps that are supporting citizens in their specific circumstances. Functional and non-functional components, especially authentication and authorization, are coupled utilizing SOA concepts incl. ESBpatterns. The project develops a prototypical implementation of the marketplace incl. orchestrated apps. goberlin runs in the cloud infrastructures of the project partners, especially in the Berlin City Cloud, operated by the Berlin data center ITDZ. The Castle in Berlin-Steglitz, a marketplace for public and commercial services 14
6 Cloud-based Service Marketplace Main Actors in goberlin eservice Providers from Public and Private Sector App Users (mainly Citizens) Service Marketplace Apps for Life Circumstances Transport Citizen Registration Mail Redirection Cloud Infrastructure App Developers and Providers Public Sector Marketplace and Cloud Operator 15
7 goberlin Marketplace High-level Architecture and Actors App Developer Portal Find and compose eservices; Publish apps Marriage App Transport eservice Proxy Relocation App Birth App Registration eservice Proxy Redirection eservice Proxy SaaS PaaS Adapters to Government and Business eservices Life Circumstances Portal for Citizens Find and use certified apps eservice Provider Portal Describe, register, and operate eservices Profile Mgmt Storage Identity Mgmt Accounting Computation IaaS Network Basic Services Marketplace Management Portal Operate Marketplace and Cloud Infrastructure 16
8 What will goberlin offer? Life Cirumstances from a Citizen s Perspective Support life circumstances such as birth, marriage, children or relocation Craftsmen Renovation Works egovernment ebusiness Change of Address Vehicle Registration Citizen Registration Office of deeds Moving Company Mail Redirection Estate Agent 17
9 What will goberlin offer? Apps support a workflow through government and business services Orchestrate government and business eservices Craftsmen Renovation Works Vehicle Registration Citizen Registration Office of deeds Moving Company Change of Address Mail Redirection Estate Agent 18
10 Approach Security and Trust Security-as-a-Service Identity management and security services are part of the PaaS base services User-centric identity management User manages personal data in a trusted and secure area User manages access to this area for apps and services Marketplace operated by a public authority Private cloud Certification of apps and services Have the security services been properly integrated? Is data passed to authorized service? Order Swaddling Clothes App Childbirth Encryption Authorization Signature Register Childbirth Identification 19
11 Approach Oligations of the goberlin Stakeholders App-Users control access to their personal profile data for apps and services App developers provide trustful apps Reloction App eservice providers operate their services in their local environment Marketplace is operated by a public authority Certification of apps and services Security-as-a-Service Identity management and security services are part of the PaaS infrastructure services Support for eid and eat cards Transport eservice Proxy Encryption Authorization Signature Registration eservice Proxy Identification Cloud infrastructure is operated by a public data center ITDZ Berlin 20
12 goberlin Marketplace Architecture Overview goberlin Marketplace App Marketplace Service Marketplace Life Circ. Portal App/Service Marketplace Portals Repositories Repositories Marketplace Services App Development Platform App Runtime Platform Marketplace Portal Marketplace Middleware Security Components Government and Business eservices Cloud Infrastructure Cloud Portal 22
13 Instance PP: Operational Instance Citizen-, App Developer-, esp-portals Citizen-App Register Login Browsing Entitlement profil, SA App-Frontend App-Logic Security Identity Management - Authentication Access Management Authorization ESB Interceptor, Logging, Monitoring Supporting Services BPM-Process Services Platform Services Admin-Portal es-wrapper Data Bases 25 Git & Build eservices
14 Linking of Security Components with Functional Components XACML concepts Access Control Services Portal / App WS-Trust X.509 Token + Username/Password WS-Trust SAML 2.0 Assertion 2. Identity Management Create Policy Enforcement Point - PEP Policy Administration Point - PAP Decide Publish Policy Decision Point - PDP Policy Information Point - PIP Retrieve extensible Access Control Markup Language SOAP X.509 Token 8. SOAP X.509 Token 7. SOAP X.509 Token + SAML 2.0 Assertion ESB SOAP X.509 Token + SAML 2.0 Assertion Application Server + WS-Stack SOAP X.509Token + XACML 2.0/3.0 Request SOAP X.509 Token + XACML 2.0/3.0 Response 5. Access Management Utilization of XACML concepts in goberlin 30
15 Security Zones in an egovernment-cloud Internet Public Sector Citizens Firewall Secured Zone Intranet Access Logic Data Employees egovernment Cloud DMZ Access Logic Data egovernment Cloud 33
16 Components of an egovernment-cloud Internet Firewall Shared Sevices Governmental Services Federated egovernment Bus Access AAA Services Data Bases 34
17 Components of the goberlin egovernment-cloud Internet Firewall eservices Supporting Services Apps Federated egovernment Bus Portals Identity & Access Management Data Bases 35
18 Trust in the goberlin egovernment-cloud Internet Firewall eservices Trusted Services Certified Apps Federated egovernment Bus Secure Access Universal Security Infrastructure Secured Storage 36
19 Outlook Transfer of Project Results Architectural Framework Business models Technical and organisational operations model golondon gokiel goschwerin gohamburg gobremen goberlin gohannover gopotsdam gomagdeburg Certification models godüsseldorf goerfurt godresden and much more gowiesbaden goluxemburg gomainz gosaarbrücken gostuttgart gomünchen 40
20 Thank you! Any questions? Dr. Klaus-Peter Eckert Fraunhofer Institute for Open Communication Systems Kaiserin-Augusta-Allee Berlin, Germany 41
goberlin A Service Marketplace for Businesses and Citizens A German Trusted Cloud Project
goberlin A Service Marketplace for Businesses and Citizens A German Trusted Cloud Project Dr. Klaus-Peter Eckert Cloudscape V Brussels February 28 th, 2013 Facts for the German Trusted Cloud Program Technology
More informationLeading by Example - Government Cloud Services from the UK, Germany and Japan
Cloud for savings, Cloud for quality 27 & 28 February 2013 Brussels, Belgium Leading by Example - Government Cloud Services from the UK, Germany and Japan www.cloudscapeseries.eu info@cloudscapeseries.eu
More informationWhite Paper Cybercom & Axiomatics Joint Identity & Access Management (R)evolution
White Paper Cybercom & Axiomatics Joint Identity & Access Management (R)evolution Federation and Attribute Based Access Control Page 2 Realization of the IAM (R)evolution Executive Summary Many organizations
More informationOpen Data Center Alliance Usage: Infrastructure as a Service (IaaS) Privileged User Access rev. 1.0
sm Open Data Center Alliance Usage: Infrastructure as a Service (IaaS) Privileged User Access rev. 1.0 Table of Contents Legal Notice... 3 Executive Summary... 4 Related Usage Models... 5 Reference Framework...
More informationAn open source software tool for creating and managing patient consents electronically in IHE XDS.b environments
An open source software tool for creating and managing patient consents electronically in IHE XDS.b environments 20th of April 2012 O. Heinze 1, M. Birkle 1, H. Schmuhl 1, B. Bergh 1 1 Department of Information
More informationOracle Reference Architecture and Oracle Cloud
Oracle Reference Architecture and Oracle Cloud Anbu Krishnaswamy Anbarasu Enterprise Architect Social. Mobile. Complete. Global Enterprise Architecture Program Safe Harbor Statement The following is intended
More informationWhite Paper The Identity & Access Management (R)evolution
White Paper The Identity & Access Management (R)evolution Federation and Attribute Based Access Control Page 2 A New Perspective on Identity & Access Management Executive Summary Identity & Access Management
More informationAuthentication and Authorization Systems in Cloud Environments
Authentication and Authorization Systems in Cloud Environments DAVIT HAKOBYAN Master of Science Thesis Stockholm, Sweden 2012 TRITA-ICT-EX-2012:203 Abstract The emergence of cloud computing paradigm offers
More informationOpen Data Center Alliance Usage: Single Sign On Authentication REv. 1.0
sm Open Data Center Alliance Usage: Single Sign On Authentication REv. 1.0 Table of Contents Legal Notice... 3 Executive Summary... 4 Reference Framework... 5 Applicability... 6 Related Usage Models...
More informationegov-bus Advanced egovernment Information Service Bus
egov-bus Advanced egovernment Information Service Bus egov-bus Advanced egovernment Information Service Bus (IST-4-026727-STP) January 2006 December 2008 The egov-bus was STREP (Specific Targeted Research
More informationIBM. How can we support the requirement of creating dynamic, flexible and cost effective solution in the IAM area?
IBM How can we support the requirement of creating dynamic, flexible and cost effective solution in the IAM area? Sven-Erik Vestergaard Nordic Security Architect IBM Software group svest@dk.ibm.com Security
More informationTECHNOLOGY TRANSFER PRESENTS MAX DOLGICER IT S ALL ABOUT CLOUD CONCEPTS, STRATEGIES, ARCHITECTURES, PLAYERS, AND TECHNOLOGIES
TECHNOLOGY TRANSFER PRESENTS MAX DOLGICER IT S ALL ABOUT CLOUD CONCEPTS, STRATEGIES, ARCHITECTURES, PLAYERS, AND TECHNOLOGIES APRIL 2-4, 2014 RESIDENZA DI RIPETTA - VIA DI RIPETTA, 231 ROME (ITALY) info@technologytransfer.it
More informationBringing Cloud Security Down to Earth. Andreas M Antonopoulos Senior Vice President & Founding Partner www.nemertes.com
Bringing Cloud Security Down to Earth Andreas M Antonopoulos Senior Vice President & Founding Partner www.nemertes.com Agenda About Nemertes Cloud Dynamics and Adoption Assessing Risk of Cloud Services
More informationGEMBus as a Service Oriented Pla5orm for Cloud- Based Composable Services
GEMBus as a Service Oriented Pla5orm for Cloud- Based Composable Services Constantinos Marinos NETMODE NTUA cmarinos@netmode.ntua.gr Introduc>on Service Oriented infrastructures can ease the deployment
More informationSoftware and Cloud Security
1 Lecture 12: Software and Cloud Security 2 Lecture 12 : Software and Cloud Security Subjects / Topics : 1. Standard ISO/OSI security services 2. Special problems, specific for software components and
More informationOpen Data Center Alliance Usage: Identity Management Interoperability Guide rev. 1.0
sm Open Data Center Alliance Usage: Identity Interoperability Guide rev. 1.0 Open Data Center Alliance Usage: Identity Interoperability Guide Rev. 1.0 Table of Contents Legal Notice... 3 Executive Summary...
More informationOPENIAM ACCESS MANAGER. Web Access Management made Easy
OPENIAM ACCESS MANAGER Web Access Management made Easy TABLE OF CONTENTS Introduction... 3 OpenIAM Access Manager Overview... 4 Access Gateway... 4 Authentication... 5 Authorization... 5 Role Based Access
More informationSecuring Enterprise: Employability and HR
1 Securing Enterprise: Employability and HR Federation and XACML as Security and Access Control Layer Open Standards Forum 2 Employability and HR Vertical Multiple Players - Excellent case for federation
More informationSecure Identity Propagation Using WS- Trust, SAML2, and WS-Security 12 Apr 2011 IBM Impact
Secure Identity Propagation Using WS- Trust, SAML2, and WS-Security 12 Apr 2011 IBM Impact Robert C. Broeckelmann Jr., Enterprise Middleware Architect Ryan Triplett, Middleware Security Architect Requirements
More informationWeb Services Security with SOAP Security Proxies
Web Services Security with Security Proxies Gerald Brose, PhD Technical Product Manager Xtradyne Technologies AG OMG Web Services Workshop USA 22 April 2003, Philadelphia Web Services Security Risks! Exposure
More informationCloud for Europe trusted Cloud Services for the European market for public administrations
Cloud for Europe trusted Cloud Services for the European market for public administrations Public sector challenges (European egovernment Action Plan 2011-2015) 2 Establishing a Trusted Cloud Europe A
More informationFlexible Identity Federation
Flexible Identity Federation Quick start guide version 1.0.1 Publication history Date Description Revision 2015.09.23 initial release 1.0.0 2015.12.11 minor updates 1.0.1 Copyright Orange Business Services
More informationNCTA Cloud Architecture
NCTA Cloud Architecture Course Specifications Course Number: 093019 Course Length: 5 days Course Description Target Student: This course is designed for system administrators who wish to plan, design,
More informationA Federated Authorization and Authentication Infrastructure for Unified Single Sign On
A Federated Authorization and Authentication Infrastructure for Unified Single Sign On Sascha Neinert Computing Centre University of Stuttgart Allmandring 30a 70550 Stuttgart sascha.neinert@rus.uni-stuttgart.de
More informationIGI Portal architecture and interaction with a CA- online
IGI Portal architecture and interaction with a CA- online Abstract In the framework of the Italian Grid Infrastructure, we are designing a web portal for the grid and cloud services provisioning. In following
More informationCloud-Security: Show-Stopper or Enabling Technology?
Cloud-Security: Show-Stopper or Enabling Technology? Fraunhofer Institute for Secure Information Technology (SIT) Technische Universität München Open Grid Forum, 16.3,. 2010, Munich Overview 1. Cloud Characteristics
More informationELM Manages Identities of 4 Million Government Program Users with. Identity Server
ELM Manages Identities of 4 Million Government Program Users with Identity Server ELM Implements Single Sign-on With WSO2 Identity Server to Streamline Administration, Improve Productivity, and Reduce
More informationEntitlements Access Management for Software Developers
Entitlements Access Management for Software Developers Market Environment The use of fine grained entitlements and obligations control for access to sensitive information and services in software applications
More informationMobile Identity and Edge Security Forum Sentry Security Gateway. Jason Macy CTO, Forum Systems jmacy@forumsys.com
Mobile Identity and Edge Security Forum Sentry Security Gateway Jason Macy CTO, Forum Systems jmacy@forumsys.com Evolution Evolution of Enterprise Identities Cloud Computing Iaas Infrastructure as a Service
More informationIt s All About Cloud Key Concepts, Players, Platforms And Technologies
It s All About Cloud Key Concepts, Players, Platforms And Technologies 3-day seminar Description Cloud computing has gained a lot of attention in recent years. It has mostly been used for non business
More informationThe Role of Identity Enabled Web Services in Cloud Computing
The Role of Identity Enabled Web Services in Cloud Computing April 20, 2009 Patrick Harding CTO Agenda Web Services and the Cloud Identity Enabled Web Services Some Use Cases and Case Studies Questions
More informationSentinet for BizTalk Server SENTINET
Sentinet for BizTalk Server SENTINET Sentinet for BizTalk Server 1 Contents Introduction... 2 Sentinet Benefits... 3 SOA and APIs Repository... 4 Security... 4 Mediation and Virtualization... 5 Authentication
More informationSmart Government and Public Sector Modernization
Smart Government and Public Sector Modernization Linda Strick 1 Digital Venice Smart Government WS FhI FOKUS Public sector challenges (The European egovernment Action Plan 2011-2015) Strengthening citizens
More informationSecurely Managing and Exposing Web Services & Applications
Securely Managing and Exposing Web Services & Applications Philip M Walston VP Product Management Layer 7 Technologies Layer 7 SecureSpan Products Suite of security and networking products to address the
More informationTable of Contents. 1 Executive Summary... 2 2. SOA Overview... 3 2.1 Technology... 4 2.2 Processes and Governance... 8
Table of Contents 1 Executive Summary... 2 2. SOA Overview... 3 2.1 Technology... 4 2.2 Processes and Governance... 8 3 SOA in Verizon The IT Workbench Platform... 10 3.1 Technology... 10 3.2 Processes
More informationSeamless adaptive multi- cloud management of service- based applications. European Open Cloud Collaboration Workshop, May 15, 2014, Brussels
Seamless adaptive multi- cloud management of service- based applications European Open Cloud Collaboration Workshop, May 15, 2014, Brussels Interoperability and portability are a few of the main challenges
More informationWhite Paper Delivering Web Services Security: The Entrust Secure Transaction Platform
White Paper Delivering Web Services Security: September 2003 Copyright 2003 Entrust. All rights reserved. Entrust is a registered trademark of Entrust, Inc. in the United States and certain other countries.
More informationAn Oracle White Paper Dec 2013. Oracle Access Management Security Token Service
An Oracle White Paper Dec 2013 Oracle Access Management Security Token Service Disclaimer The following is intended to outline our general product direction. It is intended for information purposes only,
More informationCloud for Europe lessons learned
Cloud for Europe lessons learned Public sector challenges (European egovernment Action Plan 2011-2015) 2 Elevator Pitch Public sector cloud use as a collaboration between public authorities and industry
More informationA Service Oriented Security Reference Architecture
International Journal of Advanced Computer Science and Information Technology (IJACSIT) Vol. 1, No.1, October 2012, Page: 25-31, ISSN: 2296-1739 Helvetic Editions LTD, Switzerland www.elvedit.com A Service
More informationHow To Understand And Understand Cloud Computing In Germany
FRAUNHOFER INSTITUTE FOR OPEN COMMUNICATION SYSTEMS Cloud Concepts for the Public Sector in Germany Use Cases Peter Deussen, Klaus-Peter Eckert, Linda Strick, Dorota Witaszek Fraunhofer Institute FOKUS
More informationSecurity Issues in Cloud Computing
Security Issues in Computing CSCI 454/554 Computing w Definition based on NIST: A model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources
More informationD.I.M. allows different authentication procedures, from simple e-mail confirmation to electronic ID.
Seite 1 von 11 Distributed Identity Management The intention of Distributed Identity Management is the advancement of the electronic communication infrastructure in justice with the goal of defining open,
More informationDescription of Services for Support and Maintenance of erevenue License Solution (ICTA/GOSL/CON/CQS/2015/10)
Description of Services for and Maintenance of erevenue License Solution (ICTA/GOSL/CON/CQS/2015/10) 1. Introduction; The Provincial Departments of Motor Traffic, which are functioning under the purview
More informationSeamless adaptive multi-cloud management of service-based applications
Seamless adaptive multi-cloud management of service-based applications Open solution brings Interoperability & Portability to PaaS The future of Cloud computing: Elasticity, Legacy Support, Interoperability
More informationThis Working Paper provides an introduction to the web services security standards.
International Civil Aviation Organization ATNICG WG/8-WP/12 AERONAUTICAL TELECOMMUNICATION NETWORK IMPLEMENTATION COORDINATION GROUP EIGHTH WORKING GROUP MEETING (ATNICG WG/8) Christchurch New Zealand
More informationRedpaper Axel Buecker Craig Forster Sridhar Muppidi Borna Safabakhsh
Redpaper Axel Buecker Craig Forster Sridhar Muppidi Borna Safabakhsh IBM Tivoli Security Policy Manager Introduction In a growing number of enterprises, policies are the key mechanism by which the capabilities
More informationFuture @ Cloud: Cloud Computing meets Smart Ecosystems
Future @ Cloud: Cloud Computing meets Smart Ecosystems Joerg Doerr, Fraunhofer IESE, Kaiserslautern, Germany Joerg.Doerr@iese.fraunhofer.de Fraunhofer-Institute for Experimental Software Engineering (IESE)
More informationSummary Report Report # 1. Security Challenges of Cross-Border Use of Cloud Services under Special Consideration of ENISA s Contributions
Summary Report Report # 1 Security Challenges of Cross-Border Use of Cloud Services under Special Consideration of ENISA s Contributions COINS Summer School 2015 on Could Security Prepared by: Nabeel Ali
More informationCreating a Strong Security Infrastructure for Exposing JBoss Services
Creating a Strong Security Infrastructure for Exposing JBoss Services JBoss Enterprise SOA Platform Service Clients Service Gateway Enterprise Services Blake Dournaee, Product Management, Intel SOA Products
More informationWhy Cloud Standards Matter
Storm in the Cloud - the OASIS weather report Why Cloud Standards Matter You Fang, Huawei, OASIS Board of Directors 1 5000 多 名 专 家 参 与, 来 自 600 家 公 司, 政 府 和 个 人 OASIS Open is a global standards organization
More informationVirtual Hosting Environments for Online Gaming TG6 TG8 Meeting Paris 2008 David Brossard Senior Researcher BT CTO
Virtual Hosting Environments for Online Gaming TG6 TG8 Meeting Paris 2008 David Brossard Senior Researcher BT CTO Involved Partners: ANDAGO, ATOS, BT, CRMPA, URJC Table of Contents 1. BEinGRID Overview
More informationXML Signatures in an Enterprise Service Bus Environment
XML Signatures in an Enterprise Bus Environment Eckehard Hermann Research & Development XML Integration Uhlandstraße 12 64297 Darmstadt, Germany Eckehard.Hermann@softwareag.com Dieter Kessler Research
More informationOpen Data Center Alliance Usage: Cloud Based Identity Governance and Auditing REV. 1.0
sm Open Data Center Alliance Usage: Cloud Based Identity Governance and Auditing REV. 1.0 Table of Contents Legal Notice... 3 Executive Summary... 4 Purpose... 5 Reference Framework... 5 Context... 6 Applicability...
More informationUsage Control in Cloud Systems
Usage Control in Cloud Systems Paolo Mori Istituto di Informatica e Telematica Consiglio Nazionale delle Ricerche Pisa Italy Agenda Examples of usage of Cloud services Usage Control Model Policy Language
More informationService Oriented Security Architecture, SOSA.1
Service Oriented Security Architecture Cristian Opincaru University of the German Armed Forces, Munich cristian.opincaru@unibw.de Gabriela Gheorghe Politehnica University of Bucharest gabrielagh@gmail.com
More information<Insert Picture Here> Achieving Business & Government Interoperability through PaaS & SaaS
Achieving Business & Government Interoperability through PaaS & SaaS Dr. Constantine Steriadis, constantine.steriadsi@oracle.com FMW Sales Consulting Manager, Oracle Hellas SA Agenda
More informationAquaLogic Service Bus
AquaLogic Bus Wolfgang Weigend Principal Systems Engineer BEA Systems 1 What to consider when looking at ESB? Number of planned business access points Reuse across organization Reduced cost of ownership
More informationSecure Identity in Cloud Computing
Secure Identity in Cloud Computing Michelle Carter The Aerospace Corporation March 20, 2013 The Aerospace Corporation 2013 All trademarks, service marks, and trade names are the property of their respective
More informationCLOUD ARCHITECTURE DIAGRAMS AND DEFINITIONS
CLOUD ARCHITECTURE DIAGRAMS AND DEFINITIONS April 2014 Cloud Conceptual Reference Model The ease of use a Cloud Consumer experiences results from a complex, behind-the-scenes, orchestration of interchangeable,
More informationCore Feature Comparison between. XML / SOA Gateways. and. Web Application Firewalls. Jason Macy jmacy@forumsys.com CTO, Forum Systems
Core Feature Comparison between XML / SOA Gateways and Web Application Firewalls Jason Macy jmacy@forumsys.com CTO, Forum Systems XML Gateway vs Competitive XML Gateways or Complementary? and s are Complementary
More informationIntroduction to Service-Oriented Architecture for Business Analysts
Introduction to Service-Oriented Architecture for Business Analysts This course will provide each participant with a high-level comprehensive overview of the Service- Oriented Architecture (SOA), emphasizing
More informationWhite paper. Planning for SaaS Integration
White paper Planning for SaaS Integration KEY PLANNING CONSIDERATIONS: Business Process Modeling Data Moderling and Mapping Data Ownership Integration Strategy Security Quality of Data (Data Cleansing)
More informationIdentity, Privacy, and Data Protection in the Cloud XACML. David Brossard Product Manager, Axiomatics
Identity, Privacy, and Data Protection in the Cloud XACML David Brossard Product Manager, Axiomatics 1 What you will learn The issue with authorization in the cloud Quick background on XACML 3 strategies
More informationMobility, Security and Trusted Identities: It s Right In The Palm of Your Hands. Ian Wills Country Manager, Entrust Datacard
Mobility, Security and Trusted Identities: It s Right In The Palm of Your Hands Ian Wills Country Manager, Entrust Datacard WHO IS ENTRUST DATACARD? 2 Entrust DataCard Datacard Corporation. Corporation.
More informationSingapore s National Electronic Health Record
Singapore s National Electronic Health Record The Roadmap to 2010 Dr Sarah Christine Muttitt Chief Information Officer Information Systems Division 17 th July, 2009 Taking the Next Step (MSM April 2008)
More informationCloud Security Introduction and Overview
Introduction and Overview Klaus Gribi Senior Security Consultant klaus.gribi@swisscom.com May 6, 2015 Agenda 2 1. Cloud Security Cloud Evolution, Service and Deployment models Overview and the Notorious
More informationAdvanced egovernment Information Service Bus
Advanced egovernment Information Service Bus Project Advanced egovernment Information Service Bus is supported by the European Community under Information Society Technologies priority of the Sixth Framework
More information<Insert Picture Here> Oracle Web Services Manager (WSM)
Oracle Web Services Manager (WSM) Marc Chanliau Director, Product Management Outline Introduction Product Overview Typical Use-Case Scenarios Roadmap Q & A Introduction
More informationSTUDY ON IMPROVING WEB SECURITY USING SAML TOKEN
STUDY ON IMPROVING WEB SECURITY USING SAML TOKEN 1 Venkadesh.M M.tech, Dr.A.Chandra Sekar M.E., Ph.d MISTE 2 1 ResearchScholar, Bharath University, Chennai 73, India. venkadeshkumaresan@yahoo.co.in 2 Professor-CSC
More informationInteroperable, Federated Identity Management Frameworks Across Enterprise Architectures. We can do this.
Interoperable, Federated Identity Management Frameworks Across Enterprise Architectures. We can do this. Scott McGrath COO Organization for the Advancement of Structured Information Standards A diverse
More informationSAML:The Cross-Domain SSO Use Case
SAML:The Cross-Domain SSO Use Case Chris Ceppi Oblix Corporate Engineer Ed Kaminski OBLIX Federal Business Manager 410-349-1828 ekaminski@oblix.com Mike Blackin Principal Systems Engineer Oblix, Inc. 202-588-7397
More informationAccess Control of Cloud Service Based on UCON
Access Control of Cloud Service Based on UCON Chen Danwei, Huang Xiuli, and Ren Xunyi Nanjing University of posts & Telecommunications, New Model Street No.66, 210003, Nanjing, China chendw@njupt.edu.cn,
More informationSecure Credential Federation for Hybrid Cloud Environment with SAML Enabled Multifactor Authentication using Biometrics
Secure Credential Federation for Hybrid Cloud Environment with SAML Enabled Multifactor Authentication using Biometrics B.Prasanalakshmi Assistant Professor Department of CSE Thirumalai Engineering College
More informationEnterprise Access Control Patterns For REST and Web APIs
Enterprise Access Control Patterns For REST and Web APIs Francois Lascelles Layer 7 Technologies Session ID: STAR-402 Session Classification: intermediate Today s enterprise API drivers IAAS/PAAS distributed
More informationCloud Security. Peter Jopling joplingp@uk.ibm.com IBM UK Ltd Software Group Hursley Labs. peterjopling. 2011 IBM Corporation
Cloud Security Peter Jopling joplingp@uk.ibm.com IBM UK Ltd Software Group Hursley Labs peterjopling 2011 IBM Corporation Cloud computing impacts the implementation of security in fundamentally new ways
More informationIdentity in the Cloud Use Cases Version 1.0
Identity in the Cloud Use Cases Version 1.0 Committee Note 01 08 May 2012 Specification URIs This version: http://docs.oasis-open.org/id-cloud/idcloud-usecases/v1.0/cn01/idcloudusecases-v1.0-cn01.pdf (Authoritative)
More informationNIST s Guide to Secure Web Services
NIST s Guide to Secure Web Services Presented by Gaspar Modelo-Howard and Ratsameetip Wita Secure and Dependable Web Services National Institute of Standards and Technology. Special Publication 800-95:
More informationDomain 12: Guidance for Identity & Access Management V2.1
Domain 12: Guidance for Identity & Access Management V2.1 Prepared by the Cloud Security Alliance April 2010 Introduction The permanent and official location for this Cloud Security Alliance Domain 12
More informationXACML and Access Management. A Business Case for Fine-Grained Authorization and Centralized Policy Management
A Business Case for Fine-Grained Authorization and Centralized Policy Management Dissolving Infrastructures A recent Roundtable with CIOs from a dozen multinational companies concurred that Identity &
More informationInvitation to OASIS CAMP A Cirrus View (high level)
Invitation to OASIS CAMP A Cirrus View (high level) Charlie Tupitza, JumpSoft CAMP Technical Committee Member 10 October 2012 Charles.Tupitza@JumpSoft.net 703 989-8777 Cloud Application Management for
More informationAccess Control Framework of Personal Cloud based on XACML
Access Control Framework of Personal Cloud based on XACML 1 Jun-Young Park, 2 Young-Rok Shin, 3 Kyoung-Hun Kim, 4 Eui-Nam Huh 1First Author, 2 Kyung Hee University, {parkhans, shinyr}@khu.ac.kr 3 Gangdong
More informationFederated Identity & Access Mgmt for Higher Education
Federated Identity & Access Mgmt for Higher Education Dr. Erik Vullings Program Manager Macquarie University s s E-Learning E Centre of Excellence (MELCOE) Erik.Vullings@melcoe.mq.edu.au 1/23/2006 1 Backing
More informationIdentity Security Using Authentication and Authorization in Cloud Computing
Identity Security Using Authentication and Authorization in Cloud Computing D.Ranjith #1, J.Srinivasan *2 # Department of Computer Science and Applications, Adhiparasakthi College of Arts and Science,Kalavai,Vellore-632506
More informationThe increasing popularity of mobile devices is rapidly changing how and where we
Mobile Security BACKGROUND The increasing popularity of mobile devices is rapidly changing how and where we consume business related content. Mobile workforce expectations are forcing organizations to
More informationPRIVACY AWARE ACCESS CONTROL FOR CLOUD-BASED DATA PLATFORMS
www.openi-ict.eu Open-Source, Web-Based, Framework for Integrating Applications with Social Media Services and Personal Cloudlets PRIVACY AWARE ACCESS CONTROL FOR CLOUD-BASED DATA PLATFORMS Open-Source,
More informationEnterprise Refactoring with Apache
Enterprise Refactoring with Apache Evolving VistA Open Architecture Edward Ost 9/6/2013 Agenda Enterprise Refactoring Strategy Apache Solution Architecture Refactoring Use Cases HL7 Event Subscription
More informationSentinet for Windows Azure SENTINET
Sentinet for Windows Azure SENTINET Sentinet for Windows Azure 1 Contents Introduction... 2 Customer Benefits... 2 Deployment Topologies... 3 Isolated Deployment Model... 3 Collocated Deployment Model...
More informationOracle SOA Suite Then and Now:
Oracle SOA Suite Then and Now: The Evolution from 10g to 11g Shane Goss Impac Services Agenda SOA Suite 11g New Features Highlight new features of SOA 11g Some products have added features and functionality
More informationValidating Enterprise Systems: A Practical Guide
Table of Contents Validating Enterprise Systems: A Practical Guide Foreword 1 Introduction The Need for Guidance on Compliant Enterprise Systems What is an Enterprise System The Need to Validate Enterprise
More informationContents at a Glance. 1 Introduction 17. 2 Basic Principles of IT Security 23. 3 Authentication and Authorization in
at a Glance 1 Introduction 17 2 Basic Principles of IT Security 23 3 Authentication and Authorization in SAP NetWeaver Application Server Java 53 4 Single Sign-On 151 5 Identity Provisioning 289 6 Secure
More informationDefining Generic Architecture for Cloud Infrastructure as a Service Model
Defining Generic Architecture for Cloud Infrastructure as a Service Model Yuri Demchenko 1 University of Amsterdam Science Park 904, Amsterdam, The Netherlands E-mail: y.demchenko@uva.nl Cees de Laat University
More informationRole Based Identity and Access Management Basic Infrastructure for New Citizen Services and Lean Internal Administration
Role Based Identity and Access Management Basic Infrastructure for New Citizen Services and Lean Internal Administration Horst Bliedung Director International Sales CEE Siemens IT Solutions and Services
More informationExpert Reference Series of White Papers. Understanding NIST s Cloud Computing Reference Architecture: Part II
Expert Reference Series of White Papers Understanding NIST s Cloud Computing Reference Architecture: Part II info@globalknowledge.net www.globalknowledge.net Understanding NIST s Cloud Computing Reference
More informationSAML SSO Configuration
SAML SSO Configuration Overview of Single Sign-, page 1 Benefits of Single Sign-, page 2 Overview of Setting Up SAML 2.0 Single Sign-, page 3 SAML 2.0 Single Sign- Differences Between Cloud-Based Meeting
More informationThe XACML Enabled Gateway The Entrance to a New SOA Ecosystem
The XACML Enabled Gateway The Entrance to a New SOA Ecosystem White Paper Intel SOA Expressway and Axiomatics Policy Server Solution Intel SOA Expressway and Axiomatics Policy Server combined provide a
More informationA Conceptual Technique for Modelling Security as a Service in Service Oriented Distributed Systems
Volume 1, Number 2, December 2014 JOURNAL OF COMPUTER SCIENCE AND SOFTWARE APPLICATION A Conceptual Technique for Modelling Security as a Service in Service Oriented Distributed Systems Satish Kumar*,
More informationSecurity & Cloud Services IAN KAYNE
Security & Cloud Services IAN KAYNE CloudComponents CLOUD SERVICES Dynamically scalable infrastructure, services and software based on broad network accessibility NETWORK ACCESS INTERNAL ESTATE CloudComponents
More informationWeb Applications Access Control Single Sign On
Web Applications Access Control Single Sign On Anitha Chepuru, Assocaite Professor IT Dept, G.Narayanamma Institute of Technology and Science (for women), Shaikpet, Hyderabad - 500008, Andhra Pradesh,
More informationAAA for IMOS: Australian Access Federation & related components
AAA for IMOS: Australian Access Federation & related components James Dalziel Professor of Learning Technology, and Director, Macquarie E-Learning Centre Of Excellence (MELCOE) Macquarie University james@melcoe.mq.edu.au
More information