Smart Cities: IT-architecture How to build personalized services. Smart Cities Kortrijk - may 7th, 2009

Size: px
Start display at page:

Download "Smart Cities: IT-architecture How to build personalized services. Smart Cities Kortrijk - may 7th, 2009"

Transcription

1 Smart Cities: IT-architecture How to build personalized services Smart Cities Kortrijk - may 7th, 2009

2 DFC Software Engineering - Corporate Company Established 1994 Belgium-based ICT company, located in Ghent Independent Steady growth rate over the last 5 years Our team 10 Software Architects (12 employees) Most of them with university degrees Scientific background in electronics and computing Passionate about technology 16 oktober 2007 p. 2

3 Brief History : CAD/GIS integrator GIS as Enterprise Application Integration technology Public sector, telecom 2002: Service-Oriented architectures and e-government Driven by customer demand Thin-client technology provider 2005: Thin-client high-end GIS solutions Open Source Project, Flemish Government (CORVE) Geographic Data Infrastructure (GDI) Generic application generator for GIS e-services 16 oktober 2007 p. 3

4 Industries and Customers Vertical Industries Some Customers Public sector 55% Regional Semi-Governement Local Corporate market 35% Telecommunications Real-estate Energy Innovation Studies 10% 16 oktober 2007

5 Overview Exchange of Contact information Brief History (Kortrijk Leiedal) Standardisation (POGO) Organization Structures Case The City of Kortrijk mypage - Secured Citizen's Portal AsIs situation Objectives mypage Architectural Overview & Realisations Single-sign-on & Session maintenance Access Management & Entitlement Management The Service connector demo - mypage.kortrijk.be 16 oktober 2007 p. 5

6 Brief History (Kortrijk Leiedal) Managing and sharing contact information. 2003: Local governments use different sources of contact information. (database oriented, file-oriented) all separated in silo s. National register Internal lists (mailings, suppliers, employees) Citizens can post their contact information on the website Many vertical applications containing contact data. The multiplicity of data-sources leads to recurring problems: Double input and maintenance (different sources) Great variation of solutions and quality 16 oktober 2007 p. 6

7 Brief History (Kortrijk Leiedal) Managing and sharing contact information. Inefficient process Bad Publicity 16 oktober 2007 p. 7

8 evoice 16 oktober 2007 p. 8

9 POGO - Persons en OrGanisation Online POGO Roadmap: 2003 middleware-concept for the exchange of contact information. An appropriate information model: persons, organisations & relations An exchange format: file or webservice Best practices foreign key mapping and exchange Contains only shared contact data: no domain data (library, ) A distributed model A protocol: using and updating the source definition of the master of an object or property 2005 middleware-concept for the exchange of contact information and a network centric user and application management 16 oktober 2007 p. 9

10 POGO - Personen en OrGanisaties Online POGO Roadmap: 2003 middleware-concept for the exchange of contact information middleware-concept for the exchange of contact information and a network centric user and application management Single-sign-on Session maintenance Access Management Entitlement Management Service connector Distributed reporting 16 oktober 2007 p. 10

11 POGO - Personen en OrGanisaties Online Traditionally, entitlements have been built into each application The new strategy remove access management from the applications and run it as a shared service in front of the applications. authentication, concerned with who is allowed into a network or application. entitlement management, the interest shifts to who is allowed to do what once they are in the network or application. 16 oktober 2007 p. 11

12 POGO - Personen en OrGanisaties Online Benefits: the ability to implement a data-driven policy that is consistent across all app s tighter, more granular security that is more specific to your set of users. the moment a policy is entered or updated, all applications automatically receive the benefit of the new/updated rule. applications can become less complex and easier to maintain if you remove the entitlement layer from within them. When you want to implement policy changes, you don t need to modify your application code; rather, you configure the new policy at the external service level. 16 oktober 2007 p. 12

13 Reference project: demo The POGO standard has been adopted by other organisations Case: Real Estate Confederation Flanders 16 oktober 2007 p. 13

14 Real Estate Confederation 16 oktober 2007 p. 14

15 Real Estate Confederation 16 oktober 2007 p. 15

16 Real Estate Confederation Entitlement Management 16 oktober 2007 p. 16

17 Real Estate Confederation Public Who-Who 16 oktober 2007 p. 17

18 Real Estate Confederation Extranet 16 oktober 2007 p. 18

19 Real Estate Confederation Applications (Single Sign-On) 16 oktober 2007 p. 19

20 Real Estate Confederation 16 oktober 2007 p. 20

21 Organization Structures Domain model Person Name Surname Nickname Organisation Name Commer. Name.. {hierarchy} Address Telephone IsMember Address Telephone Number IsMember Bank Account Website The domain model, the conceptual model which describes the various entities involved in that system and their relationships. 16 oktober 2007 p. 21

22 Organization Structures Address Domicilie (Domicile/Official address) Verblijfsadres (Adresse de résidence, Place of residence) <context/> Person Name Surname Nickname Organisation Organisation Name Commer. Name.. {hierarchy} Address Telephone IsMember <context/> Address Telephone Number IsMember Bank Account Telephone Contact Emergency Website 16 oktober 2007 p. 22

23 Organization Structures RelDescr Role RelationDescriptor RelDescr Type Address Telephone Person Name Organisation Name Surname Commer. Name Nickname.. Address Telephone IsMember Address Telephone Number IsMember Bank Account Website 16 oktober 2007 p. 23

24 Reference project The POGO standard has been adopted by other organisations Case: Westtoer, provincial organisation for tourism in West-Flanders 16 oktober 2007 p. 24

25 Reference project 16 oktober 2007 p. 25

26 Reference project 16 oktober 2007 p. 26

27 Reference project 16 oktober 2007 p. 27

28 Reference project 16 oktober 2007 p. 28

29 Reference project 16 oktober 2007 p. 29

30 Organization Structures We needed a flexible model that can easily be expanded and adjusted according to changed reality or user specifications. Accountability pattern (Martin Fowler) The Accountability pattern is a way to define relationships between classes, define rules that govern those relationships configure relations dynamically <> hard coded 16 oktober 2007 p. 30

31 Model: accountability pattern Fowler, M. (1999). Organization Structures. 16 oktober 2007 p. 31

32 Exchange Format <Persoon version="1.01" action="update /> identification - id - owner (authentic source) - provider 16 oktober 2007 p. 32

33 Exchange Format Organisation 16 oktober 2007 p. 33

34 Exchange Format IsMember 16 oktober 2007 p. 34

35 Exchange infrastructure: A generic solution for exchange of data Scheduled Tasks, External Key Mapping Configurable adapters Data Validation (XSD, structure) and domain model validation (rules) Notification & Reports, Medium and platform independent (file based, webservices, ) 16 oktober 2007 p. 35

36 Case: ANDRES The City of Kortrijk ANDRES 16 oktober 2007 p. 36

37 mypage - Secured Citizen's Portal AsIs situation City of Kortrijk : 150 non-integrated services & applications (library, people administration, reservations, ticketing, ) Services: product orientated <> citizen focused. Different passwords and authentication solutions Great variation of solutions and quality No common framework for interoperability and corporation Vendor lock-in suppliers: they protect their own containers 16 oktober 2007 p. 37

38 mypage - Secured Citizen's Portal AsIs situation 16 oktober 2007 p. 38

39 mypage - Secured Citizen's Portal 16 oktober 2007 p. 39

40 Architecture of Participation Architecture of Participation Tim O Reilly - EclipseCon 2005 Build your core servicesinfrastructure with traditional software components written in languages like Java, C, and C++ controlled environment (privacy, integrity,.). build your interfaces withtemplating systems and with dynamic languages like Perl, Python, and PHP. Think of your programmers, designers, and admins as part of the application. flexible, flexible, flexible 16 oktober 2007 p. 40

41 Single-sign- on & Session maintenance Sliding Expiration Different levels of authentication e-id Psswd & login token 16 oktober 2007 p. 41

42 Different authentication methods 16 oktober 2007 p. 42

43 Access Management & Entitlement Management - Entitlement Management: Entitlement management goes a step beyond authentication. finer grained access control. - With authentication, you are generally concerned with who is allowed into a network or application. - With entitlement management, the interest shifts to who is allowed to do what once they are in the network or application. 16 oktober 2007 p. 43

44 Access Management & Entitlement Management - Traditionally, entitlements have been built into each application your organisation has. - The new strategy is to remove access management from the applications and run it as a shared service in front of the applications. - Entitlement management can be used to strengthen the security of Web services, Web applications, legacy applications, documents and files, and physical security systems. 16 oktober 2007 p. 44

45 Real Estate Confederation Entitlement Management 16 oktober 2007 p. 45

46 The Service connector 16 oktober 2007 p. 46

47 The Service connector Dashboard with domain (applicatiion) specific service messages mybooks Due myreservations Tichets 16 oktober 2007 p. 47

48 demo 16 oktober 2007

49 Demo - mypage.kortrijk.be 16 oktober 2007 p. 49

50 Demo - mypage.kortrijk.be 16 oktober 2007 p. 50

51 16 oktober 2007

52 16 oktober 2007

53 16 oktober 2007

54 16 oktober 2007

55 16 oktober 2007

56 Technology Model Driven design framework CORE-Exchange Scheduled Tasks, Data Validation (XSD) Notification & Reports, External Key Mapping Configurable adapters (import/export handlers) 16 oktober 2007 p. 56

57 Technology Out of the Box network centric user and application management Single-sign-on Session maintenance, Entitlement Management Report builder: distributed model-driven reporting (queries <> domain logic) Policy Administration Point (PAP) to provide centralized administration management; Policy Decision Point (PDP) to evaluate resource-specific authorization policies; Policy Enforcement Point (PEP) to enforce the entitlement policies. 16 oktober 2007 p. 57

58 Technology neutral CORE server side: - OSS software stack (Linux, Postgres, Mono) - Property systems (Windows, MSSQL, Dotnet). - Management modules: thin-client. 16 oktober 2007 p. 58

59 16 oktober 2007 Q & A

60 Thank you! $,& "%&'#$"% ( * )% ! "#$"%! ""! "$#"$ 16 oktober 2007

OPENIAM ACCESS MANAGER. Web Access Management made Easy

OPENIAM ACCESS MANAGER. Web Access Management made Easy OPENIAM ACCESS MANAGER Web Access Management made Easy TABLE OF CONTENTS Introduction... 3 OpenIAM Access Manager Overview... 4 Access Gateway... 4 Authentication... 5 Authorization... 5 Role Based Access

More information

Entitlements Access Management for Software Developers

Entitlements Access Management for Software Developers Entitlements Access Management for Software Developers Market Environment The use of fine grained entitlements and obligations control for access to sensitive information and services in software applications

More information

Identity Management Roadmap and Maturity Levels. Martin Kuppinger Kuppinger Cole + Partner mk@kuppingercole.de

Identity Management Roadmap and Maturity Levels. Martin Kuppinger Kuppinger Cole + Partner mk@kuppingercole.de Identity Roadmap and Maturity Levels Martin Kuppinger Kuppinger Cole + Partner mk@kuppingercole.de Major Trends in Identity Guidelines for an IAM roadmap Service-orientation: Identity has to provide defined

More information

TOSCA Interoperability Demonstration

TOSCA Interoperability Demonstration Topology and Orchestration Specification for Cloud Applications (TOSCA) Standard TOSCA Interoperability Demonstration Participating Companies: Join the TOSCA Technical Committee www.oasis-open.org, join@oasis-open.org

More information

White Paper Cybercom & Axiomatics Joint Identity & Access Management (R)evolution

White Paper Cybercom & Axiomatics Joint Identity & Access Management (R)evolution White Paper Cybercom & Axiomatics Joint Identity & Access Management (R)evolution Federation and Attribute Based Access Control Page 2 Realization of the IAM (R)evolution Executive Summary Many organizations

More information

Oracle Identity Management for SAP in Heterogeneous IT Environments. An Oracle White Paper January 2007

Oracle Identity Management for SAP in Heterogeneous IT Environments. An Oracle White Paper January 2007 Oracle Identity Management for SAP in Heterogeneous IT Environments An Oracle White Paper January 2007 Oracle Identity Management for SAP in Heterogeneous IT Environments Executive Overview... 3 Introduction...

More information

CloudCERT (Testbed framework to exercise critical infrastructure protection)

CloudCERT (Testbed framework to exercise critical infrastructure protection) WP2. CONCEPTUAL MODELLING AND ARCHITECTURE CloudCERT (Testbed framework to exercise critical infrastructure protection) With the financial support of the Prevention, Preparedness and Consequence Management

More information

Entrust IdentityGuard Comprehensive

Entrust IdentityGuard Comprehensive Entrust IdentityGuard Comprehensive Entrust IdentityGuard Comprehensive is a five-day, hands-on overview of Entrust Course participants will gain experience planning, installing and configuring Entrust

More information

IDENTITY INFORMATION MANAGMENT ARCHITECTURE SUMMARY Architecture and Standards Branch Office of the CIO Province of BC People Collaboration Innovation

IDENTITY INFORMATION MANAGMENT ARCHITECTURE SUMMARY Architecture and Standards Branch Office of the CIO Province of BC People Collaboration Innovation IDENTITY INFORMATION MANAGMENT ARCHITECTURE SUMMARY Architecture and Standards Branch Author: Creation Date: Last Updated: Version: I. Bailey May 28, 2008 March 23, 2009 0.7 Reviewed By Name Organization

More information

IT Exam Training online / Bootcamp

IT Exam Training online / Bootcamp DumpCollection IT Exam Training online / Bootcamp http://www.dumpcollection.com PDF and Testing Engine, study and practice Exam : 70-534 Title : Architecting Microsoft Azure Solutions Vendor : Microsoft

More information

Web Applications Access Control Single Sign On

Web Applications Access Control Single Sign On Web Applications Access Control Single Sign On Anitha Chepuru, Assocaite Professor IT Dept, G.Narayanamma Institute of Technology and Science (for women), Shaikpet, Hyderabad - 500008, Andhra Pradesh,

More information

SIF 3: A NEW BEGINNING

SIF 3: A NEW BEGINNING SIF 3: A NEW BEGINNING The SIF Implementation Specification Defines common data formats and rules of interaction and architecture, and is made up of two parts: SIF Infrastructure Implementation Specification

More information

Q&A Session for Understanding Atrium SSO Date: Thursday, February 14, 2013, 8:00am Pacific

Q&A Session for Understanding Atrium SSO Date: Thursday, February 14, 2013, 8:00am Pacific Q: Is the challenge required or can pass through authentication be used with regard to automatic login after you login to your corporate domain? A: You can configure the system to pass on the challenge

More information

Pro e-commerce Technology An Introduction

Pro<DOC/> e-commerce Technology An Introduction Pro e-commerce Technology An Introduction From Rightangle Technologies Private Limited (www.rigthangle.co.in) 1 P a g e R i g h t a n g l e T e c h n o l o g i e s P v t. L t d. 1 Problem Statement

More information

Government's Adoption of SOA and SOA Examples

Government's Adoption of SOA and SOA Examples Government's Adoption of SOA and SOA Examples Presented by : Ajay Budhraja, Chief of Enterprise Services ME (Engg), MS (Management), PMP, CICM, CSM, ECM (Master) AIIM, ITIL-F Copyright 2008 Ajay Budhraja

More information

IDENTITY MANAGEMENT AND WEB SECURITY. A Customer s Pragmatic Approach

IDENTITY MANAGEMENT AND WEB SECURITY. A Customer s Pragmatic Approach IDENTITY MANAGEMENT AND WEB SECURITY A Customer s Pragmatic Approach AGENDA What is Identity Management (IDM) or Identity and Access Management (IAM)? Benefits of IDM IDM Best Practices Challenges to Implement

More information

D.I.M. allows different authentication procedures, from simple e-mail confirmation to electronic ID.

D.I.M. allows different authentication procedures, from simple e-mail confirmation to electronic ID. Seite 1 von 11 Distributed Identity Management The intention of Distributed Identity Management is the advancement of the electronic communication infrastructure in justice with the goal of defining open,

More information

Service Oriented Architecture

Service Oriented Architecture Service Oriented Architecture Version 9 2 SOA-2 Overview Ok, now we understand the Web Service technology, but how about Service Oriented Architectures? A guiding analogy Terminology excursion Service,

More information

Mobility, Security and Trusted Identities: It s Right In The Palm of Your Hands. Ian Wills Country Manager, Entrust Datacard

Mobility, Security and Trusted Identities: It s Right In The Palm of Your Hands. Ian Wills Country Manager, Entrust Datacard Mobility, Security and Trusted Identities: It s Right In The Palm of Your Hands Ian Wills Country Manager, Entrust Datacard WHO IS ENTRUST DATACARD? 2 Entrust DataCard Datacard Corporation. Corporation.

More information

Automatic vs. Manual Code Analysis

Automatic vs. Manual Code Analysis Automatic vs. Manual Code Analysis 2009-11-17 Ari Kesäniemi Senior Security Architect Nixu Oy ari.kesaniemi@nixu.com Copyright The Foundation Permission is granted to copy, distribute and/or modify this

More information

goberlin a Trusted Cloud Marketplace for Governmental and Commercial Services

goberlin a Trusted Cloud Marketplace for Governmental and Commercial Services goberlin a Trusted Cloud Marketplace for Governmental and Commercial Services Data Protection and Security Considerations in an egovernment Cloud in Germany Dr. Klaus-Peter Eckert Public Sector Cloud Forum

More information

UNPAN New Directory Web Service Training. Doublebridge Technologies Inc. George Wu, Ph.D. President and CEO DoubleBridge Technologies Inc.

UNPAN New Directory Web Service Training. Doublebridge Technologies Inc. George Wu, Ph.D. President and CEO DoubleBridge Technologies Inc. UNPAN New Directory Web Service Training Doublebridge Technologies Inc. George Wu, Ph.D. President and CEO DoubleBridge Technologies Inc. Introduction! Offices at Boston, New Jersey, Hong Kong, and Beijing.!

More information

EXECUTIVE VIEW. EmpowerID 2013. KuppingerCole Report. By Peter Cummings October 2013. By Peter Cummings pc@kuppingercole.

EXECUTIVE VIEW. EmpowerID 2013. KuppingerCole Report. By Peter Cummings October 2013. By Peter Cummings pc@kuppingercole. KuppingerCole Report EXECUTIVE VIEW By Peter Cummings October 2013 EmpowerID 2013 By Peter Cummings pc@kuppingercole.com October 2013 Content 1 Vendor Profile... 3 2 Product Description... 4 2.1 Single

More information

Identity and Access Management The road to sustained compliance

Identity and Access Management The road to sustained compliance Identity and Access Management The road to sustained compliance Identity and Access Management An overview 1 On-boarding is the process of establishing an identity for a person, device, or system account

More information

Fact sheet: sa Certipost nv. Certipost Panel Presentation European Commission. Company. Activities based on 2 pillars: Clients.

Fact sheet: sa Certipost nv. Certipost Panel Presentation European Commission. Company. Activities based on 2 pillars: Clients. Certipost Panel Presentation European Commission Bart Callens Product and Sales Manager Document Protection Services 1 Fact sheet: sa Certipost nv Company Shareholders De Post/La Poste, 50% Belgacom, 50%

More information

White Paper The Identity & Access Management (R)evolution

White Paper The Identity & Access Management (R)evolution White Paper The Identity & Access Management (R)evolution Federation and Attribute Based Access Control Page 2 A New Perspective on Identity & Access Management Executive Summary Identity & Access Management

More information

Creating a Strong Security Infrastructure for Exposing JBoss Services

Creating a Strong Security Infrastructure for Exposing JBoss Services Creating a Strong Security Infrastructure for Exposing JBoss Services JBoss Enterprise SOA Platform Service Clients Service Gateway Enterprise Services Blake Dournaee, Product Management, Intel SOA Products

More information

Oracle Identity And Access Management

<Insert Picture Here> Oracle Identity And Access Management Oracle Identity And Access Management Gautam Gopal, MSIST, CISSP Senior Security Sales Consultant Oracle Public Sector The following is intended to outline our general product direction.

More information

Password Management Buyer s Guide. FastPass Password Manager V 3.3 Enterprise & Service Provider Editions

Password Management Buyer s Guide. FastPass Password Manager V 3.3 Enterprise & Service Provider Editions Password Management Buyer s Guide FastPass Password Manager V 3.3 Enterprise & Service Provider Editions FastPassCorp 2010 FPC0 FastPassCorp 2010. Page 1 Requirements for Password Management including

More information

Service Oriented Architecture 1 COMPILED BY BJ

Service Oriented Architecture 1 COMPILED BY BJ Service Oriented Architecture 1 COMPILED BY BJ CHAPTER 9 Service Oriented architecture(soa) Defining SOA. Business value of SOA SOA characteristics. Concept of a service, Enterprise Service Bus (ESB) SOA

More information

Multi-Domain Master Data Management. Subhash Ramachandran VP, Product Management

Multi-Domain Master Data Management. Subhash Ramachandran VP, Product Management Multi-Domain Master Data Management Subhash Ramachandran VP, Product Management 8 June 2011 ProcessWorld 2011 2 DONT OPEN THE ENVELOPE! WAIT FOR THE SURPRISE CONTEST! 8 June 2011 ProcessWorld 2011 3 The

More information

WHITE PAPER. Domo Advanced Architecture

WHITE PAPER. Domo Advanced Architecture WHITE PAPER Domo Advanced Architecture Overview There are several questions that any architect or technology advisor may ask about a new system during the evaluation process: How will it fit into our organization

More information

YubiKey Authentication Module Design Guideline

YubiKey Authentication Module Design Guideline YubiKey Authentication Module Design Guideline Yubico Application Note Version 1.0 May 7, 2012 Introduction Disclaimer Yubico is the leading provider of simple, open online identity protection. The company

More information

SAA Consultants. B2B Exchange Management. Managed File Transfer. Enterprise Application Integration Management. Compliant Audit Security Management

SAA Consultants. B2B Exchange Management. Managed File Transfer. Enterprise Application Integration Management. Compliant Audit Security Management SAA Consultants B2B Exchange Management Managed File Transfer Enterprise Application Integration Management Compliant Audit Security Management Secure Commerce Delivering improved efficiency via products

More information

Oracle SOA Reference Architecture

Oracle SOA Reference Architecture http://oraclearchworld.wordpress.com/ Oracle SOA Reference Architecture By Kathiravan Udayakumar Introduction to SOA Service Oriented Architecture is a buzz word in IT industry for few years now. What

More information

esoc SSA DC-I Part 1 - Single Sign-On and Access Management ICD

esoc SSA DC-I Part 1 - Single Sign-On and Access Management ICD esoc European Space Operations Centre Robert-Bosch-Strasse 5 64293 Darmstadt Germany Tel: (49)615190-0 Fax: (49)615190485 www.esa.int SSA DC-I Part 1 - Single Sign-On and Access Management ICD Prepared

More information

Enterprise Identity Management Reference Architecture

Enterprise Identity Management Reference Architecture Enterprise Identity Management Reference Architecture Umut Ceyhan Principal Sales Consultant, IDM SEE Agenda Introduction Virtualization Access Management Provisioning Demo Architecture

More information

Oracle Access Manager. An Oracle White Paper

Oracle Access Manager. An Oracle White Paper Oracle Access Manager An Oracle White Paper NOTE: The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any

More information

Join the Lean Wave. Asanka Abeysinghe Director, Solutions Architecture. WSO2, Inc. Friday, July 22, 11

Join the Lean Wave. Asanka Abeysinghe Director, Solutions Architecture. WSO2, Inc. Friday, July 22, 11 Join the Lean Wave Asanka Abeysinghe Director, Solutions Architecture. WSO2, Inc. 1 Asanka Abeysinghe 10 + years industry experience working on projects ranging from desktop, web applications through to

More information

Distributed Systems Architectures

Distributed Systems Architectures Software Engineering Distributed Systems Architectures Based on Software Engineering, 7 th Edition by Ian Sommerville Objectives To explain the advantages and disadvantages of different distributed systems

More information

From centralized to single sign on

From centralized to single sign on The LemonLDAP::NG project Abstract LemonLDAP::NG is a modular WebSSO (Web Single Sign On) software based on Apache::Session modules. It simplifies the build of a protected area with a few changes in the

More information

Ubisecure. White Paper Series. e-service Maturity Model

Ubisecure. White Paper Series. e-service Maturity Model Ubisecure White Paper Series e-service Maturity Model 2 e-service Maturity Model What we ve seen when we ve been dealing with the extranets and e-services, where companies can offer always available, easy-to-use

More information

ANTILOPE Handover workshop. Franck Le Gall, Easy Global Market Constantinos Pattichis, University of Cyprus

ANTILOPE Handover workshop. Franck Le Gall, Easy Global Market Constantinos Pattichis, University of Cyprus ANTILOPE Handover workshop Franck Le Gall, Easy Global Market Constantinos Pattichis, University of Cyprus Understanding FIWARE (Open Standard Platform) (Advanced OpenStack-based Cloud + rich library of

More information

Secure Identity Propagation Using WS- Trust, SAML2, and WS-Security 12 Apr 2011 IBM Impact

Secure Identity Propagation Using WS- Trust, SAML2, and WS-Security 12 Apr 2011 IBM Impact Secure Identity Propagation Using WS- Trust, SAML2, and WS-Security 12 Apr 2011 IBM Impact Robert C. Broeckelmann Jr., Enterprise Middleware Architect Ryan Triplett, Middleware Security Architect Requirements

More information

OpenSSO: Simplify Your Single-Sign-On Needs. Sang Shin Java Technology Architect Sun Microsystems, inc. javapassion.com

OpenSSO: Simplify Your Single-Sign-On Needs. Sang Shin Java Technology Architect Sun Microsystems, inc. javapassion.com OpenSSO: Simplify Your Single-Sign-On Needs Sang Shin Java Technology Architect Sun Microsystems, inc. javapassion.com 1 Agenda Enterprise security needs What is OpenSSO? OpenSSO features > > > > SSO and

More information

Central Desktop Enterprise Edition (Security Pack)

Central Desktop Enterprise Edition (Security Pack) Central Desktop Enterprise Edition (Security Pack) The Central Desktop Security Pack is included in the Enterprise Edition of Central Desktop. The Enterprise Edition is for companies and organizations

More information

White Paper Delivering Web Services Security: The Entrust Secure Transaction Platform

White Paper Delivering Web Services Security: The Entrust Secure Transaction Platform White Paper Delivering Web Services Security: September 2003 Copyright 2003 Entrust. All rights reserved. Entrust is a registered trademark of Entrust, Inc. in the United States and certain other countries.

More information

IAM Application Integration Guide

IAM Application Integration Guide IAM Application Integration Guide Date 03/02/2015 Version 0.1 DOCUMENT INFORMATIE Document Title IAM Application Integration Guide File Name IAM_Application_Integration_Guide_v0.1_SBO.docx Subject Document

More information

Single-Sign-On between On-Premises and the Cloud: Leveraging Windows Azure Active Directory to authenticate custom solutions and Apps

Single-Sign-On between On-Premises and the Cloud: Leveraging Windows Azure Active Directory to authenticate custom solutions and Apps Sofia Event Center 14-15 May 2014 Single-Sign-On between On-Premises and the Cloud: Leveraging Windows Azure Active Directory to authenticate custom solutions and Apps Radi Atanassov SharePoint MCM & MVP

More information

XACML and Access Management. A Business Case for Fine-Grained Authorization and Centralized Policy Management

XACML and Access Management. A Business Case for Fine-Grained Authorization and Centralized Policy Management A Business Case for Fine-Grained Authorization and Centralized Policy Management Dissolving Infrastructures A recent Roundtable with CIOs from a dozen multinational companies concurred that Identity &

More information

secure user IDs and business processes Identity and Access Management solutions Your business technologists. Powering progress

secure user IDs and business processes Identity and Access Management solutions Your business technologists. Powering progress secure Identity and Access Management solutions user IDs and business processes Your business technologists. Powering progress 2 Protected identity through access management Cutting costs, increasing security

More information

Middleware integration in the Sympa mailing list software. Olivier Salaün - CRU

Middleware integration in the Sympa mailing list software. Olivier Salaün - CRU Middleware integration in the Sympa mailing list software Olivier Salaün - CRU 1. Sympa, its middleware connectors 2. Sympa web authentication 3. CAS authentication 4. Shibboleth authentication 5. Sympa

More information

The open source solution for the Property & Facility Management www.openmaint.org

The open source solution for the Property & Facility Management www.openmaint.org 1 The open source solution for the Property & Facility Management www.openmaint.org www.openmaint.org www.tecnoteca.com 2 What is openmaint openmaint is an enterprise solution for the Property & Facility

More information

1 The intersection of IAM and the cloud

1 The intersection of IAM and the cloud 1 The intersection of IAM and the cloud Managing the User Lifecycle Across On-Premises and Cloud-Hosted Applications Theory, practice, pros and cons with a focus on enterprise deployments of IAM and cloud

More information

Design Document. Offline Charging Server (Offline CS ) Version 1.0. - i -

Design Document. Offline Charging Server (Offline CS ) Version 1.0. - i - Design Document Offline Charging Server (Offline CS ) Version 1.0 - i - Document Scope Objective The information provided in this document specifies the design details of Operations of Offline Charging

More information

Building a portal for citizens in Norway with secure authentication and single sign on. Dag Efjestad

Building a portal for citizens in Norway with secure authentication and single sign on. Dag Efjestad Building a portal for citizens in Norway with secure authentication and single sign on Dag Efjestad Norway 4.600.000 citizens Everyone has an unique id 75 % has a pc and 60% use it every day 60 % has Internet

More information

Oracle Communications Cartridge Feature Specification for Broadsoft Broadworks Enterprise Services

Oracle Communications Cartridge Feature Specification for Broadsoft Broadworks Enterprise Services Oracle Communications ASAP Cartridge for Broadsoft Broadworks Enterprise s Cartridge Version 1.0 Oracle Communications Cartridge Feature Specification for Broadsoft Broadworks Enterprise s Vendor: BroadSoft(BS)

More information

Tipping the Mainframe for a Connected Enterprise

Tipping the Mainframe for a Connected Enterprise Tipping the Mainframe for a Connected Enterprise Stop Rebuilding Capabilities and Start Delivering Solutions with EngagePoint Architect Suite. EngagePoint Architect Suite Ready-to-go solutions focused

More information

WebLogic Server 7.0 Single Sign-On: An Overview

WebLogic Server 7.0 Single Sign-On: An Overview WebLogic Server 7.0 Single Sign-On: An Overview Today, a growing number of applications are being made available over the Web. These applications are typically comprised of different components, each of

More information

Role Based Identity and Access Management Basic Infrastructure for New Citizen Services and Lean Internal Administration

Role Based Identity and Access Management Basic Infrastructure for New Citizen Services and Lean Internal Administration Role Based Identity and Access Management Basic Infrastructure for New Citizen Services and Lean Internal Administration Horst Bliedung Director International Sales CEE Siemens IT Solutions and Services

More information

SSDG Operational Manual Draft version: 0.1. Operational Manual For SSDG

SSDG Operational Manual Draft version: 0.1. Operational Manual For SSDG Operational Manual For SSDG 1 Table of Contents ABBREVIATIONS... 5 SECTION 1: INTRODUCTION... 6 1 INTRODUCTION... 7 1.1 INTENDED USER... 7 1.2 HOW TO USE... 7 1.3 ORGANIZATION OF THE MANUAL... 8 1.4 HELPDESK...

More information

An Open Source eid Simulator Open Identity Summit 9th -11th September 2013

An Open Source eid Simulator Open Identity Summit 9th -11th September 2013 An Open Source eid Simulator Open Identity Summit 9th -11th September 2013 BSI Tobias Senger HJP Consulting Holger Funke Agenda Requirements of BSI Current state Simulator Virtual Smart Card Reader Community

More information

ELM Manages Identities of 4 Million Government Program Users with. Identity Server

ELM Manages Identities of 4 Million Government Program Users with. Identity Server ELM Manages Identities of 4 Million Government Program Users with Identity Server ELM Implements Single Sign-on With WSO2 Identity Server to Streamline Administration, Improve Productivity, and Reduce

More information

OpenAM All-In-One solution to securely manage access to digital enterprise and customer services, anytime and anywhere.

OpenAM All-In-One solution to securely manage access to digital enterprise and customer services, anytime and anywhere. OpenAM All-In-One solution to securely manage access to digital enterprise and customer services, anytime and anywhere. OpenAM, the only all-in-one open source access management solution, provides the

More information

Is Liferay Right for Your Organization? Seven Things to Consider When Choosing a Portal Platform

Is Liferay Right for Your Organization? Seven Things to Consider When Choosing a Portal Platform Is Liferay Right for Your Organization? Seven Things to Consider When Choosing a Portal Platform BY DAN LILIEDAHL, CTO, TANDEMSEVEN The outcome of your portal initiative and its success is directly related

More information

Prepared by Enea S.Teresa (Italy) Version 1.0 2006-October 24

Prepared by Enea S.Teresa (Italy) Version 1.0 2006-October 24 Mersea Information System: an Authentication and Authorization System to access distributed oceanographic data. Prepared by Enea S.Teresa (Italy) Version 1.0 2006-October 24 Revision History Date Version

More information

Alex Wong Senior Manager - Product Management Bruce Ong Director - Product Management

Alex Wong Senior Manager - Product Management Bruce Ong Director - Product Management Alex Wong Senior Manager - Product Management Bruce Ong Director - Product Management 1 Product Roadmap Disclaimer Any forward-looking indication of plans for products is preliminary and all future release

More information

MIT Tech Talk, May 2013 Justin Richer, The MITRE Corporation

MIT Tech Talk, May 2013 Justin Richer, The MITRE Corporation MIT Tech Talk, May 2013 Justin Richer, The MITRE Corporation Approved for Public Release Distribution Unlimited 13-1871 2013 The MITRE Corporation All Rights Reserved } OpenID Connect and OAuth2 protocol

More information

NetworkingPS Federated Identity Solution Solutions Overview

NetworkingPS Federated Identity Solution Solutions Overview NetworkingPS Federated Identity Solution Solutions Overview OVERVIEW As the global marketplace continues to expand, new and innovating ways of conducting business are becoming a necessity in order for

More information

PINsafe Multifactor Authentication Solution. Technical White Paper

PINsafe Multifactor Authentication Solution. Technical White Paper PINsafe Multifactor Authentication Solution Technical White Paper Abstract PINsafe is a flexible authentication solution that offers a wide range of authentication models. The use of the patented one-time

More information

owncloud Architecture Overview

owncloud Architecture Overview owncloud Architecture Overview Time to get control back Employees are using cloud-based services to share sensitive company data with vendors, customers, partners and each other. They are syncing data

More information

Architecting Composite Component Systems for Heterogeneous Environments with Open Standards. Derek Dominish

Architecting Composite Component Systems for Heterogeneous Environments with Open Standards. Derek Dominish Architecting Composite Component Systems for Heterogeneous s with Open Standards Derek Dominish Aerospace Division Future Information Architectures MilCIS - Canberra 14 th November 2013 wealth of Australia

More information

Fischer International Identity BUILT FOR BUSINESS YOURS. PRODUCT OVERVIEW Fischer Password Manager

Fischer International Identity BUILT FOR BUSINESS YOURS. PRODUCT OVERVIEW Fischer Password Manager Fischer International Identity BUILT FOR BUSINESS YOURS PRODUCT OVERVIEW Fischer Password Manager The Case for Password Management Managing passwords is a common challenge that is shared from the smallest

More information

CA SiteMinder. Implementation Guide. r12.0 SP2

CA SiteMinder. Implementation Guide. r12.0 SP2 CA SiteMinder Implementation Guide r12.0 SP2 This documentation and any related computer software help programs (hereinafter referred to as the "Documentation") are for your informational purposes only

More information

TECHNOLOGY BRIEF: INTEGRATED IDENTITY AND ACCESS MANAGEMENT (IAM) An Integrated Architecture for Identity and Access Management

TECHNOLOGY BRIEF: INTEGRATED IDENTITY AND ACCESS MANAGEMENT (IAM) An Integrated Architecture for Identity and Access Management TECHNOLOGY BRIEF: INTEGRATED IDENTITY AND ACCESS MANAGEMENT (IAM) An Integrated Architecture for Identity and Access Management Table of Contents Executive Summary 1 SECTION 1: CHALLENGE 2 The Need for

More information

Robust Object Oriented System Analysis

Robust Object Oriented System Analysis Robust Object Oriented System Analysis Dr Jie Zhao, Dunstan Thomas Consulting Summary Uses cases are widely accepted as the best approach to capturing system requirements, in particular, functional requirements.

More information

Business Process Automation

Business Process Automation Avondseminarie Business Process Automation Genereer korte-termijnvoordelen en flexibiliteit door toepassing van BPMS-technologie Maandag 14 december 2009 Jan Stinissen, Managing Partner Tony Pans, Senior

More information

Evolution of Postgres

Evolution of Postgres Evolution of Postgres Sean Doherty, SVP Sales & Business Development 1 Strategic IT Budget Problem UP TO 35 % of software budgets are spent on Database Management Systems: EDB reduces your DBMS costs by

More information

BOF2337 Open Source Identity and Access Management Expert Panel, Part II. 23 September 2013 5:30p Hilton - Golden Gate 6/7/8 San Francisco CA

BOF2337 Open Source Identity and Access Management Expert Panel, Part II. 23 September 2013 5:30p Hilton - Golden Gate 6/7/8 San Francisco CA Open Source Identity and Access Management Expert Panel, Part II 23 September 2013 5:30p Hilton - Golden Gate 6/7/8 San Francisco CA slide 2 Expert Panel Emmanuel Lécharny, Apache Software Foundation Howard

More information

Preparing for GO!Enterprise MDM On-Demand Service

Preparing for GO!Enterprise MDM On-Demand Service Preparing for GO!Enterprise MDM On-Demand Service This guide provides information on...... An overview of GO!Enterprise MDM... Preparing your environment for GO!Enterprise MDM On-Demand... Firewall rules

More information

CLOUD TECH SOLUTION AT INTEL INFORMATION TECHNOLOGY ICApp Platform as a Service

CLOUD TECH SOLUTION AT INTEL INFORMATION TECHNOLOGY ICApp Platform as a Service CLOUD TECH SOLUTION AT INTEL INFORMATION TECHNOLOGY ICApp Platform as a Service Open Data Center Alliance, Inc. 3855 SW 153 rd Dr. Beaverton, OR 97003 USA Phone +1 503-619-2368 Fax: +1 503-644-6708 Email:

More information

MOBILIZING ORACLE APPLICATIONS ERP. An Approach for Building Scalable Mobility Solutions. A RapidValue Solutions Whitepaper

MOBILIZING ORACLE APPLICATIONS ERP. An Approach for Building Scalable Mobility Solutions. A RapidValue Solutions Whitepaper MOBILIZING ORACLE APPLICATIONS ERP An Approach for Building Scalable Mobility Solutions A RapidValue Solutions Whitepaper TABLE OF CONTENTS Executive Overview Typical Architecture for Mobilizing Oracle

More information

Security and Control Issues within Relational Databases

Security and Control Issues within Relational Databases Security and Control Issues within Relational Databases David C. Ogbolumani, CISA, CISSP, CIA, CISM Practice Manager Information Security Preview of Key Points The Database Environment Top Database Threats

More information

Identity and Access Management

Identity and Access Management Cut costs. Increase security. Support compliance. www.siemens.com/iam Scenarios for greater efficiency and enhanced security Cost pressure is combining with increased security needs compliance requirements

More information

Client Overview. Engagement Situation. Key Requirements for Platform Development :

Client Overview. Engagement Situation. Key Requirements for Platform Development : Client Overview Our client provides leading video platform for enterprise HD video conferencing and has product suite focused on product-based visual communication solutions. Our client leverages its solutions

More information

UK Government ICT Storyboard July 2010

UK Government ICT Storyboard July 2010 UK Government ICT Storyboard July 2010 1 SOME BASICS: ICT across the Public Sector has key challenges that have arisen through the silo d and individual development of ICT Today s Challenge ICT costs and

More information

Secure Identity in Cloud Computing

Secure Identity in Cloud Computing Secure Identity in Cloud Computing Michelle Carter The Aerospace Corporation March 20, 2013 The Aerospace Corporation 2013 All trademarks, service marks, and trade names are the property of their respective

More information

NCSU SSO. Case Study

NCSU SSO. Case Study NCSU SSO Case Study 2 2 NCSU Project Requirements and Goals NCSU Operating Environment Provide support for a number Apps and Programs Different vendors have their authentication databases End users must

More information

Identity Management Basics. OWASP May 9, 2007. The OWASP Foundation. Derek Browne, CISSP, ISSAP Derek.Browne@Emergis.com. http://www.owasp.

Identity Management Basics. OWASP May 9, 2007. The OWASP Foundation. Derek Browne, CISSP, ISSAP Derek.Browne@Emergis.com. http://www.owasp. Identity Management Basics Derek Browne, CISSP, ISSAP Derek.Browne@Emergis.com May 9, 2007 Copyright The Foundation Permission is granted to copy, distribute and/or modify this document under the terms

More information

Contents at a Glance. 1 Introduction 17. 2 Basic Principles of IT Security 23. 3 Authentication and Authorization in

Contents at a Glance. 1 Introduction 17. 2 Basic Principles of IT Security 23. 3 Authentication and Authorization in at a Glance 1 Introduction 17 2 Basic Principles of IT Security 23 3 Authentication and Authorization in SAP NetWeaver Application Server Java 53 4 Single Sign-On 151 5 Identity Provisioning 289 6 Secure

More information

Oracle Reference Architecture and Oracle Cloud

Oracle Reference Architecture and Oracle Cloud Oracle Reference Architecture and Oracle Cloud Anbu Krishnaswamy Anbarasu Enterprise Architect Social. Mobile. Complete. Global Enterprise Architecture Program Safe Harbor Statement The following is intended

More information

INTEGRATION GUIDE. DIGIPASS Authentication for Citrix NetScaler (with AGEE)

INTEGRATION GUIDE. DIGIPASS Authentication for Citrix NetScaler (with AGEE) INTEGRATION GUIDE DIGIPASS Authentication for Citrix NetScaler (with AGEE) Disclaimer Disclaimer of Warranties and Limitation of Liabilities All information contained in this document is provided 'as is';

More information

Manage all your Office365 users and licenses

Manage all your Office365 users and licenses Manage all your Office365 users and licenses Delegate 365 White Paper Authors: Toni Pohl, Martina Grom Version: 1.2 of December 2014 atwork information technology gmbh. All rights reserved. For information

More information

Agenda. How to configure

Agenda. How to configure dlaw@esri.com Agenda Strongly Recommend: Knowledge of ArcGIS Server and Portal for ArcGIS Security in the context of ArcGIS Server/Portal for ArcGIS Access Authentication Authorization: securing web services

More information

A Technical Roadmap for Oracle Fusion Middleware, E-Business Suite Release 12 and Oracle Fusion Applications

A Technical Roadmap for Oracle Fusion Middleware, E-Business Suite Release 12 and Oracle Fusion Applications A Technical Roadmap for Oracle Fusion Middleware, E-Business Suite Release 12 and Oracle Fusion Applications John Stouffer Oracle E-Business ACE Independent Consultant 214 535 6847 john.w.stouffer@gmail.com

More information

iway Roadmap Michael Corcoran Sr. VP Corporate Marketing

iway Roadmap Michael Corcoran Sr. VP Corporate Marketing iway Roadmap Michael Corcoran Sr. VP Corporate Marketing iway 7 Products iway 7 Products iway 7 Products 360 Viewer Remediation Sentinel Portal Golden Record Search and View Omni-Patient Data Exception

More information

STRONGER AUTHENTICATION for CA SiteMinder

STRONGER AUTHENTICATION for CA SiteMinder STRONGER AUTHENTICATION for CA SiteMinder Adding Stronger Authentication for CA SiteMinder Access Control 1 STRONGER AUTHENTICATION for CA SiteMinder Access Control CA SITEMINDER provides a comprehensive

More information

1 Building an Identity Management Business Case. 2 Agenda. 3 Business Challenges

1 Building an Identity Management Business Case. 2 Agenda. 3 Business Challenges 1 Building an Identity Management Business Case Managing the User Lifecycle Across On-Premises and Cloud-Hosted Applications Justifying investment in identity management automation. 2 Agenda Business challenges

More information