Workflows, Identity 2.0 & Delegated Authorization using REST

Welcome Pat G. Cappelaere

President / CEOVightel Corporation

Session Title:Workflows, Identity 2.0 & Delegated Authorization

April 21-23, 2008 Renaissance Washington, DC

The RESTFul Way 安らぎの道

SOA Journey: Two Paths

WOAFocused on Describing Operations

ROAFocused on Resources Of Value to A User

APP +…

I cannot drink zis!

http://host/R

Business Case

Workflows, Identity 2.0 & Delegated Authorization

Who Is The Customer?

Science

Red Cross/First Responders

Web Services Access

What Does Our Customer Really Want?

Flood. . . . .

Science

Red Cross/First Responders

Security Problems

Manage Users

Authenticate/Authorize

Control Access

Delegate User Authority To Workflows

And Still Need Fairly Secure Transactions

WfCS Issues

Standardize API in a RESTFul Way

Discover Workflows

Many Workflow Engines!

Identity 2.0

Delegate User Identity to Trusted Identity Providers

Provides Single Sign-on Across Enterprise

Provides Profile Exchange Capabilities

Benefits:Simplify Password Management

Accept Users From Specific Communities of InterestDerive Access Privileges From Exchanged ProfileRESTFulMinimum Infrastructure Requirement

Dick Hardt, Founder & CEO, Sxip Identity

Web Services Secure Communications

Basic Authentication

SSL / PKI

OAuth 1.0 And User Pre-Approved Transactions

WebConsumer

WebProvider

WebConsumer

WebProvider

OAuth 1.0

Uses HTTP Authentication Header

http://oauth.net/

POST http://eo1.geobliki.com/sps HTTP/1.1Connection: closeAccept: */*Content-Type: application/x-www-form-urlencodedAuthorization: OAuth realm="/geobliki/sps", oauth_nonce="DknhjM5kkvhS1yT8dWgjTXzG3D8CpUQpd1c5zDx16cw", oauth_signature_method="HMAC-SHA1", oauth_token="http%3A%2F%2Fcappelaere.pip.verisignlabs.com%2F", oauth_timestamp="1206048828", oauth_consumer_key="test", oauth_signature="8N2tOq6KEj%2FSWCjDHs63ncYNVO8%3D", oauth_version="1.0"Content-Length: 1041Host: eo1.geobliki.com

Web Service Orchestration

Workflow EngineBPMN, XPDL…

But You Want To Keep it SimpleFor Your Service Provider PartnersFor Yourself

RESTFul Web Services Including Engine Itself

Workflow Reference Model

From SOAPy WfXML 2.0 to WfXML-R

QuickTime™ and a decompressor

are needed to see this picture.

Putting it Together

Applications

GEO/GEOSS, CEOS, IFRCSouth Africa Wild Fires Monitoring (fire)Mozambique Floods (flood)Southern California Fires (fire)Empire Challenge 08 (red dye, ships, fire)

Workflow Discovery

CS/W Is Now An Automated Feed Aggregator

Lessons Learned

Security is achievable using existing standards

Workflows Can Be Discovered Easily!

Everything is a Workflow!

Thank You!

Pat G. CappelaerePresident / CEOVightel Corporationhttp://www.vightel.com

Contact Information:443 283 0369pat@vightel.com

Workflows, Identity 2.0 & Delegated Authorization using REST

Business

Transcript of Workflows, Identity 2.0 & Delegated Authorization using REST

Completing a Delegated Registration

Building Office 365 App with AAD OAuth - Microsoft · OAuth •Widely adopted open standard for authorization •Provides client app a “secure delegated access” to server resources

BI-CRITERIA SCHEDULING OF SCIENTIFIC GRID WORKFLOWS · and scientific workflows: While business workflows are controlflow oriented, scientific workflows are dataflow oriented, introducing

FTL Focused Planning...Extranet Project scheduled for pilot implementation in June 2007. This project extends authentication and authorization responsibility for key services to delegated

SharePoint Online Development and Data Migration · SharePoint Online automated authorization and approval processes for each department. Using SharePoint workflows, we replaced the

Centre-Delegated Access Arrangements

Rudder - FrOSCon...Plugins: Cobbler, Rundeck, Ansible ... Rudder. Workflows Rudder. Workflows Rudder. Workflows Rudder. Workflows Rudder. Workflows Rudder. Workflows Rudder. Workflows

Predicting the Costs of Serverless Workflows€¦ · visioning, are delegated to the cloud platform and costs are calculated based on a pay-per-use basis [19, 28]. Function-as-a-Service

Verifiable delegated authorization for user-centric architectures … · architectures and an OAuth2 implementation Luca Ferretti, Mirco Marchetti, and Michele Colajanni University

2016 UNIFORM STANDARDS MANUAL - StJohnOnline.ca SJA ON Uniform Standards... · Services (CS) members in Ontario ... events and public duty. Authorization to wear uniforms is delegated

Delegated List Planning Applications - Modern Mindsetchesterfield.moderngov.co.uk/documents/s13450/DELEGATED LIST... · Delegated List Planning Applications Code No Ward Proposal

Greenpass RADIUS Tools for Delegated Authorization in ... · Greenpass RADIUS Tools for Delegated Authorization in Wireless Networks Dartmouth College Computer Science Technical Report

DELEGATED POWERS REPORT NO

Powers Delegated To Officers

DELEGATED CONTRACT MANAGER (DCM)

Scientific Workflows. 2 Overview More background on workflows Kepler Details Example Scientific Workflows Other Workflow Systems.

PORTANT INFORMATION - DELEGATED DECISIONS

Agency Delegated Purchasing

SharePoint Online Development and Data Migration fileSharePoint Online automated authorization and approval processes for each department. Using SharePoint workflows, we replaced the

2013 UNIFORM STANDARDS MANUAL - StJohnOnline.ca · Services (CS) members in ... events and public duty. Authorization to wear uniforms is delegated as follows: ... Decoration and