WSO2Con USA 2017: Introduction to Security: End-to-End Identity Management
Wso2con identity patterns
-
Upload
prabath-siriwardena -
Category
Documents
-
view
482 -
download
4
Transcript of Wso2con identity patterns
Enterprise Iden,ty Management & Security Pa7erns and Prac,ces
Prabath Siriwardena
JIRA
SVN
Forrester Iden2ty Management Maturity Model
Iden2ty as a Service
Single Sign On
Provisioning
Delega2on
Federa2on
Access Control
Audi2ng
Principles of Iden2ty Data
Do NOT replicate iden22es
Principles of Iden2ty Data
Business requirements should drive iden2ty replica2on
Principles of Iden2ty Data
Replicated iden22es should be read-‐only
Principles of Iden2ty Data
Iden2ty data should be loca2on transparent
Principles of Iden2ty Data
Enforce the consistency & integrity of iden2ty data with policies, processes & tools
Principles of Iden2ty Data
Use open standards rather than proprietary standards
Principles of Iden2ty Data
Use encryp2on to protect sensi2ve iden2ty elements
• User stores with LDAP/AD/JDBC • Mul2ple user store support • OpenID • SAML2 • Kerberos • Informa2on Cards • XACML 2.0 / 3.0 • OAuth 1.0 / 2.0 • Security Token Service with WS-‐Trust • SCIM 1.1 • WS-‐XACML
WSO2 Iden2ty Server
Thank you