SlideShare a Scribd company logo

Converge Leveraging Identity With Professional Open Source Final

Download as PPTX, PDF
G
Gonow

This document introduces a 4-step identity implementation roadmap and compares commercial and open source identity management solutions. It discusses common identity management project mistakes and how to avoid them. It also provides an overview of the open source JOSSO identity management product, highlighting case studies of its use by organizations like the State of Florida and Software AG. The document concludes with contact information for learning more about JOSSO and its certified implementation partner in Brazil.

Related slideshows

Con8834 bring your own identity - final
Con8834 bring your own identity - finalCon8834 bring your own identity - final
Con8834 bring your own identity - final
 
Con8828 justifying and planning a successful identity management upgrade final
Con8828 justifying and planning a successful identity management upgrade finalCon8828 justifying and planning a successful identity management upgrade final
Con8828 justifying and planning a successful identity management upgrade final
 
Raygain Information Technology Overview
Raygain Information Technology OverviewRaygain Information Technology Overview
Raygain Information Technology Overview
 
1 of 19
Leveraging identity with Josso, the Professional Open Source
GoalsIntroduce a 4-step Identity Implementation RoadmapExamine the most common Identity Management Project mistakes; and how to avoid themCompare commercial and open source Identity Management Solutions head-to-head Drill down on the JOSSO Open Source Product, Adopters and Case StudiesQ&A
A non-IAM Adopter Organization
Bird’s eye view of an IdentityInside-Out Implementation Roadmap Deliver an Authoritative Source
End the password nightmare
Build service around Identity
Push Identity beyond organizational boundariesUnify – Deliver an Authoritative SourceWHYBuild value from your identity dataRealize the data backbone of the identity spinal cordHOWAdopt and Extend a user schemaChoose your persistence mechanism and protocol for storing and exposing your organization identities respectivelySet up an Authoritative Source for user and entitlement informationAPPROACHESBatch data synchronization and Reconciliation Directory Virtualization
Leverage – End the password nightmareWHYIncrease operational efficiencyIncrease securityHOWAuthentication and Authorization still handled within the application tierPoint business applications to the authoritative source for looking up user and entitlement recordsFederate local identity store against authoritative sourceAPPROACHESConnecting authoritative source to identity consumersBusiness application retrofitting of the identity data layer
Service – Build services around identityWHYEnhance user experienceIncrease operational efficiencyIncrease securityHOWSet up an Asserting Authority capable of emitting security tokensAdopt standards for security token emission, formatting and underlying trust system Shift Authentication and Authorization Processes to the Asserting AuthorityLeverage Asserting Authority services from business applications and application platformsAPPROACHESImplement a Standard-based Access Management Solution
Externalize – Push Identity beyond organizational boundariesWHYAchieve interoperation with external organizations/domainsExtend the reach of organization’s identity services to the CloudBring Public Cloud services on boardHOWIntroduce support for producing and consuming standard-based assertions (e.g. using the SAML2 protocol)Set up Inbound & Outbound Federated Connections with Partner sitesAPPROACHESDeliver the Federated Identity capabilities into the Access Management Solution – with little to no impact in the application baseDeliver the Federated Identity Capabilities into the Business Application tier – requires retrofitting business applications that need to be externalized; or need to leverage externalized services
An IAM Adopter Organization
Ingredients for Failure in a IAM ProjectAssume that the product is the solution
Underestimate technological complexity
Underestimate effort
Lack of sponsorship
Management not knowledgeable about IAM
Approach the project in a waterfall style
Implementing IAM infrastructure in-house Ingredients for Success in a IAM ProjectHaving skilled IAM people is more important than the product
Invest in defining your Identity Architecture up front; scaffolding it in a proof-of-concept (POC)

More Related Content

Converge Leveraging Identity With Professional Open Source Final

  • 1. Leveraging identity with Josso, the Professional Open Source
  • 2. GoalsIntroduce a 4-step Identity Implementation RoadmapExamine the most common Identity Management Project mistakes; and how to avoid themCompare commercial and open source Identity Management Solutions head-to-head Drill down on the JOSSO Open Source Product, Adopters and Case StudiesQ&A
  • 3. A non-IAM Adopter Organization
  • 4. Bird’s eye view of an IdentityInside-Out Implementation Roadmap Deliver an Authoritative Source
  • 5. End the password nightmare
  • 7. Push Identity beyond organizational boundariesUnify – Deliver an Authoritative SourceWHYBuild value from your identity dataRealize the data backbone of the identity spinal cordHOWAdopt and Extend a user schemaChoose your persistence mechanism and protocol for storing and exposing your organization identities respectivelySet up an Authoritative Source for user and entitlement informationAPPROACHESBatch data synchronization and Reconciliation Directory Virtualization
  • 8. Leverage – End the password nightmareWHYIncrease operational efficiencyIncrease securityHOWAuthentication and Authorization still handled within the application tierPoint business applications to the authoritative source for looking up user and entitlement recordsFederate local identity store against authoritative sourceAPPROACHESConnecting authoritative source to identity consumersBusiness application retrofitting of the identity data layer
  • 9. Service – Build services around identityWHYEnhance user experienceIncrease operational efficiencyIncrease securityHOWSet up an Asserting Authority capable of emitting security tokensAdopt standards for security token emission, formatting and underlying trust system Shift Authentication and Authorization Processes to the Asserting AuthorityLeverage Asserting Authority services from business applications and application platformsAPPROACHESImplement a Standard-based Access Management Solution
  • 10. Externalize – Push Identity beyond organizational boundariesWHYAchieve interoperation with external organizations/domainsExtend the reach of organization’s identity services to the CloudBring Public Cloud services on boardHOWIntroduce support for producing and consuming standard-based assertions (e.g. using the SAML2 protocol)Set up Inbound & Outbound Federated Connections with Partner sitesAPPROACHESDeliver the Federated Identity capabilities into the Access Management Solution – with little to no impact in the application baseDeliver the Federated Identity Capabilities into the Business Application tier – requires retrofitting business applications that need to be externalized; or need to leverage externalized services
  • 11. An IAM Adopter Organization
  • 12. Ingredients for Failure in a IAM ProjectAssume that the product is the solution
  • 17. Approach the project in a waterfall style
  • 18. Implementing IAM infrastructure in-house Ingredients for Success in a IAM ProjectHaving skilled IAM people is more important than the product
  • 19. Invest in defining your Identity Architecture up front; scaffolding it in a proof-of-concept (POC)
  • 20. Plan ahead based on realistic time lines
  • 21. Get the right level of sponsorship for your project
  • 22. Look for coaching from IAM SME’s
  • 23. Execute your project using a staged approach, driven by business value and risk mitigation
  • 24. Rely on proven solutions while focusing on your business Two sides of the same coin
  • 25. Highlights of Commercial IAM Solutions Expensive due to commonly associated user licensing and implementation costs
  • 26. Force you to take a “suite” instead of a best-of-breed approach
  • 27. Usually built on legacy technologies
  • 28. Little extensibility is provided for realizingreal-world scenarios
  • 30. No access to source code for diagnosing and eventually solving IAM-specific issues Highlights of Sponsored Open Source Solutions No associated user-licensing cost. You are free to implement in a do-it-yourself fashion.
  • 31. Deliver your identity solution based on mix-and-matching components
  • 32. Usually current in terms of architecture and latest trends
  • 33. Highly extensible for introducing your custom extensions if necessary
  • 34. Source code is available and you are free to create your own version of the product
  • 35. Source code is available for inspectionHead-to-Head Comparison of Commercial and Open Source IAM
  • 36. JOSSO in a nutshell
  • 39. The State of Florida Case StudyThe Need: Enable interoperation among heterogeneous homeland security systems in terms of identity
  • 40. The Solution: Deliver a timely, cost-effective identity and access management back-bone
  • 42. JOSSO as the identity stack
  • 43. Based on Weblogic and JBoss environments
  • 44. High-availability and Scalability enabled for Identity and Access Management Services
  • 45. 60,000 users ApproximatelySoftware AG Case StudyThe Need: Enable seamless employee and customer access to Communities Ecosystem
  • 46. The Solution: Deliver a timely, cost-effective Standard-based Federated Identity Solution without disrupting Communities Ecosystem
  • 48. JOSSO and Atricore Identity Bus as the identity stack
  • 49. Federating against Novel Access Management using SAML2
  • 50. High-availability and Scalability enabled for Identity and Access Management Services
  • 51. 50,000 users approximatelyEuropean Union Case StudyThe Need: Enable identity services into the Planets Product - Preservation and Long-term Access through Networked Services - coordinated by the British Library
  • 52. The Solution: Power the Planet platform with Open Source Identity Management Technology
  • 54. JOSSO as the identity stack
  • 55. High-availability and Scalability enabled for Identity and Access Management ServicesQ&A
  • 56. Contact InformationAtricore Inc. : www.atricore.comParceiroCertificado no Brasil:GoNow: www.gonow.com.br R. Tenerife, 31 – 10º andar Vila Olímpia – São Paulo/SP (11) 3046 2525
  • 57. Perspector Data Slide - DO NOT EDITThis slide holds any pictures that are used by 3D images created with Perspector.The slide will not be displayed when the presentation is viewed as a slide show.If you want to send the presentation to someone else for them to watch, you can delete this slide in the copy that you send (but keep your original presentation for future editing).

Editor's Notes

  1. I need to know how to pronounce “Atricore” – is it “at-ricor” or “ate-ricor”?
  2. If you don’t like the “Subject: explanation” format here, we can try beginning each bullet point with the active verb, as in : explore, examine, define, fit, answer.
  3. IAM= identity access management?
  4. “Reconciliation” is misspelled – please add “i” after “l”.