SlideShare ist ein Scribd-Unternehmen logo

Webinar: "Entitlements: Taking Control of the Big Data Gold Rush"

Als PPTX, PDF herunterladen
ForgeRock
ForgeRock

Information is the new currency and as more “things” come online the volume of data will dramatically increase. Typically, this data is stored in multiple repositories and different personas have different levels of access. In this webinar, which was recorded on August 18th, 2015, you can learn how to answer key questions to today’s tough challenges: How do we keep sensitive data, secure it and make it accessible? How do we manage authorization policies related to this data? How do we manage entitlements for not only web apps, but also users, devices and things? ForgeRock’s Senior Software Developer, Andy Forrest, discussed the challenges and solutions surrounding Entitlements.

Software
1 von 38
Copyright © 2015 ForgeRock, all rights reserved. Entitlements: Taking Control of the Big Data Gold Rush Markus Weber Andy Forrest August 18th, 2015
Copyright © 2015 ForgeRock, all rights reserved. Achieving the Holy Grail of Identity Knowing Who's Who, What's What, and Who Gets Access to What Source: Scott McNealy, Identity Summit 2015
Copyright © 2015 ForgeRock, all rights reserved. ForgeRock Fastest-growing Open Source Identity Security Software company in the world ■ Founded 2010 with high double digit growth every year since inception ■ Over 200 full time employees ■ Over 400 customers ■ Active in over 30 countries ■ Locations: San Francisco, Vancouver (US), Bristol (UK), London (UK), Grenoble (FR), Oslo, Singapor, Düsseldorf Award winning platform driving innovation worldwide ■ Gold winner of the CEO World awards 2014 ■ Silver Winner in the 6th Annual Golden Bridge Award 2014 ■ Silver winner for the Fastest-Growing Company of the Year in Best in Biz Awards 2014 Investors: Our Origins:
Copyright © 2015 ForgeRock, all rights reserved. 275 survey respondents Research by
Copyright © 2015 ForgeRock, all rights reserved. Research by  71% using ForgeRock for THEIR customer identities (USA)  88% deploy in less than a year  65% deploy in less than 6 months  70% reach payback in less than 18 months  91% rate ForgeRock speed to deployment superior to competition  96% rate ForgeRock scalability superior to competition  92% rate ForgeRock reliability superior to competition  100% of government and financial services customers rate ForgeRock scalability superior to the competition
Copyright © 2015 ForgeRock, all rights reserved. The Platform
Copyright © 2015 ForgeRock, all rights reserved. The ForgeRock Identity Platform (Identity Management) (Access Management) (Directory Services) (Identity Gateway)
Copyright © 2015 ForgeRock, all rights reserved.Copyright © Identity Summit 2015, all rights reserved. IDENTITY MANAGEMENT Provisioning Self-Service Password Management Synchronization/Reconciliation Workflow Engine SaaS Connectors ACCESS MANAGEMENT Authentication Entitlements Management Federation Social Sign-On Adaptive Risk REST Security Token Service API & MOBILE GATEWAY API Security Mobile Security Legacy Application Security Web Services Security Password Capture and Replay DIRECTORY SERVICES Performance & Scalability High Availability Password Policy Active Directory Synchronization Identity Data Replication LDAPv3 and REST2LDAP COMMONSERVICES RESTAPI Standards UserInterface The ForgeRock Identity Platform
Copyright © 2015 ForgeRock, all rights reserved. customldapv3 User Data Stores Authentication Coarse Grained Authorization Policies SSO Session Management Federation Hub Adaptive Risk ForgeRock UI Framework Password management Audit Logging UI Layer Access Layer Business Logic Layer Services Layer Persistence layer SIEM | Reporting Tools (3rd party) Authentication Systems (out-of-the-box & 3rd party) Analytics tools (3rd party) Fine Grained Authorization Pluggable Common REST OpenID Connect OAuth2 SAMLv2 WS-* Protected Resource s Web Application Mobile Application Policy AgentFirewall Reverse Proxy REST Client Stateful StatelessSession Layer Load balancer Chip | Thing End-User UI JATO based Admin UI Policy Editor Monitoring
Copyright © 2015 ForgeRock, all rights reserved. The Near Future
Copyright © 2015 ForgeRock, all rights reserved. Return on Identity Platform Focus for Maximizing ROI API Economy IoT Scale IoT Ready Privacy & Consent Security Data Enrichment Run Anywhere
Copyright © 2015 ForgeRock, all rights reserved. Privacy & Consent User Managed Access (UMA) • Standards based privacy and consent • Giving people the right to control access to their data across providers • Interoperable OAuth2-based protocol • Shipping as an integrated feature of OpenAM and OpenIG
Copyright © 2015 ForgeRock, all rights reserved. Internet of Things Scale Stateless Sessions • Built on new stateless sessions • JWT-based sessions • Per-Realm configuration • Enables true elastic deployment • Massive horizontal scalability ClusterSize Demand Internet Elastic Load Balancer
Copyright © 2015 ForgeRock, all rights reserved. Security Continuous Authorization OpenAM Session Contextual Change System Detects New Location System detects change during session and requests 1x password • Context based authentication and authorization • Includes the device print and request context in the policy evaluation • Custom logic easily integrated into Policy decisions with JavaScript, Groovy, or Java • REST-calls to external Policy Information Points
Copyright © 2015 ForgeRock, all rights reserved. Entitlements Taking Control of the Big Data Gold Rush Andy Forrest (@apforrest) andrew.forrest@forgerock.com
Copyright © 2015 ForgeRock, all rights reserved. “Information is the new currency”
Copyright © 2015 ForgeRock, all rights reserved. Let’s rewind a little... Subject Resource Action Environment • Authentication • Authorization
Copyright © 2015 ForgeRock, all rights reserved. What has a policy looked like? Typically used to protect a web resource: “Can Bob who is part of the admin group see the admin web page?”
Copyright © 2015 ForgeRock, all rights reserved. Policy solutions • ACLs (access control lists) - focused on the subject • RBAC (role based access control) - focused on the subject and resource - role explosion
Copyright © 2015 ForgeRock, all rights reserved. Policy characteristics • Coarse grained • Allow / deny • Inflexible • Low volume • Minimal performance demand
Copyright © 2015 ForgeRock, all rights reserved. PEP Common policy architecture Protected resource Bob PDP PAP PIPs
Copyright © 2015 ForgeRock, all rights reserved. Common policy architecture Policy agent Protected resource Bob OpenAM
Copyright © 2015 ForgeRock, all rights reserved. What’s next for policy? “Authorization is the new cool kid”
Copyright © 2015 ForgeRock, all rights reserved. IoT (Internet of Things) • Not just web pages • Richer relationships • Descriptive demand
Copyright © 2015 ForgeRock, all rights reserved. UMA (User Managed Access) • In the hands of the consumer • High scale • Decoupled • Distributed
Copyright © 2015 ForgeRock, all rights reserved. Some of the buzz • ABAC (attribute based access control) • XACML (extensible access control markup language)
Copyright © 2015 ForgeRock, all rights reserved. Future policy characteristics • Attribute based • Fine grained • Entitlements • Unknown entities • High volume • Performance speed • Outward facing
Copyright © 2015 ForgeRock, all rights reserved. What about OpenAM? “We’re the real deal”
Copyright © 2015 ForgeRock, all rights reserved. OpenAM policy • Complete REST API • Intuitive UI • Organisational structure • Expressive rules • Contextual authz • Rich entitlement decisions • Selective evaluation • Scaling and replication • XACML export/import
Copyright © 2015 ForgeRock, all rights reserved. Demo
Copyright © 2015 ForgeRock, all rights reserved. Mobile Twitter Raspberry PI OpenAM Device 1 Radio Tx Radio Rx Device 3 Radio Rx Device 2 Radio Rx Web App Policy Demo topology
Copyright © 2015 ForgeRock, all rights reserved. Demo topology
Copyright © 2015 ForgeRock, all rights reserved. DJ 2 OpenAM 2 DJ 1 OpenAM 1 Replication Cross talk 8 x 3.3GHz, 64GB 8 x 3.3GHz, 64GB Performance topology
Copyright © 2015 ForgeRock, all rights reserved.
Copyright © 2015 ForgeRock, all rights reserved. How does OpenAM continue to lead? • Continually looking to push performance • More fine grained through ABAC - generic attribute model - application rules - nested applications • Simplified UIs
Copyright © 2015 ForgeRock, all rights reserved. “Information is the new currency”
Copyright © 2015 ForgeRock, all rights reserved. IDENTITY SUMMIT SERIES 2015: EUROPE 8 October London 5 November Amsterdam 10 November Düsseldorf Visit summits.forgerock.com
Copyright © 2015 ForgeRock, all rights reserved. Q & A

Empfohlen

Webinar: Customer Scale
Webinar: Customer ScaleWebinar: Customer Scale
Webinar: Customer Scale
ForgeRock
 
NYC Identity Summit Tech Day: ForgeRock DevOps/Cloud Strategy
NYC Identity Summit Tech Day: ForgeRock DevOps/Cloud StrategyNYC Identity Summit Tech Day: ForgeRock DevOps/Cloud Strategy
NYC Identity Summit Tech Day: ForgeRock DevOps/Cloud Strategy
ForgeRock
 
DevOps Unleashed: Strategies that Speed Deployments
DevOps Unleashed: Strategies that Speed DeploymentsDevOps Unleashed: Strategies that Speed Deployments
DevOps Unleashed: Strategies that Speed Deployments
ForgeRock
 
The Future is Now: What’s New in ForgeRock Directory Services
The Future is Now: What’s New in ForgeRock Directory ServicesThe Future is Now: What’s New in ForgeRock Directory Services
The Future is Now: What’s New in ForgeRock Directory Services
ForgeRock
 
Taking Flexibility to the Next Level
Taking Flexibility to the Next LevelTaking Flexibility to the Next Level
Taking Flexibility to the Next Level
ForgeRock
 
Directory Services with the ForgeRock Identity Platform - So What’s New?
Directory Services with the ForgeRock Identity Platform - So What’s New?Directory Services with the ForgeRock Identity Platform - So What’s New?
Directory Services with the ForgeRock Identity Platform - So What’s New?
ForgeRock
 
The Future is Now: What’s New in ForgeRock Access Management
The Future is Now: What’s New in ForgeRock Access Management The Future is Now: What’s New in ForgeRock Access Management
The Future is Now: What’s New in ForgeRock Access Management
ForgeRock
 
Webinar: Access Management with the ForgeRock Identity Platform - So What’s N...
Webinar: Access Management with the ForgeRock Identity Platform - So What’s N...Webinar: Access Management with the ForgeRock Identity Platform - So What’s N...
Webinar: Access Management with the ForgeRock Identity Platform - So What’s N...
ForgeRock
 

Empfohlen

Webinar: Customer Scale
Webinar: Customer ScaleWebinar: Customer Scale
Webinar: Customer Scale
ForgeRock
 
NYC Identity Summit Tech Day: ForgeRock DevOps/Cloud Strategy
NYC Identity Summit Tech Day: ForgeRock DevOps/Cloud StrategyNYC Identity Summit Tech Day: ForgeRock DevOps/Cloud Strategy
NYC Identity Summit Tech Day: ForgeRock DevOps/Cloud Strategy
ForgeRock
 
DevOps Unleashed: Strategies that Speed Deployments
DevOps Unleashed: Strategies that Speed DeploymentsDevOps Unleashed: Strategies that Speed Deployments
DevOps Unleashed: Strategies that Speed Deployments
ForgeRock
 
The Future is Now: What’s New in ForgeRock Directory Services
The Future is Now: What’s New in ForgeRock Directory ServicesThe Future is Now: What’s New in ForgeRock Directory Services
The Future is Now: What’s New in ForgeRock Directory Services
ForgeRock
 
Taking Flexibility to the Next Level
Taking Flexibility to the Next LevelTaking Flexibility to the Next Level
Taking Flexibility to the Next Level
ForgeRock
 
Directory Services with the ForgeRock Identity Platform - So What’s New?
Directory Services with the ForgeRock Identity Platform - So What’s New?Directory Services with the ForgeRock Identity Platform - So What’s New?
Directory Services with the ForgeRock Identity Platform - So What’s New?
ForgeRock
 
The Future is Now: What’s New in ForgeRock Access Management
The Future is Now: What’s New in ForgeRock Access Management The Future is Now: What’s New in ForgeRock Access Management
The Future is Now: What’s New in ForgeRock Access Management
ForgeRock
 
Webinar: Access Management with the ForgeRock Identity Platform - So What’s N...
Webinar: Access Management with the ForgeRock Identity Platform - So What’s N...Webinar: Access Management with the ForgeRock Identity Platform - So What’s N...
Webinar: Access Management with the ForgeRock Identity Platform - So What’s N...
ForgeRock
 
IDP Proxy Concept: Accessing Identity Data Sources Everywhere!
IDP Proxy Concept: Accessing Identity Data Sources Everywhere!IDP Proxy Concept: Accessing Identity Data Sources Everywhere!
IDP Proxy Concept: Accessing Identity Data Sources Everywhere!
ForgeRock
 
OpenAM: An Introduction
OpenAM: An IntroductionOpenAM: An Introduction
OpenAM: An Introduction
ForgeRock
 
OpenIG Webinar: Your Swiss Army Knife for Protecting and Securing Web Apps, A...
OpenIG Webinar: Your Swiss Army Knife for Protecting and Securing Web Apps, A...OpenIG Webinar: Your Swiss Army Knife for Protecting and Securing Web Apps, A...
OpenIG Webinar: Your Swiss Army Knife for Protecting and Securing Web Apps, A...
ForgeRock
 
Identity Management with the ForgeRock Identity Platform - So What’s New?
Identity Management with the ForgeRock Identity Platform - So What’s New?Identity Management with the ForgeRock Identity Platform - So What’s New?
Identity Management with the ForgeRock Identity Platform - So What’s New?
ForgeRock
 
ForgeRock Platform Release - Summer 2016
ForgeRock Platform Release - Summer 2016 ForgeRock Platform Release - Summer 2016
ForgeRock Platform Release - Summer 2016
ForgeRock
 
Webinar: ForgeRock Identity Platform Preview (Dec 2015)
Webinar: ForgeRock Identity Platform Preview (Dec 2015)Webinar: ForgeRock Identity Platform Preview (Dec 2015)
Webinar: ForgeRock Identity Platform Preview (Dec 2015)
ForgeRock
 
Implementing WebAuthn & FAPI supports on Keycloak
Implementing WebAuthn & FAPI supports on KeycloakImplementing WebAuthn & FAPI supports on Keycloak
Implementing WebAuthn & FAPI supports on Keycloak
Yuichi Nakamura
 
The Future is Now: What’s New in ForgeRock Identity Management
The Future is Now: What’s New in ForgeRock Identity Management The Future is Now: What’s New in ForgeRock Identity Management
The Future is Now: What’s New in ForgeRock Identity Management
ForgeRock
 
NYC Identity Summit Business Day: Identity is the Center of Everything (Mike ...
NYC Identity Summit Business Day: Identity is the Center of Everything (Mike ...NYC Identity Summit Business Day: Identity is the Center of Everything (Mike ...
NYC Identity Summit Business Day: Identity is the Center of Everything (Mike ...
ForgeRock
 
Pimping the ForgeRock Identity Platform for a Billion Users
Pimping the ForgeRock Identity Platform for a Billion UsersPimping the ForgeRock Identity Platform for a Billion Users
Pimping the ForgeRock Identity Platform for a Billion Users
ForgeRock
 
Implementing security requirements for banking API system using Open Source ...
Implementing security requirements for banking API system using Open Source ... Implementing security requirements for banking API system using Open Source ...
Implementing security requirements for banking API system using Open Source ...
Yuichi Nakamura
 
FIDO @ LINE - #idcon vol.24
FIDO @ LINE - #idcon vol.24FIDO @ LINE - #idcon vol.24
FIDO @ LINE - #idcon vol.24
Nov Matake
 
NIST SP 800-63-3 #idcon vol.22
NIST SP 800-63-3 #idcon vol.22NIST SP 800-63-3 #idcon vol.22
NIST SP 800-63-3 #idcon vol.22
Nov Matake
 
Webinar: OpenAM 12.0 - New Featurs
Webinar: OpenAM 12.0 - New FeatursWebinar: OpenAM 12.0 - New Featurs
Webinar: OpenAM 12.0 - New Featurs
ForgeRock
 
Provisioning IoT...Oh Baby You Know Meeee!
Provisioning IoT...Oh Baby You Know Meeee!Provisioning IoT...Oh Baby You Know Meeee!
Provisioning IoT...Oh Baby You Know Meeee!
ForgeRock
 
Customer Scale: Stateless Sessions and Managing High-Volume Digital Services
Customer Scale: Stateless Sessions and Managing High-Volume Digital ServicesCustomer Scale: Stateless Sessions and Managing High-Volume Digital Services
Customer Scale: Stateless Sessions and Managing High-Volume Digital Services
ForgeRock
 
WebRTC with Java
WebRTC with JavaWebRTC with Java
WebRTC with Java
amithap07
 
Bring your own Identity (BYOID) with WSO2 Identity Server
Bring your own Identity (BYOID) with WSO2 Identity ServerBring your own Identity (BYOID) with WSO2 Identity Server
Bring your own Identity (BYOID) with WSO2 Identity Server
WSO2
 
Identity Gateway with the ForgeRock Identity Platform - So What’s New?
Identity Gateway with the ForgeRock Identity Platform - So What’s New?Identity Gateway with the ForgeRock Identity Platform - So What’s New?
Identity Gateway with the ForgeRock Identity Platform - So What’s New?
ForgeRock
 
CIS 2015 Extreme SAML - Hans Zandbelt
CIS 2015 Extreme SAML - Hans ZandbeltCIS 2015 Extreme SAML - Hans Zandbelt
CIS 2015 Extreme SAML - Hans Zandbelt
CloudIDSummit
 
The Platform Big Picture
The Platform Big PictureThe Platform Big Picture
The Platform Big Picture
ForgeRock
 
Entitlements: Taking Control of the Big Data Gold Rush
Entitlements: Taking Control of the Big Data Gold RushEntitlements: Taking Control of the Big Data Gold Rush
Entitlements: Taking Control of the Big Data Gold Rush
ForgeRock
 

Weitere ähnliche Inhalte

Was ist angesagt?

OpenIG Webinar: Your Swiss Army Knife for Protecting and Securing Web Apps, A...
OpenIG Webinar: Your Swiss Army Knife for Protecting and Securing Web Apps, A...OpenIG Webinar: Your Swiss Army Knife for Protecting and Securing Web Apps, A...
OpenIG Webinar: Your Swiss Army Knife for Protecting and Securing Web Apps, A...
ForgeRock
 
Identity Management with the ForgeRock Identity Platform - So What’s New?
Identity Management with the ForgeRock Identity Platform - So What’s New?Identity Management with the ForgeRock Identity Platform - So What’s New?
Identity Management with the ForgeRock Identity Platform - So What’s New?
ForgeRock
 
Bring your own Identity (BYOID) with WSO2 Identity Server
Bring your own Identity (BYOID) with WSO2 Identity ServerBring your own Identity (BYOID) with WSO2 Identity Server
Bring your own Identity (BYOID) with WSO2 Identity Server
WSO2
 
Identity Gateway with the ForgeRock Identity Platform - So What’s New?
Identity Gateway with the ForgeRock Identity Platform - So What’s New?Identity Gateway with the ForgeRock Identity Platform - So What’s New?
Identity Gateway with the ForgeRock Identity Platform - So What’s New?
ForgeRock
 
CIS 2015 Extreme SAML - Hans Zandbelt
CIS 2015 Extreme SAML - Hans ZandbeltCIS 2015 Extreme SAML - Hans Zandbelt
CIS 2015 Extreme SAML - Hans Zandbelt
CloudIDSummit
 

Was ist angesagt? (20)

IDP Proxy Concept: Accessing Identity Data Sources Everywhere!
IDP Proxy Concept: Accessing Identity Data Sources Everywhere!IDP Proxy Concept: Accessing Identity Data Sources Everywhere!
IDP Proxy Concept: Accessing Identity Data Sources Everywhere!
 
OpenAM: An Introduction
OpenAM: An IntroductionOpenAM: An Introduction
OpenAM: An Introduction
 
OpenIG Webinar: Your Swiss Army Knife for Protecting and Securing Web Apps, A...
OpenIG Webinar: Your Swiss Army Knife for Protecting and Securing Web Apps, A...OpenIG Webinar: Your Swiss Army Knife for Protecting and Securing Web Apps, A...
OpenIG Webinar: Your Swiss Army Knife for Protecting and Securing Web Apps, A...
 
Identity Management with the ForgeRock Identity Platform - So What’s New?
Identity Management with the ForgeRock Identity Platform - So What’s New?Identity Management with the ForgeRock Identity Platform - So What’s New?
Identity Management with the ForgeRock Identity Platform - So What’s New?
 
ForgeRock Platform Release - Summer 2016
ForgeRock Platform Release - Summer 2016 ForgeRock Platform Release - Summer 2016
ForgeRock Platform Release - Summer 2016
 
Webinar: ForgeRock Identity Platform Preview (Dec 2015)
Webinar: ForgeRock Identity Platform Preview (Dec 2015)Webinar: ForgeRock Identity Platform Preview (Dec 2015)
Webinar: ForgeRock Identity Platform Preview (Dec 2015)
 
Implementing WebAuthn & FAPI supports on Keycloak
Implementing WebAuthn & FAPI supports on KeycloakImplementing WebAuthn & FAPI supports on Keycloak
Implementing WebAuthn & FAPI supports on Keycloak
 
The Future is Now: What’s New in ForgeRock Identity Management
The Future is Now: What’s New in ForgeRock Identity Management The Future is Now: What’s New in ForgeRock Identity Management
The Future is Now: What’s New in ForgeRock Identity Management
 
NYC Identity Summit Business Day: Identity is the Center of Everything (Mike ...
NYC Identity Summit Business Day: Identity is the Center of Everything (Mike ...NYC Identity Summit Business Day: Identity is the Center of Everything (Mike ...
NYC Identity Summit Business Day: Identity is the Center of Everything (Mike ...
 
Pimping the ForgeRock Identity Platform for a Billion Users
Pimping the ForgeRock Identity Platform for a Billion UsersPimping the ForgeRock Identity Platform for a Billion Users
Pimping the ForgeRock Identity Platform for a Billion Users
 
Implementing security requirements for banking API system using Open Source ...
Implementing security requirements for banking API system using Open Source ... Implementing security requirements for banking API system using Open Source ...
Implementing security requirements for banking API system using Open Source ...
 
FIDO @ LINE - #idcon vol.24
FIDO @ LINE - #idcon vol.24FIDO @ LINE - #idcon vol.24
FIDO @ LINE - #idcon vol.24
 
NIST SP 800-63-3 #idcon vol.22
NIST SP 800-63-3 #idcon vol.22NIST SP 800-63-3 #idcon vol.22
NIST SP 800-63-3 #idcon vol.22
 
Webinar: OpenAM 12.0 - New Featurs
Webinar: OpenAM 12.0 - New FeatursWebinar: OpenAM 12.0 - New Featurs
Webinar: OpenAM 12.0 - New Featurs
 
Provisioning IoT...Oh Baby You Know Meeee!
Provisioning IoT...Oh Baby You Know Meeee!Provisioning IoT...Oh Baby You Know Meeee!
Provisioning IoT...Oh Baby You Know Meeee!
 
Customer Scale: Stateless Sessions and Managing High-Volume Digital Services
Customer Scale: Stateless Sessions and Managing High-Volume Digital ServicesCustomer Scale: Stateless Sessions and Managing High-Volume Digital Services
Customer Scale: Stateless Sessions and Managing High-Volume Digital Services
 
WebRTC with Java
WebRTC with JavaWebRTC with Java
WebRTC with Java
 
Bring your own Identity (BYOID) with WSO2 Identity Server
Bring your own Identity (BYOID) with WSO2 Identity ServerBring your own Identity (BYOID) with WSO2 Identity Server
Bring your own Identity (BYOID) with WSO2 Identity Server
 
Identity Gateway with the ForgeRock Identity Platform - So What’s New?
Identity Gateway with the ForgeRock Identity Platform - So What’s New?Identity Gateway with the ForgeRock Identity Platform - So What’s New?
Identity Gateway with the ForgeRock Identity Platform - So What’s New?
 
CIS 2015 Extreme SAML - Hans Zandbelt
CIS 2015 Extreme SAML - Hans ZandbeltCIS 2015 Extreme SAML - Hans Zandbelt
CIS 2015 Extreme SAML - Hans Zandbelt
 

Ähnlich wie Webinar: "Entitlements: Taking Control of the Big Data Gold Rush"

Webinar: Identity Wars: The Unified Platform Awakens
Webinar: Identity Wars: The Unified Platform AwakensWebinar: Identity Wars: The Unified Platform Awakens
Webinar: Identity Wars: The Unified Platform Awakens
ForgeRock
 
Optimizing IAM with Single Sign-On From the Cloud to On-Premise
Optimizing IAM with Single Sign-On From the Cloud to On-PremiseOptimizing IAM with Single Sign-On From the Cloud to On-Premise
Optimizing IAM with Single Sign-On From the Cloud to On-Premise
mycroftinc
 
Webinar: Extend The Power of The ForgeRock Identity Platform Through Scripting
Webinar: Extend The Power of The ForgeRock Identity Platform Through ScriptingWebinar: Extend The Power of The ForgeRock Identity Platform Through Scripting
Webinar: Extend The Power of The ForgeRock Identity Platform Through Scripting
ForgeRock
 
CIS13: Bootcamp: Ping Identity OAuth and OpenID Connect In Action with PingFe...
CIS13: Bootcamp: Ping Identity OAuth and OpenID Connect In Action with PingFe...CIS13: Bootcamp: Ping Identity OAuth and OpenID Connect In Action with PingFe...
CIS13: Bootcamp: Ping Identity OAuth and OpenID Connect In Action with PingFe...
CloudIDSummit
 
API Security: Securing Digital Channels and Mobile Apps Against Hacks
API Security: Securing Digital Channels and Mobile Apps Against HacksAPI Security: Securing Digital Channels and Mobile Apps Against Hacks
API Security: Securing Digital Channels and Mobile Apps Against Hacks
Akana
 
The Business Value for Internal APIs in the Enterprise
The Business Value for Internal APIs in the EnterpriseThe Business Value for Internal APIs in the Enterprise
The Business Value for Internal APIs in the Enterprise
Akana
 

Ähnlich wie Webinar: "Entitlements: Taking Control of the Big Data Gold Rush" (20)

The Platform Big Picture
The Platform Big PictureThe Platform Big Picture
The Platform Big Picture
 
Entitlements: Taking Control of the Big Data Gold Rush
Entitlements: Taking Control of the Big Data Gold RushEntitlements: Taking Control of the Big Data Gold Rush
Entitlements: Taking Control of the Big Data Gold Rush
 
Webinar: Identity Wars: The Unified Platform Awakens
Webinar: Identity Wars: The Unified Platform AwakensWebinar: Identity Wars: The Unified Platform Awakens
Webinar: Identity Wars: The Unified Platform Awakens
 
NYC Identity Summit Tech Day: ForgeRock Identity Platform Overview
NYC Identity Summit Tech Day: ForgeRock Identity Platform OverviewNYC Identity Summit Tech Day: ForgeRock Identity Platform Overview
NYC Identity Summit Tech Day: ForgeRock Identity Platform Overview
 
Optimizing IAM with Single Sign-On From the Cloud to On-Premise
Optimizing IAM with Single Sign-On From the Cloud to On-PremiseOptimizing IAM with Single Sign-On From the Cloud to On-Premise
Optimizing IAM with Single Sign-On From the Cloud to On-Premise
 
The Future is Now: The ForgeRock Identity Platform, Early 2017 Release
The Future is Now: The ForgeRock Identity Platform, Early 2017 ReleaseThe Future is Now: The ForgeRock Identity Platform, Early 2017 Release
The Future is Now: The ForgeRock Identity Platform, Early 2017 Release
 
Java2Days - Security for JavaEE and the Cloud
Java2Days - Security for JavaEE and the CloudJava2Days - Security for JavaEE and the Cloud
Java2Days - Security for JavaEE and the Cloud
 
Webinar: Extend The Power of The ForgeRock Identity Platform Through Scripting
Webinar: Extend The Power of The ForgeRock Identity Platform Through ScriptingWebinar: Extend The Power of The ForgeRock Identity Platform Through Scripting
Webinar: Extend The Power of The ForgeRock Identity Platform Through Scripting
 
Oracle API Platform Cloud Service Best Practices & Lessons Learnt
Oracle API Platform Cloud Service Best Practices & Lessons LearntOracle API Platform Cloud Service Best Practices & Lessons Learnt
Oracle API Platform Cloud Service Best Practices & Lessons Learnt
 
NYC Identity Summit Tech Day: Best Practices for API Security
NYC Identity Summit Tech Day: Best Practices for API SecurityNYC Identity Summit Tech Day: Best Practices for API Security
NYC Identity Summit Tech Day: Best Practices for API Security
 
The Future is Now: What’s New in ForgeRock Identity Gateway
The Future is Now: What’s New in ForgeRock Identity GatewayThe Future is Now: What’s New in ForgeRock Identity Gateway
The Future is Now: What’s New in ForgeRock Identity Gateway
 
Sydney Identity Summit: Addressing the New Threat Landscape with Continuous S...
Sydney Identity Summit: Addressing the New Threat Landscape with Continuous S...Sydney Identity Summit: Addressing the New Threat Landscape with Continuous S...
Sydney Identity Summit: Addressing the New Threat Landscape with Continuous S...
 
CIS13: Bootcamp: Ping Identity OAuth and OpenID Connect In Action with PingFe...
CIS13: Bootcamp: Ping Identity OAuth and OpenID Connect In Action with PingFe...CIS13: Bootcamp: Ping Identity OAuth and OpenID Connect In Action with PingFe...
CIS13: Bootcamp: Ping Identity OAuth and OpenID Connect In Action with PingFe...
 
Wavestone forgerock banking demo
Wavestone forgerock banking demoWavestone forgerock banking demo
Wavestone forgerock banking demo
 
API Security: Securing Digital Channels and Mobile Apps Against Hacks
API Security: Securing Digital Channels and Mobile Apps Against HacksAPI Security: Securing Digital Channels and Mobile Apps Against Hacks
API Security: Securing Digital Channels and Mobile Apps Against Hacks
 
An Authentication and Authorization Architecture for a Microservices World
An Authentication and Authorization Architecture for a Microservices WorldAn Authentication and Authorization Architecture for a Microservices World
An Authentication and Authorization Architecture for a Microservices World
 
How to Make Your IoT Devices Secure, Act Autonomously & Trusted Subjects
How to Make Your IoT Devices Secure, Act Autonomously & Trusted SubjectsHow to Make Your IoT Devices Secure, Act Autonomously & Trusted Subjects
How to Make Your IoT Devices Secure, Act Autonomously & Trusted Subjects
 
Oracle Identity & Access Management
Oracle Identity & Access ManagementOracle Identity & Access Management
Oracle Identity & Access Management
 
The Business Value for Internal APIs in the Enterprise
The Business Value for Internal APIs in the EnterpriseThe Business Value for Internal APIs in the Enterprise
The Business Value for Internal APIs in the Enterprise
 
The Business Value for Internal APIs in the Enterprise
The Business Value for Internal APIs in the EnterpriseThe Business Value for Internal APIs in the Enterprise
The Business Value for Internal APIs in the Enterprise
 

Mehr von ForgeRock

ForgeRock and Trusona - Simplifying the Multi-factor User Experience
ForgeRock and Trusona - Simplifying the Multi-factor User ExperienceForgeRock and Trusona - Simplifying the Multi-factor User Experience
ForgeRock and Trusona - Simplifying the Multi-factor User Experience
ForgeRock
 

Mehr von ForgeRock (20)

Digital Identities in the Internet of Things - Securely Manage Devices at Scale
Digital Identities in the Internet of Things - Securely Manage Devices at ScaleDigital Identities in the Internet of Things - Securely Manage Devices at Scale
Digital Identities in the Internet of Things - Securely Manage Devices at Scale
 
Get the Exact Identity Solution You Need - In the Cloud - AWS and Beyond
Get the Exact Identity Solution You Need - In the Cloud - AWS and BeyondGet the Exact Identity Solution You Need - In the Cloud - AWS and Beyond
Get the Exact Identity Solution You Need - In the Cloud - AWS and Beyond
 
Identity Live Sydney: Identity Management - A Strategic Opportunity
Identity Live Sydney: Identity Management - A Strategic OpportunityIdentity Live Sydney: Identity Management - A Strategic Opportunity
Identity Live Sydney: Identity Management - A Strategic Opportunity
 
Identity Live Singapore: Transform Your Cybersecurity Capability
Identity Live Singapore: Transform Your Cybersecurity CapabilityIdentity Live Singapore: Transform Your Cybersecurity Capability
Identity Live Singapore: Transform Your Cybersecurity Capability
 
Identity Live Singapore 2018 Keynote Presentation
Identity Live Singapore 2018 Keynote PresentationIdentity Live Singapore 2018 Keynote Presentation
Identity Live Singapore 2018 Keynote Presentation
 
Identity Live Sydney 2018 Keynote Presentation
Identity Live Sydney 2018 Keynote PresentationIdentity Live Sydney 2018 Keynote Presentation
Identity Live Sydney 2018 Keynote Presentation
 
Identity Live Singapore: Just Ask 'Em
Identity Live Singapore: Just Ask 'EmIdentity Live Singapore: Just Ask 'Em
Identity Live Singapore: Just Ask 'Em
 
Identity Live Singapore: Building Trust & Privacy in a Connected Society
Identity Live Singapore: Building Trust & Privacy in a Connected SocietyIdentity Live Singapore: Building Trust & Privacy in a Connected Society
Identity Live Singapore: Building Trust & Privacy in a Connected Society
 
Identity Live Sydney: Intelligent Authentication
Identity Live Sydney: Intelligent Authentication Identity Live Sydney: Intelligent Authentication
Identity Live Sydney: Intelligent Authentication
 
Identity Live Sydney: Building Trust and Privacy in a Connected Society
Identity Live Sydney: Building Trust and Privacy in a Connected SocietyIdentity Live Sydney: Building Trust and Privacy in a Connected Society
Identity Live Sydney: Building Trust and Privacy in a Connected Society
 
Get the Exact Identity Solution you Need in the Cloud - Deep Dive
Get the Exact Identity Solution you Need in the Cloud - Deep DiveGet the Exact Identity Solution you Need in the Cloud - Deep Dive
Get the Exact Identity Solution you Need in the Cloud - Deep Dive
 
Get the Exact Identity Solution You Need - In the Cloud - Overview
Get the Exact Identity Solution You Need - In the Cloud - OverviewGet the Exact Identity Solution You Need - In the Cloud - Overview
Get the Exact Identity Solution You Need - In the Cloud - Overview
 
ForgeRock and Trusona - Simplifying the Multi-factor User Experience
ForgeRock and Trusona - Simplifying the Multi-factor User ExperienceForgeRock and Trusona - Simplifying the Multi-factor User Experience
ForgeRock and Trusona - Simplifying the Multi-factor User Experience
 
Opening Keynote (Identity Live Berlin 2018)
Opening Keynote (Identity Live Berlin 2018)Opening Keynote (Identity Live Berlin 2018)
Opening Keynote (Identity Live Berlin 2018)
 
Steinberg - Customer identity as the cornerstone of our approach to digitaliz...
Steinberg - Customer identity as the cornerstone of our approach to digitaliz...Steinberg - Customer identity as the cornerstone of our approach to digitaliz...
Steinberg - Customer identity as the cornerstone of our approach to digitaliz...
 
BMW Group - Identity Enables the Next 100 Years.. (Identity Live Berlin 2018)
BMW Group - Identity Enables the Next 100 Years.. (Identity Live Berlin 2018)BMW Group - Identity Enables the Next 100 Years.. (Identity Live Berlin 2018)
BMW Group - Identity Enables the Next 100 Years.. (Identity Live Berlin 2018)
 
Trust is Everything - The Future of Identity and the ForgeRock Platform (Iden...
Trust is Everything - The Future of Identity and the ForgeRock Platform (Iden...Trust is Everything - The Future of Identity and the ForgeRock Platform (Iden...
Trust is Everything - The Future of Identity and the ForgeRock Platform (Iden...
 
Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...
Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...
Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...
 
Shift from GDPR readiness to sustained compliance to improve your business an...
Shift from GDPR readiness to sustained compliance to improve your business an...Shift from GDPR readiness to sustained compliance to improve your business an...
Shift from GDPR readiness to sustained compliance to improve your business an...
 
Intelligent Authentication (Identity Live Berlin 2018)
Intelligent Authentication (Identity Live Berlin 2018)Intelligent Authentication (Identity Live Berlin 2018)
Intelligent Authentication (Identity Live Berlin 2018)
 

Kürzlich hochgeladen

CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICECHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Alberto González Trastoy
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service provider
mohitmore19
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
Delhi Call girls
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
panagenda
 
Chinsurah Escorts ☎️8617697112 Starting From 5K to 15K High Profile Escorts ...
Chinsurah Escorts ☎️8617697112 Starting From 5K to 15K High Profile Escorts ...Chinsurah Escorts ☎️8617697112 Starting From 5K to 15K High Profile Escorts ...
Chinsurah Escorts ☎️8617697112 Starting From 5K to 15K High Profile Escorts ...
Nitya salvi
 
AI & Machine Learning Presentation Template
AI & Machine Learning Presentation TemplateAI & Machine Learning Presentation Template
AI & Machine Learning Presentation Template
Presentation.STUDIO
 
The Top App Development Trends Shaping the Industry in 2024-25 .pdf
The Top App Development Trends Shaping the Industry in 2024-25 .pdfThe Top App Development Trends Shaping the Industry in 2024-25 .pdf
The Top App Development Trends Shaping the Industry in 2024-25 .pdf
ayushiqss
 

Kürzlich hochgeladen (20)

%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
 
BUS PASS MANGEMENT SYSTEM USING PHP.pptx
BUS PASS MANGEMENT SYSTEM USING PHP.pptxBUS PASS MANGEMENT SYSTEM USING PHP.pptx
BUS PASS MANGEMENT SYSTEM USING PHP.pptx
 
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTV
 
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICECHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
 
The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...
The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...
The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
 
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service provider
 
10 Trends Likely to Shape Enterprise Technology in 2024
10 Trends Likely to Shape Enterprise Technology in 202410 Trends Likely to Shape Enterprise Technology in 2024
10 Trends Likely to Shape Enterprise Technology in 2024
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
 
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension AidDirect Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
 
%in ivory park+277-882-255-28 abortion pills for sale in ivory park
%in ivory park+277-882-255-28 abortion pills for sale in ivory park %in ivory park+277-882-255-28 abortion pills for sale in ivory park
%in ivory park+277-882-255-28 abortion pills for sale in ivory park
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
 
Chinsurah Escorts ☎️8617697112 Starting From 5K to 15K High Profile Escorts ...
Chinsurah Escorts ☎️8617697112 Starting From 5K to 15K High Profile Escorts ...Chinsurah Escorts ☎️8617697112 Starting From 5K to 15K High Profile Escorts ...
Chinsurah Escorts ☎️8617697112 Starting From 5K to 15K High Profile Escorts ...
 
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
 
AI & Machine Learning Presentation Template
AI & Machine Learning Presentation TemplateAI & Machine Learning Presentation Template
AI & Machine Learning Presentation Template
 
The Top App Development Trends Shaping the Industry in 2024-25 .pdf
The Top App Development Trends Shaping the Industry in 2024-25 .pdfThe Top App Development Trends Shaping the Industry in 2024-25 .pdf
The Top App Development Trends Shaping the Industry in 2024-25 .pdf
 

Webinar: "Entitlements: Taking Control of the Big Data Gold Rush"

  • 1. Copyright © 2015 ForgeRock, all rights reserved. Entitlements: Taking Control of the Big Data Gold Rush Markus Weber Andy Forrest August 18th, 2015
  • 2. Copyright © 2015 ForgeRock, all rights reserved. Achieving the Holy Grail of Identity Knowing Who's Who, What's What, and Who Gets Access to What Source: Scott McNealy, Identity Summit 2015
  • 3. Copyright © 2015 ForgeRock, all rights reserved. ForgeRock Fastest-growing Open Source Identity Security Software company in the world ■ Founded 2010 with high double digit growth every year since inception ■ Over 200 full time employees ■ Over 400 customers ■ Active in over 30 countries ■ Locations: San Francisco, Vancouver (US), Bristol (UK), London (UK), Grenoble (FR), Oslo, Singapor, Düsseldorf Award winning platform driving innovation worldwide ■ Gold winner of the CEO World awards 2014 ■ Silver Winner in the 6th Annual Golden Bridge Award 2014 ■ Silver winner for the Fastest-Growing Company of the Year in Best in Biz Awards 2014 Investors: Our Origins:
  • 4. Copyright © 2015 ForgeRock, all rights reserved. 275 survey respondents Research by
  • 5. Copyright © 2015 ForgeRock, all rights reserved. Research by  71% using ForgeRock for THEIR customer identities (USA)  88% deploy in less than a year  65% deploy in less than 6 months  70% reach payback in less than 18 months  91% rate ForgeRock speed to deployment superior to competition  96% rate ForgeRock scalability superior to competition  92% rate ForgeRock reliability superior to competition  100% of government and financial services customers rate ForgeRock scalability superior to the competition
  • 6. Copyright © 2015 ForgeRock, all rights reserved. The Platform
  • 7. Copyright © 2015 ForgeRock, all rights reserved. The ForgeRock Identity Platform (Identity Management) (Access Management) (Directory Services) (Identity Gateway)
  • 8. Copyright © 2015 ForgeRock, all rights reserved.Copyright © Identity Summit 2015, all rights reserved. IDENTITY MANAGEMENT Provisioning Self-Service Password Management Synchronization/Reconciliation Workflow Engine SaaS Connectors ACCESS MANAGEMENT Authentication Entitlements Management Federation Social Sign-On Adaptive Risk REST Security Token Service API & MOBILE GATEWAY API Security Mobile Security Legacy Application Security Web Services Security Password Capture and Replay DIRECTORY SERVICES Performance & Scalability High Availability Password Policy Active Directory Synchronization Identity Data Replication LDAPv3 and REST2LDAP COMMONSERVICES RESTAPI Standards UserInterface The ForgeRock Identity Platform
  • 9. Copyright © 2015 ForgeRock, all rights reserved. customldapv3 User Data Stores Authentication Coarse Grained Authorization Policies SSO Session Management Federation Hub Adaptive Risk ForgeRock UI Framework Password management Audit Logging UI Layer Access Layer Business Logic Layer Services Layer Persistence layer SIEM | Reporting Tools (3rd party) Authentication Systems (out-of-the-box & 3rd party) Analytics tools (3rd party) Fine Grained Authorization Pluggable Common REST OpenID Connect OAuth2 SAMLv2 WS-* Protected Resource s Web Application Mobile Application Policy AgentFirewall Reverse Proxy REST Client Stateful StatelessSession Layer Load balancer Chip | Thing End-User UI JATO based Admin UI Policy Editor Monitoring
  • 10. Copyright © 2015 ForgeRock, all rights reserved. The Near Future
  • 11. Copyright © 2015 ForgeRock, all rights reserved. Return on Identity Platform Focus for Maximizing ROI API Economy IoT Scale IoT Ready Privacy & Consent Security Data Enrichment Run Anywhere
  • 12. Copyright © 2015 ForgeRock, all rights reserved. Privacy & Consent User Managed Access (UMA) • Standards based privacy and consent • Giving people the right to control access to their data across providers • Interoperable OAuth2-based protocol • Shipping as an integrated feature of OpenAM and OpenIG
  • 13. Copyright © 2015 ForgeRock, all rights reserved. Internet of Things Scale Stateless Sessions • Built on new stateless sessions • JWT-based sessions • Per-Realm configuration • Enables true elastic deployment • Massive horizontal scalability ClusterSize Demand Internet Elastic Load Balancer
  • 14. Copyright © 2015 ForgeRock, all rights reserved. Security Continuous Authorization OpenAM Session Contextual Change System Detects New Location System detects change during session and requests 1x password • Context based authentication and authorization • Includes the device print and request context in the policy evaluation • Custom logic easily integrated into Policy decisions with JavaScript, Groovy, or Java • REST-calls to external Policy Information Points
  • 15. Copyright © 2015 ForgeRock, all rights reserved. Entitlements Taking Control of the Big Data Gold Rush Andy Forrest (@apforrest) andrew.forrest@forgerock.com
  • 16. Copyright © 2015 ForgeRock, all rights reserved. “Information is the new currency”
  • 17. Copyright © 2015 ForgeRock, all rights reserved. Let’s rewind a little... Subject Resource Action Environment • Authentication • Authorization
  • 18. Copyright © 2015 ForgeRock, all rights reserved. What has a policy looked like? Typically used to protect a web resource: “Can Bob who is part of the admin group see the admin web page?”
  • 19. Copyright © 2015 ForgeRock, all rights reserved. Policy solutions • ACLs (access control lists) - focused on the subject • RBAC (role based access control) - focused on the subject and resource - role explosion
  • 20. Copyright © 2015 ForgeRock, all rights reserved. Policy characteristics • Coarse grained • Allow / deny • Inflexible • Low volume • Minimal performance demand
  • 21. Copyright © 2015 ForgeRock, all rights reserved. PEP Common policy architecture Protected resource Bob PDP PAP PIPs
  • 22. Copyright © 2015 ForgeRock, all rights reserved. Common policy architecture Policy agent Protected resource Bob OpenAM
  • 23. Copyright © 2015 ForgeRock, all rights reserved. What’s next for policy? “Authorization is the new cool kid”
  • 24. Copyright © 2015 ForgeRock, all rights reserved. IoT (Internet of Things) • Not just web pages • Richer relationships • Descriptive demand
  • 25. Copyright © 2015 ForgeRock, all rights reserved. UMA (User Managed Access) • In the hands of the consumer • High scale • Decoupled • Distributed
  • 26. Copyright © 2015 ForgeRock, all rights reserved. Some of the buzz • ABAC (attribute based access control) • XACML (extensible access control markup language)
  • 27. Copyright © 2015 ForgeRock, all rights reserved. Future policy characteristics • Attribute based • Fine grained • Entitlements • Unknown entities • High volume • Performance speed • Outward facing
  • 28. Copyright © 2015 ForgeRock, all rights reserved. What about OpenAM? “We’re the real deal”
  • 29. Copyright © 2015 ForgeRock, all rights reserved. OpenAM policy • Complete REST API • Intuitive UI • Organisational structure • Expressive rules • Contextual authz • Rich entitlement decisions • Selective evaluation • Scaling and replication • XACML export/import
  • 30. Copyright © 2015 ForgeRock, all rights reserved. Demo
  • 31. Copyright © 2015 ForgeRock, all rights reserved. Mobile Twitter Raspberry PI OpenAM Device 1 Radio Tx Radio Rx Device 3 Radio Rx Device 2 Radio Rx Web App Policy Demo topology
  • 32. Copyright © 2015 ForgeRock, all rights reserved. Demo topology
  • 33. Copyright © 2015 ForgeRock, all rights reserved. DJ 2 OpenAM 2 DJ 1 OpenAM 1 Replication Cross talk 8 x 3.3GHz, 64GB 8 x 3.3GHz, 64GB Performance topology
  • 34. Copyright © 2015 ForgeRock, all rights reserved.
  • 35. Copyright © 2015 ForgeRock, all rights reserved. How does OpenAM continue to lead? • Continually looking to push performance • More fine grained through ABAC - generic attribute model - application rules - nested applications • Simplified UIs
  • 36. Copyright © 2015 ForgeRock, all rights reserved. “Information is the new currency”
  • 37. Copyright © 2015 ForgeRock, all rights reserved. IDENTITY SUMMIT SERIES 2015: EUROPE 8 October London 5 November Amsterdam 10 November Düsseldorf Visit summits.forgerock.com
  • 38. Copyright © 2015 ForgeRock, all rights reserved. Q & A

Hinweis der Redaktion

  1. Founded four years ago, by five guys who had an idea They were working for sun microsystems – very innovative. Built java & solaris etc They had a big software & hardware biz, and a huge IAM biz, globally successful Late 2000s, acquired by Oracle Oracle already had IAM. Proprietary fusion apps Sun had commercial open source, telco-scale IAM Lots of Sun IAM ppl left to found ForgeRock to continue the commercial open source portfolio under a diff name Now read slide We’ve got a lot of the SunIAM guys employed with ForgeRock now We’ve got some of the best investors in the world backing us now. Accel series A: Facebook Foundation Capital: Netflix Series A Sun Co-Founder Scott McNealy is our marquee advisor and he grew Sun into a multi-billion dollar company
  2. Introduce myself What is big data?
  3. 4 points buzz word revenue, business privacy, consumer protect Big data is essentially information, our data, collected, collated and utilised to bring value Big data is only relevant if it gives value Collect it all as you never know where the value may come Two sides, consumer and privacy, business and revenue Data is worth something to consumers and businesses and therefore needs protecting Avalanche of data
  4. authentication - proving who you say you are authorisation - verifying what you’re allowed to carry out in a given context policy?
  5. ACLs white lists / black lists all in / all out one dimension, the subject RBAC not who you are but you you’re apart of two dimensions, the subject/group, the resource employ door, door_close, door_open
  6. Elaborate each point
  7. P*P architecture Needs a few more labels How does it map to AM?
  8. Why? authentication has been the focus welcome everyone, trust no one
  9. IoT forces us to consider other types other than just web resources We need to be able to express richer rules to define the relationships between subjects and devices IoT devices are better described with attributes
  10. UMA puts policy in the hands of the consumer Now we’re talking about high scale policy management
  11. This needs a little more thought ABAC is a follow on from RBAC, the next evolution
  12. Elaborate each point
  13. Sun
  14. Elaborate each point 12/13 diff REST not only lightweight, simple and interoperable API but also eliminates the agent
  15. Demo time Main point is to demonstrate the engine via the UI
  16. 200 policies 200 sessions 10,000,000 users 20 milliseconds, 1% of two seconds maybe needs deployment diagram acceptable average web page load time
  17. Elaborate each point
  18. Tie back to presentation brief. Information is the new currency, information can take the form of big data and AM is ready to protect it.