Open Standard Based identity Provisioning System for Cloud

Tags:

Preview:

Click to see full reader

DESCRIPTION

Open Standard Based identity Provisioning System for Cloud @ Identity.Next 2012 - Netherlands.

Citation preview

Prabath Siriwardena (@prabath)

Senior Software Architect

2001  :  OASIS  PS  TC  

2003  :  SPML  1.0  2003  :  WS-­‐Provisioning  

2006  :  SPML  2.0  2010  :  SCIM  community  

2011  :  SCIM  1.0  

2012  :  SCIM  1.1  

2011  :  RESTPML  

SCIM  Service  Provider  

/Users  

/Groups  SCIM  Consumer  

{    "schemas":[],    "name":{"familyName":”siriwardena","givenName":”prabath"},    "userName":”prabath","password":”prabath123",    "emails":[{"primary":true,"value":”prabath@yahoo.com","type":"home"},  

       {"value":”prabath@wso2.com","type":"work"}]  }  

curl  -­‐v  -­‐k  -­‐-­‐user  admin:admin  -­‐d  @add-­‐user.json  -­‐-­‐header  "Content-­‐Type:application/json"  https://localhost:9443/wso2/scim/Users  

add-­‐user.json    

curl  command  

{      "schemas":  ["urn:scim:schemas:core:1.0"],      "id":  "idnext",      "displayName":  "IdentityNext",  }  

curl  -­‐v  -­‐k  -­‐-­‐user  admin:admin  -­‐d  @add-­‐group.json  -­‐-­‐header  "Content-­‐Type:application/json"  https://localhost:9443/wso2/scim/Groups  

add-­‐group.json    

curl  command  

Provisioning

Service Provider

Domain  A  

Domain  B  

One    way  provisioning  

Provisioning

Service Provider

Provisioning

Service Provider

Domain  C  

SCIM  Consumer  

Provisioning

Service Provider

Domain  A  

Domain  B  

One  way  provisioning  with  broker  mode  

Provisioning

Service Provider

Provisioning

Service Provider

Domain  C  

SCIM  Consumer  

Provisioning

Service Provider

Domain  A  

Domain  B  

Bi-­‐directional  provisioning  

Provisioning

Service Provider

Provisioning

Service Provider

Domain  C  

SCIM  Consumer  

SCIM  Consumer  

SCIM  Consumer  

Provisioning

Service Provider

Domain  A  

Domain  B  

Multi-­‐directional  provisioning  with  a  centralized  PSP  

Provisioning

Service Provider

Provisioning

Service Provider

Domain  C  

SCIM  Consumer  

SCIM  Consumer  

SCIM  Consumer  

Provisioning

Service Provider

Provisioning

Service Provider

Domain  A  

Domain  B  

Just-­‐in-­‐time  provisioning  with  SAML2  

SAML2 IdP

1

2

3

4

Provisioning

Service Provider

Domain  A  

Domain  B  

Just-­‐in-­‐time  provisioning  with  SAML2  

SAML2 IdP

1

2

3

5

4

Provisioning

Service Provider

SCIM  Consumer  (facilelogin.com)  

SCIM  Consumer  (wso2.com)  

wso2.com  

facilelogin.com  

Provisioning

Service Provider

SCIM  Consumer    

OAuth 2.0

Authorization Server

Bearer  Token  

Provisioning

Service Provider

SCIM  Consumer    

OAuth 2.0

Authorization Server

Bearer  Token  

Validate()  

Client  

Resource  Owner  

Resource    

Scope  

Action  

SCIM  Consumer    

Provisioning

Service Provider

Provisioning

Service Provider

SCIM  Consumer    

OAuth 2.0

Authorization Server

Validate()  

XACML PDP

XACML  Request  

Permit/Deny/…  

Recommended

Standards Based Identity Provisioning
Technology
Williams Cloud-based Provisioning
Documents
OData Provisioning - SAP Help Portal · PDF fileThe SAP Cloud Platform OData Provisioning is a function of SAP Cloud Platform which combines SAP Gateway ... OData Provisioning Overview
Documents
Optimizing Resource Provisioning in Shared Cloud …delimitrou/papers/2014.techreport.hybrid.pdfOptimizing Resource Provisioning in Shared Cloud Systems Abstract Cloud computing promises
Documents
Enabling Automated Network Services Provisioning for Cloud ... · Enabling Automated Network Services Provisioning for Cloud Based Applications Using Zero Touch Provisioning ... the
Documents
FLEXIBLE ORGANIZATION OF REPOSITORIES FOR PROVISIONING CLOUD … · 2 REQUIREMENTS OF CLOUD INFRASTRUCTURE PROVISIONING Both grid computing and cloud computing are attempts at utility
Documents
Private-Cloud Provisioning in Multi-Cloud Environments...Private-Cloud Provisioning in Multi-Cloud Environments Get it right with 2 levels of abstraction The Provisioning Problem Powerful
Documents
Authenticator and provisioning connector in wso2 Identity Server
Software
Cloud Based IoT Application Provisioning (The Case of ...users.encs.concordia.ca › home › g › glitho › F16_ENCS691K_WSNAp… · Cloud Based IoT Application Provisioning (The
Documents
CloudPlatform – XenDesktop/XenApp cloud provisioning · CloudPlatform – XenDesktop/XenApp cloud provisioning Systems Engineer Networking & Cloud October 2014 Gaby Grau - gaby.grau@citrix.com
Documents
Cloud init and cloud provisioning [openstack summit vancouver]
Technology
WHITE PAPER Cordys Cloud Provisioning...Business Operations Platform with automated provisioning and metering of applications for the cloud (see Diagram 2). In principle, Cloud Provisioning
Documents
Open standard based Identity Provisioning for Cloud
Documents
NetSuite Provisioning Connector Guide - McAfeekc.mcafee.com/.../24000/PD24306/en_US/MCIM_NetSuite_Prov_Guide… · McAfee Cloud Identity Manager 3.5 NetSuite Provisioning Connector
Documents
CA Identity Manager Provisioning Guide
Documents
Provisioning software defined servers using Cloud OS · Provisioning Software-defined Servers ... Template-based software defined server provisioning HP Cloud OS for Moonshot
Documents
Automating Network Provisioning for Private Cloud
Documents
SAP Cloud Platform Identity Provisioning Service · 1 SAP Cloud Platform Identity Provisioning Service ... SAP Identity Management, used as the on-premise system. Source systems Enhancement
Documents
Oracle® Revenue Management and Billing Cloud Services · Oracle Revenue Management and Billing Cloud Services Federated Identity Configuration Guide F31148-01 ... 1.4.3 User Provisioning
Documents
User Provisioning, Comparison of Common Methodologies, Cloud Provisioning
Business