Page 2

TDM Strategy BriefingPresenter’s Name | November 09

SERVICE BUS and ACCESS CONTROL

Page 3

Agenda Objectives

Clearing confusion around cloud computing

Introducing the Windows Azure platform AppFabric• Service Bus• Access Control

Solving “Problems” with Windows Azure platform AppFabric

Page 4

Objectives Define cloud computing

AppFabric’s Service Bus and Access Control Capabilities

Solving cloud “problems” with AppFabric’s Service Bus and Access Control

Page 5

Fundamentals

How Microsoft Views the Cloud

Scale outAutomated

ServiceManagement

HighAvailability Multi-tenancy

Infrastructure

Business model

Ownership

Heterogeneous

Homogeneous

OpEx CapEx

Lease/Rented Owned

Considerations

ManagementThird Party Self

Location On premisesOff premises

Page 6

Software + Services

PC Phone

Server Cloud

Tools a

nd C

ross-P

latfo

rm S

up

port

Client

TV

Page 7

Software + Services Architecture“When you combine the ever-growing power of devices and the increasing ubiquity of the Web, you come up with a sum that is greater than its parts.” —RAY OZZIE

Page 8

Windows Azure is an internet-scale cloud services platform hosted in Microsoft data centers around the world, proving a simple, reliable and powerful platform for the creation of web applications and services.

Introducing Windows Azure

Page 9

Windows Azure Platform

Page 10

Simplified, Secure Connectivity for the Cloud  Service Bus and Access Control in Windows Azure platform AppFabric are powerful building blocks.

AppFabric SERVICE BUSConnect apps & services

AppFabric ACCESS CONTROL

Control & secure access

Secure Connectivity• Bridge cloud services, on-premises apps,

and hosted assets• Build distributed apps for your business or

to collaborate with partners

Across boundaries• Navigate network and security

boundaries, securely and simply• Federate identity and access across

organizations and ID providers• Simplify claims-based authorization for

distributed apps and web services

At Cloud Scale• Scale up and down as your business

requires• Automated service mgmt. and dynamic

scale• Interoperate with a variety of languages

and industry standards

Page 11

AppFabric Service Bus Connectivity

Application #1 Application #2Direct Connection facilitated by Service Bus if that is best

connection mechanism.

TextXMLGraphicsBinary DataStreaming

Firewall

Send

Receive

Exchange messages between loosely coupled, composite

applications.

Send

Receive

Page 12

AppFabric Service BusExpose apps and servicesover the internet across firewall, domain, and network boundaries

Communicate bi-directionally between in an interoperable manner

Choose interaction patterns to fit your application architecture,like eventing, service remoting, and protocol tunneling

Scale out naturally and reliably as applications and services grow

Page 13

Interaction PatternsEventingFB status, lightweight updates, event driven. Something happens and you get a notification.

Service remotingReach in and have some control over the information that I get from a service that lives elsewhere. Stock: I want to get price, next time I want to get volume.

TunnelingEstablished set of formats where information is exchanged. Exchange is asynchronous. Dedicated connection. Something closer to full remote control and visibility of application.

Page 14

AppFabric Service Bus Capabilities

Service RegistryFederated Identity

and Access Control

Application Messaging Patterns

Connectivity Fabric

Connectivity Fabric lets you setup a raw link across boundaries• NAT / firewall traversal• Mobile & intermittently

connected receivers

Application Messaging features provide various ways to communicate across that link• Bi-directional/peer-to-peer

communication• Cloud buffering – web

integration and message buffers

Service Registry makes apps and services discoverable to each other• Stable URIs for

services• Discovery –

supports Atom pub, …

Page 15

AppFabric Access Control

Applications or Users

Simplify and automate

complex authorization

schema requests.

Provide abstraction for

federated claims-based

authentication.

Easily establish secure trust relationship.

Data and Applications

Page 16

AppFabric Access Control Overview What it is:

• Federated authorization management service

What it does:• Simplify user access authorization across

organizations and ID providers• Perform claims transformation to map

identities with access levels

Use it to:• Secure AppFabric Service Bus

communications• Secure RESTful web services

Page 17

AppFabric Access Control Capabilities

Hosted Security Token Service• The output security token

contains claims computed from claims in incoming tokens

Standards Based• Works with Java, Ruby,

PHP, etc.

Define and manage rules to map claims to claims• Create and manage scopes; e.g.

URLs• Create and manage claim types• Create and manage signing and

encryption keys• Create and manage rules within

an application scope• Rules can be chained; e.g. Bob

Manager, Manager Edit-enables RBAC or more

• Manage permissions on scopes; e.g. delegation

Page 18

Architecture of AppFabric Access Control

Your AccessControl Project

Your App(Relying Part)

1. Define access control rules

6. Check for claims

User(Application)

5. Send token with request

0. Trust exchanged; secrets, certs

2. Send token (initial claims; e.g.

identity)

4. Return token (output claims from 3)

3. Map input claims to output claims based on access control rules

Page 19

Federated Identity with Microsoft “Geneva”Windows Identity Foundation Complements AppFabric Access Control

AppFabric Access Control simplifies and externalizes complex authorization requests: What are you now ALLOWED to do?

Active Directory and Live ID provide the authentication via Windows Identity Foundation: Who are you?

Active DirectoryFederation Server v2

Active Directory

FEDERATED IDENTITY

FEDERATED IDENTITY

Enterprise On-premises Win

dow

s Identity

Foundatio

nAppFabric Access Control

Finished

Services

Finished

Services

Scalable

Services

Microsoft FederationGateway

Windows Live ID

Web applications

Page 20

CASE STUDY

Company Profile:

Benefit Drivers:• Trustworthy: Customer’s

confidence in Microsoft’s scalability• Agility: Scalability for customers’

needs• Focus: Deliver services rather than

working on coding integration interfaces

Situation/Solution:When Microsoft announced the Windows Azure™ platform, Cast Iron wanted to enhance its integration solution with better connectivity to other public and private cloud offerings and to on-premises data.

Cast Iron used AppFabric’s Service Bus and Access Control, developer services that run on Windows Azure, to quickly provide broad connectivity with other data sources.

Key Advances:The ability to scale and gain confidence from customers by doing so with Windows Azure platform and the ability to focus on delivering services instead of wasting resources on coding integration interfaces.

“Without the Service Bus and Access Control, we would have had to create our own service bus infrastructure, which would have taken months.” —Rishi Vaish, Vice President of Engineering, Cast Iron Systems

Cast Iron Systems provides application integration solutions that help organizations connect many kinds of business software. The Mountain View, California–based firm employs 100 people. 

Integration Specialist Speeds to Market with Cloud-to-Cloud Interoperation

Page 21

CASE STUDY

Company Profile:

Benefit Drivers:• Efficiency: Avoidance of huge

capital costs• Agility: Massive scalability and

faster time to market• Focus: Create new market

opportunities and less resources on infrastructure needs.

Situation/Solution:AWS needed a way to scale its successful sea-safety application so that more lives could be saved, but wanted to avoid an expensive development effort and costly infrastructure expansion.

AWS migrated its application to the Windows Azure™ platform and used AppFabric’s Service Bus and Access Control to provide global communications scalability.

Key Advances:The ability to scale without huge infrastructure costs, move new applications and software to market faster, and create new market opportunities.

“Our original architecture supported 10,000 vessels, but the Windows Azure platform enables us to support hundreds of thousands or even millions of vessels, without any capital expenses.” —Richard

Prodger, Technical Director,

Active Web Solutions

Active Web Solutions (AWS), based in Ipswich, United Kingdom, is a Microsoft® Gold Certified Partner that specializes in Web application and custom software development. It has 35 employees.

Developer Scales Search-and-Rescue Application to Help Save More Lives at Sea

Page 22

CASE STUDY

Company Profile:

Benefit Drivers:• Efficiency• Minimal Investment Risk• Expanded Business

Opportunity• Agility• Ease of Deployment

Situation/Solution:To improve its own development process, Dot Net Solutions created a virtual project-collaboration application.

When the software, called ScrumWall, drew great interest from customers, the company used the Windows Azure™ platform to offer it as a hosted service.

Key Advances:The ability to bring a new product to market without a risky capital investment, allowing the company to safely foray into new territory that may hold high revenue potential.

“Windows Azure enables us to move into the realm of the ISV. We’re already experts at delivering custom software for customers. We can now take these skills and build a software product, delivering it to a potentially massive user base—but without the risk of hosting it on our own infrastructure.”—Dan Scarfe, Chief Executive Officer, Dot Net Solutions

Dot Net Solutions is a United Kingdom–based systems integrator specializing in building bespoke solutions with Microsoft® products and technologies. The company takes pride in producing defect-free software—on time and within budget.

Systems Integrator Launches Innovative Software with Minimal Capital Investment

Page 23

CASE STUDY

Company Profile:

Benefit Drivers:• Efficiency: Low up-front

investment and easy-to-use development tools.

• Agility: Scale to reach demands and quick prototype and implementation.

• Focus: Simplified capacity planning and innovate new business opportunities.

Situation/Solution:AP wanted to open potential revenue streams and find new customers for AP content with a highly scalable application programming interface (API) that developers worldwide could use to incorporate into their applications.

AP originally considered an on-premises solution, but was concerned about the up-front investment in hardware and software. After considering several “cloud computing” platforms, AP chose to base its offering on the Windows Azure™ platform.

Key Advances:The ability to scale and meet demand, work with smart development tools, plan a capacity budget, decrease up-front costs, and focus on new business opportunities.

“Capacity planning is the thing that stands out as the biggest advantage of the Microsoft cloud model. The Windows Azure platform takes that out of the equation for us, unlike the other cloud providers.” —Jonathan Malek, Chief Architect and Director of Research,

Associated Press

The Associated Press (AP) provides up-to-the-minute news and information for newspapers, radio, television, and the Internet, 24 hours a day, 7 days a week. It is the world’s largest and oldest news organization, with 243 bureaus in 97 countries and a worldwide staff of 4,100. AP serves 1,700 newspapers and 5,000 broadcast outlets in the United States, along with 550 international broadcasters.

Worldwide News Provider Creates New Content Channels with Hosted Computing

Page 24

The Developer Experience

Developers use existing skills and tools.

Flexible, Internet-scale service• Part of the Windows

Azure platform• Use it to connect

cloud services to on-premises assets

• Or consume as a cloud service for composing “traditional” web and enterprise services

Standards-based and interoperable• Support web standards• Program in multiple

languages and frameworks, including .NET, Java and Ruby

• Interface via API or Web console

• Compose apps that span multiple platform providers

Extends existing investments• Build on prove

Microsoft technology and programming models

• Leverage your familiarity with .NET experience, tools, frameworks

• Develop, debug, test, and deploy from Visual Studio

• Compatible with MS stack

Page 25

• Rich Service Templates• Multiple Geo

Locations• Multiple Languages• Full Trust• Active Directory

and Web ID• Relational &

Virtualized Database • Auto DB

Management

• Simple Service Templates• One Geo• ASP.NET• Medium Trust• Automated Service

Management• Service Bus,

Access Control

• Admin Mode/VM Deployment• Geo Replication & On Premises• Systems Center Integration• Enterprise ID Federation• Distributed Queries & CLR• Analytics & reporting• Data Synch (DataHub)

Commercial Release

CTP Future

Web 2.0

Enterprise

Partners

Windows Azure Platform Roadmap

Page 26

RESOURCES:www.microsoft.com/windowsazure/partnerspartner.microsoft.com/azure      www.azurequickstart.com 

SERVICE BUS and ACCESS CONTROL

28

Stay Updated

Know More about Windows Azure- http://www.microsoft.com/windowsazure/ Know more about Microsoft Cloud Services- http://www.microsoft.com/india/cloud/ Request for an Enterprise Cloud Assessment workshop- email us at azurepro@microsoft.comFollow us