Presentation on theme: "FDIC Enabling Content Al Maline Sr. Enterprise Architect"— Presentation transcript:
1FDIC Enabling Content Al Maline Sr. Enterprise Architect FDIC Enterprise Technology BranchEnterprise Architecture Program Section
2Agenda Quick Intro Identity is a Strategic Asset Content Analysis with Services – A Geospatial ExamplePublishing ContentQ & A
3me FDIC (almost 4 years) Prior to FDIC Division of Information TechnologyEnterprise Technology BranchEnterprise Architecture Program SectionAl MalinePrior to FDICEnterprise ArchitectSoftware Developer (Java, Application Express)PeopleSoft AdministratorOracle Database AdministratorUnix AdministratorClients such as: PBGC, MSRC, Silicon Graphics, General Motors
4Identity is a Strategic Asset We can not share contentif we do Not knowwho you are
5Current Practice Identity silos Multiple methods of managing identity FDIC Connect for Financial InstitutionsNon-Depository ClaimsE-FOIAFDIC Active DirectoryMultiple methods of managing identity
6Why does a consistent identity matter? Can not answer simple questionsHow many submitters of claims also submit an E-FOIA request?Can not deploy new solutions quickly (or inexpensively) if each application needs to solve the identity management problemCan not reliably or easily communicate with ALL of our customersIdentity becomes a stumbling block instead of an enabler
7Where does security happen? No IdentityIdentity AssignedIdentity Authorized
8How is identity assigned? Security Assertion Markup Language (SAML) 2.0XML document that contains:Issuer element, which contains the unique identifier of the identity providerSignature element, which contains an integrity-preserving digital signatureSubject element, which identifies the authenticated principalConditions element, which gives the conditions under which the assertion is to be considered validAuthentication-Statement element, which describes the act of authentication at the identity providerAttribute-Statement element, which asserts a multi-valued attribute associated with the authenticated principal
10Anonymous UsersAnonymous users are all assigned the same identity – “Anonymous” and are authorized accordingly.
11Self RegistrationUsers that register themselves and have their address verified are authorized to see and add to the content that they have previously submitted.
12PartnersBusiness partners, such as financial institutions, that do not have their own Identity Management infrastructure would use an FDIC provided, delegated administration module, to manage their user identities.
13Federated PartnerBusiness partners that do have their own Identity Management infrastructure would be the source of the SAML assertions for their users.
14FDIC UserFDIC users (bother internal and telecommuting) would also be provided a SAML assertion to gain access to applications.
15Cloud UserFDIC users of a cloud service provider would use the same model in reverse.
16Geospatial Application Architecture Analysis of ContentGeospatial Application Architecture
17Requirements Create a visual presentation of Failed, Problem and MDI (Minority Depository Institution) Institutions and display withinStatesCountiesCongressional Districts
23Map/Feature Architecture Base MapsRenders and Caches Base Map TilesOracleMapviewerUseOracleMapbuilderCreatesQueries for Features (and caches)Geometry ThemesCreatesUsingSpatial Tables(Tables, Views, Materialized Views)StylesOne Geometry Column(SDO_GEOMETRY)AreasLinesSpatial Metadata(USER_SDO_GEOM_METADATA)ColorsMarkersSpatial IndexAdvancedServiceApplicationMetadata
24Spatial Data Architecture Tables withSpatial ColumnMaterializedView withSpatial ColumnPL/SQL FunctionUsing Spatial Queryselect count(*) into v_countfrom FDIC_ALL_INST where sdo_relate(region,location, 'MASK=ANYINTERACT')='TRUE';
25Security Architecture Perminiter Authentication with Oracle Single Sign OnMapviewer accepts HTTP header and sets identity by calling PL/SQL package for each requestMapviewer Themes can use identity set in PL/SQL package for filtering data
27Now that we know who you are, And we have content to share, Content ManagementNow that we know who you are,And we have content to share,how do we enable it?
28Requirements - Content Enabling ContentCompany and industry newsStaff directory and employee profile pagesExpertise finders (locating coworkers with specific knowledge)Integrating internal and external information sourcesKeeping the intranet up-to-date (content management)Employee self serviceMultimedia and video on intranetsConsistent navigationData analysis and visualization
29Requirements - Community Employee and department weblogsCEO bloggingOn boarding of new employeesCorporate calendarsProject collaboration toolsDiscussion boardsInternal wikisOnline meeting
30Requirements - Technology Robust SearchMobile intranets (including iPhone apps for intranet access)PersonalizationCustomizationAlertsVideo platformDatabase Integration (from other systems)
31Goals Build value for users Enable integration and personalization Establish new communication channelsBi-directionalScaleNumber of usersAmount of content
32Problems with Existing Architecture Static contentManual processesContent and presentation intermingledContent can not be reusedNo place to store newly captured contentDreamweaverManualUpdatesBrowserWebServerStaticContent
33Need a better architecture Support forContent directed applicationsWeb Content Management is only one content applicationMultiple repositoriesSharePointDocumentumInternally ManagedWebsite author roles in productionIn-Page editingDrag and DropWorkflowPage approvalContent integration and aggregationLive dashboardsIntegration with content servicesDigital Asset ManagementScaling & Cropping, Metadata Extraction, Thumbnail Generation, Format Transcoding
34Need a better architecture BrowserContentServicesContentRepositoryContentApplications
39Day Software (now Adobe) Web Content Management solution based on open standards and open sourceDay contributed and uses Apache Open Source:Content RepositoryContent ServicesService IntegrationSharePointContent ServicesBrowserWidgetWidgetDayContentRepositoryPortletPortletContentAdaptersContentApplicationsGadgetGadgetDocumentumDay CQ5 WCM