Presentation is loading. Please wait.

Presentation is loading. Please wait.

Identity Network Ideals – Heterogeneity & Co-existence

Similar presentations

Presentation on theme: "Identity Network Ideals – Heterogeneity & Co-existence"— Presentation transcript:

1 Multi-Protocol Identity Provider Architecture Considerations Uppili Srinivasan, Oracle

2 Identity Network Ideals – Heterogeneity & Co-existence
Point-to-point E-Business Relationships Partner Networks & Consortiums Internet Commerce Social Networks & Blogs Identity Solutions SAML Federation WS-Trust / WS-Federation OpenID Protocols Token Payload SAML X.509 Kerberos OpenID Circle of Trust User Mediated Dynamic Trust Point-point E-Business Trust Trust Fabric Ideal Architecture: Multi-Protocol but integrated Trust model, token types and protocols decoupled Legacy / Current : Multi-protocol Identity silos Trust model, token types and protocols tightly coupled in each silo (Adapted from Kim Cameron’s “ID meta-system Ideals”)

3 Card Based Authentication in SAML

4 Multi-Protocol Identity Environment
Card Enabled End-users Outsourced (Web) Services WS-Trust / WS-Fed Partner circle of trust OpenID Consuming ISPs SAML OpenID OpenID Card RP STS SAML Protocol Facades Multi-protocol Identity Provider

5 Common Authentication & Trust Infrastructure
Partner Networks & Consortiums Point-to-point E-Business Relationships Internet Commerce Social Networks & Blogs Interconnected Heterogeneous Identity Network Integrated Multi-protocol Technology Infrastructure SAML WS-Trust / WS-federation OpenID Identity Provider and Single Sign-on Services Token / Trust & Federation Services Attribute Authorities Session Mgmt Pseudonym & Privacy Handling Trust & Policy Mgmt Credential & Token Handling Card Enablement & Mgmt Attributes / Claims Access Authorization Decision Services Common Authentication and Trust F/W APIs

6 Multi-Protocol IDP Scenarios & Benefits
Session management & global sign-off Consistent enforcement Privacy policies Trust policies / authorizations Single point of administration Card provisioning & enablement Attribute services External (IDP) token / credential service Trust policies and authorization

Download ppt "Identity Network Ideals – Heterogeneity & Co-existence"

Similar presentations

Ads by Google