 Rich Randall Development Lead Microsoft Corporation BB44.

Slides:

Advertisements

Similar presentations

INFN CA1 active since July manager: –Roberto Cecchini types of certificates released: –personal –server –object signing.

Advertisements

Service Bus Service Bus Access Control.

AttributeValue Display NameChris Gideon User NameContoso\cgideon TitleSenior PFE.

Securing Your Applications and Web Services with the Geneva Framework Jim Lavin.

Office 365 Identity June 2013 Microsoft Office365 4/2/2017

MEC /5/2017 1:13 PM © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks.

Agenda AD to Windows Azure AD Sync Options Federation Architecture

 Jan Alexander Program Manager Microsoft Corporation BB43.

A Unified Approach to Trust, Delegation, and Authorization Blair Dillaway, Greg Fee Microsoft Corporation Presented at GGF18 Copyright © 2006, Microsoft.

Key Point: Federation relationships are based on trust.

Kevin Donovan Program Manager, Office BI Microsoft Corporation

2 3 Who are you? What are you allowed to do? How should your experience be personalized? How do I get apps that are provably securable and manageable?

11 steve plank (“planky”) identity architect microsoft uk.

Infocard and Eduroam Enrique de la Hoz, Diego R. L ó pez, Antonio Garc í a, Samuel Mu ñ oz.

SAML 2.0 og ”Geneva” OIOSAML Workshop 31. marts 2009 Århus René Løhde, Microsoft

Adoption Time Single paradigm, mature tools, stable design patterns and frameworks Software developer’s comfort zone Competing paradigms, no tools,

T Network Application Frameworks and XML Service Federation Sasu Tarkoma.

 Lynn Ayres Program Manager Identity Services  Tore Sundelin Program Manager Identity Services BB29.

© 2009 The MITRE Corporation. All rights Reserved. April 28, 2009 MITRE Public Release Statement Case Number Norman F. Brickman, Roger.

SharePoint 2010 Business Productivity: What's new for Developers in Microsoft SharePoint 2010 Matthew McDermott, MVP Aptillon, Able Blue

Apps of the past Users of today ApplicationOn-PremisesApplication.

Options for Deploying Apps / Add-Ins Deploying to the Store Deploying To Exchange Deploying to The Corporate Catalog Additional Approaches.

The Laws of Identity and Cardspace Charles Young Solidsoft.

Identity & Access Control in the Cloud Sachin Vinod Rathi Architect Advisor, Microsoft Corporation Niraj Bhatt Enterprise Architect, Windows Azure MVP.

Problem Statement AD DB App1 DB App2 AD App4 App6 AD App5 Intranet Extranet Cloud AD App3 DB SSO Separate Sign-in Separate Sign-in Separate Sign-in.

 Kim Cameron Distinguished Engineer Microsoft Corporation BB11.

Conditional access DirectAccess & automatic VPN Desktop Virtualization.

SIM205. (On-Premises) Storage Servers Networking O/S Middleware Virtualization Data Applications Runtime You manage Infrastructure (as a Service)

SIM402. Kerberos, NTLM, Basic, Digest, Forms?

Matt Steele Senior Program Manager Microsoft Corporation SESSION CODE: SIA326.

Datacenter LOB web service LOB app Partner Mobile Device.

Timothy Heeney| Microsoft Corporation. Discuss the purpose of Identity Federation Explain how to implement Identity Federation Explain how Identity Federation.

Solution SusQtech (Winchester, VA) SharePoint MVP since 2007 Working with SharePoint since 2001 Work on all types of deployments Dream about.

Christopher Chapman | MCT Content PM, Microsoft Learning, PDG Planning, Microsoft.

A Claims Based Identity System Steve Plank Identity Architect Microsoft UK.

Module 8 Configuring and Securing SharePoint Services and Service Applications.

Enterprise Identity Steve Plank – Microsoft Ivor Bright – Charteris Dave Nesbitt – Oxford Computer Group.

Module 5 Configuring Authentication. Module Overview Lesson 1: Understanding Classic SharePoint Authentication Providers Lesson 2: Understanding Federated.

SharePoint Security Fundamentals Introduction to Claims-based Security Configuring Claims-based Security Development Opportunities.

Maggie Myslinska (Program Manager) Microsoft Corporation SESSION CODE: ASI204.

WS-Trust Joseph Calandrino Vincent Noël Department of Computer Science University of Virginia February 9, 2004.

WS-Trust “From each,according to his ability;to each, according to his need. “ Karl marx Ahmet Emre Naza Selçuk Durna

Forms Based Auth Windows SAML Claim TypeValue NameidentifierContoso\gbadea PrimarysidS UserlogonnameContoso\gbadea.

Aaron Skonnard & Keith Brown Cofounders, Pluralsight SESSION CODE: ASI308 Programming AppFabric: Moving.NET to the Cloud.

 Stuart Kwan Group Program Manager Microsoft Corporation  Caleb Baker Senior SDET Microsoft Corporation BB42.

SIM401. A. Datum Account Forest Trey Research Resource Forest Federation Trust Microsoft (Users) E-Company Store (Resource) Contoso(Users)Contoso(Users)Fabrikam(Resource)Fabrikam(Resource)

Claims-Based Identity Solution Architect Briefing zoli.herczeg.ro Taken from David Chappel’s work at TechEd Berlin 2009.

Browser Identity Provider Access Control Application.

Brian Puhl Principal Technology Architect MSIT Identity & Access Management Microsoft Corporation SESSION CODE: SIA302.

 Justin Smith Sr. Program Manager Microsoft Corporation BB28.

Configuring, Managing and Maintaining Windows Server® 2008 Servers Course 6419A.

Expenses Timesheets Approvals Expense capture Timesheets Expense capture Timesheets Expense capture Timesheets.

Linus Joyeux Valerie Alonso Managing consultantLead consultant blue-infinity (Switzerland) Active Directory Federation Services v2.

Introduction to.NET FX 3.0 (+ sneak preview of.NET FX 3.5) Martin Parry Developer & Platform Group Microsoft Ltd

SAML Token Claims Based Identity SAML Token Claims Based Identity SPUser.

EMI is partially funded by the European Commission under Grant Agreement RI Security Token Service (STS) Transforming the Existing User Credentials.

steve plank “planky” microsoft connecting your private and public clouds with adfs

Agenda  Microsoft Directory Synchronization Tool  Active Directory Federation Server  ADFS Proxy  Hybrid Features – LAB.

Authentication methods SharePoint Web Application Windows integrated Membership & Role Providers Web SSO Access control Roles protected Anonymous.

Simon Davies Microsoft Global reach Ease of provisioning Business agility Deployability & manageability Security & Privacy Customisability.

Pass4itsure Microsoft Dumps

Introduction How to combine and use services in different security domains? How to take into account privacy aspects? How to enable single sign on (SSO)

The New Virtual Organization Membership Service (VOMS)

Cross-Org Collaboration using SharePoint 2010 & AD FS 2.0

11/24/2018 4:51 AM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.

Skype for Business – App SDK

Active Directory Overview

Caleb Baker Sr. Program Manager

Presentation transcript:

 Rich Randall Development Lead Microsoft Corporation BB44

Application Server Security Token Service End User Claims Framework Your App 3. Read policy 5. Send claims 1.Establish relationship using metadata 2. Read policy trust 4. Get claims Identity Selector Client

Fabrikam Contoso Application Contoso STS Fabrikam STS Established Trust Fabrikam Contoso

Fabrikam Contoso Application Contoso STS Fabrikam STS Established Trust Fabrikam Contoso

<OBJECT classid=“CLSID:19916E01-B44E-4e31-94A4-4696DF46157B" name="CardSpaceToken“ CODEBASE=“ <PARAM NAME="issuer" VALUE=" > <PARAM NAME="tokenType" VALUE="urn:oasis:names:tc:SAML:1.0:assertion" > <PARAM NAME="requiredClaims" VALUE=" ntifier " >

Internet Explorer 7+ Federated Identity Client Service Native Client API (infocardapi2.dll) ObjectTag Extension (ActiveX Control) ObjectTag Extension (ActiveX Control) Identity Manager Card Store Client STS Local Store Local Store Sapphire Win32 GetToken() [native] Managed Application Native Client API (infocardapi2.dll) Managed Wrapper Class ? GetToken() [native] IdentitySelector.GetToken() WS-Trust and WS-Mex Client Control Panel Card and Ledger Management Federation Manager App code Credential Provider

App User Federated App PDC ExhibitorGame World Policy Claim: Policy Claim:

Claim: Admin Claim: User Geneva Identity Server Claims Store Claims Aware App Claim: Admin

Sharepoint Server Sharepoint Client CardSpace Service LSASS IE Credential Provider WinInet IIS Sharepoint LSASS FedSSP XML Token to Windows Token Translator

Beta 1 October 2008 Beta 1 October 2008 Beta 2 1st Half 2009 Beta 2 1st Half 2009 RTM 2nd Half 2009 RTM 2nd Half 2009

Please fill out your evaluation for this session at: This session will be available as a recording at:

© 2008 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.