WSO2 Identity Server Road Map

Slides:

Advertisements

Similar presentations

Oracle IDM at First National Bank

Advertisements

FIspace Security Components FIspace Security Components NetFutures 2015 FIspace project Javier Romero Negrín Javier Hitado Simarro ATOS Serdar Arslan KoçSistem.

Kantara: From IRM to Context. The World of Access Keeps Expanding App sourcing and hosting User populations App access channels SasS apps Apps in public.

Securing Insecure Prabath Siriwardena, WSO2 Twitter

Access Control Patterns & Practices with WSO2 Middleware Prabath Siriwardena.

T Network Application Frameworks and XML Service Federation Sasu Tarkoma.

SharePoint 2010 Business Productivity: What's new for Developers in Microsoft SharePoint 2010 Matthew McDermott, MVP Aptillon, Able Blue

Federated sign-in WS-Federation WS-Trust SAML 2.0 Metadata Shibboleth Graph API Synchronize accounts Authentication.

Confidential FullArmor Corp Platform for SaaS and mobile apps to remotely access, migrate, and sync Active Directory resources with the cloud ADanywhere.

GRDevDay March 21, 2015 Cloud-based Identity for Applications.

Esri UC2013. Technical Workshop. Technical Workshop 2013 Esri International User Conference July 8–12, 2013 | San Diego, California Building Secure Applications.

Cloud app Cloud app Cloud app Separate username/password sign-in Manual or semi-automated provisioning Active Directory App Separate username/password.

SIM205. (On-Premises) Storage Servers Networking O/S Middleware Virtualization Data Applications Runtime You manage Infrastructure (as a Service)

Understanding Active Directory

Innovative Foundation For an Open Source API Management Platform Asanka

Microsoft Identity and Access Solutions Market Trends and Futures

Prabath Siriwardena Senior Software Architect. An open source Identity & Entitlement management server.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

First Look Clinic: What’s New for IT Professionals in Microsoft® SharePoint® Server 2013 Sayed Ali (MCTS, MCITP, MCT, MCSA, MCSE )

APS (Keystone) Security “dial tone” Doron Grinstein Chief Architect October 2012 | Version 0.2 | Confidential.

Distributed Web Security for Science Gateways Jim Basney In collaboration with: Rion Dooley Jeff Gaynor

Survey of Identity Repository Security Models JSR 351, Sep 2012.

ArcGIS Server and Portal for ArcGIS An Introduction to Security

Microsoft ® Official Course Module 13 Implementing Windows Azure Active Directory.

Collaborative Platforms. Collaborations and Virtual Organizations IdM is a critical dimension of collaboration, crossing many applications.

Empowering people-centric IT Unified device management Access and information protection Desktop Virtualization Hybrid Identity.

Paul Andrew. Recently Announced… Identity Integration Options 2 3 Identity Management Overview 1.

AAI WG EMI Christoph Witzig on behalf of EMI AAI WG.

EGEE-II INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks Security Token Service Valéry Tschopp - SWITCH.

SSO Case Study Suchin Rengan Principal Technical Architect Salesforce.com.

All Rights Reserved 2014 © CMG Consulting LLC Federated Identity Management and Access Andres Carvallo Dwight Moore CMG Consulting, LLC October

Access Management 2.0: UMA for the #UMAam20 for questions 20 March 2014 tinyurl.com/umawg for slides, recording, and more 1.

Authentication and Authorisation for Research and Collaboration Peter Solagna Milano, AARC General meeting Current status and plans.

Access resources in a federation partner organization.

Building consumer apps with Azure AD B2C

EMI is partially funded by the European Commission under Grant Agreement RI Federated Grid Access Using EMI STS Henri Mikkonen Helsinki Institute.

Identities and Azure AD Premium

WSO2 Identity Server 4.0 Fall WSO2 Carbon Enterprise Middleware Platform 2.

1 Server Business Logic & OAuth Beta Overview October 4, 2010 Alan Hantke Product Development Server Business Logic Intuit Partner Platform Diane Weiss.

Agenda  Microsoft Directory Synchronization Tool  Active Directory Federation Server  ADFS Proxy  Hybrid Features – LAB.

Prabath Siriwardena, Director of Security, WSO2 Twitter

F5 APM & Security Assertion Markup Language ‘sam-el’

New v2.0 Auth model to authenticate and authorize to Outlook.com APIs and the Microsoft Graph  Same OAuth2 protocols work for both consumer and commercial.

In Vivo Imaging Middleware — Phase 6 Ashish Sharma, Tony Pan, Y. Nadir Saghar.

Connected Identity & the role of the Identity Bus Prabath Siriwardena Director of Security Architecture WSO2.

WSO2 Identity Server. Small company (called company A) had few services deployed on one app server.

Protect your data Enable your users Desktop Virtualization Information protection Mobile device & application management Identity and Access Management.

11 | Managing User Info Jeremy Foster Michael Palermo

Alain Bethuyne Web Security Architect BNPParibas Fortis

Using Your Own Authentication System with ArcGIS Online

Azure Active Directory - Business 2 Consumer

EGI Updates Check-in Matthew Viljoen – EGI Foundation

Open standard based Identity Provisioning for Cloud

Introduction to Windows Azure AppFabric

Federation made simple

Identity Federations - Overview

Data and Applications Security Developments and Directions

Data Virtualization Tutorial… OAuth Example using Google Sheets

Power BI Security Best Practices

Introduction How to combine and use services in different security domains? How to take into account privacy aspects? How to enable single sign on (SSO)

ESA Single Sign On (SSO) and Federated Identity Management

SharePoint Online Hybrid – Configure Outbound Search

Introduction to Authentication Authentication සදහා හැදින්වීම

Matthew Levy Azure AD B2B vs B2C Matthew Levy

Community AAI with Check-In

07 | Introduction to Authentication

Preparing for the Windows 8. 1 MCSA Module 6: Securing Windows 8

Check-in Identity and Access Management solution that makes it easy to secure access to services and resources.

Presentation transcript:

WSO2 Identity Server Road Map An Open Source Identity and Entitlement Management Server

Seamless Identity Federation + Enterprise Identity Bus Q2 2014 : WSO2 IS 5.0.0 Focus Area Seamless Identity Federation + Enterprise Identity Bus

New Features Token Transformation and Mediation Q2 2014 New Features Token Transformation and Mediation WSO2 Identity Server 5.0.0 is capable of transforming and mediating any identity token - between SAML 2.0, OAuth 1.0/2.0, OpenID, OpenID Connect, IWA (Integrated Windows Authentication), OTP based on XMPP & Email and WS-Federation(Passive). This leads to seamless integration between internal applications and cloud applications such as Salesforce, Google Apps and Office 365

Q2 2014 New Features Token Transformation and Mediation

New Features Multi-option & multi-step authentication Q2 2014 New Features Multi-option & multi-step authentication With WSO2 Identity Server 5.0.0, a given service provider (irrespective of the protocol it supports) can select the login options it wants to present to it users. It can be multi-option as well and multi-step. With multi-option - the user will be presented with a login screen to pick whatever the authentication mechanism it wants (e.g.: Username/password, Facebook, SAML, OpenID Connect). With multi-step - you can enforce multi-factor authentication by picking right authenticators at the right step.

New Features Request Path Authenticators . Enables federated login with credentials attached to the request itself. Ability to plugin custom developed authenticators The WSO2 Identity Server 5.0.0 runtime is capable of working with custom developed authenticators.

New Features Provisioning Bridge & Just-in-time provisioning Q2 2014 New Features Provisioning Bridge & Just-in-time provisioning WSO2 Identity Server 5.0.0 is capable of transforming inbound provisioning requests based on SOAP and SCIM to SCIM, SPML 2.0, Salesforce, Google Apps, LDAP, Active Directory, JDBC - provisioning APIs. Just-in-time provisioning is integrated with Identity Federation. Login from a Federated Identity provider - WSO2 Identity Server is capable of provisioning the corresponding subject to its internal user store and any other provisioning system.

Q2 2014 New Features Provisioning Bridge & Just-in-time provisioning

New Features Rule based provisioning Q2 2014 New Features Rule based provisioning This is an integrated use case with WSO2 ESB. From WSO2 Identity Server, it can provision users to the WSO2 ESB. Using the ESB configuration language (Synapse) you can define rules for outbound provisioning based on the message content on any other parameter. Ability to plug-in custom developed provisioning connectors The WSO2 Identity Server 5.0.0 runtime is capable of working with custom developed provisioning connectors.

Q2 2014 New Features User dashboard

New Features Remote User-store Management Custom Permissions Q2 2014 New Features Remote User-store Management Manage heterogeneous user stores distributed across different data centers from a single Identity Server node. Custom Permissions Each external application can define its own set of custom permissions and use it for authorization.

Summary of Features User stores with LDAP/AD/JDBC Multiple user stores OpenID OpenID Connect SAML2 Kerberos Integrated Windows Authentication XACML 2.0/3.0 OAuth 1.0a/2.0 SAML grant type for OAuth 2.0 Security Token Service with WS-Trust SCIM 1.1 WS-XACML WS-Fed Passive

Work-flow Integration Q1 2015 : WSO2 IS 5.2.0 Work-flow Integration

Q1 2015 : WSO2 IS 5.2.0 Account Mapping

Certificate Authority (CA) / SCEP Q1 2015 : WSO2 IS 5.2.0 Certificate Authority (CA) / SCEP

Mobile + OpenID Connect Q1 2015 : WSO2 IS 5.2.0 Mobile + OpenID Connect

Built-in Analytics + Reporting Q3 2015 : WSO2 IS 5.3.0 Built-in Analytics + Reporting

Q3 2015 : WSO2 IS 5.3.0 SAML 2.0 Metadata Profile

Aggregated Claims + Virtual User Store Q3 2015 : WSO2 IS 5.3.0 Aggregated Claims + Virtual User Store

Q3 2015 : WSO2 IS 5.3.0 Attestation

Q3 2015 : WSO2 IS 5.3.0 Access Delegation

Login with multiple user attributes Q3 2015 : WSO2 IS 5.3.0 Login with multiple user attributes

OAuth 2.0 Profiles : Introspection / Dynamic Client Registration Q1 2016 : WSO2 IS 5.4.0 OAuth 2.0 Profiles : Introspection / Dynamic Client Registration

Q1 2016 : WSO2 IS 5.4.0 XACML REST Profile

Q1 2016 : WSO2 IS 5.4.0 SCIM 2.0

Tooling support for connector/extension development Q1 2016 : WSO2 IS 5.4.0 Tooling support for connector/extension development

Authenticators / Provisioning Connectors FIDO support Duo-Security Google OTP LinkedIn Twitter Biometric authentication with Daon Duo-Security provisioning connector

Mobile IdP Proxy

Fraud Detection

(WSO2 Business Activity Monitor) App Manager * IdP (WSO2 Identity Server) (WSO2 Business Activity Monitor)

API Manager Revamped Architecture