Presentation on theme: "FDIC Enabling Content Al Maline Sr. Enterprise Architect"— Presentation transcript:
1 FDIC Enabling Content Al Maline Sr. Enterprise Architect FDIC Enterprise Technology BranchEnterprise Architecture Program Section
2 Agenda Quick Intro Identity is a Strategic Asset Content Analysis with Services – A Geospatial ExamplePublishing ContentQ & A
3 me FDIC (almost 4 years) Prior to FDIC Division of Information TechnologyEnterprise Technology BranchEnterprise Architecture Program SectionAl MalinePrior to FDICEnterprise ArchitectSoftware Developer (Java, Application Express)PeopleSoft AdministratorOracle Database AdministratorUnix AdministratorClients such as: PBGC, MSRC, Silicon Graphics, General Motors
4 Identity is a Strategic Asset We can not share contentif we do Not knowwho you are
5 Current Practice Identity silos Multiple methods of managing identity FDIC Connect for Financial InstitutionsNon-Depository ClaimsE-FOIAFDIC Active DirectoryMultiple methods of managing identity
6 Why does a consistent identity matter? Can not answer simple questionsHow many submitters of claims also submit an E-FOIA request?Can not deploy new solutions quickly (or inexpensively) if each application needs to solve the identity management problemCan not reliably or easily communicate with ALL of our customersIdentity becomes a stumbling block instead of an enabler
7 Where does security happen? No IdentityIdentity AssignedIdentity Authorized
8 How is identity assigned? Security Assertion Markup Language (SAML) 2.0XML document that contains:Issuer element, which contains the unique identifier of the identity providerSignature element, which contains an integrity-preserving digital signatureSubject element, which identifies the authenticated principalConditions element, which gives the conditions under which the assertion is to be considered validAuthentication-Statement element, which describes the act of authentication at the identity providerAttribute-Statement element, which asserts a multi-valued attribute associated with the authenticated principal
9 How is identity assigned? Identity Source(identity provider)Destination Application(service provider)AuthenticationAuthorityResourceManager3) Request +Assertion2) Assertion1) Authentication4) ResourceUser
10 Anonymous UsersAnonymous users are all assigned the same identity – “Anonymous” and are authorized accordingly.
11 Self RegistrationUsers that register themselves and have their address verified are authorized to see and add to the content that they have previously submitted.
12 PartnersBusiness partners, such as financial institutions, that do not have their own Identity Management infrastructure would use an FDIC provided, delegated administration module, to manage their user identities.
13 Federated PartnerBusiness partners that do have their own Identity Management infrastructure would be the source of the SAML assertions for their users.
14 FDIC UserFDIC users (bother internal and telecommuting) would also be provided a SAML assertion to gain access to applications.
15 Cloud UserFDIC users of a cloud service provider would use the same model in reverse.
16 Geospatial Application Architecture Analysis of ContentGeospatial Application Architecture
17 Requirements Create a visual presentation of Failed, Problem and MDI (Minority Depository Institution) Institutions and display withinStatesCountiesCongressional Districts
23 Map/Feature Architecture Base MapsRenders and Caches Base Map TilesOracleMapviewerUseOracleMapbuilderCreatesQueries for Features (and caches)Geometry ThemesCreatesUsingSpatial Tables(Tables, Views, Materialized Views)StylesOne Geometry Column(SDO_GEOMETRY)AreasLinesSpatial Metadata(USER_SDO_GEOM_METADATA)ColorsMarkersSpatial IndexAdvancedServiceApplicationMetadata
24 Spatial Data Architecture Tables withSpatial ColumnMaterializedView withSpatial ColumnPL/SQL FunctionUsing Spatial Queryselect count(*) into v_countfrom FDIC_ALL_INST where sdo_relate(region,location, 'MASK=ANYINTERACT')='TRUE';
25 Security Architecture Perminiter Authentication with Oracle Single Sign OnMapviewer accepts HTTP header and sets identity by calling PL/SQL package for each requestMapviewer Themes can use identity set in PL/SQL package for filtering data
27 Now that we know who you are, And we have content to share, Content ManagementNow that we know who you are,And we have content to share,how do we enable it?
28 Requirements - Content Enabling ContentCompany and industry newsStaff directory and employee profile pagesExpertise finders (locating coworkers with specific knowledge)Integrating internal and external information sourcesKeeping the intranet up-to-date (content management)Employee self serviceMultimedia and video on intranetsConsistent navigationData analysis and visualization
29 Requirements - Community Employee and department weblogsCEO bloggingOn boarding of new employeesCorporate calendarsProject collaboration toolsDiscussion boardsInternal wikisOnline meeting
30 Requirements - Technology Robust SearchMobile intranets (including iPhone apps for intranet access)PersonalizationCustomizationAlertsVideo platformDatabase Integration (from other systems)
31 Goals Build value for users Enable integration and personalization Establish new communication channelsBi-directionalScaleNumber of usersAmount of content
32 Problems with Existing Architecture Static contentManual processesContent and presentation intermingledContent can not be reusedNo place to store newly captured contentDreamweaverManualUpdatesBrowserWebServerStaticContent
33 Need a better architecture Support forContent directed applicationsWeb Content Management is only one content applicationMultiple repositoriesSharePointDocumentumInternally ManagedWebsite author roles in productionIn-Page editingDrag and DropWorkflowPage approvalContent integration and aggregationLive dashboardsIntegration with content servicesDigital Asset ManagementScaling & Cropping, Metadata Extraction, Thumbnail Generation, Format Transcoding
34 Need a better architecture BrowserContentServicesContentRepositoryContentApplications
39 Day Software (now Adobe) Web Content Management solution based on open standards and open sourceDay contributed and uses Apache Open Source:Content RepositoryContent ServicesService IntegrationSharePointContent ServicesBrowserWidgetWidgetDayContentRepositoryPortletPortletContentAdaptersContentApplicationsGadgetGadgetDocumentumDay CQ5 WCM