Presentation is loading. Please wait.

Presentation is loading. Please wait.

© 2008 by Matt Flaherty & Mary Ruddy; made available under the EPL v1.0 Security & Identity : From present to future Matt Flaherty, IBM Mary Ruddy, Meristic.

Published byJasmin Hodges Modified over 9 years ago

Similar presentations

Presentation on theme: "© 2008 by Matt Flaherty & Mary Ruddy; made available under the EPL v1.0 Security & Identity : From present to future Matt Flaherty, IBM Mary Ruddy, Meristic."— Presentation transcript:

1 © 2008 by Matt Flaherty & Mary Ruddy; made available under the EPL v1.0 Security & Identity : From present to future Matt Flaherty, IBM Mary Ruddy, Meristic

2 Security & Identity | From present to future | © 2008 by Matt Flaherty & Mary Ruddy; made available under the EPL v1.0 Agenda Securing the platform... security features in 3.4 Platform security... what's coming next Beyond the platform.. Higgins identity framework 1.0 Higgins identity framework... what's coming next

3 Security & Identity | From present to future | © 2008 by Matt Flaherty & Mary Ruddy; made available under the EPL v1.0 Platform security... what's available and where The platform security goal: Protect the operating system, application code and user’s data from each other and from malicious code packaged as bundles Security features to attain this span the software stack Java Runtime Environment OSGi Service Platform Eclipse Platform

4 Security & Identity | From present to future | © 2008 by Matt Flaherty & Mary Ruddy; made available under the EPL v1.0 Platform security... what's available in the JRE Java Runtime Environment JCAJCE JAASJSSE Java Cryptography Architecture Java Cryptography Extensions Java Authentication and Authorization Service Java Secure Sockets Extensions

5 Security & Identity | From present to future | © 2008 by Matt Flaherty & Mary Ruddy; made available under the EPL v1.0 Platform security... what's available in OSGI Support for Java features: signing, permissions, etc Strict classloading policies between bundles  Bundle “private classes” Administrative services for permissions  org.osgi.service.PermissionAdmin  org.osgi.service.condpermadmin.ConditionalPermissionAdmin User registry for managing users and roles  org.osgi.service.UserAdmin

6 Security & Identity | From present to future | © 2008 by Matt Flaherty & Mary Ruddy; made available under the EPL v1.0 Platform security... what's available in Eclipse Signature checking during bundle provisioning NEW! Signature checking during bundle loading NEW! Certificate management UI NEW! Secure storage via preferences API NEW! JAAS enhancements - declarative wiring, events

7 Security & Identity | From present to future | © 2008 by Matt Flaherty & Mary Ruddy; made available under the EPL v1.0 Platform security... what's coming next! Manageable Java2 permission infrastructure  Code sanitation for doPrivileged  User interface, policy management Expose certificate management facilities  Public APIs for label providers, viewers, wizards, etc  Trust model integration with OSGi, P2, ECF Deeper JAAS integration  Potential: RCP Lifecycle integration, Jobs integration Identity management support with Higgins

8 Security & Identity | From present to future | © 2008 by Matt Flaherty & Mary Ruddy; made available under the EPL v1.0 How do you bring security and identity to people? The web of today isn’t people-centered

9 Security & Identity | From present to future | © 2008 by Matt Flaherty & Mary Ruddy; made available under the EPL v1.0 It’s silo-centered Site A Site B Site C Type type type, click, click, click. Clickety-clack, clickety-clack. Site B

10 Security & Identity | From present to future | © 2008 by Matt Flaherty & Mary Ruddy; made available under the EPL v1.0 There is a better way

11 Security & Identity | From present to future | © 2008 by Matt Flaherty & Mary Ruddy; made available under the EPL v1.0 Automatic identity sharing Identity Selector The BIG IDEA for People Site A Site B Site C

12 Security & Identity | From present to future | © 2008 by Matt Flaherty & Mary Ruddy; made available under the EPL v1.0 Automatic identity sharing Identity Selector The BIG IDEA for People Site A Site B Site C

13 Security & Identity | From present to future | © 2008 by Matt Flaherty & Mary Ruddy; made available under the EPL v1.0 Automatic identity sharing Identity Selector The BIG IDEA for People Site A Site B Site C

14 Security & Identity | From present to future | © 2008 by Matt Flaherty & Mary Ruddy; made available under the EPL v1.0 Then you’d have Higgins

15 Security & Identity | From present to future | © 2008 by Matt Flaherty & Mary Ruddy; made available under the EPL v1.0 Higgins 1: a species of Tasmanian long-tailed mouse 2: an open source identity selector and interoperability framework being developed by IBM, Novell, Oracle, CA, Google, Parity…

16 Security & Identity | From present to future | © 2008 by Matt Flaherty & Mary Ruddy; made available under the EPL v1.0 A consistent user experience across contexts (including Financial Services, healthcare, eCommerce) is the key to convenience and adoption

17 Security & Identity | From present to future | © 2008 by Matt Flaherty & Mary Ruddy; made available under the EPL v1.0 i-cards Managed Personal (self-issued)‏

18 Security & Identity | From present to future | © 2008 by Matt Flaherty & Mary Ruddy; made available under the EPL v1.0 These i-cards are managed by an Identity Selector Something that works on behalf of the user (citizen, patient, consumer). Really.

19 Security & Identity | From present to future | © 2008 by Matt Flaherty & Mary Ruddy; made available under the EPL v1.0 Click on a card

20 Security & Identity | From present to future | © 2008 by Matt Flaherty & Mary Ruddy; made available under the EPL v1.0 …you’re signed in. (No password required)‏

21 Security & Identity | From present to future | © 2008 by Matt Flaherty & Mary Ruddy; made available under the EPL v1.0 The Identity selector is powered by an interoperability framework

22 Security & Identity | From present to future | © 2008 by Matt Flaherty & Mary Ruddy; made available under the EPL v1.0 Interoperability framework Higgins Framework Higgins Browser Extension Apps Identity Providers Apps and Services CardSpace Protocol Providers implement protocols for interacting with Relying Parties OpenID CardSpace Managed (WS-Trust)‏ RSS/Atom I-Card Providers implement identity protocols and card types CardSpace Personal SAML X509 Higgins Relationship Kerberos JNDI / LDAP Enterprise Apps Token Providers implement different kinds of security tokens IdAS Context Providers connect to different identity data sources SAML UN/PS Idemix RDF OWL Active Directory Comms Clients Relying Parties Plug-ins Common data model

23 Security & Identity | From present to future | © 2008 by Matt Flaherty & Mary Ruddy; made available under the EPL v1.0 Higgins 1.0 has just been released 7 Solutions now available  Three Identity Selectors  2 Identity Providers (WS-Trust and SAML2)‏  A Relying Parity  Identity Attribute Service (interoperability framework)‏ Coming in Higgins 1.1  Additional Identity Selectors  More Identity Protocols….  More i-card types

24 Security & Identity | From present to future | © 2008 by Matt Flaherty & Mary Ruddy; made available under the EPL v1.0 Legal information IBM and the IBM logo are trademarks or registered trademarks of IBM Corporation, in the United States, other countries or both. Java and all Java-based marks, among others, are trademarks or registered trademarks of Sun Microsystems in the United States, other countries or both. Eclipse and the Eclipse logo are trademarks of Eclipse Foundation, Inc. Other company, product and service names may be trademarks or service marks of others. THE INFORMATION DISCUSSED IN THIS PRESENTATION IS PROVIDED FOR INFORMATIONAL PURPOSES ONLY. WHILE EFFORTS WERE MADE TO VERIFY THE COMPLETENESS AND ACCURACY OF THE INFORMATION, IT IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, AND IBM SHALL NOT BE RESPONSIBLE FOR ANY DAMAGES ARISING OUT OF THE USE OF, OR OTHERWISE RELATED TO, SUCH INFORMATION. ANY INFORMATION CONCERNING IBM'S PRODUCT PLANS OR STRATEGY IS SUBJECT TO CHANGE BY IBM WITHOUT NOTICE.

Download ppt "© 2008 by Matt Flaherty & Mary Ruddy; made available under the EPL v1.0 Security & Identity : From present to future Matt Flaherty, IBM Mary Ruddy, Meristic."

Similar presentations

Towards Remote Policy Enforcement for Runtime Protection of Mobile Code Using Trusted Computing Xinwen Zhang Francesco Parisi-Presicce Ravi Sandhu www.list.gmu.edu.

Towards Remote Policy Enforcement for Runtime Protection of Mobile Code Using Trusted Computing Xinwen Zhang Francesco Parisi-Presicce Ravi Sandhu
Copyright 2008, Parity Communications, Inc. licensed under EPL 1.0 Paul Trevithick, SocialPhysics.org Mary.

Copyright 2008, Parity Communications, Inc. licensed under EPL 1.0 Paul Trevithick, SocialPhysics.org Mary.
 Jan Alexander Program Manager Microsoft Corporation BB43.

 Jan Alexander Program Manager Microsoft Corporation BB43.
Copyright © IBM Corp., 2007-2008. All rights reserved. The presentation is licensed under Creative Commons Att. Nc Nd 2.5 license. RESTful Service Oriented.

Copyright © IBM Corp., All rights reserved. The presentation is licensed under Creative Commons Att. Nc Nd 2.5 license. RESTful Service Oriented.
A l a d d i n. c o m eToken NG-OTP Combined PKI - OTP Authentication Solution November, 2008.

A l a d d i n. c o m eToken NG-OTP Combined PKI - OTP Authentication Solution November, 2008.
Grid Computing, B. Wilkinson, 20045a.1 Security Continued.

Grid Computing, B. Wilkinson, 20045a.1 Security Continued.
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.

Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
Higgins 1: A species of Tasmanian long-tailed mouse 2: An open source identity framework being developed at the Eclipse Foundation.

Higgins 1: A species of Tasmanian long-tailed mouse 2: An open source identity framework being developed at the Eclipse Foundation.
Adoption Time Single paradigm, mature tools, stable design patterns and frameworks Software developer’s comfort zone Competing paradigms, no tools,

Adoption Time Single paradigm, mature tools, stable design patterns and frameworks Software developer’s comfort zone Competing paradigms, no tools,
© 2009 by Mary Ruddy, Manfred Duchrow, Frank Gerhardt, Jochen Hiller, Gunnar Wagenknecht; made available under the EPL v1.0 | 2009-03-24 Identity Management.

© 2009 by Mary Ruddy, Manfred Duchrow, Frank Gerhardt, Jochen Hiller, Gunnar Wagenknecht; made available under the EPL v1.0 | Identity Management.
© 2008 by Parity; made available under the EPL v1.0 Identity Management Authorization and User Profiles: Higgins1.0 and Beyond Paul Trevithick,

© 2008 by Parity; made available under the EPL v1.0 Identity Management Authorization and User Profiles: Higgins1.0 and Beyond Paul Trevithick,
1 Higgins 1: a species of Tasmanian long-tailed mouse 2: the name of an open source collaboration of IBM, Novell, Oracle, Parity…

1 Higgins 1: a species of Tasmanian long-tailed mouse 2: the name of an open source collaboration of IBM, Novell, Oracle, Parity…
 Lynn Ayres Program Manager Identity Services  Tore Sundelin Program Manager Identity Services BB29.

 Lynn Ayres Program Manager Identity Services  Tore Sundelin Program Manager Identity Services BB29.
© 2009 The MITRE Corporation. All rights Reserved. April 28, 2009 MITRE Public Release Statement Case Number 09-017 Norman F. Brickman, Roger.

© 2009 The MITRE Corporation. All rights Reserved. April 28, 2009 MITRE Public Release Statement Case Number Norman F. Brickman, Roger.
Vittorio Bertocci Sr. Architect Evangelist Microsoft Corporation ARC204.

Vittorio Bertocci Sr. Architect Evangelist Microsoft Corporation ARC204.
Health IT RESTful Application Programming Interface (API) Security Considerations Transport & Security Standards Workgroup March 18, 2015.

Health IT RESTful Application Programming Interface (API) Security Considerations Transport & Security Standards Workgroup March 18, 2015.
® IBM Software Group © 2013 IBM Corporation Innovation for a smarter planet Timeboxes in a New Paradigm of Behavior Modeling Barclay Brown, ESEP IBM

® IBM Software Group © 2013 IBM Corporation Innovation for a smarter planet Timeboxes in a New Paradigm of Behavior Modeling Barclay Brown, ESEP IBM
David Chappell Chappell & Associates www.davidchappell.com.

David Chappell Chappell & Associates
Identity and Access Management Business Ready Security Solutions.

Identity and Access Management Business Ready Security Solutions.
Click to add text © 2012 IBM Corporation 1 Streams Toolkit Landscape InfoSphere Streams Version 3.0 Mike Branson Toolkits.

Click to add text © 2012 IBM Corporation 1 Streams Toolkit Landscape InfoSphere Streams Version 3.0 Mike Branson Toolkits.

Similar presentations

Ads by Google