Building a Federated Identity Service to Deliver Web Services API’s 3/20/13

2 Copyright © 2013 CoreBlox LLC. All rights reserved.

Todd Clayton CoreBlox LLC, President

Abstract

877-­‐879-­‐2569  |  617-­‐275-­‐7860    

info@coreblox.com  

www.coreblox.com  |  www.ssohelp.com  

www.linkedin.com/company/coreblox  

www.facebook.com/coreblox  

@coreblox  |  @ssohelp  

3 Copyright © 2013 CoreBlox LLC. All rights reserved.

•  Business Challenges •  Required Capabilities •  Expected Benefits •  Business Opportunity Expansion •  Solution Overview •  Summary

Agenda

4 Copyright © 2013 CoreBlox LLC. All rights reserved.

Before implementing CA SiteMinder and Radiant Logic VDS solution: •  Multiple Disparate Provisioning Systems •  Many Manual Processes •  No Standard Roles •  No Central Repository of User Information •  Multiple Accounts per User •  Provisioning System (SLA in Days)

Business Challenges

5 Copyright © 2013 CoreBlox LLC. All rights reserved.

The solution will enhance the following Enterprise Frameworks: •  Enterprise-wide Identity & Access Management •  Enterprise-wide Message Security •  Enterprise-wide Authentication/Authorization

Required Capabilities

6 Copyright © 2013 CoreBlox LLC. All rights reserved.

•  Reduce Provisioning Time and Complexity •  One True Identity for Users •  Eases Login Process and Fatigue

(Single Sign-On) •  Self-Service Reduces Support Cost •  Reporting/Auditing/Re-certification

Expected Benefits

7 Copyright © 2013 CoreBlox LLC. All rights reserved.

•  Quickly meet customer’s demands and needs by deploying a reusable secure identity framework across product line.

•  Promotes loyalty by enabling customers to enjoy our service more quickly and easily than in prior iterations, by eliminating the need to use multiple passwords for access to our online services and products.

•  Reduced operational costs by reducing calls to service desk over account issues, reducing the time for the service to troubleshoot access issues, and enabling the customer to perform self-service actions.

Business Opportunity Expansion

8 Copyright © 2013 CoreBlox LLC. All rights reserved.

•  Web Services appliance makes HTTP requests for login and authorization

•  SiteMinder provides session management, timeouts, password services and SSO

•  Radiant Logic Virtual Directory Server (VDS) used as federated identity hub linking users to associated roles

•  VDS normalizes roles to associated business services •  VDS used to manage system notifications •  Business services provisioned “on the fly”

Solution Overview

9 Copyright © 2013 CoreBlox LLC. All rights reserved.

Logical View

Web  Services  Clients  

Desktop Clients

Radiant Logic Virtual Directory

User Directory

SiteMinder

Business Web Services

Web Portal

Business Services

External Internal

Services Backbone

10 Copyright © 2013 CoreBlox LLC. All rights reserved.

•  Multiple Disparate IAM components and processes •  Required unified enterprise-wide infrastructure •  Implemented a unique SiteMinder and VDS solution that

addressed specialized business services needs •  Federated identities leveraged to connect all aspects of

business service delivery •  Delivers true identity for users •  Creates a centralized security infrastructure for

authentication, authorization, session management and SSO •  Solution reduces complexity

Summary