building a federated identity service to ... - cio summits
TRANSCRIPT
Building a Federated Identity Service to Deliver Web Services API’s 3/20/13
2 Copyright © 2013 CoreBlox LLC. All rights reserved.
Todd Clayton CoreBlox LLC, President
Abstract
877-‐879-‐2569 | 617-‐275-‐7860
www.coreblox.com | www.ssohelp.com
www.linkedin.com/company/coreblox
www.facebook.com/coreblox
@coreblox | @ssohelp
3 Copyright © 2013 CoreBlox LLC. All rights reserved.
• Business Challenges • Required Capabilities • Expected Benefits • Business Opportunity Expansion • Solution Overview • Summary
Agenda
4 Copyright © 2013 CoreBlox LLC. All rights reserved.
Before implementing CA SiteMinder and Radiant Logic VDS solution: • Multiple Disparate Provisioning Systems • Many Manual Processes • No Standard Roles • No Central Repository of User Information • Multiple Accounts per User • Provisioning System (SLA in Days)
Business Challenges
5 Copyright © 2013 CoreBlox LLC. All rights reserved.
The solution will enhance the following Enterprise Frameworks: • Enterprise-wide Identity & Access Management • Enterprise-wide Message Security • Enterprise-wide Authentication/Authorization
Required Capabilities
6 Copyright © 2013 CoreBlox LLC. All rights reserved.
• Reduce Provisioning Time and Complexity • One True Identity for Users • Eases Login Process and Fatigue
(Single Sign-On) • Self-Service Reduces Support Cost • Reporting/Auditing/Re-certification
Expected Benefits
7 Copyright © 2013 CoreBlox LLC. All rights reserved.
• Quickly meet customer’s demands and needs by deploying a reusable secure identity framework across product line.
• Promotes loyalty by enabling customers to enjoy our service more quickly and easily than in prior iterations, by eliminating the need to use multiple passwords for access to our online services and products.
• Reduced operational costs by reducing calls to service desk over account issues, reducing the time for the service to troubleshoot access issues, and enabling the customer to perform self-service actions.
Business Opportunity Expansion
8 Copyright © 2013 CoreBlox LLC. All rights reserved.
• Web Services appliance makes HTTP requests for login and authorization
• SiteMinder provides session management, timeouts, password services and SSO
• Radiant Logic Virtual Directory Server (VDS) used as federated identity hub linking users to associated roles
• VDS normalizes roles to associated business services • VDS used to manage system notifications • Business services provisioned “on the fly”
Solution Overview
9 Copyright © 2013 CoreBlox LLC. All rights reserved.
Logical View
Web Services Clients
Desktop Clients
Radiant Logic Virtual Directory
User Directory
SiteMinder
Business Web Services
Web Portal
Business Services
External Internal
Services Backbone
10 Copyright © 2013 CoreBlox LLC. All rights reserved.
• Multiple Disparate IAM components and processes • Required unified enterprise-wide infrastructure • Implemented a unique SiteMinder and VDS solution that
addressed specialized business services needs • Federated identities leveraged to connect all aspects of
business service delivery • Delivers true identity for users • Creates a centralized security infrastructure for
authentication, authorization, session management and SSO • Solution reduces complexity
Summary