identity & access control in the cloud sachin vinod rathi architect advisor, microsoft...
Post on 21-Dec-2015
221 views
TRANSCRIPT
Identity & Access Control in the Cloud
Sachin Vinod RathiArchitect Advisor, Microsoft Corporation
Niraj BhattEnterprise Architect, Windows Azure MVP
Identity Crisis
• Typical enterprise has dozens of providers– AD, SunOne, SQL, SAP, Oracle...
• Need to consolidate these, and federate where consolidation isn’t possible
• Goal: single enterprise identity service
Identity Capabilities
Federation Authentication Authorization
Audit Provisioning Removal
Self Service
Federation
UK Immigration Trusts US Passport
Office
Claims Will Get the Job Done
On-Premises Applications
On-Premises Applications
Demo
Managing Access for a Windows Azure Application
?
Managing Access for a Windows Azure Application
Name : NirajRole : Architect
Managing Access for a Windows Azure Application
Name : SachinRole :
Architect
• .NET Framework Extension• Programming model for claims• Visual Studio Tools & Templates
• Windows Server Role• An STS for AD• WS-Federation, WS-Trust, SAML
Basic Use of WIF & STS
Demo
Authenticating Users from Business Partners
Name :
Sachin
Role :
Architect
Name :
Sachin
Role :
Architect
Home Realm
Discovery
Home Realm
Discovery
Authenticating Users from Business Partners
Name :
Sachin
Role :
Architect
Name :
Sachin
Role :
Architect
Home Realm
Discovery
Name :
Sachin
Role :
Architect
Home Realm
Discovery
Name :
Sachin
Role :
Architect
• Hosts an STS in the Cloud• Handles relationship with Business Partners & Social Providers• WS-Federation, WS-Trust, OpenID, OAuth
Handling Relationships, HRD and Token Normalization
Demo
Authenticating Users from Web and Social Providers
HRD1. FaceBook2. Live3. Yahoo4. Google
Name :
Sachin
Role :
Architect
Name :
Sachin
Role :
Architect
FabrikamShipping: Automating Customer SignUp from Social Providers
Demo
Authenticating Mobile Users
Name :
Sachin
Role :
Architect
Name :
Sachin
Role :
Architect
Reusing Existing Identities in Mobile Applications
Demo
Claims Will Get the Job Done
Resources
• www.microsoft.com/wif• acs.codeplex.com• www.windowsazure.com
Q&A
© 2011 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.
The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and
Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.