Upload File

adding identity management and access control to your application

  • Home
  • Technology
  • Adding Identity Management and Access Control to your Application
19
Adding Identity Management and Access Control to your Application Joaquin Salvachua // Álvaro Alonso UPM – DIT Security Chapter. FIWARE [email protected] , @jsalvachua [email protected], @larsonalonso

Upload: fernando-lopez-aguilar

Post on 24-Jun-2015

685 views

Category:

Technology


3 download

Report

Tags:

DESCRIPTION

Adding Identity Management and Access Control to your Application in the FIWARE ecosystem

TRANSCRIPT

Page 1: Adding Identity Management and Access Control to your Application

Adding Identity Management and Access Control to your ApplicationJoaquin Salvachua // Álvaro AlonsoUPM – DITSecurity Chapter. [email protected], @[email protected], @larsonalonso

mailto:[email protected]
Page 2: Adding Identity Management and Access Control to your Application

Identity Manager

2

Page 3: Adding Identity Management and Access Control to your Application

Identity Manager

3

Account

Page 4: Adding Identity Management and Access Control to your Application

Oauth 2.0

Login with

Page 5: Adding Identity Management and Access Control to your Application

FIWARE Account (Identity Manager) Demo

5

Page 6: Adding Identity Management and Access Control to your Application

OAuth 2.0

6

Page 7: Adding Identity Management and Access Control to your Application

Oauth 2.0 Message Flow

7

Web App Account

redirect

request access-token

access-token

access-code

OAu

th L

ibra

ry

Request user info using access-token

Page 8: Adding Identity Management and Access Control to your Application

Oauth 2.0 Libraries

• http://oauth.net/2/– PHP, Cocoa, iOS, Java, Ruby, Javascript, Python.

• Example using Node.js– https://github.com/ging/oauth2-example-client

8

Page 9: Adding Identity Management and Access Control to your Application

Oauth 2.0 Demo

9

Page 10: Adding Identity Management and Access Control to your Application

Web Applications and GEs

10

Generic Enabler

Account

Requ

est +

acce

ss-t

oken

Oauth2 flows

access-token

OK + user info (roles)

Web AppO

Auth

Lib

rary

access_token

Page 11: Adding Identity Management and Access Control to your Application

Web Applications and GEs

GET https://GE_URL HTTP/1.1

Host: GE_hostname

X-Auth-Token: access_token

11

http://GE_URL/
Page 12: Adding Identity Management and Access Control to your Application

Securing your back-end

12

Back-end Apps

AccountRequ

est +

acce

ss-t

oken

Web AppO

auth

Lib

rary

Proxy

access-token

OK + user info (roles)

Oauth2 flows

access_token

Page 13: Adding Identity Management and Access Control to your Application

Securing your back-end

• Level 1: Authentication– Check if a user has a FIWARE account

• Level 2: Basic Authorization– Checks if a user has permissions to access a

resource– HTTP verb + resource path

• Level 3: Advanced Authorization– Custom XACML policies

Page 14: Adding Identity Management and Access Control to your Application

Level 1: Authentication

14

Back-end Apps

AccountRequ

est +

acce

ss-t

oken

Web AppO

auth

Lib

rary

Proxy

access-token

OK + user info (roles)

Oauth2 flows

access_token

Page 15: Adding Identity Management and Access Control to your Application

Level 2: Basic Authorization

15

Back-end Apps

Account

Requ

est +

acce

ss-t

oken

Web AppO

auth

Lib

rary

Proxy

access-token + verb + path

OK + user info

Oauth2 flows

access_token

AC GE

Page 16: Adding Identity Management and Access Control to your Application

Level 3: Advanced Authorization

16

Back-end Apps

Account

Requ

est +

acce

ss-t

oken

Web AppO

auth

Lib

rary

Proxy extension

XACML policy

OK + user info

Oauth2 flows

access_token

AC GE

Page 17: Adding Identity Management and Access Control to your Application

FIWARE Proxy Demo

17

Page 18: Adding Identity Management and Access Control to your Application

Documentation

• FIWARE Account:– Source Code: https://github.com/ging/fi-ware-

idm– Documentation: https://github.com/ging/fi-

ware-idm/wiki

• FIWARE Access Control– http://catalogue.fi-ware.org/enablers/access-

control-tha-implementation/documentation

• FIWARE OAuth2 Demo:– https://github.com/ging/oauth2-example-

client

• FIWARE Proxy:– https://github.com/ging/fi-ware-pep-proxy

18

Page 19: Adding Identity Management and Access Control to your Application

Adding Identity Management and Access Control to your ApplicationÁlvaro AlonsoUPM – DITSecurity Chapter. [email protected], @larsonalonso


Identity and Access Management

Streamline Physical Identity and Access Management€¦ · By integrating identity access management (IAM) and physical identity access management (PIAM) solutions, organizations

Towards Blockchain-based Identity and Access Management ... · Keywords: Identity and Access Management Access Control Blockchain Internet of Things. 1 Introduction Identity and Access

Identity and Access Management Solutionssolutionsreview.com/dl/2016_Solutions_Review_Identity_Management... · Sailpoint ... Identity and Access Management Solutions anagement

Identity and Access Management - Microsoft...CAPABILITIES BRIEF Identity and Access Management Organizations are increasingly investing in identity and access management (IAM) projects

Oracle Identity and Access Manager 11g for Administratorsdbmanagement.info/...2-installing-oracle-identity-and-access-manager… · Oracle Identity and Access Manager 11g for Administrators

Adding wo w factor to business identity

IDENTITY AND ACCESS GOVERNANCE (IAG) · IDENTITY AND ACCESS GOVERNANCE (IAG) For any business, controlling who has access to information is a complex task. IDENTITY AND ACCESS GOVERNANCE

SEC835 Identity and Access Management Overview. Tasks of IAM Specify the rules of electronic identity Maintain identity Validate identity Define access

Identity Access Management: Beyond Convenienceresources.onelogin.com/WP-Identity-and-Access-Management-Beyond... · INTRODUCTION Identity and Access Management (IAM) is the official

Identity and Access Management for the Real World ... · I hope you find value in “Identity and Access Management for the Real World: Identity Governance.” Identity and Access

Adding Identity Management and Access Control to your Application

Identity Access Management solution

Securing the Future with Physical Identity and Access ......Physical Identity and Access Management: Bridging the stakeholder gap Physical Identity and Access Management: ... Based

Adding Identity Management and Access Control to your Application, Account Management

Gartner Identity & Access Management summit 2014 · 3 Gartner Identity & Access Management Summit 2014 ... 2 Gartner Identity & Access Management Summit 2014 ... SailPoint’s …

Identity & Access Governance

Identity access management for - etsi.org · Identity and Access Management for Networks and Services This Industry Specification Group (ISG) takes Identity and Access Management

Identity and Access Governance How can I address identity ...it.fieldway.net/CAidentityaccess/identity-and-access-goverance.pdf · Identity and Access Governance Section 2: Introducing

Enterprise Identity and Access Management Standard - mn.gov · Enterprise Identity and Access Management Standard 1 Enterprise Identity and Access Management Standard From the Office

Identity-driven security · More control over shadow IT Adding a cloud access security broker to your identity-driven security strategy can give you greater visibility and control

Identity intelligence: Threat-aware Identity and Access Management

Identity and Access Management Project New Identity System Identity System_Outlook... · Identity and Access Management Project . New Identity System . Outlook Document . Author:

Market Overview: Customer Identity And Access … · Market Overview: Customer Identity And Access ... Customer identity and access management ... better and help with mapping out

Next Generation Biometric Centric Identity and Access ... · • Large-scale identity, Identity-as-a-Service (IDaaS) and identity and access management (IAM) • Strong, convenient

Identity and Access Management - Oracle · Identity and Access Management • Identity and Access Management (IAM) service enables you to control what type of access a group of users

PROMINENCE IDENTITY ACCESS

Adding Identity Management and Access Control to your App

Controlsoftcontrolsoft.com/downloads/Identity_Access_Software_Guide... · 2018-11-20 · V8 Software Guide Identity Access Software Identity Access Identity Access Software (Part

Identity Access - Controlsoftcontrolsoft.com/downloads/Identity-Access-Software-Guide.pdf · Identity Access Software Identity Access IA-STD IA-PRO Database Platform Microsoft SQL

RAPIDIDENTITY Identity and Access ManagementThe Most Complete Identity, Access, Governance, and Administration Capabilities RapidIdentity is the most complete Identity and Access Management

Symantec Identity: Access Manager - Zones, Incmedia.zones.com/images/pdf/symantec-identity-access-manager.pdf · Symantec Identity: Access Manager A next generation control platform

Gartner Identity & Access Management Summit 2011imagesrv.gartner.com/summits/docs/emea/identity-access/iam11... · Gartner Identity & Access Management Summit 2011 ... Gartner Identity

identity & Data Access Governance - PwC · Data life cycle focus Digital Identity Identity & Data Access Governance PwC has over 20 years of experience in the field of Identity Access

Oracle Identity and Access Management Introduction · PDF fileOracle Identity and Access Management Introduction 10g (10.1.4.0.1) B31291-01 ... Oracle Identity and Access Management