identity & access control in the cloud
DESCRIPTION
Identity & Access Control in the Cloud. Name Title Microsoft Corporation. Agenda. Claims Will Get the Job Done Claims Based Identity & WIF WIF & Windows Azure Windows Azure Access Control service More Scenarios. Claims Will Get the Job Done. Scenarios. Windows Azure. - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: Identity & Access Control in the Cloud](https://reader038.vdocuments.us/reader038/viewer/2022110404/56813067550346895d964234/html5/thumbnails/1.jpg)
Identity & Access Control in the Cloud
NameTitleMicrosoft Corporation
![Page 2: Identity & Access Control in the Cloud](https://reader038.vdocuments.us/reader038/viewer/2022110404/56813067550346895d964234/html5/thumbnails/2.jpg)
Agenda
Claims Will Get the Job Done
Claims Based Identity & WIF
WIF & Windows Azure
Windows Azure Access Control service
More Scenarios
![Page 3: Identity & Access Control in the Cloud](https://reader038.vdocuments.us/reader038/viewer/2022110404/56813067550346895d964234/html5/thumbnails/3.jpg)
Claims Will Get the Job Done
![Page 4: Identity & Access Control in the Cloud](https://reader038.vdocuments.us/reader038/viewer/2022110404/56813067550346895d964234/html5/thumbnails/4.jpg)
ScenariosWindows
Azure
![Page 5: Identity & Access Control in the Cloud](https://reader038.vdocuments.us/reader038/viewer/2022110404/56813067550346895d964234/html5/thumbnails/5.jpg)
Claims Based Identity & WIF
![Page 6: Identity & Access Control in the Cloud](https://reader038.vdocuments.us/reader038/viewer/2022110404/56813067550346895d964234/html5/thumbnails/6.jpg)
Windows Azure
A Service-Oriented Approach to Identity
![Page 7: Identity & Access Control in the Cloud](https://reader038.vdocuments.us/reader038/viewer/2022110404/56813067550346895d964234/html5/thumbnails/7.jpg)
Windows Azure
Claims-Based IdentityClaims
Active Directory
Federation Services 2Windows Server RoleAn STS for ADWS-Federation, WS-Trust, SAML
![Page 8: Identity & Access Control in the Cloud](https://reader038.vdocuments.us/reader038/viewer/2022110404/56813067550346895d964234/html5/thumbnails/8.jpg)
Basic Use of WIF with a Web Role
Demo
![Page 9: Identity & Access Control in the Cloud](https://reader038.vdocuments.us/reader038/viewer/2022110404/56813067550346895d964234/html5/thumbnails/9.jpg)
WIF Pipeline for ASP.NET
FAM SAM CAMRedirectToken handlingClaims filtering
Session Claims-BasedAuthorization
Windows Azure
Claims
![Page 10: Identity & Access Control in the Cloud](https://reader038.vdocuments.us/reader038/viewer/2022110404/56813067550346895d964234/html5/thumbnails/10.jpg)
WIF & Windows Azure
![Page 11: Identity & Access Control in the Cloud](https://reader038.vdocuments.us/reader038/viewer/2022110404/56813067550346895d964234/html5/thumbnails/11.jpg)
Windows Azure
WIF in Windows Azure
URI Certificates
Sessions
![Page 12: Identity & Access Control in the Cloud](https://reader038.vdocuments.us/reader038/viewer/2022110404/56813067550346895d964234/html5/thumbnails/12.jpg)
Windows Azure Access Control service
![Page 13: Identity & Access Control in the Cloud](https://reader038.vdocuments.us/reader038/viewer/2022110404/56813067550346895d964234/html5/thumbnails/13.jpg)
Authenticating Users from Business Partners (I)
Windows Azure
![Page 14: Identity & Access Control in the Cloud](https://reader038.vdocuments.us/reader038/viewer/2022110404/56813067550346895d964234/html5/thumbnails/14.jpg)
Authenticating Users from Business Partners (II)
Windows Azure
Windows Azure
Access Control ServiceHost an STS in cloud for you
Handles relationships with business and social Ips
WS-Federation, WS-Trust, Open ID, OAuth
![Page 15: Identity & Access Control in the Cloud](https://reader038.vdocuments.us/reader038/viewer/2022110404/56813067550346895d964234/html5/thumbnails/15.jpg)
Using ACS for Managing Relationships, Home Realm Discoveryand token normalization
Demo
![Page 16: Identity & Access Control in the Cloud](https://reader038.vdocuments.us/reader038/viewer/2022110404/56813067550346895d964234/html5/thumbnails/16.jpg)
Serv
er
2 S
erv
er
ACSACS
ADFS2 . WS-Federation
Your ApplicationIdentity Providers
Bro
wse
r-b
ase
d
Ric
hC
lien
tWS-Federation
SAML
SWT
SAML
SWT
Service Identities
ADFS2 . WS-Trust
WS-Trust
OAuth WRAP/2.0
![Page 17: Identity & Access Control in the Cloud](https://reader038.vdocuments.us/reader038/viewer/2022110404/56813067550346895d964234/html5/thumbnails/17.jpg)
Authenticating Users from Web and Social Providers
Sign-up and claims enrichment
Windows Azure
![Page 18: Identity & Access Control in the Cloud](https://reader038.vdocuments.us/reader038/viewer/2022110404/56813067550346895d964234/html5/thumbnails/18.jpg)
FabrikamShipping: Automating Customer Sign-up from Social Providers via ACS
Demo
![Page 19: Identity & Access Control in the Cloud](https://reader038.vdocuments.us/reader038/viewer/2022110404/56813067550346895d964234/html5/thumbnails/19.jpg)
More Scenarios
![Page 20: Identity & Access Control in the Cloud](https://reader038.vdocuments.us/reader038/viewer/2022110404/56813067550346895d964234/html5/thumbnails/20.jpg)
[Almost] the Same Applies to Web ServicesNative WCF Integration for WS-Trust/WS-SecuritySome gimmicks necessary in Silverlight
Custom WIF extensions for handling REST/OAuth
Variations of protocol transition patterns for handling mobile scenarios
![Page 21: Identity & Access Control in the Cloud](https://reader038.vdocuments.us/reader038/viewer/2022110404/56813067550346895d964234/html5/thumbnails/21.jpg)
Claims Will Get the Job Done
![Page 22: Identity & Access Control in the Cloud](https://reader038.vdocuments.us/reader038/viewer/2022110404/56813067550346895d964234/html5/thumbnails/22.jpg)
© 2011 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to
be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.