PEP Proxy - Wilma GELesson 1 - Introduction

Álvaro Alonso. UPM – DITSecurity Chapter. FIWAREaalonsog@dit.upm.es, @larsonalonso

Contents

1. Why to use Wilma GE2. Security levels3. Related GEs4. Course lessons5. Documentation

Why to use Wilma GE

Public Backend ServiceREST API

REST Client Other services

HTTP request

Web App

User 1 User 2

Why to use Wilma GE

Backend ServiceREST API

REST Client Other services

HTTP request + TOKEN

Web App

Wilma

User 1 User 2

Security levels

• Level 1: Authentication– Check if a user is a registered user

• Level 2: Basic Authorization– Check if a user has permissions to access a resource– HTTP verb + resource path

• Level 3: Advanced Authorization– Check if a user has permissions to access a resource– Custom XACML policies

Related GEs• Identity Management – Keyrock

– To retrieve the tokens that represent a user– To check authentication

• Needed knowledge– How to register an application– How to manage roles and permissions– How to create an OAuth2 token– How to manage organizations

• Course available– https://edu.fiware.org/course/view.php?id= 79

Related GEs

• Authorization PDP – AuthZForce– Policy Decision Point– Policy Administration Point– To check authorization

• Needed knowledge– XACML concepts

• Course available– https://edu.fiware.org/course/view.php?id=57

Course lessons

• Contents• Main concepts• Guidelines• Live tutorial• Documentation

Documentation

• Wilma GE– http://catalogue.fiware.org/enablers/pep-proxy-wilma

• Source code– https://github.com/ging/fiware-pep-proxy

• Documentation– http://fiware-pep-proxy.readthedocs.org

• Keyrock GE– http://catalogue.fiware.org/enablers/identity-manageme

nt-keyrock

• AuthZForce GE– http://catalogue.fiware.org/enablers/authorization-pdp-

authzforce

PEP Proxy - Wilma GELesson 1 - Introduction

Álvaro Alonso. UPM – DITSecurity Chapter. FIWAREaalonsog@dit.upm.es, @larsonalonso