SlideShare une entreprise Scribd logo
1  sur  45
Télécharger pour lire hors ligne
Open Identity Summit
Enabling Information Sharing
Identity in a Multi-Agency First Responder and Emergency
Management Environment
Darrell O’Donnell, P.Eng.
President
Continuum Loop Inc.
Open Identity Summit
Emergency)Informa.on)Sharing)
Challenges)
2
Open Identity Summit
How is SA shared?
!  USERS:
!  Fire fighters, Police, EMS/Paramedics, Emergency Managers,
Public Safety/Homeland Security officers
!  From “boots on the ground” to senior federal leadership.
!  Both “consumers” and “contributors”.
!  PROBLEM:
!  Sharing of basic SA information does not happen in a systematic
way. Phone calls and emails rule the world of crisis and day-to-day
operations.
!  The status of SA information is difficult to determine (e.g., whether
current, whether confirmed at source, etc.)
What is MASAS?
!  Multi-Agency – many agencies and organizations from local all
the way up to international.
!  Situational Awareness – Sharing information that helps to
understand what is happening around us so we can do our job
effectively.
!  System (of systems) – MASAS is not a tool, it is a way of
sharing information amongst a trusted community.
Open Identity Summit
Situational awareness is
needed everyday
...and in many different places
Interdev(
5
Open Identity Summit
Local
Regional
(P/T)
Federal
Information Flow
First
Responder
EOC
P/T EMO
EOC
EOC 2…nEOC 1
Regional
Office
OGD
Regional
Office
Federal
Region
ADM-EMC
Field
Open Identity Summit
Road closures, EM weather, check
points, command posts, area of
operation, evacuation zone, plume
cloud, shelter locations, shelter
status, staging area, supply depot,
live cameras, media events,
pictures, sitreps, earthquakes,
space weather, ...
Limiting Access
C
L
A
S
S
I
F
I
C
A
T
I
O
N
Completely
Unclassified
7
Limited(obstacles(
to(success(
Major(obstacles(
to(success(
Designated
or Classified
Open Identity Summit
It can be this simple!
8
IAM allows users to
know that the sender
is who they say they
and that they are the
authoritative source.
Open Identity Summit
Fires and MVA from CAD
9
Open Identity Summit
Hurricane Sandy
Good example of information sharing.
Or was it?
Open Identity Summit
Common Viewer -
OpenLayers
!  Little to no training
!  Popular browsers
!  Source code available
11
Open Identity Summit
ESRI ArcGIS Widget
12
Open Identity Summit
Moving to
Common Viewer - ArcGIS
!  Plugs into ArcGIS
!  User configurable
!  Source code available
13
Open Identity Summit
It works locally
It must ...or it won’t work nationally, internationally
14
Open Identity Summit
Local Level
!  Tri-services
!  Fire, Police, and Ambulance/Paramedics
!  Emergency Managers
!  Multiple Jurisdictions
!  Muddy
!  Today’s Incident Command Systems tells you who is in charge and
who does what? Who has what rights?
!  No systems integration – no way to share data reliably and
predictably (i.e., not automated, and supporting policy)
Open Identity Summit
International – Canada/US
Open Identity Summit
Beyond the Border
Beyond the Border -
Action Plan on
Perimeter Security...
December 2011
Page 25: “The second working group will focus on cross-border interoperability as a means of
harmonizing cross-border emergency communications efforts. It will pursue activities that
promote the harmonization of the Canadian Multi-Agency Situational Awareness
System with the United States Integrated Public Alert and Warning System to
enable sharing of alert, warning, and incident information to improve response
coordination during binational disasters.”
17
Open Identity Summit
Self Examination …
!  Given this Surprise …
!  Why is MASAS Succeeding?
!  ~50 Organizations in 2011, 200 in 2012, 450 in 2013 (May)
!  It isn’t Technology
!  Information Exchange is somewhat novel – but not magic.
!  Been done before.
!  Mimics the real world – enables relationships
!  Easy to approach
Open Identity Summit
Moving Pieces – lots…
MASAS Controlled
!  Server Software
!  Information Exchange
!  Access Control
!  Apps
!  OpenLayers/JavaScript
!  ArcGIS Flex
!  Mobile (Android, iOS,
BlackBerry)
EXTERNAL SYSTEMS
!  Incident management systems
(IMS)
!  Geographic information systems
(GIS)
!  Computer aided dispatch systems
(CAD)
!  Records management systems
(RMS)
!  Forest fire management systems
!  … including external IAM (e.g.
Federal AD)
Open Identity Summit
Current Access Control
!  Django-Based
!  Modified Django user access and identity
!  Incredibly onerous to maintain and add capability
!  Permissions?
!  Granular?
!  Roles?
!  Groups?
!  Scale?
Open Identity Summit
MASAS
Basic
Toolset
MASAS
Basic
Toolset
VERY Simple
Architecture
Your
Tools
Their
Tools
Firewall Firewall
ESRI, EmerGeo,
Interdev, Sentinel, IHS,
CriSys, Command View,
IDV, MyStateUSA,
SharePoint, Hazus, …,
basic MASAS tools
Your
Tools
Your
Tools
Their
Tools
Their
Tools
Incident management,
mapping, dispatch,
consoles, tablets,
smartphones, sensors,
digital radio, …
21
Open Identity Summit
Access Control - REST
RESTful Query:
https://access.masas-sics.ca/api/check_access/?query_secret=XXXXXX&secret=YYYYYY
JSON response:
{
"groups": [ "https://access.masas-sics.ca/accounts/group/1” ],
"hubs": [
{ "url": https://sandbox2.masas-sics.ca/hub, "post": "Y” },
{ "url": https://sandbox1.masas-sics.ca/hub, "post": "Y” }
],
"id": 5, "name": "MASAS NIT - Darrell ODonnell”, "uri": "https://access.masas-sics.ca/accounts/
user/######/"
}
Groups not used
yet.
Open Identity Summit
It Starts Simple
!  Username and Password access per hub
!  Add read-only and read/write access
!  4 hubs operationally (2 for dev)
!  Consolidate account into one account
!  r/o & r/w per hub
!  OAuth 2.0 (app level access?)
!  Integrate CMS (Joomla)
!  Allow self-admin …
!  What are we building???
Open Identity Summit
Starting to Sound Familiar
!  Roll your own
!  Add capabilities as you go
!  Total Control
!  …
!  Until …
!  It Controls you – and you have
build an Identity & Access
Management System – a black
hole for development funds
Open Identity Summit
Community is About…
!  TRUST
!  How do I know you?
!  Have we met?
!  How do I know I can trust you?
!  Who else trusts you? – professional referrals
!  How has this translated so far?
!  Simply - but that’s a problem
!  Growing needs for deeper information
Open Identity Summit
Future Needs
!  Increase Information Exchange Types
!  Hospital Availability, Resource Request, Requests for Information
!  Limiting Access to Information
!  Deep Identity and Access Management
!  Authentication, Authorization, and Audit (A3)
!  Identity
!  Credentialing, revocation…
!  Multi-Factor Authentication
!  Integration into Directories
Open Identity Summit
Lessons Learned to Date
!  Limit scope
!  Being able to say NO is powerful
!  Work on the majority – not the exceptions
!  Standards take additional time in the beginning but provide
scale.
!  Build only what you must – buy, configure, borrow (beg,
steal) the rest
!  Building for resilience and flexibility is necessary (and hard)
Open Identity Summit
Core Market-ecture
Information Exchange Layer
Identity & Access Management Layer
integrated
Open Identity Summit
Information Exchange
!  BUILD
!  Architecture -> Dev -> Support
!  Integrate with IAM Layer
!  Protect resources
!  Use Standards
!  Integrate through Configuration where possible
Open Identity Summit
Problems
!  Technical jargon tossed around:
!  Credentials
!  Revocation
!  Provisioning
!  Federation
!  Access Control
!  Audience Control
!  OAuth
!  XACML
!  SAML
!  …
Open Identity Summit
Local
Regional
(P/T)
Federal
Information Flow
First
Responder
EOC
P/T EMO
EOC
EOC 2…nEOC 1
Regional
Office
OGD
Regional
Office
Federal
Region
ADM-EMC
Field
Open Identity Summit
Identity & Access Management
!  Open Source Focus of Team
!  OFFSITE
!  A3
–  Authentication
–  Authorization – rights, permissions, membership
–  Audit
!  Integration – internal & external
!  Huge Enterprise Space (Oracle, IBM, MS, etc.)
Open Identity Summit
IAM Needs
!  Authentication & Authorization
!  Provisioning & Management – Users, Organizations,
Systems, Devices, etc.
!  Integration – Core Tools, Internal Systems, External
Systems etc.
!  OPPORTUNITY – Identity is an investment of the
community
!  STICKY and hard to leave
Open Identity Summit
Identity Management - Asset
!  A MASAS community member invests in MASAS:
!  Fees (nominal)
!  Time
!  Reputation…
!  In the social space, this is sticky
!  No common space in Canada right now beyond MASAS
!  No credentialed system beyond organization boundaries
!  Identity underpins trust – and it needs enterprise and cloud scale
Open Identity Summit
Open Identity Stack
!  Open-Source – but
commercially supported
!  Already C&A capable
!  Supports Integration out of
box
!  Out-of-box for admins
!  Still need Community
Management
Open Identity Summit
MASAS – Growing Community
!  Business Problem: Managing thousands of user
accounts takes a lot of time – more time than the New
Entity can reasonably spend.
!  SOLUTION: Offload effort by allowing Organizations to
manage their own needs.
Open Identity Summit
MASAS – Community
Management
!  NEED: MASAS will need to track usage (revenue) and
manage the overall directory
!  # of Organization Accounts
!  Access Rights for Organization, Organization Hierarchy
!  Policy Enforcement
!  MASAS OPS team gets OpenAM … in its RAW form…
Open Identity Summit
Organization Management
!  Firefighters, Police, EMS/Paramedics
!  OpenAM tools for Management?
Open Identity Summit
Applicant Processing
!  Outside of Open Identity Stack
Open Identity Summit
Admin/Clerk View
!  Examines Existing, Approved, and Rejected Applications
!  Edits if needed – keeps log of Rejections
!  Approval Process – OpenIDM REST – create Org and Org Admin’s
account.
Open Identity Summit
Participant Administrator
!  Skin on OpenAM (via REST)
!  Custom View for the Organization
!  Focuses on their Organization only
!  Manages permissions for their members
!  Creates/Edits/Deletes Accounts for that Organization
Open Identity Summit
Upcoming Decisions
!  Granular Permissions/Entitlements
!  Groups? XACML? Attributes + Policy…
!  OpenIDM vs. OpenAM REST APIs
!  Scale
!  Issues and Roadblocks
!  Federation
Open Identity Summit
Thanks
Darrell O’Donnell, P.Eng.
darrell.odonnell@continuumloop.com
@darrello
Chief Technology Officer
MASAS National Implementation Team
(under contract) Centre for Security
Science
President, Principal Consultant
Continuum Loop Inc.
Ottawa, Ontario, CANADA
Q & A
Logo of Presenter
Company HERE
Notional Market-ecture

Contenu connexe

Similaire à How Do Get Police, Fire, Paramedics and Others to Share Information? Built Trust into the System...

GCC Operational Technology Security Forum & Exhibition, 21-23 March 2017, Doha
GCC Operational Technology Security Forum & Exhibition, 21-23 March 2017, DohaGCC Operational Technology Security Forum & Exhibition, 21-23 March 2017, Doha
GCC Operational Technology Security Forum & Exhibition, 21-23 March 2017, DohaSyed Peer
 
District Office of Info and KM - Proposed - by Joel Magnussen - 2004
District Office of Info and KM - Proposed - by Joel Magnussen - 2004District Office of Info and KM - Proposed - by Joel Magnussen - 2004
District Office of Info and KM - Proposed - by Joel Magnussen - 2004Peter Stinson
 
The 2016 Guide to IT Identity Management
The 2016 Guide to IT Identity ManagementThe 2016 Guide to IT Identity Management
The 2016 Guide to IT Identity ManagementJumpCloud
 
20170613 iasa architecture - Tim Willoughby presentation
20170613   iasa architecture  - Tim Willoughby presentation20170613   iasa architecture  - Tim Willoughby presentation
20170613 iasa architecture - Tim Willoughby presentationTim Willoughby
 
Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...
Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party  Cyb...Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party  Cyb...
Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...Rishi Singh
 
Threat Hunting, Detection, and Incident Response in the Cloud
Threat Hunting, Detection, and Incident Response in the CloudThreat Hunting, Detection, and Incident Response in the Cloud
Threat Hunting, Detection, and Incident Response in the CloudBen Johnson
 
Packt publishing book proposal api and mobile access management
Packt publishing book proposal api and mobile access managementPackt publishing book proposal api and mobile access management
Packt publishing book proposal api and mobile access managementGluu
 
F5 Hero Asset - Inside the head of a Hacker Final
F5 Hero Asset - Inside the head of a Hacker FinalF5 Hero Asset - Inside the head of a Hacker Final
F5 Hero Asset - Inside the head of a Hacker FinalShallu Behar-Sheehan FCIM
 
Activity Streaming as Information X-Docking
Activity Streaming as Information X-DockingActivity Streaming as Information X-Docking
Activity Streaming as Information X-DockingKai Riemer
 
Nuxeo Webinar: Getting Started with your DAM Application
Nuxeo Webinar: Getting Started with your DAM ApplicationNuxeo Webinar: Getting Started with your DAM Application
Nuxeo Webinar: Getting Started with your DAM ApplicationNuxeo
 
Securing And Protecting Information Protection
Securing And Protecting Information ProtectionSecuring And Protecting Information Protection
Securing And Protecting Information ProtectionSusan Kennedy
 
A Report On The Attack Automation Strategy
A Report On The Attack Automation StrategyA Report On The Attack Automation Strategy
A Report On The Attack Automation StrategyJennifer Reither
 
Global Data Management: Governance, Security and Usefulness in a Hybrid World
Global Data Management: Governance, Security and Usefulness in a Hybrid WorldGlobal Data Management: Governance, Security and Usefulness in a Hybrid World
Global Data Management: Governance, Security and Usefulness in a Hybrid WorldNeil Raden
 
Fontys Eric van Tol
Fontys Eric van TolFontys Eric van Tol
Fontys Eric van TolTalentEvent
 
Information protection and compliance
Information protection and complianceInformation protection and compliance
Information protection and complianceDean Iacovelli
 
Gartner: Top 10 Technology Trends 2015
Gartner: Top 10 Technology Trends 2015Gartner: Top 10 Technology Trends 2015
Gartner: Top 10 Technology Trends 2015Den Reymer
 
Security Opportunities A Silicon Valley VC Perspective
Security Opportunities  A Silicon Valley VC PerspectiveSecurity Opportunities  A Silicon Valley VC Perspective
Security Opportunities A Silicon Valley VC PerspectivePositive Hack Days
 

Similaire à How Do Get Police, Fire, Paramedics and Others to Share Information? Built Trust into the System... (20)

GCC Operational Technology Security Forum & Exhibition, 21-23 March 2017, Doha
GCC Operational Technology Security Forum & Exhibition, 21-23 March 2017, DohaGCC Operational Technology Security Forum & Exhibition, 21-23 March 2017, Doha
GCC Operational Technology Security Forum & Exhibition, 21-23 March 2017, Doha
 
District Office of Info and KM - Proposed - by Joel Magnussen - 2004
District Office of Info and KM - Proposed - by Joel Magnussen - 2004District Office of Info and KM - Proposed - by Joel Magnussen - 2004
District Office of Info and KM - Proposed - by Joel Magnussen - 2004
 
The 2016 Guide to IT Identity Management
The 2016 Guide to IT Identity ManagementThe 2016 Guide to IT Identity Management
The 2016 Guide to IT Identity Management
 
20170613 iasa architecture - Tim Willoughby presentation
20170613   iasa architecture  - Tim Willoughby presentation20170613   iasa architecture  - Tim Willoughby presentation
20170613 iasa architecture - Tim Willoughby presentation
 
Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...
Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party  Cyb...Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party  Cyb...
Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...
 
Threat Hunting, Detection, and Incident Response in the Cloud
Threat Hunting, Detection, and Incident Response in the CloudThreat Hunting, Detection, and Incident Response in the Cloud
Threat Hunting, Detection, and Incident Response in the Cloud
 
Packt publishing book proposal api and mobile access management
Packt publishing book proposal api and mobile access managementPackt publishing book proposal api and mobile access management
Packt publishing book proposal api and mobile access management
 
BYOD / Mobile-Device Security Guidelines for CxO's
BYOD / Mobile-Device Security Guidelines for CxO'sBYOD / Mobile-Device Security Guidelines for CxO's
BYOD / Mobile-Device Security Guidelines for CxO's
 
F5 Hero Asset - Inside the head of a Hacker Final
F5 Hero Asset - Inside the head of a Hacker FinalF5 Hero Asset - Inside the head of a Hacker Final
F5 Hero Asset - Inside the head of a Hacker Final
 
Activity Streaming as Information X-Docking
Activity Streaming as Information X-DockingActivity Streaming as Information X-Docking
Activity Streaming as Information X-Docking
 
Big security for big data
Big security for big dataBig security for big data
Big security for big data
 
Nuxeo Webinar: Getting Started with your DAM Application
Nuxeo Webinar: Getting Started with your DAM ApplicationNuxeo Webinar: Getting Started with your DAM Application
Nuxeo Webinar: Getting Started with your DAM Application
 
Threat intelligence minority report
Threat intelligence minority reportThreat intelligence minority report
Threat intelligence minority report
 
Securing And Protecting Information Protection
Securing And Protecting Information ProtectionSecuring And Protecting Information Protection
Securing And Protecting Information Protection
 
A Report On The Attack Automation Strategy
A Report On The Attack Automation StrategyA Report On The Attack Automation Strategy
A Report On The Attack Automation Strategy
 
Global Data Management: Governance, Security and Usefulness in a Hybrid World
Global Data Management: Governance, Security and Usefulness in a Hybrid WorldGlobal Data Management: Governance, Security and Usefulness in a Hybrid World
Global Data Management: Governance, Security and Usefulness in a Hybrid World
 
Fontys Eric van Tol
Fontys Eric van TolFontys Eric van Tol
Fontys Eric van Tol
 
Information protection and compliance
Information protection and complianceInformation protection and compliance
Information protection and compliance
 
Gartner: Top 10 Technology Trends 2015
Gartner: Top 10 Technology Trends 2015Gartner: Top 10 Technology Trends 2015
Gartner: Top 10 Technology Trends 2015
 
Security Opportunities A Silicon Valley VC Perspective
Security Opportunities  A Silicon Valley VC PerspectiveSecurity Opportunities  A Silicon Valley VC Perspective
Security Opportunities A Silicon Valley VC Perspective
 

Plus de ForgeRock

Digital Identities in the Internet of Things - Securely Manage Devices at Scale
Digital Identities in the Internet of Things - Securely Manage Devices at ScaleDigital Identities in the Internet of Things - Securely Manage Devices at Scale
Digital Identities in the Internet of Things - Securely Manage Devices at ScaleForgeRock
 
Get the Exact Identity Solution You Need - In the Cloud - AWS and Beyond
Get the Exact Identity Solution You Need - In the Cloud - AWS and BeyondGet the Exact Identity Solution You Need - In the Cloud - AWS and Beyond
Get the Exact Identity Solution You Need - In the Cloud - AWS and BeyondForgeRock
 
Identity Live Sydney: Identity Management - A Strategic Opportunity
Identity Live Sydney: Identity Management  - A Strategic OpportunityIdentity Live Sydney: Identity Management  - A Strategic Opportunity
Identity Live Sydney: Identity Management - A Strategic OpportunityForgeRock
 
Identity Live Singapore: Transform Your Cybersecurity Capability
Identity Live Singapore: Transform Your Cybersecurity CapabilityIdentity Live Singapore: Transform Your Cybersecurity Capability
Identity Live Singapore: Transform Your Cybersecurity CapabilityForgeRock
 
Identity Live Singapore 2018 Keynote Presentation
Identity Live Singapore 2018 Keynote PresentationIdentity Live Singapore 2018 Keynote Presentation
Identity Live Singapore 2018 Keynote PresentationForgeRock
 
Identity Live Sydney 2018 Keynote Presentation
Identity Live Sydney 2018 Keynote PresentationIdentity Live Sydney 2018 Keynote Presentation
Identity Live Sydney 2018 Keynote PresentationForgeRock
 
Identity Live Singapore: Just Ask 'Em
Identity Live Singapore: Just Ask 'EmIdentity Live Singapore: Just Ask 'Em
Identity Live Singapore: Just Ask 'EmForgeRock
 
Identity Live Singapore: Building Trust & Privacy in a Connected Society
Identity Live Singapore: Building Trust & Privacy in a Connected SocietyIdentity Live Singapore: Building Trust & Privacy in a Connected Society
Identity Live Singapore: Building Trust & Privacy in a Connected SocietyForgeRock
 
Identity Live Sydney: Intelligent Authentication
Identity Live Sydney: Intelligent Authentication Identity Live Sydney: Intelligent Authentication
Identity Live Sydney: Intelligent Authentication ForgeRock
 
Identity Live Sydney: Building Trust and Privacy in a Connected Society
Identity Live  Sydney:  Building Trust and Privacy in a Connected SocietyIdentity Live  Sydney:  Building Trust and Privacy in a Connected Society
Identity Live Sydney: Building Trust and Privacy in a Connected SocietyForgeRock
 
Get the Exact Identity Solution you Need in the Cloud - Deep Dive
Get the Exact Identity Solution you Need in the Cloud - Deep DiveGet the Exact Identity Solution you Need in the Cloud - Deep Dive
Get the Exact Identity Solution you Need in the Cloud - Deep DiveForgeRock
 
Get the Exact Identity Solution You Need - In the Cloud - Overview
Get the Exact Identity Solution You Need - In the Cloud - OverviewGet the Exact Identity Solution You Need - In the Cloud - Overview
Get the Exact Identity Solution You Need - In the Cloud - OverviewForgeRock
 
ForgeRock and Trusona - Simplifying the Multi-factor User Experience
ForgeRock and Trusona - Simplifying the Multi-factor User ExperienceForgeRock and Trusona - Simplifying the Multi-factor User Experience
ForgeRock and Trusona - Simplifying the Multi-factor User ExperienceForgeRock
 
Opening Keynote (Identity Live Berlin 2018)
Opening Keynote (Identity Live Berlin 2018)Opening Keynote (Identity Live Berlin 2018)
Opening Keynote (Identity Live Berlin 2018)ForgeRock
 
Steinberg - Customer identity as the cornerstone of our approach to digitaliz...
Steinberg - Customer identity as the cornerstone of our approach to digitaliz...Steinberg - Customer identity as the cornerstone of our approach to digitaliz...
Steinberg - Customer identity as the cornerstone of our approach to digitaliz...ForgeRock
 
BMW Group - Identity Enables the Next 100 Years.. (Identity Live Berlin 2018)
BMW Group - Identity Enables the Next 100 Years..  (Identity Live Berlin 2018)BMW Group - Identity Enables the Next 100 Years..  (Identity Live Berlin 2018)
BMW Group - Identity Enables the Next 100 Years.. (Identity Live Berlin 2018)ForgeRock
 
Trust is Everything - The Future of Identity and the ForgeRock Platform (Iden...
Trust is Everything - The Future of Identity and the ForgeRock Platform (Iden...Trust is Everything - The Future of Identity and the ForgeRock Platform (Iden...
Trust is Everything - The Future of Identity and the ForgeRock Platform (Iden...ForgeRock
 
Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...
Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...
Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...ForgeRock
 
Shift from GDPR readiness to sustained compliance to improve your business an...
Shift from GDPR readiness to sustained compliance to improve your business an...Shift from GDPR readiness to sustained compliance to improve your business an...
Shift from GDPR readiness to sustained compliance to improve your business an...ForgeRock
 
Intelligent Authentication (Identity Live Berlin 2018)
Intelligent Authentication  (Identity Live Berlin 2018)Intelligent Authentication  (Identity Live Berlin 2018)
Intelligent Authentication (Identity Live Berlin 2018)ForgeRock
 

Plus de ForgeRock (20)

Digital Identities in the Internet of Things - Securely Manage Devices at Scale
Digital Identities in the Internet of Things - Securely Manage Devices at ScaleDigital Identities in the Internet of Things - Securely Manage Devices at Scale
Digital Identities in the Internet of Things - Securely Manage Devices at Scale
 
Get the Exact Identity Solution You Need - In the Cloud - AWS and Beyond
Get the Exact Identity Solution You Need - In the Cloud - AWS and BeyondGet the Exact Identity Solution You Need - In the Cloud - AWS and Beyond
Get the Exact Identity Solution You Need - In the Cloud - AWS and Beyond
 
Identity Live Sydney: Identity Management - A Strategic Opportunity
Identity Live Sydney: Identity Management  - A Strategic OpportunityIdentity Live Sydney: Identity Management  - A Strategic Opportunity
Identity Live Sydney: Identity Management - A Strategic Opportunity
 
Identity Live Singapore: Transform Your Cybersecurity Capability
Identity Live Singapore: Transform Your Cybersecurity CapabilityIdentity Live Singapore: Transform Your Cybersecurity Capability
Identity Live Singapore: Transform Your Cybersecurity Capability
 
Identity Live Singapore 2018 Keynote Presentation
Identity Live Singapore 2018 Keynote PresentationIdentity Live Singapore 2018 Keynote Presentation
Identity Live Singapore 2018 Keynote Presentation
 
Identity Live Sydney 2018 Keynote Presentation
Identity Live Sydney 2018 Keynote PresentationIdentity Live Sydney 2018 Keynote Presentation
Identity Live Sydney 2018 Keynote Presentation
 
Identity Live Singapore: Just Ask 'Em
Identity Live Singapore: Just Ask 'EmIdentity Live Singapore: Just Ask 'Em
Identity Live Singapore: Just Ask 'Em
 
Identity Live Singapore: Building Trust & Privacy in a Connected Society
Identity Live Singapore: Building Trust & Privacy in a Connected SocietyIdentity Live Singapore: Building Trust & Privacy in a Connected Society
Identity Live Singapore: Building Trust & Privacy in a Connected Society
 
Identity Live Sydney: Intelligent Authentication
Identity Live Sydney: Intelligent Authentication Identity Live Sydney: Intelligent Authentication
Identity Live Sydney: Intelligent Authentication
 
Identity Live Sydney: Building Trust and Privacy in a Connected Society
Identity Live  Sydney:  Building Trust and Privacy in a Connected SocietyIdentity Live  Sydney:  Building Trust and Privacy in a Connected Society
Identity Live Sydney: Building Trust and Privacy in a Connected Society
 
Get the Exact Identity Solution you Need in the Cloud - Deep Dive
Get the Exact Identity Solution you Need in the Cloud - Deep DiveGet the Exact Identity Solution you Need in the Cloud - Deep Dive
Get the Exact Identity Solution you Need in the Cloud - Deep Dive
 
Get the Exact Identity Solution You Need - In the Cloud - Overview
Get the Exact Identity Solution You Need - In the Cloud - OverviewGet the Exact Identity Solution You Need - In the Cloud - Overview
Get the Exact Identity Solution You Need - In the Cloud - Overview
 
ForgeRock and Trusona - Simplifying the Multi-factor User Experience
ForgeRock and Trusona - Simplifying the Multi-factor User ExperienceForgeRock and Trusona - Simplifying the Multi-factor User Experience
ForgeRock and Trusona - Simplifying the Multi-factor User Experience
 
Opening Keynote (Identity Live Berlin 2018)
Opening Keynote (Identity Live Berlin 2018)Opening Keynote (Identity Live Berlin 2018)
Opening Keynote (Identity Live Berlin 2018)
 
Steinberg - Customer identity as the cornerstone of our approach to digitaliz...
Steinberg - Customer identity as the cornerstone of our approach to digitaliz...Steinberg - Customer identity as the cornerstone of our approach to digitaliz...
Steinberg - Customer identity as the cornerstone of our approach to digitaliz...
 
BMW Group - Identity Enables the Next 100 Years.. (Identity Live Berlin 2018)
BMW Group - Identity Enables the Next 100 Years..  (Identity Live Berlin 2018)BMW Group - Identity Enables the Next 100 Years..  (Identity Live Berlin 2018)
BMW Group - Identity Enables the Next 100 Years.. (Identity Live Berlin 2018)
 
Trust is Everything - The Future of Identity and the ForgeRock Platform (Iden...
Trust is Everything - The Future of Identity and the ForgeRock Platform (Iden...Trust is Everything - The Future of Identity and the ForgeRock Platform (Iden...
Trust is Everything - The Future of Identity and the ForgeRock Platform (Iden...
 
Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...
Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...
Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...
 
Shift from GDPR readiness to sustained compliance to improve your business an...
Shift from GDPR readiness to sustained compliance to improve your business an...Shift from GDPR readiness to sustained compliance to improve your business an...
Shift from GDPR readiness to sustained compliance to improve your business an...
 
Intelligent Authentication (Identity Live Berlin 2018)
Intelligent Authentication  (Identity Live Berlin 2018)Intelligent Authentication  (Identity Live Berlin 2018)
Intelligent Authentication (Identity Live Berlin 2018)
 

Dernier

Introduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxIntroduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxMatsuo Lab
 
Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024D Cloud Solutions
 
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...DianaGray10
 
Videogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfVideogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfinfogdgmi
 
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online CollaborationCOMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online Collaborationbruanjhuli
 
Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsComputer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsSeth Reyes
 
Bird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemBird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemAsko Soukka
 
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1DianaGray10
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6DianaGray10
 
Cybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxCybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxGDSC PJATK
 
Building AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxBuilding AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxUdaiappa Ramachandran
 
Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Commit University
 
UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8DianaGray10
 
Empowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintEmpowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintMahmoud Rabie
 
Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.YounusS2
 
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1DianaGray10
 
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UbiTrack UK
 
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfUiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfDianaGray10
 
UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7DianaGray10
 

Dernier (20)

Introduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxIntroduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptx
 
Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024
 
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
 
Videogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfVideogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdf
 
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online CollaborationCOMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
 
Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsComputer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and Hazards
 
Bird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemBird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystem
 
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6
 
Cybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxCybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptx
 
Building AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxBuilding AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptx
 
Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)
 
20230104 - machine vision
20230104 - machine vision20230104 - machine vision
20230104 - machine vision
 
UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8
 
Empowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintEmpowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership Blueprint
 
Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.
 
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1
 
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
 
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfUiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
 
UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7
 

How Do Get Police, Fire, Paramedics and Others to Share Information? Built Trust into the System...

  • 1. Open Identity Summit Enabling Information Sharing Identity in a Multi-Agency First Responder and Emergency Management Environment Darrell O’Donnell, P.Eng. President Continuum Loop Inc.
  • 3. Open Identity Summit How is SA shared? !  USERS: !  Fire fighters, Police, EMS/Paramedics, Emergency Managers, Public Safety/Homeland Security officers !  From “boots on the ground” to senior federal leadership. !  Both “consumers” and “contributors”. !  PROBLEM: !  Sharing of basic SA information does not happen in a systematic way. Phone calls and emails rule the world of crisis and day-to-day operations. !  The status of SA information is difficult to determine (e.g., whether current, whether confirmed at source, etc.)
  • 4. What is MASAS? !  Multi-Agency – many agencies and organizations from local all the way up to international. !  Situational Awareness – Sharing information that helps to understand what is happening around us so we can do our job effectively. !  System (of systems) – MASAS is not a tool, it is a way of sharing information amongst a trusted community.
  • 5. Open Identity Summit Situational awareness is needed everyday ...and in many different places Interdev( 5
  • 6. Open Identity Summit Local Regional (P/T) Federal Information Flow First Responder EOC P/T EMO EOC EOC 2…nEOC 1 Regional Office OGD Regional Office Federal Region ADM-EMC Field
  • 7. Open Identity Summit Road closures, EM weather, check points, command posts, area of operation, evacuation zone, plume cloud, shelter locations, shelter status, staging area, supply depot, live cameras, media events, pictures, sitreps, earthquakes, space weather, ... Limiting Access C L A S S I F I C A T I O N Completely Unclassified 7 Limited(obstacles( to(success( Major(obstacles( to(success( Designated or Classified
  • 8. Open Identity Summit It can be this simple! 8 IAM allows users to know that the sender is who they say they and that they are the authoritative source.
  • 9. Open Identity Summit Fires and MVA from CAD 9
  • 10. Open Identity Summit Hurricane Sandy Good example of information sharing. Or was it?
  • 11. Open Identity Summit Common Viewer - OpenLayers !  Little to no training !  Popular browsers !  Source code available 11
  • 12. Open Identity Summit ESRI ArcGIS Widget 12
  • 13. Open Identity Summit Moving to Common Viewer - ArcGIS !  Plugs into ArcGIS !  User configurable !  Source code available 13
  • 14. Open Identity Summit It works locally It must ...or it won’t work nationally, internationally 14
  • 15. Open Identity Summit Local Level !  Tri-services !  Fire, Police, and Ambulance/Paramedics !  Emergency Managers !  Multiple Jurisdictions !  Muddy !  Today’s Incident Command Systems tells you who is in charge and who does what? Who has what rights? !  No systems integration – no way to share data reliably and predictably (i.e., not automated, and supporting policy)
  • 17. Open Identity Summit Beyond the Border Beyond the Border - Action Plan on Perimeter Security... December 2011 Page 25: “The second working group will focus on cross-border interoperability as a means of harmonizing cross-border emergency communications efforts. It will pursue activities that promote the harmonization of the Canadian Multi-Agency Situational Awareness System with the United States Integrated Public Alert and Warning System to enable sharing of alert, warning, and incident information to improve response coordination during binational disasters.” 17
  • 18. Open Identity Summit Self Examination … !  Given this Surprise … !  Why is MASAS Succeeding? !  ~50 Organizations in 2011, 200 in 2012, 450 in 2013 (May) !  It isn’t Technology !  Information Exchange is somewhat novel – but not magic. !  Been done before. !  Mimics the real world – enables relationships !  Easy to approach
  • 19. Open Identity Summit Moving Pieces – lots… MASAS Controlled !  Server Software !  Information Exchange !  Access Control !  Apps !  OpenLayers/JavaScript !  ArcGIS Flex !  Mobile (Android, iOS, BlackBerry) EXTERNAL SYSTEMS !  Incident management systems (IMS) !  Geographic information systems (GIS) !  Computer aided dispatch systems (CAD) !  Records management systems (RMS) !  Forest fire management systems !  … including external IAM (e.g. Federal AD)
  • 20. Open Identity Summit Current Access Control !  Django-Based !  Modified Django user access and identity !  Incredibly onerous to maintain and add capability !  Permissions? !  Granular? !  Roles? !  Groups? !  Scale?
  • 21. Open Identity Summit MASAS Basic Toolset MASAS Basic Toolset VERY Simple Architecture Your Tools Their Tools Firewall Firewall ESRI, EmerGeo, Interdev, Sentinel, IHS, CriSys, Command View, IDV, MyStateUSA, SharePoint, Hazus, …, basic MASAS tools Your Tools Your Tools Their Tools Their Tools Incident management, mapping, dispatch, consoles, tablets, smartphones, sensors, digital radio, … 21
  • 22. Open Identity Summit Access Control - REST RESTful Query: https://access.masas-sics.ca/api/check_access/?query_secret=XXXXXX&secret=YYYYYY JSON response: { "groups": [ "https://access.masas-sics.ca/accounts/group/1” ], "hubs": [ { "url": https://sandbox2.masas-sics.ca/hub, "post": "Y” }, { "url": https://sandbox1.masas-sics.ca/hub, "post": "Y” } ], "id": 5, "name": "MASAS NIT - Darrell ODonnell”, "uri": "https://access.masas-sics.ca/accounts/ user/######/" } Groups not used yet.
  • 23. Open Identity Summit It Starts Simple !  Username and Password access per hub !  Add read-only and read/write access !  4 hubs operationally (2 for dev) !  Consolidate account into one account !  r/o & r/w per hub !  OAuth 2.0 (app level access?) !  Integrate CMS (Joomla) !  Allow self-admin … !  What are we building???
  • 24. Open Identity Summit Starting to Sound Familiar !  Roll your own !  Add capabilities as you go !  Total Control !  … !  Until … !  It Controls you – and you have build an Identity & Access Management System – a black hole for development funds
  • 25. Open Identity Summit Community is About… !  TRUST !  How do I know you? !  Have we met? !  How do I know I can trust you? !  Who else trusts you? – professional referrals !  How has this translated so far? !  Simply - but that’s a problem !  Growing needs for deeper information
  • 26. Open Identity Summit Future Needs !  Increase Information Exchange Types !  Hospital Availability, Resource Request, Requests for Information !  Limiting Access to Information !  Deep Identity and Access Management !  Authentication, Authorization, and Audit (A3) !  Identity !  Credentialing, revocation… !  Multi-Factor Authentication !  Integration into Directories
  • 27. Open Identity Summit Lessons Learned to Date !  Limit scope !  Being able to say NO is powerful !  Work on the majority – not the exceptions !  Standards take additional time in the beginning but provide scale. !  Build only what you must – buy, configure, borrow (beg, steal) the rest !  Building for resilience and flexibility is necessary (and hard)
  • 28. Open Identity Summit Core Market-ecture Information Exchange Layer Identity & Access Management Layer integrated
  • 29. Open Identity Summit Information Exchange !  BUILD !  Architecture -> Dev -> Support !  Integrate with IAM Layer !  Protect resources !  Use Standards !  Integrate through Configuration where possible
  • 30. Open Identity Summit Problems !  Technical jargon tossed around: !  Credentials !  Revocation !  Provisioning !  Federation !  Access Control !  Audience Control !  OAuth !  XACML !  SAML !  …
  • 31. Open Identity Summit Local Regional (P/T) Federal Information Flow First Responder EOC P/T EMO EOC EOC 2…nEOC 1 Regional Office OGD Regional Office Federal Region ADM-EMC Field
  • 32. Open Identity Summit Identity & Access Management !  Open Source Focus of Team !  OFFSITE !  A3 –  Authentication –  Authorization – rights, permissions, membership –  Audit !  Integration – internal & external !  Huge Enterprise Space (Oracle, IBM, MS, etc.)
  • 33. Open Identity Summit IAM Needs !  Authentication & Authorization !  Provisioning & Management – Users, Organizations, Systems, Devices, etc. !  Integration – Core Tools, Internal Systems, External Systems etc. !  OPPORTUNITY – Identity is an investment of the community !  STICKY and hard to leave
  • 34. Open Identity Summit Identity Management - Asset !  A MASAS community member invests in MASAS: !  Fees (nominal) !  Time !  Reputation… !  In the social space, this is sticky !  No common space in Canada right now beyond MASAS !  No credentialed system beyond organization boundaries !  Identity underpins trust – and it needs enterprise and cloud scale
  • 35. Open Identity Summit Open Identity Stack !  Open-Source – but commercially supported !  Already C&A capable !  Supports Integration out of box !  Out-of-box for admins !  Still need Community Management
  • 36. Open Identity Summit MASAS – Growing Community !  Business Problem: Managing thousands of user accounts takes a lot of time – more time than the New Entity can reasonably spend. !  SOLUTION: Offload effort by allowing Organizations to manage their own needs.
  • 37. Open Identity Summit MASAS – Community Management !  NEED: MASAS will need to track usage (revenue) and manage the overall directory !  # of Organization Accounts !  Access Rights for Organization, Organization Hierarchy !  Policy Enforcement !  MASAS OPS team gets OpenAM … in its RAW form…
  • 38. Open Identity Summit Organization Management !  Firefighters, Police, EMS/Paramedics !  OpenAM tools for Management?
  • 39. Open Identity Summit Applicant Processing !  Outside of Open Identity Stack
  • 40. Open Identity Summit Admin/Clerk View !  Examines Existing, Approved, and Rejected Applications !  Edits if needed – keeps log of Rejections !  Approval Process – OpenIDM REST – create Org and Org Admin’s account.
  • 41. Open Identity Summit Participant Administrator !  Skin on OpenAM (via REST) !  Custom View for the Organization !  Focuses on their Organization only !  Manages permissions for their members !  Creates/Edits/Deletes Accounts for that Organization
  • 42. Open Identity Summit Upcoming Decisions !  Granular Permissions/Entitlements !  Groups? XACML? Attributes + Policy… !  OpenIDM vs. OpenAM REST APIs !  Scale !  Issues and Roadblocks !  Federation
  • 43. Open Identity Summit Thanks Darrell O’Donnell, P.Eng. darrell.odonnell@continuumloop.com @darrello Chief Technology Officer MASAS National Implementation Team (under contract) Centre for Security Science President, Principal Consultant Continuum Loop Inc. Ottawa, Ontario, CANADA
  • 44. Q & A Logo of Presenter Company HERE