SlideShare une entreprise Scribd logo

Apache Syncope and Tirasa

Télécharger en tant que ODP, PDF
Francesco Chicchiriccò
Francesco Chicchiriccò
Internet
1  sur  26
OpenSource Identity Management with Apache Syncope Viale D'Annunzio, 267 - 65127 Pescara Partita IVA 01974100685 N. REA 143460 Tel +39 0859116307 / FAX +39 0859111173 http://www.tirasa.net info@tirasa.net
Agenda ● Identity and Access Management ● Vendor Vs Open Source solutions ● Apache Syncope ● Tirasa: Apache Syncope Enterprise support
What's IdM about? ● Data records that contains a collection of data about a person ● “Data record” → Account ● “A person” → Identity ● The joint effort of business process and IT to manage user data on systems and applications.
IdM technologies ● Identity Stores ● Storage of user information ● Provisioning ● Synchronize account data across identity stores and a broad range of data formats, models, meanings and purposes ● Access Management ● Security mechanisms that take place when a user is accessing a specific system or functionality
Identity Stores ● Examples ● LDAP / Active Directory ● RDBMS ● Meta and Virtual Directories ● Accounts can be created and managed in one place only ● Each application manages authentication separately ● Users may use the same password for all connected applications
Aren't Identity Stores enough? ● Heterogeneity of systems ● Lack of a single source of information ● HR for corporate id, Groupware for mail address, ... ● Need for a local user database ● Inconsistent policies ● Lack of workflow management ● Hidden infrastructure management cost, growing with organization size
Provisioning ● Keeping identity stores as synchronized as possible ● Need to be customizable and flexible ● Priority: non-intrusiveness ● Focused on application back-end ● Communication: ● Connectors ● Agents
Identity Lifecycle
Access Management ● Mediator to all access to all applications ● Focused on application front-end ● Aspects ● Authentication (Single SignOn) ● Authorization ● Federation (SAML, Liberty, OAuth, OpenID, ...) ● Mainly applicable to web applications ● Difficult integration with pre-existing apps
IdM in practice: before...
IdM in practice: ...after!
Vendor products ● Oracle (with addition of ex-Sun suite) ● Novell ● IBM (Tivoli) ● Microsoft (Forefront) ● Niche players ● Ping ● NetIQ ● SailPoint ● Quest (now Dell)
Open Source non-ASF products Identity Stores Access Management Provisioning
Open Source ASF projects ● Identity Stores ● Apache Directory ● Provisioning ● Apache Syncope ● Access Management ● Apache Shiro
Apache Syncope ● Inception by Tirasa in 2010 ● Entered ASF incubator in February 2012 ● Graduated as TLP in November 2012 ● Active community ● 13 committers, 5 contributors ● ~130 mailing list subscribers, stable traffic
Syncope: features ● Workflow-based provisioning engine of users and roles ● Account / Password policies ● Agentless connection with Identity Stores ● Auditing & Reporting ● Shining admin console ● Customizable and extensible by design
Syncope: architecture
Syncope: mapping
Syncope and the external world
Syncope: connectors ● Based on ConnId, hosted at GitHub, new home of Sun's Identity Connectors ● Ready-to-use bundles: ● LDAP ● Active Directory ● Database ● CSV Directory ● SOAP ● Google Apps ● UNIX ● Write your own bundle PPrroovviissiioonniinngg EEnnggiinnee AAPPII SSPPII Common Code Objects & Utils Using Connectors
Syncope: roadmap ● Security realms (multi-tenant scenarios) ● SCIM interface ● Concurrent / Asynchronous communication with external resources ● Access Management features ● More at http://s.apache.org/SyncopeRoadmap
Syncope: (some) success stories
● Italian limited company established in 2011 ● Small, highly skilled staff ● Deliverying IAM solutions for Sun Microsystems for 10 years ● Instructors of IdM, Access Manager and Directory Server for Sun Microsystem's courses ● Creates and leverages Open Source tools for Enterprise Integration ● ConnId ● Hippo Cocoon Toolkit
Syncope: enterprise services ● Product evaluation – Introductory workshop – Proof of Concept (PoC) ● Development support ● Production support ● Syncope Compliance Dashboard ● More at http://syncope.tirasa.net
Syncope: trying it out ● Online http://syncopedemo.tirasa.net ● Virtual Machine image ● Ubuntu Juju / Microsoft Azure ● .deb packages ● Standalone distribution ● Quickstart projects on GitHub ● Maven Archetype
Questions?

Recommandé

Building Open Source Identity Infrastructures
Building Open Source Identity InfrastructuresBuilding Open Source Identity Infrastructures
Building Open Source Identity InfrastructuresMisagh Moayyed
 
Integrating Apache Camel with Apache Syncope
Integrating Apache Camel with Apache SyncopeIntegrating Apache Camel with Apache Syncope
Integrating Apache Camel with Apache SyncopeColm O hEigeartaigh
 
Building open source identity infrastructures
Building open source identity infrastructuresBuilding open source identity infrastructures
Building open source identity infrastructuresFrancesco Chicchiriccò
 
Open Source & Identity Management
Open Source & Identity ManagementOpen Source & Identity Management
Open Source & Identity ManagementJISC Netskills
 
Open Source Identity Management
Open Source Identity ManagementOpen Source Identity Management
Open Source Identity ManagementRadovan Semancik
 
Complete open source IAM solution
Complete open source IAM solutionComplete open source IAM solution
Complete open source IAM solutionRadovan Semancik
 
OpenDJ: An Introduction
OpenDJ: An IntroductionOpenDJ: An Introduction
OpenDJ: An IntroductionForgeRock
 
OpenDJ - An Introduction
OpenDJ - An IntroductionOpenDJ - An Introduction
OpenDJ - An IntroductionForgeRock
 

Recommandé

Building Open Source Identity Infrastructures
Building Open Source Identity InfrastructuresBuilding Open Source Identity Infrastructures
Building Open Source Identity InfrastructuresMisagh Moayyed
 
Integrating Apache Camel with Apache Syncope
Integrating Apache Camel with Apache SyncopeIntegrating Apache Camel with Apache Syncope
Integrating Apache Camel with Apache SyncopeColm O hEigeartaigh
 
Building open source identity infrastructures
Building open source identity infrastructuresBuilding open source identity infrastructures
Building open source identity infrastructuresFrancesco Chicchiriccò
 
Open Source & Identity Management
Open Source & Identity ManagementOpen Source & Identity Management
Open Source & Identity ManagementJISC Netskills
 
Open Source Identity Management
Open Source Identity ManagementOpen Source Identity Management
Open Source Identity ManagementRadovan Semancik
 
Complete open source IAM solution
Complete open source IAM solutionComplete open source IAM solution
Complete open source IAM solutionRadovan Semancik
 
OpenDJ: An Introduction
OpenDJ: An IntroductionOpenDJ: An Introduction
OpenDJ: An IntroductionForgeRock
 
OpenDJ - An Introduction
OpenDJ - An IntroductionOpenDJ - An Introduction
OpenDJ - An IntroductionForgeRock
 
OpenIDM - Flexible Provisioning Platform - April 28 Webinar
OpenIDM - Flexible Provisioning Platform - April 28 WebinarOpenIDM - Flexible Provisioning Platform - April 28 Webinar
OpenIDM - Flexible Provisioning Platform - April 28 WebinarForgeRock
 
Integrating Apache Syncope with Apache CXF
Integrating Apache Syncope with Apache CXFIntegrating Apache Syncope with Apache CXF
Integrating Apache Syncope with Apache CXFcoheigea
 
Identity Manager Opensource OpenIDM Architecture
Identity Manager Opensource OpenIDM ArchitectureIdentity Manager Opensource OpenIDM Architecture
Identity Manager Opensource OpenIDM ArchitectureAidy Tificate
 
Identity Management with midPoint
Identity Management with midPointIdentity Management with midPoint
Identity Management with midPointRadovan Semancik
 
WSO2Con USA 2017: Enhancing Customer Experience with WSO2 Identity Server
WSO2Con USA 2017: Enhancing Customer Experience with WSO2 Identity ServerWSO2Con USA 2017: Enhancing Customer Experience with WSO2 Identity Server
WSO2Con USA 2017: Enhancing Customer Experience with WSO2 Identity ServerWSO2
 
Asp.Net Identity
Asp.Net IdentityAsp.Net Identity
Asp.Net IdentityMarwa Ahmad
 
Deep thoughts from the real world of azure
Deep thoughts from the real world of azureDeep thoughts from the real world of azure
Deep thoughts from the real world of azureMichele Leroux Bustamante
 
Case Study: University of California, Berkeley and San Francisco
Case Study: University of California, Berkeley and San FranciscoCase Study: University of California, Berkeley and San Francisco
Case Study: University of California, Berkeley and San FranciscoForgeRock
 
ZubZib Black Coffee #9 - ASP.NET Identity
ZubZib Black Coffee #9 - ASP.NET IdentityZubZib Black Coffee #9 - ASP.NET Identity
ZubZib Black Coffee #9 - ASP.NET IdentityNon Intanon
 
WSO2Con USA 2017: Building a Secure Enterprise
WSO2Con USA 2017: Building a Secure EnterpriseWSO2Con USA 2017: Building a Secure Enterprise
WSO2Con USA 2017: Building a Secure EnterpriseWSO2
 
Authentication & Authorization in ASPdotNet MVC
Authentication & Authorization in ASPdotNet MVCAuthentication & Authorization in ASPdotNet MVC
Authentication & Authorization in ASPdotNet MVCMindfire Solutions
 
OpenIDM - An Introduction
OpenIDM - An IntroductionOpenIDM - An Introduction
OpenIDM - An IntroductionForgeRock
 
Case Study: Plus Retail - Moving from the Old World to the New World
Case Study: Plus Retail - Moving from the Old World to the New WorldCase Study: Plus Retail - Moving from the Old World to the New World
Case Study: Plus Retail - Moving from the Old World to the New WorldForgeRock
 
2015.04.23 Azure Mobile Services
2015.04.23 Azure Mobile Services2015.04.23 Azure Mobile Services
2015.04.23 Azure Mobile ServicesMarco Parenzan
 
Introduction to Azure AD and Azure AD B2C
Introduction to Azure AD and Azure AD B2CIntroduction to Azure AD and Azure AD B2C
Introduction to Azure AD and Azure AD B2CJoonas Westlin
 
WSO2Con USA 2017: Introduction to Security: End-to-End Identity Management
WSO2Con USA 2017: Introduction to Security: End-to-End Identity ManagementWSO2Con USA 2017: Introduction to Security: End-to-End Identity Management
WSO2Con USA 2017: Introduction to Security: End-to-End Identity ManagementWSO2
 
There is REST and then there is "REST"
There is REST and then there is "REST"There is REST and then there is "REST"
There is REST and then there is "REST"Radovan Semancik
 
iPlanet presentation
iPlanet presentationiPlanet presentation
iPlanet presentationrogerkellerman
 
Directories for the REST of Us: REST to LDAP in OpenDJ 2.6
Directories for the REST of Us: REST to LDAP in OpenDJ 2.6Directories for the REST of Us: REST to LDAP in OpenDJ 2.6
Directories for the REST of Us: REST to LDAP in OpenDJ 2.6ForgeRock
 
Building a document e-signing workflow with Azure Durable Functions
Building a document e-signing workflow with Azure Durable FunctionsBuilding a document e-signing workflow with Azure Durable Functions
Building a document e-signing workflow with Azure Durable FunctionsJoonas Westlin
 
Dynatech presentation for TSI Career Day
Dynatech presentation for TSI Career DayDynatech presentation for TSI Career Day
Dynatech presentation for TSI Career DayArtur Babyuk
 
[Workshop] Managing the API lifecycle with Open Source Technologies
[Workshop] Managing the API lifecycle with Open Source Technologies[Workshop] Managing the API lifecycle with Open Source Technologies
[Workshop] Managing the API lifecycle with Open Source TechnologiesWSO2
 

Contenu connexe

Tendances

OpenIDM - Flexible Provisioning Platform - April 28 Webinar
OpenIDM - Flexible Provisioning Platform - April 28 WebinarOpenIDM - Flexible Provisioning Platform - April 28 Webinar
OpenIDM - Flexible Provisioning Platform - April 28 WebinarForgeRock
 
Integrating Apache Syncope with Apache CXF
Integrating Apache Syncope with Apache CXFIntegrating Apache Syncope with Apache CXF
Integrating Apache Syncope with Apache CXFcoheigea
 
Identity Manager Opensource OpenIDM Architecture
Identity Manager Opensource OpenIDM ArchitectureIdentity Manager Opensource OpenIDM Architecture
Identity Manager Opensource OpenIDM ArchitectureAidy Tificate
 
Identity Management with midPoint
Identity Management with midPointIdentity Management with midPoint
Identity Management with midPointRadovan Semancik
 
WSO2Con USA 2017: Enhancing Customer Experience with WSO2 Identity Server
WSO2Con USA 2017: Enhancing Customer Experience with WSO2 Identity ServerWSO2Con USA 2017: Enhancing Customer Experience with WSO2 Identity Server
WSO2Con USA 2017: Enhancing Customer Experience with WSO2 Identity ServerWSO2
 
Asp.Net Identity
Asp.Net IdentityAsp.Net Identity
Asp.Net IdentityMarwa Ahmad
 
Case Study: University of California, Berkeley and San Francisco
Case Study: University of California, Berkeley and San FranciscoCase Study: University of California, Berkeley and San Francisco
Case Study: University of California, Berkeley and San FranciscoForgeRock
 
ZubZib Black Coffee #9 - ASP.NET Identity
ZubZib Black Coffee #9 - ASP.NET IdentityZubZib Black Coffee #9 - ASP.NET Identity
ZubZib Black Coffee #9 - ASP.NET IdentityNon Intanon
 
WSO2Con USA 2017: Building a Secure Enterprise
WSO2Con USA 2017: Building a Secure EnterpriseWSO2Con USA 2017: Building a Secure Enterprise
WSO2Con USA 2017: Building a Secure EnterpriseWSO2
 
Authentication & Authorization in ASPdotNet MVC
Authentication & Authorization in ASPdotNet MVCAuthentication & Authorization in ASPdotNet MVC
Authentication & Authorization in ASPdotNet MVCMindfire Solutions
 
OpenIDM - An Introduction
OpenIDM - An IntroductionOpenIDM - An Introduction
OpenIDM - An IntroductionForgeRock
 
Case Study: Plus Retail - Moving from the Old World to the New World
Case Study: Plus Retail - Moving from the Old World to the New WorldCase Study: Plus Retail - Moving from the Old World to the New World
Case Study: Plus Retail - Moving from the Old World to the New WorldForgeRock
 
2015.04.23 Azure Mobile Services
2015.04.23 Azure Mobile Services2015.04.23 Azure Mobile Services
2015.04.23 Azure Mobile ServicesMarco Parenzan
 
Introduction to Azure AD and Azure AD B2C
Introduction to Azure AD and Azure AD B2CIntroduction to Azure AD and Azure AD B2C
Introduction to Azure AD and Azure AD B2CJoonas Westlin
 
WSO2Con USA 2017: Introduction to Security: End-to-End Identity Management
WSO2Con USA 2017: Introduction to Security: End-to-End Identity ManagementWSO2Con USA 2017: Introduction to Security: End-to-End Identity Management
WSO2Con USA 2017: Introduction to Security: End-to-End Identity ManagementWSO2
 
There is REST and then there is "REST"
There is REST and then there is "REST"There is REST and then there is "REST"
There is REST and then there is "REST"Radovan Semancik
 
Directories for the REST of Us: REST to LDAP in OpenDJ 2.6
Directories for the REST of Us: REST to LDAP in OpenDJ 2.6Directories for the REST of Us: REST to LDAP in OpenDJ 2.6
Directories for the REST of Us: REST to LDAP in OpenDJ 2.6ForgeRock
 
Building a document e-signing workflow with Azure Durable Functions
Building a document e-signing workflow with Azure Durable FunctionsBuilding a document e-signing workflow with Azure Durable Functions
Building a document e-signing workflow with Azure Durable FunctionsJoonas Westlin
 

Tendances (20)

OpenIDM - Flexible Provisioning Platform - April 28 Webinar
OpenIDM - Flexible Provisioning Platform - April 28 WebinarOpenIDM - Flexible Provisioning Platform - April 28 Webinar
OpenIDM - Flexible Provisioning Platform - April 28 Webinar
 
Integrating Apache Syncope with Apache CXF
Integrating Apache Syncope with Apache CXFIntegrating Apache Syncope with Apache CXF
Integrating Apache Syncope with Apache CXF
 
Identity Manager Opensource OpenIDM Architecture
Identity Manager Opensource OpenIDM ArchitectureIdentity Manager Opensource OpenIDM Architecture
Identity Manager Opensource OpenIDM Architecture
 
Identity Management with midPoint
Identity Management with midPointIdentity Management with midPoint
Identity Management with midPoint
 
WSO2Con USA 2017: Enhancing Customer Experience with WSO2 Identity Server
WSO2Con USA 2017: Enhancing Customer Experience with WSO2 Identity ServerWSO2Con USA 2017: Enhancing Customer Experience with WSO2 Identity Server
WSO2Con USA 2017: Enhancing Customer Experience with WSO2 Identity Server
 
Asp.Net Identity
Asp.Net IdentityAsp.Net Identity
Asp.Net Identity
 
Deep thoughts from the real world of azure
Deep thoughts from the real world of azureDeep thoughts from the real world of azure
Deep thoughts from the real world of azure
 
Case Study: University of California, Berkeley and San Francisco
Case Study: University of California, Berkeley and San FranciscoCase Study: University of California, Berkeley and San Francisco
Case Study: University of California, Berkeley and San Francisco
 
ZubZib Black Coffee #9 - ASP.NET Identity
ZubZib Black Coffee #9 - ASP.NET IdentityZubZib Black Coffee #9 - ASP.NET Identity
ZubZib Black Coffee #9 - ASP.NET Identity
 
WSO2Con USA 2017: Building a Secure Enterprise
WSO2Con USA 2017: Building a Secure EnterpriseWSO2Con USA 2017: Building a Secure Enterprise
WSO2Con USA 2017: Building a Secure Enterprise
 
Authentication & Authorization in ASPdotNet MVC
Authentication & Authorization in ASPdotNet MVCAuthentication & Authorization in ASPdotNet MVC
Authentication & Authorization in ASPdotNet MVC
 
OpenIDM - An Introduction
OpenIDM - An IntroductionOpenIDM - An Introduction
OpenIDM - An Introduction
 
Case Study: Plus Retail - Moving from the Old World to the New World
Case Study: Plus Retail - Moving from the Old World to the New WorldCase Study: Plus Retail - Moving from the Old World to the New World
Case Study: Plus Retail - Moving from the Old World to the New World
 
2015.04.23 Azure Mobile Services
2015.04.23 Azure Mobile Services2015.04.23 Azure Mobile Services
2015.04.23 Azure Mobile Services
 
Introduction to Azure AD and Azure AD B2C
Introduction to Azure AD and Azure AD B2CIntroduction to Azure AD and Azure AD B2C
Introduction to Azure AD and Azure AD B2C
 
WSO2Con USA 2017: Introduction to Security: End-to-End Identity Management
WSO2Con USA 2017: Introduction to Security: End-to-End Identity ManagementWSO2Con USA 2017: Introduction to Security: End-to-End Identity Management
WSO2Con USA 2017: Introduction to Security: End-to-End Identity Management
 
There is REST and then there is "REST"
There is REST and then there is "REST"There is REST and then there is "REST"
There is REST and then there is "REST"
 
iPlanet presentation
iPlanet presentationiPlanet presentation
iPlanet presentation
 
Directories for the REST of Us: REST to LDAP in OpenDJ 2.6
Directories for the REST of Us: REST to LDAP in OpenDJ 2.6Directories for the REST of Us: REST to LDAP in OpenDJ 2.6
Directories for the REST of Us: REST to LDAP in OpenDJ 2.6
 
Building a document e-signing workflow with Azure Durable Functions
Building a document e-signing workflow with Azure Durable FunctionsBuilding a document e-signing workflow with Azure Durable Functions
Building a document e-signing workflow with Azure Durable Functions
 

Similaire à Apache Syncope and Tirasa

Dynatech presentation for TSI Career Day
Dynatech presentation for TSI Career DayDynatech presentation for TSI Career Day
Dynatech presentation for TSI Career DayArtur Babyuk
 
[Workshop] Managing the API lifecycle with Open Source Technologies
[Workshop] Managing the API lifecycle with Open Source Technologies[Workshop] Managing the API lifecycle with Open Source Technologies
[Workshop] Managing the API lifecycle with Open Source TechnologiesWSO2
 
Webinar: OpenIDM 3.1
Webinar: OpenIDM 3.1Webinar: OpenIDM 3.1
Webinar: OpenIDM 3.1ForgeRock
 
Evolveum: About the company and its product - midPoint
Evolveum: About the company and its product - midPointEvolveum: About the company and its product - midPoint
Evolveum: About the company and its product - midPointEvolveum
 
BarCamp Hong Kong 2015 - AuthBucket - Open Source Identity Management System
BarCamp Hong Kong 2015 - AuthBucket - Open Source Identity Management SystemBarCamp Hong Kong 2015 - AuthBucket - Open Source Identity Management System
BarCamp Hong Kong 2015 - AuthBucket - Open Source Identity Management SystemWong Hoi Sing Edison
 
Single Sign On (SSO) Services with Free/Open Source Software
Single Sign On (SSO) Services with Free/Open Source SoftwareSingle Sign On (SSO) Services with Free/Open Source Software
Single Sign On (SSO) Services with Free/Open Source SoftwareTonny Adhi Sabastian
 
API Management within a Microservice Architecture
API Management within a Microservice ArchitectureAPI Management within a Microservice Architecture
API Management within a Microservice ArchitectureWSO2
 
API Management Within a Microservices Architecture
API Management Within a Microservices Architecture API Management Within a Microservices Architecture
API Management Within a Microservices Architecture Nadeesha Gamage
 
Api centric enterprises
Api centric enterprisesApi centric enterprises
Api centric enterprisesWSO2
 
[OW2con'21] Hosting Identity in the Cloud with OW2 free softwares
[OW2con'21] Hosting Identity in the Cloud with OW2 free softwares[OW2con'21] Hosting Identity in the Cloud with OW2 free softwares
[OW2con'21] Hosting Identity in the Cloud with OW2 free softwaresWorteks
 
DevSecOps: The Open Source Way
DevSecOps: The Open Source WayDevSecOps: The Open Source Way
DevSecOps: The Open Source WayGordon Haff
 
JIO and WebViewers: interoperability for Javascript and Web Applications
JIO and WebViewers: interoperability for Javascript and Web ApplicationsJIO and WebViewers: interoperability for Javascript and Web Applications
JIO and WebViewers: interoperability for Javascript and Web ApplicationsXWiki
 
Programming for non tech entrepreneurs
Programming for non tech entrepreneursProgramming for non tech entrepreneurs
Programming for non tech entrepreneursRodrigo Gil
 
[Workshop] API-driven Integration
[Workshop] API-driven Integration[Workshop] API-driven Integration
[Workshop] API-driven IntegrationWSO2
 
Big Brother for Enterprises - The WSO2 Advantage
Big Brother for Enterprises - The WSO2 AdvantageBig Brother for Enterprises - The WSO2 Advantage
Big Brother for Enterprises - The WSO2 AdvantageWSO2
 
Deep Visibility: Logging From Distributed Microservices
Deep Visibility: Logging From Distributed MicroservicesDeep Visibility: Logging From Distributed Microservices
Deep Visibility: Logging From Distributed MicroservicesAaronLieberman5
 
Not my problem - Delegating responsibility to infrastructure
Not my problem - Delegating responsibility to infrastructureNot my problem - Delegating responsibility to infrastructure
Not my problem - Delegating responsibility to infrastructureYshay Yaacobi
 
I/O Frog: Not another Sigfox platform?
I/O Frog: Not another Sigfox platform?I/O Frog: Not another Sigfox platform?
I/O Frog: Not another Sigfox platform?Simple Hardware
 

Similaire à Apache Syncope and Tirasa (20)

Dynatech presentation for TSI Career Day
Dynatech presentation for TSI Career DayDynatech presentation for TSI Career Day
Dynatech presentation for TSI Career Day
 
[Workshop] Managing the API lifecycle with Open Source Technologies
[Workshop] Managing the API lifecycle with Open Source Technologies[Workshop] Managing the API lifecycle with Open Source Technologies
[Workshop] Managing the API lifecycle with Open Source Technologies
 
Webinar: OpenIDM 3.1
Webinar: OpenIDM 3.1Webinar: OpenIDM 3.1
Webinar: OpenIDM 3.1
 
Evolveum: About the company and its product - midPoint
Evolveum: About the company and its product - midPointEvolveum: About the company and its product - midPoint
Evolveum: About the company and its product - midPoint
 
BarCamp Hong Kong 2015 - AuthBucket - Open Source Identity Management System
BarCamp Hong Kong 2015 - AuthBucket - Open Source Identity Management SystemBarCamp Hong Kong 2015 - AuthBucket - Open Source Identity Management System
BarCamp Hong Kong 2015 - AuthBucket - Open Source Identity Management System
 
Single Sign On (SSO) Services with Free/Open Source Software
Single Sign On (SSO) Services with Free/Open Source SoftwareSingle Sign On (SSO) Services with Free/Open Source Software
Single Sign On (SSO) Services with Free/Open Source Software
 
API Management within a Microservice Architecture
API Management within a Microservice ArchitectureAPI Management within a Microservice Architecture
API Management within a Microservice Architecture
 
API Management Within a Microservices Architecture
API Management Within a Microservices Architecture API Management Within a Microservices Architecture
API Management Within a Microservices Architecture
 
Api centric enterprises
Api centric enterprisesApi centric enterprises
Api centric enterprises
 
[OW2con'21] Hosting Identity in the Cloud with OW2 free softwares
[OW2con'21] Hosting Identity in the Cloud with OW2 free softwares[OW2con'21] Hosting Identity in the Cloud with OW2 free softwares
[OW2con'21] Hosting Identity in the Cloud with OW2 free softwares
 
DevSecOps: The Open Source Way
DevSecOps: The Open Source WayDevSecOps: The Open Source Way
DevSecOps: The Open Source Way
 
JIO and WebViewers: interoperability for Javascript and Web Applications
JIO and WebViewers: interoperability for Javascript and Web ApplicationsJIO and WebViewers: interoperability for Javascript and Web Applications
JIO and WebViewers: interoperability for Javascript and Web Applications
 
Programming for non tech entrepreneurs
Programming for non tech entrepreneursProgramming for non tech entrepreneurs
Programming for non tech entrepreneurs
 
[Workshop] API-driven Integration
[Workshop] API-driven Integration[Workshop] API-driven Integration
[Workshop] API-driven Integration
 
Oow2016 review--paas-microservices-
Oow2016 review--paas-microservices-Oow2016 review--paas-microservices-
Oow2016 review--paas-microservices-
 
Big Brother for Enterprises - The WSO2 Advantage
Big Brother for Enterprises - The WSO2 AdvantageBig Brother for Enterprises - The WSO2 Advantage
Big Brother for Enterprises - The WSO2 Advantage
 
Deep Visibility: Logging From Distributed Microservices
Deep Visibility: Logging From Distributed MicroservicesDeep Visibility: Logging From Distributed Microservices
Deep Visibility: Logging From Distributed Microservices
 
Not my problem - Delegating responsibility to infrastructure
Not my problem - Delegating responsibility to infrastructureNot my problem - Delegating responsibility to infrastructure
Not my problem - Delegating responsibility to infrastructure
 
Privileged Access Management
Privileged Access ManagementPrivileged Access Management
Privileged Access Management
 
I/O Frog: Not another Sigfox platform?
I/O Frog: Not another Sigfox platform?I/O Frog: Not another Sigfox platform?
I/O Frog: Not another Sigfox platform?
 

Plus de Francesco Chicchiriccò

Perché mai Tirasa? Career Day 2017 - UnivAQ
Perché mai Tirasa? Career Day 2017 - UnivAQPerché mai Tirasa? Career Day 2017 - UnivAQ
Perché mai Tirasa? Career Day 2017 - UnivAQFrancesco Chicchiriccò
 
DevOps practices and tools of a small company in love with open source
DevOps practices and tools of a small company in love with open sourceDevOps practices and tools of a small company in love with open source
DevOps practices and tools of a small company in love with open sourceFrancesco Chicchiriccò
 
Open source identity management 20121106 - apache con eu
Open source identity management 20121106 - apache con euOpen source identity management 20121106 - apache con eu
Open source identity management 20121106 - apache con euFrancesco Chicchiriccò
 
Apache Syncope Identity Manager 20120623 confsl
Apache Syncope Identity Manager 20120623 confslApache Syncope Identity Manager 20120623 confsl
Apache Syncope Identity Manager 20120623 confslFrancesco Chicchiriccò
 

Plus de Francesco Chicchiriccò (11)

Perché mai Tirasa? Career Day 2017 - UnivAQ
Perché mai Tirasa? Career Day 2017 - UnivAQPerché mai Tirasa? Career Day 2017 - UnivAQ
Perché mai Tirasa? Career Day 2017 - UnivAQ
 
DevOps practices and tools of a small company in love with open source
DevOps practices and tools of a small company in love with open sourceDevOps practices and tools of a small company in love with open source
DevOps practices and tools of a small company in love with open source
 
Open source identity management 20121106 - apache con eu
Open source identity management 20121106 - apache con euOpen source identity management 20121106 - apache con eu
Open source identity management 20121106 - apache con eu
 
Apache Syncope Identity Manager 20120623 confsl
Apache Syncope Identity Manager 20120623 confslApache Syncope Identity Manager 20120623 confsl
Apache Syncope Identity Manager 20120623 confsl
 
20100327 Triduo Pasquale
20100327 Triduo Pasquale20100327 Triduo Pasquale
20100327 Triduo Pasquale
 
Sviluppo DTT e Sofia
Sviluppo DTT e SofiaSviluppo DTT e Sofia
Sviluppo DTT e Sofia
 
Scrum: una metodologia agile
Scrum: una metodologia agileScrum: una metodologia agile
Scrum: una metodologia agile
 
Service Delivery Network
Service Delivery NetworkService Delivery Network
Service Delivery Network
 
Automatic Server Provisioning
Automatic Server ProvisioningAutomatic Server Provisioning
Automatic Server Provisioning
 
Workflow e dintorni
Workflow e dintorniWorkflow e dintorni
Workflow e dintorni
 
Hands On Cocoon
Hands On CocoonHands On Cocoon
Hands On Cocoon
 

Dernier

Pirangut | Call Girls Pune Phone No 8005736733 Elite Escort Service Available...
Pirangut | Call Girls Pune Phone No 8005736733 Elite Escort Service Available...Pirangut | Call Girls Pune Phone No 8005736733 Elite Escort Service Available...
Pirangut | Call Girls Pune Phone No 8005736733 Elite Escort Service Available...SUHANI PANDEY
 
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service AvailableCall Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service AvailableSeo
 
"Boost Your Digital Presence: Partner with a Leading SEO Agency"
"Boost Your Digital Presence: Partner with a Leading SEO Agency""Boost Your Digital Presence: Partner with a Leading SEO Agency"
"Boost Your Digital Presence: Partner with a Leading SEO Agency"growthgrids
 
在线制作约克大学毕业证(yu毕业证)在读证明认证可查
在线制作约克大学毕业证(yu毕业证)在读证明认证可查在线制作约克大学毕业证(yu毕业证)在读证明认证可查
在线制作约克大学毕业证(yu毕业证)在读证明认证可查ydyuyu
 
Al Barsha Night Partner +0567686026 Call Girls Dubai
Al Barsha Night Partner +0567686026 Call Girls DubaiAl Barsha Night Partner +0567686026 Call Girls Dubai
Al Barsha Night Partner +0567686026 Call Girls DubaiEscorts Call Girls
 
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...singhpriety023
 
➥🔝 7737669865 🔝▻ mehsana Call-girls in Women Seeking Men 🔝mehsana🔝 Escorts...
➥🔝 7737669865 🔝▻ mehsana Call-girls in Women Seeking Men 🔝mehsana🔝 Escorts...➥🔝 7737669865 🔝▻ mehsana Call-girls in Women Seeking Men 🔝mehsana🔝 Escorts...
➥🔝 7737669865 🔝▻ mehsana Call-girls in Women Seeking Men 🔝mehsana🔝 Escorts...nirzagarg
 
Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...
Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...
Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...SUHANI PANDEY
 
VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...
VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...
VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...SUHANI PANDEY
 
VIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 Bookingdharasingh5698
 
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdfMatthew Sinclair
 
Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...
Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...
Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...SUHANI PANDEY
 
𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...Neha Pandey
 
Trump Diapers Over Dems t shirts Sweatshirt
Trump Diapers Over Dems t shirts SweatshirtTrump Diapers Over Dems t shirts Sweatshirt
Trump Diapers Over Dems t shirts Sweatshirtrahman018755
 
Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...
Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...
Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...SUHANI PANDEY
 
APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53APNIC
 
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort Service
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort ServiceBusty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort Service
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort ServiceDelhi Call girls
 
Call Now ☎ 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.soniya singh
 

Dernier (20)

Pirangut | Call Girls Pune Phone No 8005736733 Elite Escort Service Available...
Pirangut | Call Girls Pune Phone No 8005736733 Elite Escort Service Available...Pirangut | Call Girls Pune Phone No 8005736733 Elite Escort Service Available...
Pirangut | Call Girls Pune Phone No 8005736733 Elite Escort Service Available...
 
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service AvailableCall Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
 
"Boost Your Digital Presence: Partner with a Leading SEO Agency"
"Boost Your Digital Presence: Partner with a Leading SEO Agency""Boost Your Digital Presence: Partner with a Leading SEO Agency"
"Boost Your Digital Presence: Partner with a Leading SEO Agency"
 
在线制作约克大学毕业证(yu毕业证)在读证明认证可查
在线制作约克大学毕业证(yu毕业证)在读证明认证可查在线制作约克大学毕业证(yu毕业证)在读证明认证可查
在线制作约克大学毕业证(yu毕业证)在读证明认证可查
 
Al Barsha Night Partner +0567686026 Call Girls Dubai
Al Barsha Night Partner +0567686026 Call Girls DubaiAl Barsha Night Partner +0567686026 Call Girls Dubai
Al Barsha Night Partner +0567686026 Call Girls Dubai
 
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
 
➥🔝 7737669865 🔝▻ mehsana Call-girls in Women Seeking Men 🔝mehsana🔝 Escorts...
➥🔝 7737669865 🔝▻ mehsana Call-girls in Women Seeking Men 🔝mehsana🔝 Escorts...➥🔝 7737669865 🔝▻ mehsana Call-girls in Women Seeking Men 🔝mehsana🔝 Escorts...
➥🔝 7737669865 🔝▻ mehsana Call-girls in Women Seeking Men 🔝mehsana🔝 Escorts...
 
Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...
Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...
Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...
 
VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...
VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...
VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...
 
VIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 Booking
 
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
 
Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...
Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...
Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...
 
Low Sexy Call Girls In Mohali 9053900678 🥵Have Save And Good Place 🥵
Low Sexy Call Girls In Mohali 9053900678 🥵Have Save And Good Place 🥵Low Sexy Call Girls In Mohali 9053900678 🥵Have Save And Good Place 🥵
Low Sexy Call Girls In Mohali 9053900678 🥵Have Save And Good Place 🥵
 
𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
 
valsad Escorts Service ☎️ 6378878445 ( Sakshi Sinha ) High Profile Call Girls...
valsad Escorts Service ☎️ 6378878445 ( Sakshi Sinha ) High Profile Call Girls...valsad Escorts Service ☎️ 6378878445 ( Sakshi Sinha ) High Profile Call Girls...
valsad Escorts Service ☎️ 6378878445 ( Sakshi Sinha ) High Profile Call Girls...
 
Trump Diapers Over Dems t shirts Sweatshirt
Trump Diapers Over Dems t shirts SweatshirtTrump Diapers Over Dems t shirts Sweatshirt
Trump Diapers Over Dems t shirts Sweatshirt
 
Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...
Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...
Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...
 
APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53
 
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort Service
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort ServiceBusty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort Service
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort Service
 
Call Now ☎ 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.
 

Apache Syncope and Tirasa

  • 1. OpenSource Identity Management with Apache Syncope Viale D'Annunzio, 267 - 65127 Pescara Partita IVA 01974100685 N. REA 143460 Tel +39 0859116307 / FAX +39 0859111173 http://www.tirasa.net info@tirasa.net
  • 2. Agenda ● Identity and Access Management ● Vendor Vs Open Source solutions ● Apache Syncope ● Tirasa: Apache Syncope Enterprise support
  • 3. What's IdM about? ● Data records that contains a collection of data about a person ● “Data record” → Account ● “A person” → Identity ● The joint effort of business process and IT to manage user data on systems and applications.
  • 4. IdM technologies ● Identity Stores ● Storage of user information ● Provisioning ● Synchronize account data across identity stores and a broad range of data formats, models, meanings and purposes ● Access Management ● Security mechanisms that take place when a user is accessing a specific system or functionality
  • 5. Identity Stores ● Examples ● LDAP / Active Directory ● RDBMS ● Meta and Virtual Directories ● Accounts can be created and managed in one place only ● Each application manages authentication separately ● Users may use the same password for all connected applications
  • 6. Aren't Identity Stores enough? ● Heterogeneity of systems ● Lack of a single source of information ● HR for corporate id, Groupware for mail address, ... ● Need for a local user database ● Inconsistent policies ● Lack of workflow management ● Hidden infrastructure management cost, growing with organization size
  • 7. Provisioning ● Keeping identity stores as synchronized as possible ● Need to be customizable and flexible ● Priority: non-intrusiveness ● Focused on application back-end ● Communication: ● Connectors ● Agents
  • 9. Access Management ● Mediator to all access to all applications ● Focused on application front-end ● Aspects ● Authentication (Single SignOn) ● Authorization ● Federation (SAML, Liberty, OAuth, OpenID, ...) ● Mainly applicable to web applications ● Difficult integration with pre-existing apps
  • 10. IdM in practice: before...
  • 11. IdM in practice: ...after!
  • 12. Vendor products ● Oracle (with addition of ex-Sun suite) ● Novell ● IBM (Tivoli) ● Microsoft (Forefront) ● Niche players ● Ping ● NetIQ ● SailPoint ● Quest (now Dell)
  • 13. Open Source non-ASF products Identity Stores Access Management Provisioning
  • 14. Open Source ASF projects ● Identity Stores ● Apache Directory ● Provisioning ● Apache Syncope ● Access Management ● Apache Shiro
  • 15. Apache Syncope ● Inception by Tirasa in 2010 ● Entered ASF incubator in February 2012 ● Graduated as TLP in November 2012 ● Active community ● 13 committers, 5 contributors ● ~130 mailing list subscribers, stable traffic
  • 16. Syncope: features ● Workflow-based provisioning engine of users and roles ● Account / Password policies ● Agentless connection with Identity Stores ● Auditing & Reporting ● Shining admin console ● Customizable and extensible by design
  • 19. Syncope and the external world
  • 20. Syncope: connectors ● Based on ConnId, hosted at GitHub, new home of Sun's Identity Connectors ● Ready-to-use bundles: ● LDAP ● Active Directory ● Database ● CSV Directory ● SOAP ● Google Apps ● UNIX ● Write your own bundle PPrroovviissiioonniinngg EEnnggiinnee AAPPII SSPPII Common Code Objects & Utils Using Connectors
  • 21. Syncope: roadmap ● Security realms (multi-tenant scenarios) ● SCIM interface ● Concurrent / Asynchronous communication with external resources ● Access Management features ● More at http://s.apache.org/SyncopeRoadmap
  • 23. ● Italian limited company established in 2011 ● Small, highly skilled staff ● Deliverying IAM solutions for Sun Microsystems for 10 years ● Instructors of IdM, Access Manager and Directory Server for Sun Microsystem's courses ● Creates and leverages Open Source tools for Enterprise Integration ● ConnId ● Hippo Cocoon Toolkit
  • 24. Syncope: enterprise services ● Product evaluation – Introductory workshop – Proof of Concept (PoC) ● Development support ● Production support ● Syncope Compliance Dashboard ● More at http://syncope.tirasa.net
  • 25. Syncope: trying it out ● Online http://syncopedemo.tirasa.net ● Virtual Machine image ● Ubuntu Juju / Microsoft Azure ● .deb packages ● Standalone distribution ● Quickstart projects on GitHub ● Maven Archetype