CIS14: PingAccess 101

•

5 j'aime•2,339 vues

John DaSilva, Ping Identity Scott Tomlinson, Ping Identity A detailed overview of PingAccess, giving you insight into Ping Identity’s next-generation web access management solution to solve your access management challenges.

Technologie

PINGACCESS 101
Scott Tomilson – Technical Product Manager
John DaSilva – Technical Training

Web Access Management
How did we get here …

Web Access Management – circa 2000
• Designed for Web applications
• Agent focused architectures
• Single Organization Focus
– Federation Standards support as “Add-on”
• API Protection for SOAP Web ServicesBuilt for 2000

PingAccess 101
a next generation mobile, web and API
access management solution

What can you do with PingAccess?
• Securely expose Web apps and APIs externally
• Ease OAuth integration with APIs
• Centralize URL level access control policies
• Centrally manage Web Sessions
• Audit access to everything

What Makes PingAccess Unique ?
Centralized
Web & API
Control
Lightweight
Open
Standards
Powerful
Migration
Strategies
Identity
Auditing

Front-end Security
•  Web
–  JWT Session Cookies
–  3rd Party WAM Tokens
•  API
–  OAuth 2.0 Access Tokens

Access Control
•  URL & Pattern associated policies
–  Application and Resource level
•  Available Rules
–  Authentication Requirements
–  Identity Attributes (RBAC & ABAC)
–  OAuth Token Scope
–  HTTP Request Information
–  Time of Day
–  IP Address
–  Scripting (Groovy)
–  Custom (Add-on SDK)

Confidential — do not distribute
•  HTTP Header Injection
•  Mutual TLS
•  HTTP Basic
•  OpenToken
•  3rd Party WAM Tokens
•  Custom (Add-on SDK)
Unparalleled Flexibility
Application Integration - Gateway
Copyright © 2014 Ping Identity Corp.All rights reserved. 16

Confidential — do not distribute
•  HTTP Header Injection
•  Web Server Agents
–  IIS
–  Apache
•  Open Agent Protocol
–  Enables partners &
customers
Lightweight & Focused
Application Integration - Agents
Copyright © 2014 Ping Identity Corp.All rights reserved. 17

Administration
Beautiful, design focused administration console

Administration
Backed by developer friendly REST APIs

•  Security Hardened
•  Performance Engineered
•  Built-in Clustering
•  Session Management that
scales securely
–  Client-side Tracking
–  Server-side Session
Revocation Lists
Production Ready
Resilient & Scalable

•  Heartbeat Endpoint
•  Complete Audit trail for:
–  Resource Access
–  Policy Enforcement
–  Administrative Actions
–  Splunk/DB/.log storage
•  Capacity Planning:
–  Response Time Metrics
–  Performance Guides
Options
Monitoring & Auditing

PingAccess – How we got here …
April ‘13 September ‘13 December ‘13 July ‘14
•  Limited Release
•  API Access Management
•  Policy Engine
•  ABAC / RBAC
•  OAuth Scopes
•  Request Info
•  IP Address
•  Time of Day
•  Groovy
•  OAuth Token Caching
•  Initial GA Release
•  Web Access Management
•  OpenID Connect RP
•  Token Mediation
•  Clustering Improvements
•  Performance Guides
•  App-scoped Web Session
•  Composite Site Authenticators
•  Policy Engine
•  Any/All Criteria
•  Authentication Selection
•  Step-up Authentication
•  Auditing & Monitoring
Improvements
•  Access Control Agents
•  IIS 8.x
•  Apache 2.2
•  Open Policy Protocol
•  Central Session Management
•  Single Log Out
•  Server-side Tracking
•  Add-on SDK
•  Administration
•  Application Modeling
•  Anonymous Resources
•  PingFederate Configuration
•  Config Backup
•  TLS SNI Support
•  Auditing/Logging
•  Response Time
3.0
2.1
2.0
1.0

THANK YOU!
Scott Tomilson – stomilson@pingidentity.com
John DaSilva – jdasilva@pingidentity.com

Contenu connexe

Tendances

[To download this complete presentation, visit: https://www.oeconsulting.com.sg/training-presentations] ISO/IEC 27001:2022 is the latest internationally-recognised standard for Information Security Management Systems (ISMS). An ISMS is a systematic approach to managing sensitive company information so that it remains secure. It provides a robust framework to protect information that can be adapted to all types and sizes of organization. Organizations that have significant exposure to information-security related risks are increasingly choosing to implement an ISMS that complies with ISO/IEC 27001. This ISMS awareness PPT presentation material is designed for organizations who are embarking on ISO/IEC 27001:2022 implementation and need to create awareness of information security among its employees. LEARNING OBJECTIVES 1. Acquire knowledge on the fundamentals of information security 2. Describe the ISO/IEC 27001:2022 structure 3. Understand the ISO/ IEC 27001:2022 implementation and certification process 4. Gather useful tips on handling an audit session

ISO/IEC 27001:2022 (Information Security Management Systems) Awareness Training

Operational Excellence Consulting

Most organizations have a siloed approach to compliance with environmental, safety, quality, community engagement and other departments managing their compliance issues separately. Increasing fines, penalties and criminal proceedings for non-compliance are driving organizations around the world to change their approach to compliance management. ISO recently introduced a unified compliance management system, 19600. This standard has not yet been widely adopted, but there is a clear trend to try and centralize compliance obligations. In this webinar, we discuss the best practices and guidelines for compliance management as described in the standard. You will learn: - the 7 elements that make up an effective compliance management system - Context of the organization, Leadership, Planning, Support, Operations, Performance Evaluation and Improvement - In-depth details of each of the 7 elements - Examples of how you can apply the recommendations at your organization Presenter - Jonathan Brun, CEO Nimonik

19600 compliance management system guidelines

Nimonik

Sox Compliance Presentation

Skye Rogers

Taking Control of Supplier Quality

Gerard Pearce

Procedure identification and traceability

William Laride

Ping Identity

Legal & Regulatory Compliance Audit Services

Piyush Bhandari

ISO 9001-2015 Structure 'with highlighting for documented information and risk'

Islam El khateeb

Security from the cloud is challenging traditional approaches. As organizations transition from perimeter-based security towards user-centric approaches, Security and Risk professionals are transitioning to cloud IAM services or IDaaS (Identity as a Service) to manage identities across cloud environments. By overcoming the limitations of legacy on-premises IAM solutions, organizations are accelerating SaaS adoption, increasing user productivity and recognizing greater returns on their cloud investments. View our slides for IAM overview and learn about: • Trends in cloud, and the standards to support them • State of Identity, Digital Trust, Authentication and Access • Directory Services and Federation • SSO (Desktop SSO, Web SSO, and Mobile SSO) • Automating Onboarding Practices, Provisioning and Deprovisioning Watch the on-demand webinar here: https://www.brighttalk.com/channel/12923/onelogin?utm_source=brighttalk

Identity Access Management 101

OneLogin

Qms & iatf presentation1

Krishna Kant Pandey

Qms kick off meeting ppt

ANUPAM RAY

Pengenalan Kepada ISO 9001:2015

ismail Latiff

Internal auditor 9001 day 1

Dr Madhu Aman Sharma

Identity Management

Venkatesh Jambulingam

Iso 9001 internal audit tips

Baptist Molai

Identity and Access Management Introduction

Aidy Tificate

QMS Awareness Session

Engr. Syed Noor Mustafa Shah

AIA – Insurer Innovation Award 2023

The Digital Insurer

GRC

Maryam Hidayatallah CPFA,MIPA,MA,CICA

ISO 9001:2015 Quality Management Principles

Karen Sharick

Tendances (20)

ISO/IEC 27001:2022 (Information Security Management Systems) Awareness Training

19600 compliance management system guidelines

Sox Compliance Presentation

Taking Control of Supplier Quality

Procedure identification and traceability

Ping Identity

Legal & Regulatory Compliance Audit Services

ISO 9001-2015 Structure 'with highlighting for documented information and risk'

Identity Access Management 101

Qms & iatf presentation1

Qms kick off meeting ppt

Pengenalan Kepada ISO 9001:2015

Internal auditor 9001 day 1

Identity Management

Iso 9001 internal audit tips

Identity and Access Management Introduction

QMS Awareness Session

AIA – Insurer Innovation Award 2023

GRC

ISO 9001:2015 Quality Management Principles

En vedette

CIS14: PingAccess in Action

CloudIDSummit

Web access management using o auth2 and saml – wam 2.0

Gluu

Cloud identity management meetup 150108

Morteza Ansari

OpenID Overview - Seoul July 2007

David Recordon

Web Access Management

Molly Knapp

Introduction to Research Methods

Molly Knapp

CIS 2015 Modernize IAM with UnboundID and Ping Identity - Terry Sigle & B. Al...

CloudIDSummit

OpenID vs OAuth - Identity on the Web

Richard Metzler

Access Management for Cloud and Mobile

ForgeRock

Jennifer Darwin, Senior Manager, Sallie Mae Jennifer Darwin will discuss how Sallie Mae used identity management to address its compliance and security challenges. This identity governance case study will discuss how Sallie Mae was able to address more than 3,000 security controls (including FISMA and FFIEC regulations), while simultaneously eliminating critical security vulnerabilities associated with user access privileges, including SoD policy violations, entitlement creep and orphan accounts. She will also provide best practices to help companies achieve the same results.

CIS13: How IAM Improved Sallie Mae's Compliance and Risk Posture

CloudIDSummit

With the changing nature of the healthcare industry, OptumIT had to re-define itself to meet the new challenges facing UnitedHealth Group as well as the healthcare industry in general. With a catalog of healthcare related applications and state of the art datacenters, UHG decided to become the cloud of healthcare services. Offering all of its back-end services as commercialized products brought to the forefront the business need to understand and embrace Identity and Access Management. APIs, Identity, and analytics are the new normal. Gone are the days of trying to sell the value of web access management to the business, today we work with the business to create an Identity Provider framework to protect and facilitate UHG not moving to the cloud, but becoming the cloud for healthcare services.

CIS 2015-API's & Identity: Enabling the Business to Become the Cloud- Carlos ...

CloudIDSummit

Kuali Identity Management - Introduction And Implementation Options

Eric Westfall

CIS14: Identity Souffle: Creating a Well-baked Identity Lifecycle

CloudIDSummit

CIS 2015 Practical Deployments Enterprise Cloud Access Management Platform - ...

CloudIDSummit

CIS 2015 Virtual Identity: The Vision, Challenges and Experiences in Driving ...

CloudIDSummit

Modern identity management platforms must be agile and secure enough to respond to demanding business timelines. As a result, many organizations are seeking cloud-based approaches to digital security and need offerings that are optimized for environments including Cloud Foundry, Azure, GCE, AWS and OpenStack. Your dev-ops strategy could be the difference between hitting or missing business-critical deadlines. In this webinar, learn how we are enhancing the ForgeRock Identity Platform to enable developers to use container-oriented technologies such as Kubernetes and Docker to accelerate deployment.

DevOps Unleashed: Strategies that Speed Deployments

ForgeRock

OpenID Bootcamp Tutorial

David Recordon

SSO Strategy Implementation Considerations

John Bauer

The 21st century mission is dependent on providing secure and agile access to information across an increasing range of stakeholders, both internal and external to your agency. This comes amidst evolving IT missions, budget challenges, a complete IT compliance landscape and an increased need for rapidly deployable and flexible solutions. This webinar explores integrated identity management solutions and real life use case examples. Presented By • Stephanie McVitty - Account Manager, Compsec • Paul Grassi - Vice President of Federal Programs, Sila Solutions Group • Jim Rice - Vice President of Federal, Layer 7 • Dieter Schuller - VP of Sales, Radiant Logic • Phil McQuitty - Director of Systems Engineering, Sailpoint • Gerry Gebel - President, Axiomatics Americas

Identity Management for the 21st Century IT Mission

CA API Management

The New Governance - Scott Morrison CTO Layer 7 Technologies

CA API Management

En vedette (20)

CIS14: PingAccess in Action

Web access management using o auth2 and saml – wam 2.0

Cloud identity management meetup 150108

OpenID Overview - Seoul July 2007

Web Access Management

Introduction to Research Methods

CIS 2015 Modernize IAM with UnboundID and Ping Identity - Terry Sigle & B. Al...

OpenID vs OAuth - Identity on the Web

Access Management for Cloud and Mobile

CIS13: How IAM Improved Sallie Mae's Compliance and Risk Posture

CIS 2015-API's & Identity: Enabling the Business to Become the Cloud- Carlos ...

Kuali Identity Management - Introduction And Implementation Options

CIS14: Identity Souffle: Creating a Well-baked Identity Lifecycle

CIS 2015 Practical Deployments Enterprise Cloud Access Management Platform - ...

CIS 2015 Virtual Identity: The Vision, Challenges and Experiences in Driving ...

DevOps Unleashed: Strategies that Speed Deployments

OpenID Bootcamp Tutorial

SSO Strategy Implementation Considerations

Identity Management for the 21st Century IT Mission

The New Governance - Scott Morrison CTO Layer 7 Technologies

Similaire à CIS14: PingAccess 101

Kevin Jones, Global Consulting Engineer from NGINX San Francisco, preseentation about how to accelerate your journey to microservices with a modernised full API lifecycle management solution. Learn how to cut costs, improve performance, and reduce load on API endpoints. This presentation, covers: All elements of full lifecycle management including API creation, securing your backend infrastructure, managing traffic, and ongoing monitoring. Innovative architecture that doesn't involve additional microgateways to process API calls Differentiated pricing model that does not penalize API adoption

APIs: Intelligent Routing, Security, & Management

NGINX, Inc.

Transforming Your Business Through APIs

Apigee | Google Cloud

Extend soa with api management spoug- Madrid

Vinay Kumar

Global Azure 2022 - Architecting Modern Serverless APIs with Azure Functions ...

Callon Campbell

Architecting Mobile Solutions Using Microsoft Azure and Akana

Akana

Extend soa with api management Doag18

Vinay Kumar

Fidelity Brokerage Technologies (FBT) operates a high volume 24X7 brokerage delivery platform, noted in the industry for its availability and uptime during extremely turbulent times in the market. FBT has integrated its delivery channels over a multi-tier SOA delivery model via SOAP and legacy mainframe interfaces using proprietary and open architectures. This session will discuss FBT’s objectives to evolve is proprietary delivery system to a Brokerage as a Service (BaaS) platform by leveraging the WSO2 integration platform and other products in the middleware stack.

WSO2Con USA 2017: Brokerage as a Service (BaaS), Transforming Fidelity Broker...

WSO2

Inomera API Management Platform

Ahmet Başaran

API Management and Integrated SOA Governance

Sumanth Chinthagunta

CIS14: Early Peek at PingFederate Administrative REST API

CloudIDSummit

Oow2016 review--paas-microservices-

Getting value from IoT, Integration and Data Analytics

Day 1 axway apim-training

Nextel Telecomunicações

APIConnect Security Best Practice

Shiu-Fun Poon

WebCenter Content 11g Upgrade Webinar - March 2013

Fishbowl Solutions

API Economy, Realizing the Business Value of APIs

ColdFusionConference

Guide to an API-first Strategy

Kellton Tech Solutions Ltd

[Workshop] API-driven Integration

WSO2

Service Oriented Architectures (SOA) Monitoring and Management with HP OpenVi...

Stefan Bergstein

Financial institutions are increasingly partnering with technology firms to leverage application program interfaces (APIs) to drive digital transformation initiatives that accelerate client acquisition and retention through “Positive Customer Experiences”. WSO2, in partnership with Exzatech Consulting & Services, developed a slew of applications for Karnataka Bank in Bengaluru, India, that helped transform multiple core banking processes, such as customer onboarding, account servicing, and rapid loan request fulfillment. The solution, which is powered by WSO2’s API management and enterprise integration technologies, seamlessly bridges systems while paving the digital path to a connected financial ecosystem. This deck covers: - Technical challenges faced and how they were addressed - Subsequent growth strategy - Future expansion plans It also covers some of the many benefits such as: - Reduced operating costs by using open-source technology solutions - Enhanced customer trust built through multi-channel communication - Shortened delivery time for client services - Improved compliance and reduced risk exposure Watch the webinar on-demand here: https://wso2.com/library/webinars/digital-transformation-for-karnataka-bank-through-api-led-integration/

Digital Transformation for Karnataka Bank Through API-led Integration

WSO2

Introducing WSO2 API Manager for Mobile Applications and Rapid Integration

WSO2

Similaire à CIS14: PingAccess 101 (20)

APIs: Intelligent Routing, Security, & Management

Transforming Your Business Through APIs

Extend soa with api management spoug- Madrid

Global Azure 2022 - Architecting Modern Serverless APIs with Azure Functions ...

Architecting Mobile Solutions Using Microsoft Azure and Akana

Extend soa with api management Doag18

WSO2Con USA 2017: Brokerage as a Service (BaaS), Transforming Fidelity Broker...

Inomera API Management Platform

API Management and Integrated SOA Governance

CIS14: Early Peek at PingFederate Administrative REST API

Oow2016 review--paas-microservices-

Day 1 axway apim-training

APIConnect Security Best Practice

WebCenter Content 11g Upgrade Webinar - March 2013

API Economy, Realizing the Business Value of APIs

Guide to an API-first Strategy

[Workshop] API-driven Integration

Service Oriented Architectures (SOA) Monitoring and Management with HP OpenVi...

Digital Transformation for Karnataka Bank Through API-led Integration

Introducing WSO2 API Manager for Mobile Applications and Rapid Integration

Plus de CloudIDSummit

CIS 2016 Content Highlights

CloudIDSummit

The Cloud Identity Summit was founded by Ping Identity with support from industry leaders in 2010 to bring together the brightest minds across the identity and security industry. Today the event is recognized as the world’s premier identity industry conference and includes tracks from industry thought leaders, CIOs and practitioners. Cloud Identity Summit serves as a multi-year roadmap to deploy solutions that are here today but built for the future. For more info, go to www.cloudidentitysummit.com. Be apart of the convo on Twitter: @CloudIDSummit + #CISNOLA

Top 6 Reasons You Should Attend Cloud Identity Summit 2016

CloudIDSummit

CIS 2015 Security Without Borders: Taming the Cloud and Mobile Frontier - And...

CloudIDSummit

Mobile security, identity & authentication reasons for optimism 20150607 v2

CloudIDSummit

In an ever interconnected and inter-reliant world, the state of security has been a cause for deep pessimism. In the midst of all the gloom, there is good cause for optimism. With some fits and starts, the building blocks for transforming mobile security are taking shape at every level from the processor, to the chipset to special purpose hardware to operating systems and protocols that address use cases from device integrity to user authentication to payments. How do we think about security, privacy, identity and authentication in this world? This talk will provide a rapid overview of some selected building blocks and some practical examples that are now deployed at scale to illustrate the coming wave and how you as a practitioner or customer can participate and position yourself for maximum benefit.

CIS 2015 Mobile Security, Identity & Authentication: Reasons for Optimism - R...

CloudIDSummit

Does anybody remember seeing a big red button with the word “PANICK!” written on it? I know it was around here somewhere. Also, there’s all these cats running pell-mell around the place, can someone give me a hand in herding them? In this real-world case study, come and learn how a Fortune 100 with a diverse and extremely mobile work-force was able to turn up strong authentication protections for our critical cloud resources, and how the IT department lived to tell the tale. You’ll hear about the technical implementation of strong authentication enforcement, and how we made key design decisions in the ongoing balancing act between security and user experience, and how we managed up-and-down the chain from executive stakeholders to the boots-on-the-ground who were being asked to join us on this new security adventure.

CIS 2015 Deploying Strong Authentication to a Global Enterprise: A Comedy in ...

CloudIDSummit

CIS 2015 Without Great Security, Digital Identity is Not Worth the Electrons ...

CloudIDSummit

You'll laugh, you'll cry, and you might even pick up a useful nugget or two listening to a real-world enterprise IT architect share the experiences of the past year trying to support his business migrating to cloud services, and sharing the lessons learned from trying to integrate 2 hybrid enterprises into a single, streamlined company. You'll hear where the cloud came through for us, and how we often had to fall back to on-prem services such as FIM, Ping Federate, and ADFS to make the glue which binds it all together.

CIS 2015 Mergers & Acquisitions in a Cloud Enabled World - Brian Puhl

CloudIDSummit

CIS 2015 IoT and IDM in your Mobile Enterprise - Brian Katz

CloudIDSummit

The IAM program needs to align behind the shift towards ITaaS, building the platform for execution and supporting transformation and migration activities. CIOs should keep informed through a relevant IAM capability roadmap in order to make calculated decisions on where investments should be made. Ongoing investments in the IAM program are crucial in order to fill capability gaps, keep up-to-date with support and license agreements and make opportunistic progress on the strategic roadmap. In this talk, Steve discusses recent experiences and lessons learned in preparing for and pitching VMware’s CIO on enterprise IAM program initiatives.

CIS 2015 What I Learned From Pitching IAM To My CIO - Steve Tout

CloudIDSummit

Companies and researchers are exploring ways to make software and hardware development easier for the masses. Soon you will be able to build your own autonomous drone, create a sensor that assess the watering needs of your plants, and develop a cat tracking device with minimal coding and hardware skills. What is the place of security and privacy in this exciting development? Are we building the next generation of Internet security vulnerabilities right now? In his talk Hannes Tschofenig will highlight challenges with Internet of Things, what role standardization plays, and what contributions ARM, a provider of microprocessor IP, is making to improve IoT security.

CIS 2015 How to secure the Internet of Things? Hannes Tschofenig

CloudIDSummit

The IDaaS (identity as a service) market segment continues to grow in popularity, and the scope of its vendor's capabilities continue to grow as well. It's still not a match for everyone, however. Join identity architect Sean Deuby for an overview of the most popular IDaaS deployment scenarios, scenarios where IDaaS has a tougher time meeting customer requirements, and whether your company is likely to find its perfect IDaaS mate.

CIS 2015 The IDaaS Dating Game - Sean Deuby

CloudIDSummit

CIS 2015 SSO for Mobile and Web Apps Ashish Jain

CloudIDSummit

The Industrial Internet, the Identity of Everything and the Industrial Enterp...

CloudIDSummit

CIS 2015 SAML-IN / SAML-OUT - Scott Tomilson & John Dasilva

CloudIDSummit

Centralized session management has long been a goal of Web Access Management systems: the idea that one session can give end users access to dozens of protected applications with a seamless SSO experience, and terminating it (either by the end user themselves, or by an administrator) cuts off access instantly. It’s a nice dream isn’t it? Turns out that while most WAM products claim they can do this, when deployment time comes around (especially in globally distributed organizations) serious security and scalability challenges emerge that make it unfeasible. In this “session”, come and learn our vision for deploying session management at scale and see how Ping Identity has implemented it in our Federated Access Management solution.

CIS 2015 Session Management at Scale - Scott Tomilson & Jamshid Khosravian

CloudIDSummit

Are you asking yourself how do I take my inhouse application and make it available to internal users, partners or customers using SSO and access management technologies? Oh, and you don't want it to be a 6 month project? No problem. Come and find out how to leverage your existing investments and move to modern standards like OpenID Connect, without having to rip and replace infrastructure. Learn the capabilities and tradeoffs you can make to deploy the right level of identity and access management infrastructure to match your security needs.

CIS 2015 So you want to SSO … Scott Tomilson & John Dasilva

CloudIDSummit

Devices need owners, people need confidence in device authenticity, data needs to persist in systems long after devices change hands, and access needs to be authorized selectively. That's a lot to ask; even if emerging web identity and security technologies are simpler than the models of yesteryear, IoT devices have complicating limitations when it comes to processing power, memory, user interface, and connectivity. But many use cases span web and IoT environments, so we must try! What are the specific requirements? What elements of web technologies can we borrow outright? What elements may need tweaking?

CIS 2015 Identity Relationship Management in the Internet of Things

CloudIDSummit

We're all more conscious than we were 2 years ago, about how much data is collected about us, and how revealing it can be. The commercial and government direction of travel is clear: more data, more mining, more monetization. And if personal data fuels the information economy, who'd want to stop that? But can we get the economic benefits, without selling our digital souls in the process? - Is there a data equivalent to the ""polluter pays"" principle? And if not, is there an alternative? - Ethical data handling sounds great in principle, but can it be practical? - How can organizations put ethical data handling into practice?

CIS 2015 The Ethics of Personal Data - Robin Wilton

CloudIDSummit

CIS 2015 What’s next? Discovery, Dynamic Registration, Mobile Connect and mor...

CloudIDSummit

Plus de CloudIDSummit (20)

CIS 2016 Content Highlights

Top 6 Reasons You Should Attend Cloud Identity Summit 2016

CIS 2015 Security Without Borders: Taming the Cloud and Mobile Frontier - And...

Mobile security, identity & authentication reasons for optimism 20150607 v2

CIS 2015 Mobile Security, Identity & Authentication: Reasons for Optimism - R...

CIS 2015 Deploying Strong Authentication to a Global Enterprise: A Comedy in ...

CIS 2015 Without Great Security, Digital Identity is Not Worth the Electrons ...

CIS 2015 Mergers & Acquisitions in a Cloud Enabled World - Brian Puhl

CIS 2015 IoT and IDM in your Mobile Enterprise - Brian Katz

CIS 2015 What I Learned From Pitching IAM To My CIO - Steve Tout

CIS 2015 How to secure the Internet of Things? Hannes Tschofenig

CIS 2015 The IDaaS Dating Game - Sean Deuby

CIS 2015 SSO for Mobile and Web Apps Ashish Jain

The Industrial Internet, the Identity of Everything and the Industrial Enterp...

CIS 2015 SAML-IN / SAML-OUT - Scott Tomilson & John Dasilva

CIS 2015 Session Management at Scale - Scott Tomilson & Jamshid Khosravian

CIS 2015 So you want to SSO … Scott Tomilson & John Dasilva

CIS 2015 Identity Relationship Management in the Internet of Things

CIS 2015 The Ethics of Personal Data - Robin Wilton

CIS 2015 What’s next? Discovery, Dynamic Registration, Mobile Connect and mor...

Dernier

Understanding the FAA Part 107 License ..

Christopher Logan Kennedy

The Good, the Bad and the Governed - Why is governance a dirty word? David O'Neill, Chief Operating Officer - APIContext Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...

apidays

FWD Group - Insurer Innovation Award 2024

The Digital Insurer

Elevate Developer Efficiency & build GenAI Application with Amazon Q

Bhuvaneswari Subramani

AWS Community Day CPH - Three problems of Terraform

Andrey Devyatkin

Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...

Zilliz

Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood

Juan lago vázquez

Dubai, often portrayed as a shimmering oasis in the desert, faces its own set of challenges, including the occasional threat of flooding. Despite its reputation for opulence and modernity, the emirate is not immune to the forces of nature. In recent years, Dubai has experienced sporadic but significant floods, testing the resilience of its infrastructure and communities. Among the critical lifelines in this bustling metropolis is the Dubai International Airport, a bustling hub that connects the city to the world. This article explores the intersection of Dubai flood events and the resilience demonstrated by the Dubai International Airport in the face of such challenges.

Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...

Orbitshub

Angeliki Cooney has spent over twenty years at the forefront of the life sciences industry, working out of Wynantskill, NY. She is highly regarded for her dedication to advancing the development and accessibility of innovative treatments for chronic diseases, rare disorders, and cancer. Her professional journey has centered on strategic consulting for biopharmaceutical companies, facilitating digital transformation, enhancing omnichannel engagement, and refining strategic commercial practices. Angeliki's innovative contributions include pioneering several software-as-a-service (SaaS) products for the life sciences sector, earning her three patents. As the Senior Vice President of Life Sciences at Avenga, Angeliki orchestrated the firm's strategic entry into the U.S. market. Avenga, a renowned digital engineering and consulting firm, partners with significant entities in the pharmaceutical and biotechnology fields. Her leadership was instrumental in expanding Avenga's client base and establishing its presence in the competitive U.S. market.

Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...

Angeliki Cooney

presentation ICT roal in 21st century education

jfdjdjcjdnsjd

💥 You’re lucky! We’ve found two different (lead) developers that are willing to share their valuable lessons learned about using UiPath Document Understanding! Based on recent implementations in appealing use cases at Partou and SPIE. Don’t expect fancy videos or slide decks, but real and practical experiences that will help you with your own implementations. 📕 Topics that will be addressed: • Training the ML-model by humans: do or don't? • Rule-based versus AI extractors • Tips for finding use cases • How to start 👨‍🏫👨‍💻 Speakers: o Dion Morskieft, RPA Product Owner @Partou o Jack Klein-Schiphorst, Automation Developer @Tacstone Technology

DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam

UiPathCommunity

Strategies for Landing an Oracle DBA Job as a Fresher

Remote DBA Services

Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving

Edi Saputra

Effective data discovery is crucial for maintaining compliance and mitigating risks in today's rapidly evolving privacy landscape. However, traditional manual approaches often struggle to keep pace with the growing volume and complexity of data. Join us for an insightful webinar where industry leaders from TrustArc and Privya will share their expertise on leveraging AI-powered solutions to revolutionize data discovery. You'll learn how to: - Effortlessly maintain a comprehensive, up-to-date data inventory - Harness code scanning insights to gain complete visibility into data flows leveraging the advantages of code scanning over DB scanning - Simplify compliance by leveraging Privya's integration with TrustArc - Implement proven strategies to mitigate third-party risks Our panel of experts will discuss real-world case studies and share practical strategies for overcoming common data discovery challenges. They'll also explore the latest trends and innovations in AI-driven data management, and how these technologies can help organizations stay ahead of the curve in an ever-changing privacy landscape.

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery

TrustArc

Vector Search -An Introduction in Oracle Database 23ai.pptx

Remote DBA Services

Whatsapp Number Escorts Call girls 8617370543 Available 24x7 Mcleodganj Call Girls Service Offer Genuine VIP Model Escorts Call Girls in Your Budget. Mcleodganj Call Girls Service Provide Real Call Girls Number. Make Your Sexual Pleasure Memorable with Our Mcleodganj Call Girls at Affordable Price. Top VIP Escorts Call Girls, High Profile Independent Escorts Call Girls, Housewife Women Escorts Call Girl, College Girls Escorts Call Girls, Russian Escorts Call girls Service in Your Budget.

Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model

Deepika Singh

Following the popularity of "Cloud Revolution: Exploring the New Wave of Serverless Spatial Data," we're thrilled to announce this much-anticipated encore webinar. In this sequel, we'll dive deeper into the Cloud-Native realm by uncovering practical applications and FME support for these new formats, including COGs, COPC, FlatGeoBuf, GeoParquet, STAC, and ZARR. Building on the foundation laid by industry leaders Michelle Roby of Radiant Earth and Chris Holmes of Planet in the first webinar, this second part offers an in-depth look at the real-world application and behind-the-scenes dynamics of these cutting-edge formats. We will spotlight specific use-cases and workflows, showcasing their efficiency and relevance in practical scenarios. Discover the vast possibilities each format holds, highlighted through detailed discussions and demonstrations. Our expert speakers will dissect the key aspects and provide critical takeaways for effective use, ensuring attendees leave with a thorough understanding of how to apply these formats in their own projects. Elevate your understanding of how FME supports these cutting-edge technologies, enhancing your ability to manage, share, and analyze spatial data. Whether you're building on knowledge from our initial session or are new to the serverless spatial data landscape, this webinar is your gateway to mastering cloud-native formats in your workflows.

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME

Safe Software

Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows. We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases. This video focuses on the deployment of external web forms using Jotform for Bonterra Impact Management. This solution can be customized to your organization’s needs and deployed to support the common use cases below: - Intake and consent - Assessments - Surveys - Applications - Program registration Interested in deploying web form automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.

Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...

Jeffrey Haguewood

Corporate and higher education. Two industries that, in the past, have had a clear divide with very little crossover. The difference in goals, learning styles and objectives paved the way for differing learning technologies platforms to evolve. Now, those stark lines are blurring as both sides are discovering they have content that’s relevant to the other. Join Tammy Rutherford as she walks through the pros and cons of corporate and higher ed collaborating. And the challenges of these different technology platforms working together for a brighter future.

Corporate and higher education May webinar.pptx

Rustici Software

💉💊+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHABI}}+971581248768 +971581248768 Mtp-Kit (500MG) Prices » Dubai [(+971581248768**)] Abortion Pills For Sale In Dubai, UAE, Mifepristone and Misoprostol Tablets Available In Dubai, UAE CONTACT DR.Maya Whatsapp +971581248768 We Have Abortion Pills / Cytotec Tablets /Mifegest Kit Available in Dubai, Sharjah, Abudhabi, Ajman, Alain, Fujairah, Ras Al Khaimah, Umm Al Quwain, UAE, Buy cytotec in Dubai +971581248768''''Abortion Pills near me DUBAI | ABU DHABI|UAE. Price of Misoprostol, Cytotec” +971581248768' Dr.DEEM ''BUY ABORTION PILLS MIFEGEST KIT, MISOPROTONE, CYTOTEC PILLS IN DUBAI, ABU DHABI,UAE'' Contact me now via What's App…… abortion Pills Cytotec also available Oman Qatar Doha Saudi Arabia Bahrain Above all, Cytotec Abortion Pills are Available In Dubai / UAE, you will be very happy to do abortion in Dubai we are providing cytotec 200mg abortion pill in Dubai, UAE. Medication abortion offers an alternative to Surgical Abortion for women in the early weeks of pregnancy. We only offer abortion pills from 1 week-6 Months. We then advise you to use surgery if its beyond 6 months. Our Abu Dhabi, Ajman, Al Ain, Dubai, Fujairah, Ras Al Khaimah (RAK), Sharjah, Umm Al Quwain (UAQ) United Arab Emirates Abortion Clinic provides the safest and most advanced techniques for providing non-surgical, medical and surgical abortion methods for early through late second trimester, including the Abortion By Pill Procedure (RU 486, Mifeprex, Mifepristone, early options French Abortion Pill), Tamoxifen, Methotrexate and Cytotec (Misoprostol). The Abu Dhabi, United Arab Emirates Abortion Clinic performs Same Day Abortion Procedure using medications that are taken on the first day of the office visit and will cause the abortion to occur generally within 4 to 6 hours (as early as 30 minutes) for patients who are 3 to 12 weeks pregnant. When Mifepristone and Misoprostol are used, 50% of patients complete in 4 to 6 hours; 75% to 80% in 12 hours; and 90% in 24 hours. We use a regimen that allows for completion without the need for surgery 99% of the time. All advanced second trimester and late term pregnancies at our Tampa clinic (17 to 24 weeks or greater) can be completed within 24 hours or less 99% of the time without the need surgery. The procedure is completed with minimal to no complications. Our Women's Health Center located in Abu Dhabi, United Arab Emirates, uses the latest medications for medical abortions (RU-486, Mifeprex, Mifegyne, Mifepristone, early options French abortion pill), Methotrexate and Cytotec (Misoprostol). The safety standards of our Abu Dhabi, United Arab Emirates Abortion Doctors remain unparalleled. They consistently maintain the lowest complication rates throughout the nation. Our Physicians and staff are always available to answer questions and care for women in one of the most difficult times in their lives. The decision to have an abortion at the Abortion Cl

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...

?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@

Dernier (20)

Understanding the FAA Part 107 License ..

Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...

FWD Group - Insurer Innovation Award 2024

Elevate Developer Efficiency & build GenAI Application with Amazon Q

AWS Community Day CPH - Three problems of Terraform

Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...

Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood

Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...

Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...

presentation ICT roal in 21st century education

DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam

Strategies for Landing an Oracle DBA Job as a Fresher

Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery

Vector Search -An Introduction in Oracle Database 23ai.pptx

Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME

Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...

Corporate and higher education May webinar.pptx

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...

CIS14: PingAccess 101

1. PINGACCESS 101 Scott Tomilson – Technical Product Manager John DaSilva – Technical Training

2. Web Access Management How did we get here …

7. Web Access Management – circa 2000 • Designed for Web applications • Agent focused architectures • Single Organization Focus – Federation Standards support as “Add-on” • API Protection for SOAP Web ServicesBuilt for 2000

9. PingAccess 101 a next generation mobile, web and API access management solution

10. What can you do with PingAccess? • Securely expose Web apps and APIs externally • Ease OAuth integration with APIs • Centralize URL level access control policies • Centrally manage Web Sessions • Audit access to everything

11. What Makes PingAccess Unique ? Centralized Web & API Control Lightweight Open Standards Powerful Migration Strategies Identity Auditing

12. PingAccess 101

13. PingAccess 101 – Architecture

14. Front-end Security •  Web –  JWT Session Cookies –  3rd Party WAM Tokens •  API –  OAuth 2.0 Access Tokens

15. Access Control •  URL & Pattern associated policies –  Application and Resource level •  Available Rules –  Authentication Requirements –  Identity Attributes (RBAC & ABAC) –  OAuth Token Scope –  HTTP Request Information –  Time of Day –  IP Address –  Scripting (Groovy) –  Custom (Add-on SDK)

16. Confidential — do not distribute •  HTTP Header Injection •  Mutual TLS •  HTTP Basic •  OpenToken •  3rd Party WAM Tokens •  Custom (Add-on SDK) Unparalleled Flexibility Application Integration - Gateway Copyright © 2014 Ping Identity Corp.All rights reserved. 16

17. Confidential — do not distribute •  HTTP Header Injection •  Web Server Agents –  IIS –  Apache •  Open Agent Protocol –  Enables partners & customers Lightweight & Focused Application Integration - Agents Copyright © 2014 Ping Identity Corp.All rights reserved. 17

18. Administration Beautiful, design focused administration console

19. Administration Backed by developer friendly REST APIs

20. •  Security Hardened •  Performance Engineered •  Built-in Clustering •  Session Management that scales securely –  Client-side Tracking –  Server-side Session Revocation Lists Production Ready Resilient & Scalable

21. •  Heartbeat Endpoint •  Complete Audit trail for: –  Resource Access –  Policy Enforcement –  Administrative Actions –  Splunk/DB/.log storage •  Capacity Planning: –  Response Time Metrics –  Performance Guides Options Monitoring & Auditing

22. PingAccess – How we got here … April ‘13 September ‘13 December ‘13 July ‘14 •  Limited Release •  API Access Management •  Policy Engine •  ABAC / RBAC •  OAuth Scopes •  Request Info •  IP Address •  Time of Day •  Groovy •  OAuth Token Caching •  Initial GA Release •  Web Access Management •  OpenID Connect RP •  Token Mediation •  Clustering Improvements •  Performance Guides •  App-scoped Web Session •  Composite Site Authenticators •  Policy Engine •  Any/All Criteria •  Authentication Selection •  Step-up Authentication •  Auditing & Monitoring Improvements •  Access Control Agents •  IIS 8.x •  Apache 2.2 •  Open Policy Protocol •  Central Session Management •  Single Log Out •  Server-side Tracking •  Add-on SDK •  Administration •  Application Modeling •  Anonymous Resources •  PingFederate Configuration •  Config Backup •  TLS SNI Support •  Auditing/Logging •  Response Time 3.0 2.1 2.0 1.0

23. THANK YOU! Scott Tomilson – stomilson@pingidentity.com John DaSilva – jdasilva@pingidentity.com

CIS14: PingAccess 101

Recommandé

Recommandé

Contenu connexe

Tendances

Tendances (20)

En vedette

En vedette (20)

Similaire à CIS14: PingAccess 101

Similaire à CIS14: PingAccess 101 (20)

Plus de CloudIDSummit

Plus de CloudIDSummit (20)

Dernier

Dernier (20)

CIS14: PingAccess 101