SlideShare une entreprise Scribd logo

Apache Syncope and Tirasa

Télécharger en tant que ODP, PDF
Francesco Chicchiriccò
Francesco Chicchiriccò
Internet
1  sur  26
OpenSource Identity Management with Apache Syncope Viale D'Annunzio, 267 - 65127 Pescara Partita IVA 01974100685 N. REA 143460 Tel +39 0859116307 / FAX +39 0859111173 http://www.tirasa.net info@tirasa.net
Agenda ● Identity and Access Management ● Vendor Vs Open Source solutions ● Apache Syncope ● Tirasa: Apache Syncope Enterprise support
What's IdM about? ● Data records that contains a collection of data about a person ● “Data record” → Account ● “A person” → Identity ● The joint effort of business process and IT to manage user data on systems and applications.
IdM technologies ● Identity Stores ● Storage of user information ● Provisioning ● Synchronize account data across identity stores and a broad range of data formats, models, meanings and purposes ● Access Management ● Security mechanisms that take place when a user is accessing a specific system or functionality
Identity Stores ● Examples ● LDAP / Active Directory ● RDBMS ● Meta and Virtual Directories ● Accounts can be created and managed in one place only ● Each application manages authentication separately ● Users may use the same password for all connected applications
Aren't Identity Stores enough? ● Heterogeneity of systems ● Lack of a single source of information ● HR for corporate id, Groupware for mail address, ... ● Need for a local user database ● Inconsistent policies ● Lack of workflow management ● Hidden infrastructure management cost, growing with organization size
Provisioning ● Keeping identity stores as synchronized as possible ● Need to be customizable and flexible ● Priority: non-intrusiveness ● Focused on application back-end ● Communication: ● Connectors ● Agents
Identity Lifecycle
Access Management ● Mediator to all access to all applications ● Focused on application front-end ● Aspects ● Authentication (Single SignOn) ● Authorization ● Federation (SAML, Liberty, OAuth, OpenID, ...) ● Mainly applicable to web applications ● Difficult integration with pre-existing apps
IdM in practice: before...
IdM in practice: ...after!
Vendor products ● Oracle (with addition of ex-Sun suite) ● Novell ● IBM (Tivoli) ● Microsoft (Forefront) ● Niche players ● Ping ● NetIQ ● SailPoint ● Quest (now Dell)
Open Source non-ASF products Identity Stores Access Management Provisioning
Open Source ASF projects ● Identity Stores ● Apache Directory ● Provisioning ● Apache Syncope ● Access Management ● Apache Shiro
Apache Syncope ● Inception by Tirasa in 2010 ● Entered ASF incubator in February 2012 ● Graduated as TLP in November 2012 ● Active community ● 13 committers, 5 contributors ● ~130 mailing list subscribers, stable traffic
Syncope: features ● Workflow-based provisioning engine of users and roles ● Account / Password policies ● Agentless connection with Identity Stores ● Auditing & Reporting ● Shining admin console ● Customizable and extensible by design
Syncope: architecture
Syncope: mapping
Syncope and the external world
Syncope: connectors ● Based on ConnId, hosted at GitHub, new home of Sun's Identity Connectors ● Ready-to-use bundles: ● LDAP ● Active Directory ● Database ● CSV Directory ● SOAP ● Google Apps ● UNIX ● Write your own bundle PPrroovviissiioonniinngg EEnnggiinnee AAPPII SSPPII Common Code Objects & Utils Using Connectors
Syncope: roadmap ● Security realms (multi-tenant scenarios) ● SCIM interface ● Concurrent / Asynchronous communication with external resources ● Access Management features ● More at http://s.apache.org/SyncopeRoadmap
Syncope: (some) success stories
● Italian limited company established in 2011 ● Small, highly skilled staff ● Deliverying IAM solutions for Sun Microsystems for 10 years ● Instructors of IdM, Access Manager and Directory Server for Sun Microsystem's courses ● Creates and leverages Open Source tools for Enterprise Integration ● ConnId ● Hippo Cocoon Toolkit
Syncope: enterprise services ● Product evaluation – Introductory workshop – Proof of Concept (PoC) ● Development support ● Production support ● Syncope Compliance Dashboard ● More at http://syncope.tirasa.net
Syncope: trying it out ● Online http://syncopedemo.tirasa.net ● Virtual Machine image ● Ubuntu Juju / Microsoft Azure ● .deb packages ● Standalone distribution ● Quickstart projects on GitHub ● Maven Archetype
Questions?

Recommandé

Building Open Source Identity Infrastructures
Building Open Source Identity InfrastructuresBuilding Open Source Identity Infrastructures
Building Open Source Identity InfrastructuresMisagh Moayyed
 
Integrating Apache Camel with Apache Syncope
Integrating Apache Camel with Apache SyncopeIntegrating Apache Camel with Apache Syncope
Integrating Apache Camel with Apache SyncopeColm O hEigeartaigh
 
Building open source identity infrastructures
Building open source identity infrastructuresBuilding open source identity infrastructures
Building open source identity infrastructuresFrancesco Chicchiriccò
 
Open Source & Identity Management
Open Source & Identity ManagementOpen Source & Identity Management
Open Source & Identity ManagementJISC Netskills
 
Open Source Identity Management
Open Source Identity ManagementOpen Source Identity Management
Open Source Identity ManagementRadovan Semancik
 
Complete open source IAM solution
Complete open source IAM solutionComplete open source IAM solution
Complete open source IAM solutionRadovan Semancik
 
OpenDJ: An Introduction
OpenDJ: An IntroductionOpenDJ: An Introduction
OpenDJ: An IntroductionForgeRock
 
OpenDJ - An Introduction
OpenDJ - An IntroductionOpenDJ - An Introduction
OpenDJ - An IntroductionForgeRock
 

Recommandé

Building Open Source Identity Infrastructures
Building Open Source Identity InfrastructuresBuilding Open Source Identity Infrastructures
Building Open Source Identity InfrastructuresMisagh Moayyed
 
Integrating Apache Camel with Apache Syncope
Integrating Apache Camel with Apache SyncopeIntegrating Apache Camel with Apache Syncope
Integrating Apache Camel with Apache SyncopeColm O hEigeartaigh
 
Building open source identity infrastructures
Building open source identity infrastructuresBuilding open source identity infrastructures
Building open source identity infrastructuresFrancesco Chicchiriccò
 
Open Source & Identity Management
Open Source & Identity ManagementOpen Source & Identity Management
Open Source & Identity ManagementJISC Netskills
 
Open Source Identity Management
Open Source Identity ManagementOpen Source Identity Management
Open Source Identity ManagementRadovan Semancik
 
Complete open source IAM solution
Complete open source IAM solutionComplete open source IAM solution
Complete open source IAM solutionRadovan Semancik
 
OpenDJ: An Introduction
OpenDJ: An IntroductionOpenDJ: An Introduction
OpenDJ: An IntroductionForgeRock
 
OpenDJ - An Introduction
OpenDJ - An IntroductionOpenDJ - An Introduction
OpenDJ - An IntroductionForgeRock
 
OpenIDM - Flexible Provisioning Platform - April 28 Webinar
OpenIDM - Flexible Provisioning Platform - April 28 WebinarOpenIDM - Flexible Provisioning Platform - April 28 Webinar
OpenIDM - Flexible Provisioning Platform - April 28 WebinarForgeRock
 
Integrating Apache Syncope with Apache CXF
Integrating Apache Syncope with Apache CXFIntegrating Apache Syncope with Apache CXF
Integrating Apache Syncope with Apache CXFcoheigea
 
Identity Manager Opensource OpenIDM Architecture
Identity Manager Opensource OpenIDM ArchitectureIdentity Manager Opensource OpenIDM Architecture
Identity Manager Opensource OpenIDM ArchitectureAidy Tificate
 
Identity Management with midPoint
Identity Management with midPointIdentity Management with midPoint
Identity Management with midPointRadovan Semancik
 
WSO2Con USA 2017: Enhancing Customer Experience with WSO2 Identity Server
WSO2Con USA 2017: Enhancing Customer Experience with WSO2 Identity ServerWSO2Con USA 2017: Enhancing Customer Experience with WSO2 Identity Server
WSO2Con USA 2017: Enhancing Customer Experience with WSO2 Identity ServerWSO2
 
Asp.Net Identity
Asp.Net IdentityAsp.Net Identity
Asp.Net IdentityMarwa Ahmad
 
Deep thoughts from the real world of azure
Deep thoughts from the real world of azureDeep thoughts from the real world of azure
Deep thoughts from the real world of azureMichele Leroux Bustamante
 
Case Study: University of California, Berkeley and San Francisco
Case Study: University of California, Berkeley and San FranciscoCase Study: University of California, Berkeley and San Francisco
Case Study: University of California, Berkeley and San FranciscoForgeRock
 
ZubZib Black Coffee #9 - ASP.NET Identity
ZubZib Black Coffee #9 - ASP.NET IdentityZubZib Black Coffee #9 - ASP.NET Identity
ZubZib Black Coffee #9 - ASP.NET IdentityNon Intanon
 
WSO2Con USA 2017: Building a Secure Enterprise
WSO2Con USA 2017: Building a Secure EnterpriseWSO2Con USA 2017: Building a Secure Enterprise
WSO2Con USA 2017: Building a Secure EnterpriseWSO2
 
Authentication & Authorization in ASPdotNet MVC
Authentication & Authorization in ASPdotNet MVCAuthentication & Authorization in ASPdotNet MVC
Authentication & Authorization in ASPdotNet MVCMindfire Solutions
 
OpenIDM - An Introduction
OpenIDM - An IntroductionOpenIDM - An Introduction
OpenIDM - An IntroductionForgeRock
 
Case Study: Plus Retail - Moving from the Old World to the New World
Case Study: Plus Retail - Moving from the Old World to the New WorldCase Study: Plus Retail - Moving from the Old World to the New World
Case Study: Plus Retail - Moving from the Old World to the New WorldForgeRock
 
2015.04.23 Azure Mobile Services
2015.04.23 Azure Mobile Services2015.04.23 Azure Mobile Services
2015.04.23 Azure Mobile ServicesMarco Parenzan
 
Introduction to Azure AD and Azure AD B2C
Introduction to Azure AD and Azure AD B2CIntroduction to Azure AD and Azure AD B2C
Introduction to Azure AD and Azure AD B2CJoonas Westlin
 
WSO2Con USA 2017: Introduction to Security: End-to-End Identity Management
WSO2Con USA 2017: Introduction to Security: End-to-End Identity ManagementWSO2Con USA 2017: Introduction to Security: End-to-End Identity Management
WSO2Con USA 2017: Introduction to Security: End-to-End Identity ManagementWSO2
 
There is REST and then there is "REST"
There is REST and then there is "REST"There is REST and then there is "REST"
There is REST and then there is "REST"Radovan Semancik
 
iPlanet presentation
iPlanet presentationiPlanet presentation
iPlanet presentationrogerkellerman
 
Directories for the REST of Us: REST to LDAP in OpenDJ 2.6
Directories for the REST of Us: REST to LDAP in OpenDJ 2.6Directories for the REST of Us: REST to LDAP in OpenDJ 2.6
Directories for the REST of Us: REST to LDAP in OpenDJ 2.6ForgeRock
 
Building a document e-signing workflow with Azure Durable Functions
Building a document e-signing workflow with Azure Durable FunctionsBuilding a document e-signing workflow with Azure Durable Functions
Building a document e-signing workflow with Azure Durable FunctionsJoonas Westlin
 
Dynatech presentation for TSI Career Day
Dynatech presentation for TSI Career DayDynatech presentation for TSI Career Day
Dynatech presentation for TSI Career DayArtur Babyuk
 
[Workshop] Managing the API lifecycle with Open Source Technologies
[Workshop] Managing the API lifecycle with Open Source Technologies[Workshop] Managing the API lifecycle with Open Source Technologies
[Workshop] Managing the API lifecycle with Open Source TechnologiesWSO2
 

Contenu connexe

Tendances

OpenIDM - Flexible Provisioning Platform - April 28 Webinar
OpenIDM - Flexible Provisioning Platform - April 28 WebinarOpenIDM - Flexible Provisioning Platform - April 28 Webinar
OpenIDM - Flexible Provisioning Platform - April 28 WebinarForgeRock
 
Integrating Apache Syncope with Apache CXF
Integrating Apache Syncope with Apache CXFIntegrating Apache Syncope with Apache CXF
Integrating Apache Syncope with Apache CXFcoheigea
 
Identity Manager Opensource OpenIDM Architecture
Identity Manager Opensource OpenIDM ArchitectureIdentity Manager Opensource OpenIDM Architecture
Identity Manager Opensource OpenIDM ArchitectureAidy Tificate
 
Identity Management with midPoint
Identity Management with midPointIdentity Management with midPoint
Identity Management with midPointRadovan Semancik
 
WSO2Con USA 2017: Enhancing Customer Experience with WSO2 Identity Server
WSO2Con USA 2017: Enhancing Customer Experience with WSO2 Identity ServerWSO2Con USA 2017: Enhancing Customer Experience with WSO2 Identity Server
WSO2Con USA 2017: Enhancing Customer Experience with WSO2 Identity ServerWSO2
 
Asp.Net Identity
Asp.Net IdentityAsp.Net Identity
Asp.Net IdentityMarwa Ahmad
 
Case Study: University of California, Berkeley and San Francisco
Case Study: University of California, Berkeley and San FranciscoCase Study: University of California, Berkeley and San Francisco
Case Study: University of California, Berkeley and San FranciscoForgeRock
 
ZubZib Black Coffee #9 - ASP.NET Identity
ZubZib Black Coffee #9 - ASP.NET IdentityZubZib Black Coffee #9 - ASP.NET Identity
ZubZib Black Coffee #9 - ASP.NET IdentityNon Intanon
 
WSO2Con USA 2017: Building a Secure Enterprise
WSO2Con USA 2017: Building a Secure EnterpriseWSO2Con USA 2017: Building a Secure Enterprise
WSO2Con USA 2017: Building a Secure EnterpriseWSO2
 
Authentication & Authorization in ASPdotNet MVC
Authentication & Authorization in ASPdotNet MVCAuthentication & Authorization in ASPdotNet MVC
Authentication & Authorization in ASPdotNet MVCMindfire Solutions
 
OpenIDM - An Introduction
OpenIDM - An IntroductionOpenIDM - An Introduction
OpenIDM - An IntroductionForgeRock
 
Case Study: Plus Retail - Moving from the Old World to the New World
Case Study: Plus Retail - Moving from the Old World to the New WorldCase Study: Plus Retail - Moving from the Old World to the New World
Case Study: Plus Retail - Moving from the Old World to the New WorldForgeRock
 
2015.04.23 Azure Mobile Services
2015.04.23 Azure Mobile Services2015.04.23 Azure Mobile Services
2015.04.23 Azure Mobile ServicesMarco Parenzan
 
Introduction to Azure AD and Azure AD B2C
Introduction to Azure AD and Azure AD B2CIntroduction to Azure AD and Azure AD B2C
Introduction to Azure AD and Azure AD B2CJoonas Westlin
 
WSO2Con USA 2017: Introduction to Security: End-to-End Identity Management
WSO2Con USA 2017: Introduction to Security: End-to-End Identity ManagementWSO2Con USA 2017: Introduction to Security: End-to-End Identity Management
WSO2Con USA 2017: Introduction to Security: End-to-End Identity ManagementWSO2
 
There is REST and then there is "REST"
There is REST and then there is "REST"There is REST and then there is "REST"
There is REST and then there is "REST"Radovan Semancik
 
Directories for the REST of Us: REST to LDAP in OpenDJ 2.6
Directories for the REST of Us: REST to LDAP in OpenDJ 2.6Directories for the REST of Us: REST to LDAP in OpenDJ 2.6
Directories for the REST of Us: REST to LDAP in OpenDJ 2.6ForgeRock
 
Building a document e-signing workflow with Azure Durable Functions
Building a document e-signing workflow with Azure Durable FunctionsBuilding a document e-signing workflow with Azure Durable Functions
Building a document e-signing workflow with Azure Durable FunctionsJoonas Westlin
 

Tendances (20)

OpenIDM - Flexible Provisioning Platform - April 28 Webinar
OpenIDM - Flexible Provisioning Platform - April 28 WebinarOpenIDM - Flexible Provisioning Platform - April 28 Webinar
OpenIDM - Flexible Provisioning Platform - April 28 Webinar
 
Integrating Apache Syncope with Apache CXF
Integrating Apache Syncope with Apache CXFIntegrating Apache Syncope with Apache CXF
Integrating Apache Syncope with Apache CXF
 
Identity Manager Opensource OpenIDM Architecture
Identity Manager Opensource OpenIDM ArchitectureIdentity Manager Opensource OpenIDM Architecture
Identity Manager Opensource OpenIDM Architecture
 
Identity Management with midPoint
Identity Management with midPointIdentity Management with midPoint
Identity Management with midPoint
 
WSO2Con USA 2017: Enhancing Customer Experience with WSO2 Identity Server
WSO2Con USA 2017: Enhancing Customer Experience with WSO2 Identity ServerWSO2Con USA 2017: Enhancing Customer Experience with WSO2 Identity Server
WSO2Con USA 2017: Enhancing Customer Experience with WSO2 Identity Server
 
Asp.Net Identity
Asp.Net IdentityAsp.Net Identity
Asp.Net Identity
 
Deep thoughts from the real world of azure
Deep thoughts from the real world of azureDeep thoughts from the real world of azure
Deep thoughts from the real world of azure
 
Case Study: University of California, Berkeley and San Francisco
Case Study: University of California, Berkeley and San FranciscoCase Study: University of California, Berkeley and San Francisco
Case Study: University of California, Berkeley and San Francisco
 
ZubZib Black Coffee #9 - ASP.NET Identity
ZubZib Black Coffee #9 - ASP.NET IdentityZubZib Black Coffee #9 - ASP.NET Identity
ZubZib Black Coffee #9 - ASP.NET Identity
 
WSO2Con USA 2017: Building a Secure Enterprise
WSO2Con USA 2017: Building a Secure EnterpriseWSO2Con USA 2017: Building a Secure Enterprise
WSO2Con USA 2017: Building a Secure Enterprise
 
Authentication & Authorization in ASPdotNet MVC
Authentication & Authorization in ASPdotNet MVCAuthentication & Authorization in ASPdotNet MVC
Authentication & Authorization in ASPdotNet MVC
 
OpenIDM - An Introduction
OpenIDM - An IntroductionOpenIDM - An Introduction
OpenIDM - An Introduction
 
Case Study: Plus Retail - Moving from the Old World to the New World
Case Study: Plus Retail - Moving from the Old World to the New WorldCase Study: Plus Retail - Moving from the Old World to the New World
Case Study: Plus Retail - Moving from the Old World to the New World
 
2015.04.23 Azure Mobile Services
2015.04.23 Azure Mobile Services2015.04.23 Azure Mobile Services
2015.04.23 Azure Mobile Services
 
Introduction to Azure AD and Azure AD B2C
Introduction to Azure AD and Azure AD B2CIntroduction to Azure AD and Azure AD B2C
Introduction to Azure AD and Azure AD B2C
 
WSO2Con USA 2017: Introduction to Security: End-to-End Identity Management
WSO2Con USA 2017: Introduction to Security: End-to-End Identity ManagementWSO2Con USA 2017: Introduction to Security: End-to-End Identity Management
WSO2Con USA 2017: Introduction to Security: End-to-End Identity Management
 
There is REST and then there is "REST"
There is REST and then there is "REST"There is REST and then there is "REST"
There is REST and then there is "REST"
 
iPlanet presentation
iPlanet presentationiPlanet presentation
iPlanet presentation
 
Directories for the REST of Us: REST to LDAP in OpenDJ 2.6
Directories for the REST of Us: REST to LDAP in OpenDJ 2.6Directories for the REST of Us: REST to LDAP in OpenDJ 2.6
Directories for the REST of Us: REST to LDAP in OpenDJ 2.6
 
Building a document e-signing workflow with Azure Durable Functions
Building a document e-signing workflow with Azure Durable FunctionsBuilding a document e-signing workflow with Azure Durable Functions
Building a document e-signing workflow with Azure Durable Functions
 

Similaire à Apache Syncope and Tirasa

Dynatech presentation for TSI Career Day
Dynatech presentation for TSI Career DayDynatech presentation for TSI Career Day
Dynatech presentation for TSI Career DayArtur Babyuk
 
[Workshop] Managing the API lifecycle with Open Source Technologies
[Workshop] Managing the API lifecycle with Open Source Technologies[Workshop] Managing the API lifecycle with Open Source Technologies
[Workshop] Managing the API lifecycle with Open Source TechnologiesWSO2
 
Webinar: OpenIDM 3.1
Webinar: OpenIDM 3.1Webinar: OpenIDM 3.1
Webinar: OpenIDM 3.1ForgeRock
 
Evolveum: About the company and its product - midPoint
Evolveum: About the company and its product - midPointEvolveum: About the company and its product - midPoint
Evolveum: About the company and its product - midPointEvolveum
 
BarCamp Hong Kong 2015 - AuthBucket - Open Source Identity Management System
BarCamp Hong Kong 2015 - AuthBucket - Open Source Identity Management SystemBarCamp Hong Kong 2015 - AuthBucket - Open Source Identity Management System
BarCamp Hong Kong 2015 - AuthBucket - Open Source Identity Management SystemWong Hoi Sing Edison
 
Single Sign On (SSO) Services with Free/Open Source Software
Single Sign On (SSO) Services with Free/Open Source SoftwareSingle Sign On (SSO) Services with Free/Open Source Software
Single Sign On (SSO) Services with Free/Open Source SoftwareTonny Adhi Sabastian
 
API Management within a Microservice Architecture
API Management within a Microservice ArchitectureAPI Management within a Microservice Architecture
API Management within a Microservice ArchitectureWSO2
 
API Management Within a Microservices Architecture
API Management Within a Microservices Architecture API Management Within a Microservices Architecture
API Management Within a Microservices Architecture Nadeesha Gamage
 
Api centric enterprises
Api centric enterprisesApi centric enterprises
Api centric enterprisesWSO2
 
[OW2con'21] Hosting Identity in the Cloud with OW2 free softwares
[OW2con'21] Hosting Identity in the Cloud with OW2 free softwares[OW2con'21] Hosting Identity in the Cloud with OW2 free softwares
[OW2con'21] Hosting Identity in the Cloud with OW2 free softwaresWorteks
 
DevSecOps: The Open Source Way
DevSecOps: The Open Source WayDevSecOps: The Open Source Way
DevSecOps: The Open Source WayGordon Haff
 
JIO and WebViewers: interoperability for Javascript and Web Applications
JIO and WebViewers: interoperability for Javascript and Web ApplicationsJIO and WebViewers: interoperability for Javascript and Web Applications
JIO and WebViewers: interoperability for Javascript and Web ApplicationsXWiki
 
Programming for non tech entrepreneurs
Programming for non tech entrepreneursProgramming for non tech entrepreneurs
Programming for non tech entrepreneursRodrigo Gil
 
[Workshop] API-driven Integration
[Workshop] API-driven Integration[Workshop] API-driven Integration
[Workshop] API-driven IntegrationWSO2
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2
 
Big Brother for Enterprises - The WSO2 Advantage
Big Brother for Enterprises - The WSO2 AdvantageBig Brother for Enterprises - The WSO2 Advantage
Big Brother for Enterprises - The WSO2 AdvantageWSO2
 
Deep Visibility: Logging From Distributed Microservices
Deep Visibility: Logging From Distributed MicroservicesDeep Visibility: Logging From Distributed Microservices
Deep Visibility: Logging From Distributed MicroservicesAaronLieberman5
 
Not my problem - Delegating responsibility to infrastructure
Not my problem - Delegating responsibility to infrastructureNot my problem - Delegating responsibility to infrastructure
Not my problem - Delegating responsibility to infrastructureYshay Yaacobi
 

Similaire à Apache Syncope and Tirasa (20)

Dynatech presentation for TSI Career Day
Dynatech presentation for TSI Career DayDynatech presentation for TSI Career Day
Dynatech presentation for TSI Career Day
 
[Workshop] Managing the API lifecycle with Open Source Technologies
[Workshop] Managing the API lifecycle with Open Source Technologies[Workshop] Managing the API lifecycle with Open Source Technologies
[Workshop] Managing the API lifecycle with Open Source Technologies
 
Webinar: OpenIDM 3.1
Webinar: OpenIDM 3.1Webinar: OpenIDM 3.1
Webinar: OpenIDM 3.1
 
Evolveum: About the company and its product - midPoint
Evolveum: About the company and its product - midPointEvolveum: About the company and its product - midPoint
Evolveum: About the company and its product - midPoint
 
BarCamp Hong Kong 2015 - AuthBucket - Open Source Identity Management System
BarCamp Hong Kong 2015 - AuthBucket - Open Source Identity Management SystemBarCamp Hong Kong 2015 - AuthBucket - Open Source Identity Management System
BarCamp Hong Kong 2015 - AuthBucket - Open Source Identity Management System
 
Single Sign On (SSO) Services with Free/Open Source Software
Single Sign On (SSO) Services with Free/Open Source SoftwareSingle Sign On (SSO) Services with Free/Open Source Software
Single Sign On (SSO) Services with Free/Open Source Software
 
API Management within a Microservice Architecture
API Management within a Microservice ArchitectureAPI Management within a Microservice Architecture
API Management within a Microservice Architecture
 
API Management Within a Microservices Architecture
API Management Within a Microservices Architecture API Management Within a Microservices Architecture
API Management Within a Microservices Architecture
 
Api centric enterprises
Api centric enterprisesApi centric enterprises
Api centric enterprises
 
[OW2con'21] Hosting Identity in the Cloud with OW2 free softwares
[OW2con'21] Hosting Identity in the Cloud with OW2 free softwares[OW2con'21] Hosting Identity in the Cloud with OW2 free softwares
[OW2con'21] Hosting Identity in the Cloud with OW2 free softwares
 
DevSecOps: The Open Source Way
DevSecOps: The Open Source WayDevSecOps: The Open Source Way
DevSecOps: The Open Source Way
 
JIO and WebViewers: interoperability for Javascript and Web Applications
JIO and WebViewers: interoperability for Javascript and Web ApplicationsJIO and WebViewers: interoperability for Javascript and Web Applications
JIO and WebViewers: interoperability for Javascript and Web Applications
 
Programming for non tech entrepreneurs
Programming for non tech entrepreneursProgramming for non tech entrepreneurs
Programming for non tech entrepreneurs
 
[Workshop] API-driven Integration
[Workshop] API-driven Integration[Workshop] API-driven Integration
[Workshop] API-driven Integration
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 
Oow2016 review--paas-microservices-
Oow2016 review--paas-microservices-Oow2016 review--paas-microservices-
Oow2016 review--paas-microservices-
 
Big Brother for Enterprises - The WSO2 Advantage
Big Brother for Enterprises - The WSO2 AdvantageBig Brother for Enterprises - The WSO2 Advantage
Big Brother for Enterprises - The WSO2 Advantage
 
Deep Visibility: Logging From Distributed Microservices
Deep Visibility: Logging From Distributed MicroservicesDeep Visibility: Logging From Distributed Microservices
Deep Visibility: Logging From Distributed Microservices
 
Not my problem - Delegating responsibility to infrastructure
Not my problem - Delegating responsibility to infrastructureNot my problem - Delegating responsibility to infrastructure
Not my problem - Delegating responsibility to infrastructure
 
Privileged Access Management
Privileged Access ManagementPrivileged Access Management
Privileged Access Management
 

Plus de Francesco Chicchiriccò

Perché mai Tirasa? Career Day 2017 - UnivAQ
Perché mai Tirasa? Career Day 2017 - UnivAQPerché mai Tirasa? Career Day 2017 - UnivAQ
Perché mai Tirasa? Career Day 2017 - UnivAQFrancesco Chicchiriccò
 
DevOps practices and tools of a small company in love with open source
DevOps practices and tools of a small company in love with open sourceDevOps practices and tools of a small company in love with open source
DevOps practices and tools of a small company in love with open sourceFrancesco Chicchiriccò
 
Open source identity management 20121106 - apache con eu
Open source identity management 20121106 - apache con euOpen source identity management 20121106 - apache con eu
Open source identity management 20121106 - apache con euFrancesco Chicchiriccò
 
Apache Syncope Identity Manager 20120623 confsl
Apache Syncope Identity Manager 20120623 confslApache Syncope Identity Manager 20120623 confsl
Apache Syncope Identity Manager 20120623 confslFrancesco Chicchiriccò
 

Plus de Francesco Chicchiriccò (11)

Perché mai Tirasa? Career Day 2017 - UnivAQ
Perché mai Tirasa? Career Day 2017 - UnivAQPerché mai Tirasa? Career Day 2017 - UnivAQ
Perché mai Tirasa? Career Day 2017 - UnivAQ
 
DevOps practices and tools of a small company in love with open source
DevOps practices and tools of a small company in love with open sourceDevOps practices and tools of a small company in love with open source
DevOps practices and tools of a small company in love with open source
 
Open source identity management 20121106 - apache con eu
Open source identity management 20121106 - apache con euOpen source identity management 20121106 - apache con eu
Open source identity management 20121106 - apache con eu
 
Apache Syncope Identity Manager 20120623 confsl
Apache Syncope Identity Manager 20120623 confslApache Syncope Identity Manager 20120623 confsl
Apache Syncope Identity Manager 20120623 confsl
 
20100327 Triduo Pasquale
20100327 Triduo Pasquale20100327 Triduo Pasquale
20100327 Triduo Pasquale
 
Sviluppo DTT e Sofia
Sviluppo DTT e SofiaSviluppo DTT e Sofia
Sviluppo DTT e Sofia
 
Scrum: una metodologia agile
Scrum: una metodologia agileScrum: una metodologia agile
Scrum: una metodologia agile
 
Service Delivery Network
Service Delivery NetworkService Delivery Network
Service Delivery Network
 
Automatic Server Provisioning
Automatic Server ProvisioningAutomatic Server Provisioning
Automatic Server Provisioning
 
Workflow e dintorni
Workflow e dintorniWorkflow e dintorni
Workflow e dintorni
 
Hands On Cocoon
Hands On CocoonHands On Cocoon
Hands On Cocoon
 

Dernier

Free on Wednesdays T Shirts Free on Wednesdays Sweatshirts
Free on Wednesdays T Shirts Free on Wednesdays SweatshirtsFree on Wednesdays T Shirts Free on Wednesdays Sweatshirts
Free on Wednesdays T Shirts Free on Wednesdays Sweatshirtsrahman018755
 
iThome_CYBERSEC2024_Drive_Into_the_DarkWeb
iThome_CYBERSEC2024_Drive_Into_the_DarkWebiThome_CYBERSEC2024_Drive_Into_the_DarkWeb
iThome_CYBERSEC2024_Drive_Into_the_DarkWebJie Liau
 
原版定制英国赫瑞瓦特大学毕业证原件一模一样
原版定制英国赫瑞瓦特大学毕业证原件一模一样原版定制英国赫瑞瓦特大学毕业证原件一模一样
原版定制英国赫瑞瓦特大学毕业证原件一模一样AS
 
一比一原版(Design毕业证书)新加坡科技设计大学毕业证原件一模一样
一比一原版(Design毕业证书)新加坡科技设计大学毕业证原件一模一样一比一原版(Design毕业证书)新加坡科技设计大学毕业证原件一模一样
一比一原版(Design毕业证书)新加坡科技设计大学毕业证原件一模一样AS
 
原版定制(爱大毕业证书)英国爱丁堡大学毕业证原件一模一样
原版定制(爱大毕业证书)英国爱丁堡大学毕业证原件一模一样原版定制(爱大毕业证书)英国爱丁堡大学毕业证原件一模一样
原版定制(爱大毕业证书)英国爱丁堡大学毕业证原件一模一样gfhdsfr
 
Free scottie t shirts Free scottie t shirts
Free scottie t shirts Free scottie t shirtsFree scottie t shirts Free scottie t shirts
Free scottie t shirts Free scottie t shirtsrahman018755
 
一比一原版(PSU毕业证书)美国宾州州立大学毕业证如何办理
一比一原版(PSU毕业证书)美国宾州州立大学毕业证如何办理一比一原版(PSU毕业证书)美国宾州州立大学毕业证如何办理
一比一原版(PSU毕业证书)美国宾州州立大学毕业证如何办理Fir
 
Reggie miller choke t shirtsReggie miller choke t shirts
Reggie miller choke t shirtsReggie miller choke t shirtsReggie miller choke t shirtsReggie miller choke t shirts
Reggie miller choke t shirtsReggie miller choke t shirtsrahman018755
 
原版定制美国加州大学河滨分校毕业证原件一模一样
原版定制美国加州大学河滨分校毕业证原件一模一样原版定制美国加州大学河滨分校毕业证原件一模一样
原版定制美国加州大学河滨分校毕业证原件一模一样A
 
原版定制(PSU毕业证书)美国宾州州立大学毕业证原件一模一样
原版定制(PSU毕业证书)美国宾州州立大学毕业证原件一模一样原版定制(PSU毕业证书)美国宾州州立大学毕业证原件一模一样
原版定制(PSU毕业证书)美国宾州州立大学毕业证原件一模一样rgdasda
 
AI Generated 3D Models | AI 3D Model Generator
AI Generated 3D Models | AI 3D Model GeneratorAI Generated 3D Models | AI 3D Model Generator
AI Generated 3D Models | AI 3D Model Generator3DailyAI1
 
一比一原版(Soton毕业证书)南安普顿大学毕业证原件一模一样
一比一原版(Soton毕业证书)南安普顿大学毕业证原件一模一样一比一原版(Soton毕业证书)南安普顿大学毕业证原件一模一样
一比一原版(Soton毕业证书)南安普顿大学毕业证原件一模一样Fi
 
一比一定制加州大学欧文分校毕业证学位证书
一比一定制加州大学欧文分校毕业证学位证书一比一定制加州大学欧文分校毕业证学位证书
一比一定制加州大学欧文分校毕业证学位证书A
 
SOC Analyst Guide For Beginners SOC analysts work as members of a managed sec...
SOC Analyst Guide For Beginners SOC analysts work as members of a managed sec...SOC Analyst Guide For Beginners SOC analysts work as members of a managed sec...
SOC Analyst Guide For Beginners SOC analysts work as members of a managed sec...Varun Mithran
 
一比一原版(UWE毕业证书)西英格兰大学毕业证原件一模一样
一比一原版(UWE毕业证书)西英格兰大学毕业证原件一模一样一比一原版(UWE毕业证书)西英格兰大学毕业证原件一模一样
一比一原版(UWE毕业证书)西英格兰大学毕业证原件一模一样Fi
 
一比一原版布兰迪斯大学毕业证如何办理
一比一原版布兰迪斯大学毕业证如何办理一比一原版布兰迪斯大学毕业证如何办理
一比一原版布兰迪斯大学毕业证如何办理A
 
🍑👄Dehradun Esℂorts Serviℂe☎️9315791090🍑👄 ℂall Girl serviℂe in ☎️Dehradun ℂall...
🍑👄Dehradun Esℂorts Serviℂe☎️9315791090🍑👄 ℂall Girl serviℂe in ☎️Dehradun ℂall...🍑👄Dehradun Esℂorts Serviℂe☎️9315791090🍑👄 ℂall Girl serviℂe in ☎️Dehradun ℂall...
🍑👄Dehradun Esℂorts Serviℂe☎️9315791090🍑👄 ℂall Girl serviℂe in ☎️Dehradun ℂall...Mumbai Escorts
 
一比一原版(毕业证书)新西兰怀特克利夫艺术设计学院毕业证原件一模一样
一比一原版(毕业证书)新西兰怀特克利夫艺术设计学院毕业证原件一模一样一比一原版(毕业证书)新西兰怀特克利夫艺术设计学院毕业证原件一模一样
一比一原版(毕业证书)新西兰怀特克利夫艺术设计学院毕业证原件一模一样AS
 
Premier Mobile App Development Agency in USA.pdf
Premier Mobile App Development Agency in USA.pdfPremier Mobile App Development Agency in USA.pdf
Premier Mobile App Development Agency in USA.pdfappinfoedgeca
 

Dernier (20)

Free on Wednesdays T Shirts Free on Wednesdays Sweatshirts
Free on Wednesdays T Shirts Free on Wednesdays SweatshirtsFree on Wednesdays T Shirts Free on Wednesdays Sweatshirts
Free on Wednesdays T Shirts Free on Wednesdays Sweatshirts
 
iThome_CYBERSEC2024_Drive_Into_the_DarkWeb
iThome_CYBERSEC2024_Drive_Into_the_DarkWebiThome_CYBERSEC2024_Drive_Into_the_DarkWeb
iThome_CYBERSEC2024_Drive_Into_the_DarkWeb
 
原版定制英国赫瑞瓦特大学毕业证原件一模一样
原版定制英国赫瑞瓦特大学毕业证原件一模一样原版定制英国赫瑞瓦特大学毕业证原件一模一样
原版定制英国赫瑞瓦特大学毕业证原件一模一样
 
一比一原版(Design毕业证书)新加坡科技设计大学毕业证原件一模一样
一比一原版(Design毕业证书)新加坡科技设计大学毕业证原件一模一样一比一原版(Design毕业证书)新加坡科技设计大学毕业证原件一模一样
一比一原版(Design毕业证书)新加坡科技设计大学毕业证原件一模一样
 
原版定制(爱大毕业证书)英国爱丁堡大学毕业证原件一模一样
原版定制(爱大毕业证书)英国爱丁堡大学毕业证原件一模一样原版定制(爱大毕业证书)英国爱丁堡大学毕业证原件一模一样
原版定制(爱大毕业证书)英国爱丁堡大学毕业证原件一模一样
 
Free scottie t shirts Free scottie t shirts
Free scottie t shirts Free scottie t shirtsFree scottie t shirts Free scottie t shirts
Free scottie t shirts Free scottie t shirts
 
一比一原版(PSU毕业证书)美国宾州州立大学毕业证如何办理
一比一原版(PSU毕业证书)美国宾州州立大学毕业证如何办理一比一原版(PSU毕业证书)美国宾州州立大学毕业证如何办理
一比一原版(PSU毕业证书)美国宾州州立大学毕业证如何办理
 
Reggie miller choke t shirtsReggie miller choke t shirts
Reggie miller choke t shirtsReggie miller choke t shirtsReggie miller choke t shirtsReggie miller choke t shirts
Reggie miller choke t shirtsReggie miller choke t shirts
 
原版定制美国加州大学河滨分校毕业证原件一模一样
原版定制美国加州大学河滨分校毕业证原件一模一样原版定制美国加州大学河滨分校毕业证原件一模一样
原版定制美国加州大学河滨分校毕业证原件一模一样
 
原版定制(PSU毕业证书)美国宾州州立大学毕业证原件一模一样
原版定制(PSU毕业证书)美国宾州州立大学毕业证原件一模一样原版定制(PSU毕业证书)美国宾州州立大学毕业证原件一模一样
原版定制(PSU毕业证书)美国宾州州立大学毕业证原件一模一样
 
AI Generated 3D Models | AI 3D Model Generator
AI Generated 3D Models | AI 3D Model GeneratorAI Generated 3D Models | AI 3D Model Generator
AI Generated 3D Models | AI 3D Model Generator
 
一比一原版(Soton毕业证书)南安普顿大学毕业证原件一模一样
一比一原版(Soton毕业证书)南安普顿大学毕业证原件一模一样一比一原版(Soton毕业证书)南安普顿大学毕业证原件一模一样
一比一原版(Soton毕业证书)南安普顿大学毕业证原件一模一样
 
一比一定制加州大学欧文分校毕业证学位证书
一比一定制加州大学欧文分校毕业证学位证书一比一定制加州大学欧文分校毕业证学位证书
一比一定制加州大学欧文分校毕业证学位证书
 
SOC Analyst Guide For Beginners SOC analysts work as members of a managed sec...
SOC Analyst Guide For Beginners SOC analysts work as members of a managed sec...SOC Analyst Guide For Beginners SOC analysts work as members of a managed sec...
SOC Analyst Guide For Beginners SOC analysts work as members of a managed sec...
 
一比一原版(UWE毕业证书)西英格兰大学毕业证原件一模一样
一比一原版(UWE毕业证书)西英格兰大学毕业证原件一模一样一比一原版(UWE毕业证书)西英格兰大学毕业证原件一模一样
一比一原版(UWE毕业证书)西英格兰大学毕业证原件一模一样
 
一比一原版布兰迪斯大学毕业证如何办理
一比一原版布兰迪斯大学毕业证如何办理一比一原版布兰迪斯大学毕业证如何办理
一比一原版布兰迪斯大学毕业证如何办理
 
GOOGLE Io 2024 At takes center stage.pdf
GOOGLE Io 2024 At takes center stage.pdfGOOGLE Io 2024 At takes center stage.pdf
GOOGLE Io 2024 At takes center stage.pdf
 
🍑👄Dehradun Esℂorts Serviℂe☎️9315791090🍑👄 ℂall Girl serviℂe in ☎️Dehradun ℂall...
🍑👄Dehradun Esℂorts Serviℂe☎️9315791090🍑👄 ℂall Girl serviℂe in ☎️Dehradun ℂall...🍑👄Dehradun Esℂorts Serviℂe☎️9315791090🍑👄 ℂall Girl serviℂe in ☎️Dehradun ℂall...
🍑👄Dehradun Esℂorts Serviℂe☎️9315791090🍑👄 ℂall Girl serviℂe in ☎️Dehradun ℂall...
 
一比一原版(毕业证书)新西兰怀特克利夫艺术设计学院毕业证原件一模一样
一比一原版(毕业证书)新西兰怀特克利夫艺术设计学院毕业证原件一模一样一比一原版(毕业证书)新西兰怀特克利夫艺术设计学院毕业证原件一模一样
一比一原版(毕业证书)新西兰怀特克利夫艺术设计学院毕业证原件一模一样
 
Premier Mobile App Development Agency in USA.pdf
Premier Mobile App Development Agency in USA.pdfPremier Mobile App Development Agency in USA.pdf
Premier Mobile App Development Agency in USA.pdf
 

Apache Syncope and Tirasa

  • 1. OpenSource Identity Management with Apache Syncope Viale D'Annunzio, 267 - 65127 Pescara Partita IVA 01974100685 N. REA 143460 Tel +39 0859116307 / FAX +39 0859111173 http://www.tirasa.net info@tirasa.net
  • 2. Agenda ● Identity and Access Management ● Vendor Vs Open Source solutions ● Apache Syncope ● Tirasa: Apache Syncope Enterprise support
  • 3. What's IdM about? ● Data records that contains a collection of data about a person ● “Data record” → Account ● “A person” → Identity ● The joint effort of business process and IT to manage user data on systems and applications.
  • 4. IdM technologies ● Identity Stores ● Storage of user information ● Provisioning ● Synchronize account data across identity stores and a broad range of data formats, models, meanings and purposes ● Access Management ● Security mechanisms that take place when a user is accessing a specific system or functionality
  • 5. Identity Stores ● Examples ● LDAP / Active Directory ● RDBMS ● Meta and Virtual Directories ● Accounts can be created and managed in one place only ● Each application manages authentication separately ● Users may use the same password for all connected applications
  • 6. Aren't Identity Stores enough? ● Heterogeneity of systems ● Lack of a single source of information ● HR for corporate id, Groupware for mail address, ... ● Need for a local user database ● Inconsistent policies ● Lack of workflow management ● Hidden infrastructure management cost, growing with organization size
  • 7. Provisioning ● Keeping identity stores as synchronized as possible ● Need to be customizable and flexible ● Priority: non-intrusiveness ● Focused on application back-end ● Communication: ● Connectors ● Agents
  • 9. Access Management ● Mediator to all access to all applications ● Focused on application front-end ● Aspects ● Authentication (Single SignOn) ● Authorization ● Federation (SAML, Liberty, OAuth, OpenID, ...) ● Mainly applicable to web applications ● Difficult integration with pre-existing apps
  • 10. IdM in practice: before...
  • 11. IdM in practice: ...after!
  • 12. Vendor products ● Oracle (with addition of ex-Sun suite) ● Novell ● IBM (Tivoli) ● Microsoft (Forefront) ● Niche players ● Ping ● NetIQ ● SailPoint ● Quest (now Dell)
  • 13. Open Source non-ASF products Identity Stores Access Management Provisioning
  • 14. Open Source ASF projects ● Identity Stores ● Apache Directory ● Provisioning ● Apache Syncope ● Access Management ● Apache Shiro
  • 15. Apache Syncope ● Inception by Tirasa in 2010 ● Entered ASF incubator in February 2012 ● Graduated as TLP in November 2012 ● Active community ● 13 committers, 5 contributors ● ~130 mailing list subscribers, stable traffic
  • 16. Syncope: features ● Workflow-based provisioning engine of users and roles ● Account / Password policies ● Agentless connection with Identity Stores ● Auditing & Reporting ● Shining admin console ● Customizable and extensible by design
  • 19. Syncope and the external world
  • 20. Syncope: connectors ● Based on ConnId, hosted at GitHub, new home of Sun's Identity Connectors ● Ready-to-use bundles: ● LDAP ● Active Directory ● Database ● CSV Directory ● SOAP ● Google Apps ● UNIX ● Write your own bundle PPrroovviissiioonniinngg EEnnggiinnee AAPPII SSPPII Common Code Objects & Utils Using Connectors
  • 21. Syncope: roadmap ● Security realms (multi-tenant scenarios) ● SCIM interface ● Concurrent / Asynchronous communication with external resources ● Access Management features ● More at http://s.apache.org/SyncopeRoadmap
  • 23. ● Italian limited company established in 2011 ● Small, highly skilled staff ● Deliverying IAM solutions for Sun Microsystems for 10 years ● Instructors of IdM, Access Manager and Directory Server for Sun Microsystem's courses ● Creates and leverages Open Source tools for Enterprise Integration ● ConnId ● Hippo Cocoon Toolkit
  • 24. Syncope: enterprise services ● Product evaluation – Introductory workshop – Proof of Concept (PoC) ● Development support ● Production support ● Syncope Compliance Dashboard ● More at http://syncope.tirasa.net
  • 25. Syncope: trying it out ● Online http://syncopedemo.tirasa.net ● Virtual Machine image ● Ubuntu Juju / Microsoft Azure ● .deb packages ● Standalone distribution ● Quickstart projects on GitHub ● Maven Archetype