SlideShare a Scribd company logo

Layer 7: Identity Enabled SOA Governance

CA API Management
CA API Management

Ross Altman, CTO, SOA and BI, Sun Microsystems and Adam Vincent, Federal Technical Director, Layer7 Technologies present SOA Governacne

Technology
1 of 18
Ross Altman - CTO, SOA and BI, Sun Microsystems Adam Vincent – Federal Technical Director, Layer7 Technologies Identity-Enabled SOA Governance
What is SOA Governance? ,[object Object],[object Object],[object Object],[object Object]
What’s included in SOA Governance? ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Why is SOA Governance important? ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Why is SOA Governance important? ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
An SOA Governance Scenario ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Benefits of SOA Governance IT Benefits ,[object Object],[object Object],[object Object],[object Object],[object Object],Business Benefits ,[object Object],[object Object],[object Object],[object Object],[object Object]
Policy-Centric Governance ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Run Time SOA Governance Enforces Governance Service Rules - Policies ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Runtime Policy Framework Corporate Policy Drivers (Inputs) - Governance - Compliance - Security Security - WS - Security - X509TokenProfile - SAMLTokenProfile - XML Encryption - XML Signatures Runtime Policy Framework Corporate Architectural Drivers (Inputs) - Flexibility and Reuse - Platform Independence - Integration with existing infrastructure - Security, Scalability, Availability, Performance Transport - HTTP - TLS - JMS SLA - Response Time - Availability - IP Range, ToD - Throughput Limits - Non - repudiation Message X - Form - Versioning - Localization - DS (ACORD, FIX) Reliability - WS - RM Threat Protection - Schema Validation - Virus Scanning - Attachments Platform - Load Balancing - WS - Addressing Registry/Repository (metadata)
Policy Central to SOA Governance Define and author corporate policies: Privacy, Integrity, Non-repudiation Identity, Access control, Credentials Reliability, performance, scalability Reusability/Discoverability Compliance to industry and corporate standards Conformance to technical standards – WS-I, SOAP, WSDL, WS-S, WSRM etc. Deploy and configure services according to policies: Physical endpoints Routing, load balancing, transport Service Level Agreements Identity stores, Access decision points Enforce policies at the edge and in the core: Alerts, Reports, Audit trails Monitor compliance with policies: Manage alerts Generate reports Forensics and Audit trails
Identity Crucial to SOA Governance ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Policy-centric SOA Governance Architectural View Policy Enforcement Policy Definition XML Gateway (policy enforcement)‏ XML VPN (client policy coordination)‏ Consumer Service XML VPN (client policy coordination)‏ Last Mile Extender (endpoint agent)‏ Last Mile Extender (endpoint agent)‏ Identity / Trust Identity / Trust Policy Definition Reg / Rep Sun Layer7
Scenario: Richer Credential Options L7 + Sun FAM ,[object Object],[object Object],[object Object],[object Object]
Scenario: Advanced SAML Processing Blue’s Identity Server Organization Green Michelle Dimitri Program X Green’s Identity Server Organization Blue Trust Federation ID Provider & Security Token Service Authentication Responsibility STS Token Orchestration & Caching Layer Federation Policy Enforcement Point Federation Policy Application Point Federation ID Provider & Security Token Service SAML
Secure SOA Solution
Summary ,[object Object],[object Object],[object Object],[object Object]
Q & A

Recommended

SAML Executive Overview
SAML Executive OverviewSAML Executive Overview
SAML Executive Overview
PortalGuard
 
CYBERSECURITY, RISK & COMPLIANCE | AMPCUS INC.
CYBERSECURITY, RISK & COMPLIANCE | AMPCUS INC.CYBERSECURITY, RISK & COMPLIANCE | AMPCUS INC.
CYBERSECURITY, RISK & COMPLIANCE | AMPCUS INC.
Unified11
 
Connecting Access Governance and Privileged Access Management
Connecting Access Governance and Privileged Access ManagementConnecting Access Governance and Privileged Access Management
Connecting Access Governance and Privileged Access Management
EMC
 
How It All Ties Together Sun Idm Roadshow For Sun
How It All Ties Together Sun Idm Roadshow For SunHow It All Ties Together Sun Idm Roadshow For Sun
How It All Ties Together Sun Idm Roadshow For Sun
vijaychn
 
Dit yvol3iss33
Dit yvol3iss33Dit yvol3iss33
Dit yvol3iss33
Rick Lemieux
 
Powering SOX, NERC, FERC Compliance -Energy Industry
Powering SOX, NERC, FERC Compliance -Energy Industry Powering SOX, NERC, FERC Compliance -Energy Industry
Powering SOX, NERC, FERC Compliance -Energy Industry
MetricStream Inc
 
Seeds for new design principles
Seeds for new design principlesSeeds for new design principles
Seeds for new design principles
SOFIProject
 
Cloud monitoring overview
Cloud monitoring overviewCloud monitoring overview
Cloud monitoring overview
Dr. Ramkumar Lakshminarayanan
 

Recommended

SAML Executive Overview
SAML Executive OverviewSAML Executive Overview
SAML Executive Overview
PortalGuard
 
CYBERSECURITY, RISK & COMPLIANCE | AMPCUS INC.
CYBERSECURITY, RISK & COMPLIANCE | AMPCUS INC.CYBERSECURITY, RISK & COMPLIANCE | AMPCUS INC.
CYBERSECURITY, RISK & COMPLIANCE | AMPCUS INC.
Unified11
 
Connecting Access Governance and Privileged Access Management
Connecting Access Governance and Privileged Access ManagementConnecting Access Governance and Privileged Access Management
Connecting Access Governance and Privileged Access Management
EMC
 
How It All Ties Together Sun Idm Roadshow For Sun
How It All Ties Together Sun Idm Roadshow For SunHow It All Ties Together Sun Idm Roadshow For Sun
How It All Ties Together Sun Idm Roadshow For Sun
vijaychn
 
Dit yvol3iss33
Dit yvol3iss33Dit yvol3iss33
Dit yvol3iss33
Rick Lemieux
 
Powering SOX, NERC, FERC Compliance -Energy Industry
Powering SOX, NERC, FERC Compliance -Energy Industry Powering SOX, NERC, FERC Compliance -Energy Industry
Powering SOX, NERC, FERC Compliance -Energy Industry
MetricStream Inc
 
Seeds for new design principles
Seeds for new design principlesSeeds for new design principles
Seeds for new design principles
SOFIProject
 
Cloud monitoring overview
Cloud monitoring overviewCloud monitoring overview
Cloud monitoring overview
Dr. Ramkumar Lakshminarayanan
 
Lecture 01 - Motivation
Lecture 01 - MotivationLecture 01 - Motivation
Lecture 01 - Motivation
phanleson
 
Managed It Services
Managed It ServicesManaged It Services
Managed It Services
Gss America
 
Business-Driven Identity and Access Governance: Why This New Approach Matters
Business-Driven Identity and Access Governance: Why This New Approach MattersBusiness-Driven Identity and Access Governance: Why This New Approach Matters
Business-Driven Identity and Access Governance: Why This New Approach Matters
EMC
 
adaptivesoa
adaptivesoaadaptivesoa
adaptivesoa
Ken Bagnal
 
SOC 2/SOC 3 Whitepaper
SOC 2/SOC 3 WhitepaperSOC 2/SOC 3 Whitepaper
SOC 2/SOC 3 Whitepaper
DTIMMERMAN
 
Lecture 2 - SOA
Lecture 2 - SOALecture 2 - SOA
Lecture 2 - SOA
phanleson
 
Why Coordination And Transactions Are Key To Building An Operational Soa
Why Coordination And Transactions Are Key To Building An Operational SoaWhy Coordination And Transactions Are Key To Building An Operational Soa
Why Coordination And Transactions Are Key To Building An Operational Soa
David Linthicum
 
Occam’s Razor Needs a New Blade: On the Social Limits to Enterprise SOA
Occam’s Razor Needs a New Blade: On the Social Limits to Enterprise SOAOccam’s Razor Needs a New Blade: On the Social Limits to Enterprise SOA
Occam’s Razor Needs a New Blade: On the Social Limits to Enterprise SOA
Nathaniel Palmer
 
Soa 101
Soa 101Soa 101
Soa 101
David Linthicum
 
Is Cloud relevant for SOA?
Is Cloud relevant for SOA?Is Cloud relevant for SOA?
Is Cloud relevant for SOA?
Netcetera
 
I T E007 Warner 091807
I T E007 Warner 091807I T E007 Warner 091807
I T E007 Warner 091807
Dreamforce07
 
Layer 7: Automated SOA Policy Enforcement
Layer 7: Automated SOA Policy EnforcementLayer 7: Automated SOA Policy Enforcement
Layer 7: Automated SOA Policy Enforcement
CA API Management
 
Malta soa infrastructure
Malta soa infrastructureMalta soa infrastructure
Malta soa infrastructure
Angel Knight
 
SOA in banking issues and remedies
SOA in banking issues and remediesSOA in banking issues and remedies
SOA in banking issues and remedies
Debajani Mohanty
 
Security in Semantic Web Services
Security in Semantic Web ServicesSecurity in Semantic Web Services
Security in Semantic Web Services
Nima Dokoohaki
 
Successful Approaches To Achieving Real Results With Soa
Successful Approaches To Achieving Real Results With SoaSuccessful Approaches To Achieving Real Results With Soa
Successful Approaches To Achieving Real Results With Soa
stevendearborn
 
A Guide to SOA Governance | Torry Harris Whitepaper
A Guide to SOA Governance | Torry Harris WhitepaperA Guide to SOA Governance | Torry Harris Whitepaper
A Guide to SOA Governance | Torry Harris Whitepaper
Torry Harris Business Solutions
 
Hausi Müller - Towards Self-Adaptive Software-Intensive Systems
Hausi Müller - Towards Self-Adaptive Software-Intensive SystemsHausi Müller - Towards Self-Adaptive Software-Intensive Systems
Hausi Müller - Towards Self-Adaptive Software-Intensive Systems
CHOOSE
 
Challenges and recommendations to control an SOA operating environment
Challenges and recommendations to control an SOA operating environmentChallenges and recommendations to control an SOA operating environment
Challenges and recommendations to control an SOA operating environment
Dav Hol
 
Value of SOA Governance for Cloud Computing
Value of SOA Governance for Cloud ComputingValue of SOA Governance for Cloud Computing
Value of SOA Governance for Cloud Computing
CA API Management
 
WDSI 2015-Design and Implementation of a Policy-based Service-oriented DRM Sy...
WDSI 2015-Design and Implementation of a Policy-based Service-oriented DRM Sy...WDSI 2015-Design and Implementation of a Policy-based Service-oriented DRM Sy...
WDSI 2015-Design and Implementation of a Policy-based Service-oriented DRM Sy...
育弘 林
 
Les DSI face au Tsunami Cloud
Les DSI face au Tsunami Cloud Les DSI face au Tsunami Cloud
Les DSI face au Tsunami Cloud
Club Alliances
 

More Related Content

What's hot

SOC 2/SOC 3 Whitepaper
SOC 2/SOC 3 WhitepaperSOC 2/SOC 3 Whitepaper
SOC 2/SOC 3 Whitepaper
DTIMMERMAN
 
Why Coordination And Transactions Are Key To Building An Operational Soa
Why Coordination And Transactions Are Key To Building An Operational SoaWhy Coordination And Transactions Are Key To Building An Operational Soa
Why Coordination And Transactions Are Key To Building An Operational Soa
David Linthicum
 
Occam’s Razor Needs a New Blade: On the Social Limits to Enterprise SOA
Occam’s Razor Needs a New Blade: On the Social Limits to Enterprise SOAOccam’s Razor Needs a New Blade: On the Social Limits to Enterprise SOA
Occam’s Razor Needs a New Blade: On the Social Limits to Enterprise SOA
Nathaniel Palmer
 
Is Cloud relevant for SOA?
Is Cloud relevant for SOA?Is Cloud relevant for SOA?
Is Cloud relevant for SOA?
Netcetera
 

What's hot (10)

Lecture 01 - Motivation
Lecture 01 - MotivationLecture 01 - Motivation
Lecture 01 - Motivation
 
Managed It Services
Managed It ServicesManaged It Services
Managed It Services
 
Business-Driven Identity and Access Governance: Why This New Approach Matters
Business-Driven Identity and Access Governance: Why This New Approach MattersBusiness-Driven Identity and Access Governance: Why This New Approach Matters
Business-Driven Identity and Access Governance: Why This New Approach Matters
 
adaptivesoa
adaptivesoaadaptivesoa
adaptivesoa
 
SOC 2/SOC 3 Whitepaper
SOC 2/SOC 3 WhitepaperSOC 2/SOC 3 Whitepaper
SOC 2/SOC 3 Whitepaper
 
Lecture 2 - SOA
Lecture 2 - SOALecture 2 - SOA
Lecture 2 - SOA
 
Why Coordination And Transactions Are Key To Building An Operational Soa
Why Coordination And Transactions Are Key To Building An Operational SoaWhy Coordination And Transactions Are Key To Building An Operational Soa
Why Coordination And Transactions Are Key To Building An Operational Soa
 
Occam’s Razor Needs a New Blade: On the Social Limits to Enterprise SOA
Occam’s Razor Needs a New Blade: On the Social Limits to Enterprise SOAOccam’s Razor Needs a New Blade: On the Social Limits to Enterprise SOA
Occam’s Razor Needs a New Blade: On the Social Limits to Enterprise SOA
 
Soa 101
Soa 101Soa 101
Soa 101
 
Is Cloud relevant for SOA?
Is Cloud relevant for SOA?Is Cloud relevant for SOA?
Is Cloud relevant for SOA?
 

Similar to Layer 7: Identity Enabled SOA Governance

Malta soa infrastructure
Malta soa infrastructureMalta soa infrastructure
Malta soa infrastructure
Angel Knight
 
SOA in banking issues and remedies
SOA in banking issues and remediesSOA in banking issues and remedies
SOA in banking issues and remedies
Debajani Mohanty
 
Value of SOA Governance for Cloud Computing
Value of SOA Governance for Cloud ComputingValue of SOA Governance for Cloud Computing
Value of SOA Governance for Cloud Computing
CA API Management
 
Ws Soa V6 Theory And Practice
Ws Soa V6 Theory And PracticeWs Soa V6 Theory And Practice
Ws Soa V6 Theory And Practice
Pini Cohen
 
10 Steps to Simplify and Improve Service-Oriented Architecture Governance
10 Steps to Simplify and Improve Service-Oriented Architecture Governance10 Steps to Simplify and Improve Service-Oriented Architecture Governance
10 Steps to Simplify and Improve Service-Oriented Architecture Governance
Perficient, Inc.
 

Similar to Layer 7: Identity Enabled SOA Governance (20)

I T E007 Warner 091807
I T E007 Warner 091807I T E007 Warner 091807
I T E007 Warner 091807
 
Layer 7: Automated SOA Policy Enforcement
Layer 7: Automated SOA Policy EnforcementLayer 7: Automated SOA Policy Enforcement
Layer 7: Automated SOA Policy Enforcement
 
Malta soa infrastructure
Malta soa infrastructureMalta soa infrastructure
Malta soa infrastructure
 
SOA in banking issues and remedies
SOA in banking issues and remediesSOA in banking issues and remedies
SOA in banking issues and remedies
 
Security in Semantic Web Services
Security in Semantic Web ServicesSecurity in Semantic Web Services
Security in Semantic Web Services
 
Successful Approaches To Achieving Real Results With Soa
Successful Approaches To Achieving Real Results With SoaSuccessful Approaches To Achieving Real Results With Soa
Successful Approaches To Achieving Real Results With Soa
 
A Guide to SOA Governance | Torry Harris Whitepaper
A Guide to SOA Governance | Torry Harris WhitepaperA Guide to SOA Governance | Torry Harris Whitepaper
A Guide to SOA Governance | Torry Harris Whitepaper
 
Hausi Müller - Towards Self-Adaptive Software-Intensive Systems
Hausi Müller - Towards Self-Adaptive Software-Intensive SystemsHausi Müller - Towards Self-Adaptive Software-Intensive Systems
Hausi Müller - Towards Self-Adaptive Software-Intensive Systems
 
Challenges and recommendations to control an SOA operating environment
Challenges and recommendations to control an SOA operating environmentChallenges and recommendations to control an SOA operating environment
Challenges and recommendations to control an SOA operating environment
 
Value of SOA Governance for Cloud Computing
Value of SOA Governance for Cloud ComputingValue of SOA Governance for Cloud Computing
Value of SOA Governance for Cloud Computing
 
WDSI 2015-Design and Implementation of a Policy-based Service-oriented DRM Sy...
WDSI 2015-Design and Implementation of a Policy-based Service-oriented DRM Sy...WDSI 2015-Design and Implementation of a Policy-based Service-oriented DRM Sy...
WDSI 2015-Design and Implementation of a Policy-based Service-oriented DRM Sy...
 
Les DSI face au Tsunami Cloud
Les DSI face au Tsunami Cloud Les DSI face au Tsunami Cloud
Les DSI face au Tsunami Cloud
 
SOA in Financial Services
SOA in Financial ServicesSOA in Financial Services
SOA in Financial Services
 
M phil-computer-science-server-computing-projects
M phil-computer-science-server-computing-projectsM phil-computer-science-server-computing-projects
M phil-computer-science-server-computing-projects
 
M.Phil Computer Science Server Computing Projects
M.Phil Computer Science Server Computing ProjectsM.Phil Computer Science Server Computing Projects
M.Phil Computer Science Server Computing Projects
 
Migration and Security in SOA | Torry Harris Whitepaper
Migration and Security in SOA | Torry Harris WhitepaperMigration and Security in SOA | Torry Harris Whitepaper
Migration and Security in SOA | Torry Harris Whitepaper
 
Ws Soa V6 Theory And Practice
Ws Soa V6 Theory And PracticeWs Soa V6 Theory And Practice
Ws Soa V6 Theory And Practice
 
10 Steps to Simplify and Improve Service-Oriented Architecture Governance
10 Steps to Simplify and Improve Service-Oriented Architecture Governance10 Steps to Simplify and Improve Service-Oriented Architecture Governance
10 Steps to Simplify and Improve Service-Oriented Architecture Governance
 
Soa Testing An Approach For Testing Security Aspects Of Soa Based Application
Soa Testing An Approach For Testing Security Aspects Of Soa Based ApplicationSoa Testing An Approach For Testing Security Aspects Of Soa Based Application
Soa Testing An Approach For Testing Security Aspects Of Soa Based Application
 
Graham Bath - SOA: Whats in it for Testers?
Graham Bath - SOA: Whats in it for Testers?Graham Bath - SOA: Whats in it for Testers?
Graham Bath - SOA: Whats in it for Testers?
 

More from CA API Management

Takeaways from API Security Breaches Webinar
Takeaways from API Security Breaches WebinarTakeaways from API Security Breaches Webinar
Takeaways from API Security Breaches Webinar
CA API Management
 
API Design Methodology - Mike Amundsen, Director of API Architecture, API Aca...
API Design Methodology - Mike Amundsen, Director of API Architecture, API Aca...API Design Methodology - Mike Amundsen, Director of API Architecture, API Aca...
API Design Methodology - Mike Amundsen, Director of API Architecture, API Aca...
CA API Management
 
Liberating the API Economy with Scale-Free Networks - Mike Amundsen, Director...
Liberating the API Economy with Scale-Free Networks - Mike Amundsen, Director...Liberating the API Economy with Scale-Free Networks - Mike Amundsen, Director...
Liberating the API Economy with Scale-Free Networks - Mike Amundsen, Director...
CA API Management
 
API360 – A How-To Guide for Enterprise APIs - Learn how to position your ente...
API360 – A How-To Guide for Enterprise APIs - Learn how to position your ente...API360 – A How-To Guide for Enterprise APIs - Learn how to position your ente...
API360 – A How-To Guide for Enterprise APIs - Learn how to position your ente...
CA API Management
 
Revisiting Geddes' Outlook Tower - Mike Amundsen, Director of API Architectur...
Revisiting Geddes' Outlook Tower - Mike Amundsen, Director of API Architectur...Revisiting Geddes' Outlook Tower - Mike Amundsen, Director of API Architectur...
Revisiting Geddes' Outlook Tower - Mike Amundsen, Director of API Architectur...
CA API Management
 
Managing Identity by Giving Up Control - Scott Morrison, SVP & Distinguished ...
Managing Identity by Giving Up Control - Scott Morrison, SVP & Distinguished ...Managing Identity by Giving Up Control - Scott Morrison, SVP & Distinguished ...
Managing Identity by Giving Up Control - Scott Morrison, SVP & Distinguished ...
CA API Management
 
Enabling the Multi-Device Universe
Enabling the Multi-Device UniverseEnabling the Multi-Device Universe
Enabling the Multi-Device Universe
CA API Management
 
5 steps end to end security consumer apps
5 steps end to end security consumer apps5 steps end to end security consumer apps
5 steps end to end security consumer apps
CA API Management
 
Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...
Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...
Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...
CA API Management
 
Drones, Phones & Pwns the Promise & Dangers of IoT APIs: Use APIs to Securely...
Drones, Phones & Pwns the Promise & Dangers of IoT APIs: Use APIs to Securely...Drones, Phones & Pwns the Promise & Dangers of IoT APIs: Use APIs to Securely...
Drones, Phones & Pwns the Promise & Dangers of IoT APIs: Use APIs to Securely...
CA API Management
 
Using APIs to Create an Omni-Channel Retail Experience
Using APIs to Create an Omni-Channel Retail ExperienceUsing APIs to Create an Omni-Channel Retail Experience
Using APIs to Create an Omni-Channel Retail Experience
CA API Management
 

More from CA API Management (20)

Api architectures for the modern enterprise
Api architectures for the modern enterpriseApi architectures for the modern enterprise
Api architectures for the modern enterprise
 
Mastering Digital Channels with APIs
Mastering Digital Channels with APIsMastering Digital Channels with APIs
Mastering Digital Channels with APIs
 
Takeaways from API Security Breaches Webinar
Takeaways from API Security Breaches WebinarTakeaways from API Security Breaches Webinar
Takeaways from API Security Breaches Webinar
 
API Design Methodology - Mike Amundsen, Director of API Architecture, API Aca...
API Design Methodology - Mike Amundsen, Director of API Architecture, API Aca...API Design Methodology - Mike Amundsen, Director of API Architecture, API Aca...
API Design Methodology - Mike Amundsen, Director of API Architecture, API Aca...
 
Liberating the API Economy with Scale-Free Networks - Mike Amundsen, Director...
Liberating the API Economy with Scale-Free Networks - Mike Amundsen, Director...Liberating the API Economy with Scale-Free Networks - Mike Amundsen, Director...
Liberating the API Economy with Scale-Free Networks - Mike Amundsen, Director...
 
API360 – A How-To Guide for Enterprise APIs - Learn how to position your ente...
API360 – A How-To Guide for Enterprise APIs - Learn how to position your ente...API360 – A How-To Guide for Enterprise APIs - Learn how to position your ente...
API360 – A How-To Guide for Enterprise APIs - Learn how to position your ente...
 
API Monetization: Unlock the Value of Your Data
API Monetization: Unlock the Value of Your DataAPI Monetization: Unlock the Value of Your Data
API Monetization: Unlock the Value of Your Data
 
Revisiting Geddes' Outlook Tower - Mike Amundsen, Director of API Architectur...
Revisiting Geddes' Outlook Tower - Mike Amundsen, Director of API Architectur...Revisiting Geddes' Outlook Tower - Mike Amundsen, Director of API Architectur...
Revisiting Geddes' Outlook Tower - Mike Amundsen, Director of API Architectur...
 
Managing Identity by Giving Up Control - Scott Morrison, SVP & Distinguished ...
Managing Identity by Giving Up Control - Scott Morrison, SVP & Distinguished ...Managing Identity by Giving Up Control - Scott Morrison, SVP & Distinguished ...
Managing Identity by Giving Up Control - Scott Morrison, SVP & Distinguished ...
 
Enabling the Multi-Device Universe
Enabling the Multi-Device UniverseEnabling the Multi-Device Universe
Enabling the Multi-Device Universe
 
Building APIs That Last for Decades - Irakli Nadareishvili, Director of API S...
Building APIs That Last for Decades - Irakli Nadareishvili, Director of API S...Building APIs That Last for Decades - Irakli Nadareishvili, Director of API S...
Building APIs That Last for Decades - Irakli Nadareishvili, Director of API S...
 
The Art of API Design - Ronnie Mitra, Director of API Design, API Academy at ...
The Art of API Design - Ronnie Mitra, Director of API Design, API Academy at ...The Art of API Design - Ronnie Mitra, Director of API Design, API Academy at ...
The Art of API Design - Ronnie Mitra, Director of API Design, API Academy at ...
 
APIs Fueling the Connected Car Opportunity - Scott Morrison, SVP & Distinguis...
APIs Fueling the Connected Car Opportunity - Scott Morrison, SVP & Distinguis...APIs Fueling the Connected Car Opportunity - Scott Morrison, SVP & Distinguis...
APIs Fueling the Connected Car Opportunity - Scott Morrison, SVP & Distinguis...
 
Adapting to Digital Change: Use APIs to Delight Customers & Win
Adapting to Digital Change: Use APIs to Delight Customers & WinAdapting to Digital Change: Use APIs to Delight Customers & Win
Adapting to Digital Change: Use APIs to Delight Customers & Win
 
Balancing Security & Developer Enablement in Enterprise Mobility - Jaime Ryan...
Balancing Security & Developer Enablement in Enterprise Mobility - Jaime Ryan...Balancing Security & Developer Enablement in Enterprise Mobility - Jaime Ryan...
Balancing Security & Developer Enablement in Enterprise Mobility - Jaime Ryan...
 
5 steps end to end security consumer apps
5 steps end to end security consumer apps5 steps end to end security consumer apps
5 steps end to end security consumer apps
 
Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...
Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...
Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...
 
Drones, Phones & Pwns the Promise & Dangers of IoT APIs: Use APIs to Securely...
Drones, Phones & Pwns the Promise & Dangers of IoT APIs: Use APIs to Securely...Drones, Phones & Pwns the Promise & Dangers of IoT APIs: Use APIs to Securely...
Drones, Phones & Pwns the Promise & Dangers of IoT APIs: Use APIs to Securely...
 
Gartner AADI Summit Sydney 2014 Implementing the Layer 7 API Management Pla...
Gartner AADI Summit Sydney 2014 Implementing the Layer 7 API Management Pla...Gartner AADI Summit Sydney 2014 Implementing the Layer 7 API Management Pla...
Gartner AADI Summit Sydney 2014 Implementing the Layer 7 API Management Pla...
 
Using APIs to Create an Omni-Channel Retail Experience
Using APIs to Create an Omni-Channel Retail ExperienceUsing APIs to Create an Omni-Channel Retail Experience
Using APIs to Create an Omni-Channel Retail Experience
 

Recently uploaded

TopCryptoSupers 12thReport OrionX May2024
TopCryptoSupers 12thReport OrionX May2024TopCryptoSupers 12thReport OrionX May2024
TopCryptoSupers 12thReport OrionX May2024
Stephen Perrenod
 
Human Expert Website Manual WCAG 2.0 2.1 2.2 Audit - Digital Accessibility Au...
Human Expert Website Manual WCAG 2.0 2.1 2.2 Audit - Digital Accessibility Au...Human Expert Website Manual WCAG 2.0 2.1 2.2 Audit - Digital Accessibility Au...
Human Expert Website Manual WCAG 2.0 2.1 2.2 Audit - Digital Accessibility Au...
Skynet Technologies
 
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc
 
Tales from a Passkey Provider Progress from Awareness to Implementation.pptx
Tales from a Passkey Provider Progress from Awareness to Implementation.pptxTales from a Passkey Provider Progress from Awareness to Implementation.pptx
Tales from a Passkey Provider Progress from Awareness to Implementation.pptx
FIDO Alliance
 
The Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and InsightThe Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and Insight
Safe Software
 

Recently uploaded (20)

Top 10 CodeIgniter Development Companies
Top 10 CodeIgniter Development CompaniesTop 10 CodeIgniter Development Companies
Top 10 CodeIgniter Development Companies
 
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdfLinux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf
 
Using IESVE for Room Loads Analysis - UK & Ireland
Using IESVE for Room Loads Analysis - UK & IrelandUsing IESVE for Room Loads Analysis - UK & Ireland
Using IESVE for Room Loads Analysis - UK & Ireland
 
WebRTC and SIP not just audio and video @ OpenSIPS 2024
WebRTC and SIP not just audio and video @ OpenSIPS 2024WebRTC and SIP not just audio and video @ OpenSIPS 2024
WebRTC and SIP not just audio and video @ OpenSIPS 2024
 
Design and Development of a Provenance Capture Platform for Data Science
Design and Development of a Provenance Capture Platform for Data ScienceDesign and Development of a Provenance Capture Platform for Data Science
Design and Development of a Provenance Capture Platform for Data Science
 
JavaScript Usage Statistics 2024 - The Ultimate Guide
JavaScript Usage Statistics 2024 - The Ultimate GuideJavaScript Usage Statistics 2024 - The Ultimate Guide
JavaScript Usage Statistics 2024 - The Ultimate Guide
 
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdfSimplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
 
TopCryptoSupers 12thReport OrionX May2024
TopCryptoSupers 12thReport OrionX May2024TopCryptoSupers 12thReport OrionX May2024
TopCryptoSupers 12thReport OrionX May2024
 
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
 
Event-Driven Architecture Masterclass: Challenges in Stream Processing
Event-Driven Architecture Masterclass: Challenges in Stream ProcessingEvent-Driven Architecture Masterclass: Challenges in Stream Processing
Event-Driven Architecture Masterclass: Challenges in Stream Processing
 
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdfIntroduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
 
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
 
Event-Driven Architecture Masterclass: Integrating Distributed Data Stores Ac...
Event-Driven Architecture Masterclass: Integrating Distributed Data Stores Ac...Event-Driven Architecture Masterclass: Integrating Distributed Data Stores Ac...
Event-Driven Architecture Masterclass: Integrating Distributed Data Stores Ac...
 
State of the Smart Building Startup Landscape 2024!
State of the Smart Building Startup Landscape 2024!State of the Smart Building Startup Landscape 2024!
State of the Smart Building Startup Landscape 2024!
 
Generative AI Use Cases and Applications.pdf
Generative AI Use Cases and Applications.pdfGenerative AI Use Cases and Applications.pdf
Generative AI Use Cases and Applications.pdf
 
Human Expert Website Manual WCAG 2.0 2.1 2.2 Audit - Digital Accessibility Au...
Human Expert Website Manual WCAG 2.0 2.1 2.2 Audit - Digital Accessibility Au...Human Expert Website Manual WCAG 2.0 2.1 2.2 Audit - Digital Accessibility Au...
Human Expert Website Manual WCAG 2.0 2.1 2.2 Audit - Digital Accessibility Au...
 
Continuing Bonds Through AI: A Hermeneutic Reflection on Thanabots
Continuing Bonds Through AI: A Hermeneutic Reflection on ThanabotsContinuing Bonds Through AI: A Hermeneutic Reflection on Thanabots
Continuing Bonds Through AI: A Hermeneutic Reflection on Thanabots
 
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
 
Tales from a Passkey Provider Progress from Awareness to Implementation.pptx
Tales from a Passkey Provider Progress from Awareness to Implementation.pptxTales from a Passkey Provider Progress from Awareness to Implementation.pptx
Tales from a Passkey Provider Progress from Awareness to Implementation.pptx
 
The Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and InsightThe Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and Insight
 

Layer 7: Identity Enabled SOA Governance

  • 1. Ross Altman - CTO, SOA and BI, Sun Microsystems Adam Vincent – Federal Technical Director, Layer7 Technologies Identity-Enabled SOA Governance
  • 2.
  • 3.
  • 4.
  • 5.
  • 6.
  • 7.
  • 8.
  • 9.
  • 10. Runtime Policy Framework Corporate Policy Drivers (Inputs) - Governance - Compliance - Security Security - WS - Security - X509TokenProfile - SAMLTokenProfile - XML Encryption - XML Signatures Runtime Policy Framework Corporate Architectural Drivers (Inputs) - Flexibility and Reuse - Platform Independence - Integration with existing infrastructure - Security, Scalability, Availability, Performance Transport - HTTP - TLS - JMS SLA - Response Time - Availability - IP Range, ToD - Throughput Limits - Non - repudiation Message X - Form - Versioning - Localization - DS (ACORD, FIX) Reliability - WS - RM Threat Protection - Schema Validation - Virus Scanning - Attachments Platform - Load Balancing - WS - Addressing Registry/Repository (metadata)
  • 11. Policy Central to SOA Governance Define and author corporate policies: Privacy, Integrity, Non-repudiation Identity, Access control, Credentials Reliability, performance, scalability Reusability/Discoverability Compliance to industry and corporate standards Conformance to technical standards – WS-I, SOAP, WSDL, WS-S, WSRM etc. Deploy and configure services according to policies: Physical endpoints Routing, load balancing, transport Service Level Agreements Identity stores, Access decision points Enforce policies at the edge and in the core: Alerts, Reports, Audit trails Monitor compliance with policies: Manage alerts Generate reports Forensics and Audit trails
  • 12.
  • 13. Policy-centric SOA Governance Architectural View Policy Enforcement Policy Definition XML Gateway (policy enforcement)‏ XML VPN (client policy coordination)‏ Consumer Service XML VPN (client policy coordination)‏ Last Mile Extender (endpoint agent)‏ Last Mile Extender (endpoint agent)‏ Identity / Trust Identity / Trust Policy Definition Reg / Rep Sun Layer7
  • 14.
  • 15. Scenario: Advanced SAML Processing Blue’s Identity Server Organization Green Michelle Dimitri Program X Green’s Identity Server Organization Blue Trust Federation ID Provider & Security Token Service Authentication Responsibility STS Token Orchestration & Caching Layer Federation Policy Enforcement Point Federation Policy Application Point Federation ID Provider & Security Token Service SAML
  • 17.
  • 18. Q & A

Editor's Notes

  1. NOTE: This is a high-level presentation of Sun's offerings for Software Infrastructure. The purpose is to introduce customers and prospects to Sun's Identity Management and Java Composite Application Platform Suites for their software infrastructure. You should add/delete slides for your appropriate audience, and if more details are needed, you should use the Sun Identity Management and Business Integration customer overview presentations. Welcome. I'm here to talk to you today about Sun's offerings for Software Infrastructure.