SlideShare une entreprise Scribd logo

Sxsw 2015 how api access control = monetization + freedom

Télécharger en tant que PPTX, PDF
G
Gluu

Control access to your APIs, and you can charge for them. Large companies see API access management system at scale as a competitive advantage and a way to lock in customers. Think about Google docs: it only works if both parties have an account at Google.

1  sur  3
Control access to your APIs, and you can charge for them. Large companies see web access management system at scale as a competitive advantage and a way to lock in customers. Think about Google docs: it only works if both parties have an account at Google.
But the greatness of the Internet was not achieved by the offering of one domain. If each device and cloud service has proprietary security controls, people will have no way to effectively manage their personal digital infrastructure. Luckily, standards have emerged thanks to a simple but flexible JSON/REST framework called OAuth2, and the “OpenID Connect” and “User Managed Access” profiles of it. This talk will provide a history of access management and a deep dive into the concepts, patterns, and tools to enable mobile and API developers to put new OAuth2 standards to use today. It will provide specific examples and workflows to bring OAuth2 to life to help organizations understand how they can hook into the API economy. Questions Not a specific solution to any one problem, OAuth2 provides a framework that application developers can use to solve a number of security challenges. Two important profiles of OAuth2 have emerged to solve the most basic security challenges–how to identify a person, and how to manage to which API’s a person should have access. Where do profiles of OAuth2, like OpenID Connect, and the User Managed ldap single sign on, and what existing open source tools exist to put them to work?
How can standards for API security enable inter-operability, and level the playing field for start-ups. Centralization of all fine grain security policies is impossible. What types of policies should be evaluated at the organizational level, and which policies should be evaluated in an API? What crypto keys need to be maintained for trust between the organization and applications? Who is behind OpenID Connect and UMA, and why will they get adoption in the market? Article resource:-http://www.blogster.com/thegluuserver/sxsw-2015-how-api-access- control-monetization-freedom

Recommandé

Índice FIPE ZAP divulgação Outubro de 2013
Índice FIPE ZAP divulgação Outubro de 2013Índice FIPE ZAP divulgação Outubro de 2013
Índice FIPE ZAP divulgação Outubro de 2013Allan Fraga
 
Eric Hobsbawm y la hitoria critica del s xx
Eric Hobsbawm y la hitoria critica del s xxEric Hobsbawm y la hitoria critica del s xx
Eric Hobsbawm y la hitoria critica del s xxAdministración Pública • Paz • No-violencia • Desarrollo Territorial • Derechos Humanos
 
Revisc3a3o das-escolas-literc3a1rias
Revisc3a3o das-escolas-literc3a1riasRevisc3a3o das-escolas-literc3a1rias
Revisc3a3o das-escolas-literc3a1riasKênia Machado
 
Beneficios web 2.0
Beneficios web 2.0Beneficios web 2.0
Beneficios web 2.0ldave
 
Beylikdüzü İlçe MEM -Hizmet Standartları
Beylikdüzü İlçe MEM -Hizmet StandartlarıBeylikdüzü İlçe MEM -Hizmet Standartları
Beylikdüzü İlçe MEM -Hizmet StandartlarıBeylikdüzü İlçe Milli Eğitim Müdürlüğü
 
Getting started in Big Data
Getting started in Big DataGetting started in Big Data
Getting started in Big DataThe Marketing Distillery
 
Dynamic access control sbc12 - thuan nguyen
Dynamic access control sbc12 - thuan nguyenDynamic access control sbc12 - thuan nguyen
Dynamic access control sbc12 - thuan nguyenThuan Ng
 
Extending Access Control Models with Break-glass
Extending Access Control Models with Break-glassExtending Access Control Models with Break-glass
Extending Access Control Models with Break-glassAchim D. Brucker
 

Recommandé

Índice FIPE ZAP divulgação Outubro de 2013
Índice FIPE ZAP divulgação Outubro de 2013Índice FIPE ZAP divulgação Outubro de 2013
Índice FIPE ZAP divulgação Outubro de 2013Allan Fraga
 
Eric Hobsbawm y la hitoria critica del s xx
Eric Hobsbawm y la hitoria critica del s xxEric Hobsbawm y la hitoria critica del s xx
Eric Hobsbawm y la hitoria critica del s xxAdministración Pública • Paz • No-violencia • Desarrollo Territorial • Derechos Humanos
 
Revisc3a3o das-escolas-literc3a1rias
Revisc3a3o das-escolas-literc3a1riasRevisc3a3o das-escolas-literc3a1rias
Revisc3a3o das-escolas-literc3a1riasKênia Machado
 
Beneficios web 2.0
Beneficios web 2.0Beneficios web 2.0
Beneficios web 2.0ldave
 
Beylikdüzü İlçe MEM -Hizmet Standartları
Beylikdüzü İlçe MEM -Hizmet StandartlarıBeylikdüzü İlçe MEM -Hizmet Standartları
Beylikdüzü İlçe MEM -Hizmet StandartlarıBeylikdüzü İlçe Milli Eğitim Müdürlüğü
 
Getting started in Big Data
Getting started in Big DataGetting started in Big Data
Getting started in Big DataThe Marketing Distillery
 
Dynamic access control sbc12 - thuan nguyen
Dynamic access control sbc12 - thuan nguyenDynamic access control sbc12 - thuan nguyen
Dynamic access control sbc12 - thuan nguyenThuan Ng
 
Extending Access Control Models with Break-glass
Extending Access Control Models with Break-glassExtending Access Control Models with Break-glass
Extending Access Control Models with Break-glassAchim D. Brucker
 
Sécurité Mobile 101
Sécurité Mobile 101Sécurité Mobile 101
Sécurité Mobile 101Lookout
 
Access Control for HTTP Operations on Linked Data
Access Control for HTTP Operations on Linked DataAccess Control for HTTP Operations on Linked Data
Access Control for HTTP Operations on Linked DataLuca Costabello
 
Securité et gouvernance da
Securité et gouvernance daSecurité et gouvernance da
Securité et gouvernance daCloudAcademy
 
20091111 Encontrando Agulhas No Palheiro
20091111 Encontrando Agulhas No Palheiro20091111 Encontrando Agulhas No Palheiro
20091111 Encontrando Agulhas No PalheiroRoberto C. Mayer
 
Advancing the JISC Access & Identity Management Programme
Advancing the JISC Access & Identity Management ProgrammeAdvancing the JISC Access & Identity Management Programme
Advancing the JISC Access & Identity Management ProgrammeJISC Netskills
 
Urbal iii capacit modificado
Urbal iii capacit modificadoUrbal iii capacit modificado
Urbal iii capacit modificadoCoqui
 
Gluu server for educational institutions
Gluu server for educational institutionsGluu server for educational institutions
Gluu server for educational institutionsGluu
 
Pr from our recent nstic pilot award
Pr from our recent nstic pilot awardPr from our recent nstic pilot award
Pr from our recent nstic pilot awardGluu
 
The currency of identifiers
The currency of identifiersThe currency of identifiers
The currency of identifiersGluu
 
Gluu founder and ceo, mike schwartz, to host open id connect 1.0 session at r...
Gluu founder and ceo, mike schwartz, to host open id connect 1.0 session at r...Gluu founder and ceo, mike schwartz, to host open id connect 1.0 session at r...
Gluu founder and ceo, mike schwartz, to host open id connect 1.0 session at r...Gluu
 
Gluu sxsw 2015 interactive picks
Gluu sxsw 2015 interactive picksGluu sxsw 2015 interactive picks
Gluu sxsw 2015 interactive picksGluu
 
17 recommended requirements for an identity and access management poc
17 recommended requirements for an identity and access management poc17 recommended requirements for an identity and access management poc
17 recommended requirements for an identity and access management pocGluu
 
Top 10 applications for multi factor authentication in higher education
Top 10 applications for multi factor authentication in higher educationTop 10 applications for multi factor authentication in higher education
Top 10 applications for multi factor authentication in higher educationGluu
 
First o auth 2.0 and saml identity federation platform to be shown by gluu
First o auth 2.0 and saml identity federation platform to be shown by gluuFirst o auth 2.0 and saml identity federation platform to be shown by gluu
First o auth 2.0 and saml identity federation platform to be shown by gluuGluu
 
How & why gluu’s open source authorization and authentication platform was ch...
How & why gluu’s open source authorization and authentication platform was ch...How & why gluu’s open source authorization and authentication platform was ch...
How & why gluu’s open source authorization and authentication platform was ch...Gluu
 
East hackathon api’s for art
East hackathon api’s for artEast hackathon api’s for art
East hackathon api’s for artGluu
 
Gluu’s vision
Gluu’s visionGluu’s vision
Gluu’s visionGluu
 
Gluu and canonical to demonstrate instant application security using ubuntu j...
Gluu and canonical to demonstrate instant application security using ubuntu j...Gluu and canonical to demonstrate instant application security using ubuntu j...
Gluu and canonical to demonstrate instant application security using ubuntu j...Gluu
 
Currency of identifiers ii
Currency of identifiers iiCurrency of identifiers ii
Currency of identifiers iiGluu
 
Shibboleth identity provider (idp) what it is, and why you should consider a ...
Shibboleth identity provider (idp) what it is, and why you should consider a ...Shibboleth identity provider (idp) what it is, and why you should consider a ...
Shibboleth identity provider (idp) what it is, and why you should consider a ...Gluu
 
Federated identity and open id connect why higher ed needs ox
Federated identity and open id connect why higher ed needs oxFederated identity and open id connect why higher ed needs ox
Federated identity and open id connect why higher ed needs oxGluu
 
Web access management using o auth2 and saml – wam 2.0
Web access management using o auth2 and saml – wam 2.0Web access management using o auth2 and saml – wam 2.0
Web access management using o auth2 and saml – wam 2.0Gluu
 

Contenu connexe

En vedette

Sécurité Mobile 101
Sécurité Mobile 101Sécurité Mobile 101
Sécurité Mobile 101Lookout
 
Access Control for HTTP Operations on Linked Data
Access Control for HTTP Operations on Linked DataAccess Control for HTTP Operations on Linked Data
Access Control for HTTP Operations on Linked DataLuca Costabello
 
Securité et gouvernance da
Securité et gouvernance daSecurité et gouvernance da
Securité et gouvernance daCloudAcademy
 
20091111 Encontrando Agulhas No Palheiro
20091111 Encontrando Agulhas No Palheiro20091111 Encontrando Agulhas No Palheiro
20091111 Encontrando Agulhas No PalheiroRoberto C. Mayer
 
Advancing the JISC Access & Identity Management Programme
Advancing the JISC Access & Identity Management ProgrammeAdvancing the JISC Access & Identity Management Programme
Advancing the JISC Access & Identity Management ProgrammeJISC Netskills
 
Urbal iii capacit modificado
Urbal iii capacit modificadoUrbal iii capacit modificado
Urbal iii capacit modificadoCoqui
 

En vedette (6)

Sécurité Mobile 101
Sécurité Mobile 101Sécurité Mobile 101
Sécurité Mobile 101
 
Access Control for HTTP Operations on Linked Data
Access Control for HTTP Operations on Linked DataAccess Control for HTTP Operations on Linked Data
Access Control for HTTP Operations on Linked Data
 
Securité et gouvernance da
Securité et gouvernance daSecurité et gouvernance da
Securité et gouvernance da
 
20091111 Encontrando Agulhas No Palheiro
20091111 Encontrando Agulhas No Palheiro20091111 Encontrando Agulhas No Palheiro
20091111 Encontrando Agulhas No Palheiro
 
Advancing the JISC Access & Identity Management Programme
Advancing the JISC Access & Identity Management ProgrammeAdvancing the JISC Access & Identity Management Programme
Advancing the JISC Access & Identity Management Programme
 
Urbal iii capacit modificado
Urbal iii capacit modificadoUrbal iii capacit modificado
Urbal iii capacit modificado
 

Plus de Gluu

Gluu server for educational institutions
Gluu server for educational institutionsGluu server for educational institutions
Gluu server for educational institutionsGluu
 
Pr from our recent nstic pilot award
Pr from our recent nstic pilot awardPr from our recent nstic pilot award
Pr from our recent nstic pilot awardGluu
 
The currency of identifiers
The currency of identifiersThe currency of identifiers
The currency of identifiersGluu
 
Gluu founder and ceo, mike schwartz, to host open id connect 1.0 session at r...
Gluu founder and ceo, mike schwartz, to host open id connect 1.0 session at r...Gluu founder and ceo, mike schwartz, to host open id connect 1.0 session at r...
Gluu founder and ceo, mike schwartz, to host open id connect 1.0 session at r...Gluu
 
Gluu sxsw 2015 interactive picks
Gluu sxsw 2015 interactive picksGluu sxsw 2015 interactive picks
Gluu sxsw 2015 interactive picksGluu
 
17 recommended requirements for an identity and access management poc
17 recommended requirements for an identity and access management poc17 recommended requirements for an identity and access management poc
17 recommended requirements for an identity and access management pocGluu
 
Top 10 applications for multi factor authentication in higher education
Top 10 applications for multi factor authentication in higher educationTop 10 applications for multi factor authentication in higher education
Top 10 applications for multi factor authentication in higher educationGluu
 
First o auth 2.0 and saml identity federation platform to be shown by gluu
First o auth 2.0 and saml identity federation platform to be shown by gluuFirst o auth 2.0 and saml identity federation platform to be shown by gluu
First o auth 2.0 and saml identity federation platform to be shown by gluuGluu
 
How & why gluu’s open source authorization and authentication platform was ch...
How & why gluu’s open source authorization and authentication platform was ch...How & why gluu’s open source authorization and authentication platform was ch...
How & why gluu’s open source authorization and authentication platform was ch...Gluu
 
East hackathon api’s for art
East hackathon api’s for artEast hackathon api’s for art
East hackathon api’s for artGluu
 
Gluu’s vision
Gluu’s visionGluu’s vision
Gluu’s visionGluu
 
Gluu and canonical to demonstrate instant application security using ubuntu j...
Gluu and canonical to demonstrate instant application security using ubuntu j...Gluu and canonical to demonstrate instant application security using ubuntu j...
Gluu and canonical to demonstrate instant application security using ubuntu j...Gluu
 
Currency of identifiers ii
Currency of identifiers iiCurrency of identifiers ii
Currency of identifiers iiGluu
 
Shibboleth identity provider (idp) what it is, and why you should consider a ...
Shibboleth identity provider (idp) what it is, and why you should consider a ...Shibboleth identity provider (idp) what it is, and why you should consider a ...
Shibboleth identity provider (idp) what it is, and why you should consider a ...Gluu
 
Federated identity and open id connect why higher ed needs ox
Federated identity and open id connect why higher ed needs oxFederated identity and open id connect why higher ed needs ox
Federated identity and open id connect why higher ed needs oxGluu
 
Web access management using o auth2 and saml – wam 2.0
Web access management using o auth2 and saml – wam 2.0Web access management using o auth2 and saml – wam 2.0
Web access management using o auth2 and saml – wam 2.0Gluu
 
Packt publishing book proposal api and mobile access management
Packt publishing book proposal api and mobile access managementPackt publishing book proposal api and mobile access management
Packt publishing book proposal api and mobile access managementGluu
 
Gluu oscon submission
Gluu oscon submissionGluu oscon submission
Gluu oscon submissionGluu
 
Go west young federation
Go west young federationGo west young federation
Go west young federationGluu
 
 Use case for asimba as saml proxy
 Use case for asimba as saml proxy Use case for asimba as saml proxy
 Use case for asimba as saml proxyGluu
 

Plus de Gluu (20)

Gluu server for educational institutions
Gluu server for educational institutionsGluu server for educational institutions
Gluu server for educational institutions
 
Pr from our recent nstic pilot award
Pr from our recent nstic pilot awardPr from our recent nstic pilot award
Pr from our recent nstic pilot award
 
The currency of identifiers
The currency of identifiersThe currency of identifiers
The currency of identifiers
 
Gluu founder and ceo, mike schwartz, to host open id connect 1.0 session at r...
Gluu founder and ceo, mike schwartz, to host open id connect 1.0 session at r...Gluu founder and ceo, mike schwartz, to host open id connect 1.0 session at r...
Gluu founder and ceo, mike schwartz, to host open id connect 1.0 session at r...
 
Gluu sxsw 2015 interactive picks
Gluu sxsw 2015 interactive picksGluu sxsw 2015 interactive picks
Gluu sxsw 2015 interactive picks
 
17 recommended requirements for an identity and access management poc
17 recommended requirements for an identity and access management poc17 recommended requirements for an identity and access management poc
17 recommended requirements for an identity and access management poc
 
Top 10 applications for multi factor authentication in higher education
Top 10 applications for multi factor authentication in higher educationTop 10 applications for multi factor authentication in higher education
Top 10 applications for multi factor authentication in higher education
 
First o auth 2.0 and saml identity federation platform to be shown by gluu
First o auth 2.0 and saml identity federation platform to be shown by gluuFirst o auth 2.0 and saml identity federation platform to be shown by gluu
First o auth 2.0 and saml identity federation platform to be shown by gluu
 
How & why gluu’s open source authorization and authentication platform was ch...
How & why gluu’s open source authorization and authentication platform was ch...How & why gluu’s open source authorization and authentication platform was ch...
How & why gluu’s open source authorization and authentication platform was ch...
 
East hackathon api’s for art
East hackathon api’s for artEast hackathon api’s for art
East hackathon api’s for art
 
Gluu’s vision
Gluu’s visionGluu’s vision
Gluu’s vision
 
Gluu and canonical to demonstrate instant application security using ubuntu j...
Gluu and canonical to demonstrate instant application security using ubuntu j...Gluu and canonical to demonstrate instant application security using ubuntu j...
Gluu and canonical to demonstrate instant application security using ubuntu j...
 
Currency of identifiers ii
Currency of identifiers iiCurrency of identifiers ii
Currency of identifiers ii
 
Shibboleth identity provider (idp) what it is, and why you should consider a ...
Shibboleth identity provider (idp) what it is, and why you should consider a ...Shibboleth identity provider (idp) what it is, and why you should consider a ...
Shibboleth identity provider (idp) what it is, and why you should consider a ...
 
Federated identity and open id connect why higher ed needs ox
Federated identity and open id connect why higher ed needs oxFederated identity and open id connect why higher ed needs ox
Federated identity and open id connect why higher ed needs ox
 
Web access management using o auth2 and saml – wam 2.0
Web access management using o auth2 and saml – wam 2.0Web access management using o auth2 and saml – wam 2.0
Web access management using o auth2 and saml – wam 2.0
 
Packt publishing book proposal api and mobile access management
Packt publishing book proposal api and mobile access managementPackt publishing book proposal api and mobile access management
Packt publishing book proposal api and mobile access management
 
Gluu oscon submission
Gluu oscon submissionGluu oscon submission
Gluu oscon submission
 
Go west young federation
Go west young federationGo west young federation
Go west young federation
 
 Use case for asimba as saml proxy
 Use case for asimba as saml proxy Use case for asimba as saml proxy
 Use case for asimba as saml proxy
 

Sxsw 2015 how api access control = monetization + freedom

  • 1. Control access to your APIs, and you can charge for them. Large companies see web access management system at scale as a competitive advantage and a way to lock in customers. Think about Google docs: it only works if both parties have an account at Google.
  • 2. But the greatness of the Internet was not achieved by the offering of one domain. If each device and cloud service has proprietary security controls, people will have no way to effectively manage their personal digital infrastructure. Luckily, standards have emerged thanks to a simple but flexible JSON/REST framework called OAuth2, and the “OpenID Connect” and “User Managed Access” profiles of it. This talk will provide a history of access management and a deep dive into the concepts, patterns, and tools to enable mobile and API developers to put new OAuth2 standards to use today. It will provide specific examples and workflows to bring OAuth2 to life to help organizations understand how they can hook into the API economy. Questions Not a specific solution to any one problem, OAuth2 provides a framework that application developers can use to solve a number of security challenges. Two important profiles of OAuth2 have emerged to solve the most basic security challenges–how to identify a person, and how to manage to which API’s a person should have access. Where do profiles of OAuth2, like OpenID Connect, and the User Managed ldap single sign on, and what existing open source tools exist to put them to work?
  • 3. How can standards for API security enable inter-operability, and level the playing field for start-ups. Centralization of all fine grain security policies is impossible. What types of policies should be evaluated at the organizational level, and which policies should be evaluated in an API? What crypto keys need to be maintained for trust between the organization and applications? Who is behind OpenID Connect and UMA, and why will they get adoption in the market? Article resource:-http://www.blogster.com/thegluuserver/sxsw-2015-how-api-access- control-monetization-freedom