[WSO2 Integration Summit Madrid 2019] Identity and Access Management in an API-driven World
•
2 likes•154 views
This deck will illustrate why IAM should be top of mind for your enterprise’s success, and how you can leverage it in your transformation journey. Join us at a city near you to learn how to achieve API-driven integration agility - https://wso2.com/integration-summits-2019/
Recommended
Recommended
More Related Content
What's hot
What's hot (19)
Similar to [WSO2 Integration Summit Madrid 2019] Identity and Access Management in an API-driven World
Similar to [WSO2 Integration Summit Madrid 2019] Identity and Access Management in an API-driven World (20)
More from WSO2
More from WSO2 (20)
Recently uploaded
Recently uploaded (20)
[WSO2 Integration Summit Madrid 2019] Identity and Access Management in an API-driven World
- 1. INTEGRATION SUMMIT 2019 Identity and Access Management in an API-driven World Christopher Davey Senior Director, Solutions Architecture - WSO2 INTEGRATION
- 2. INTEGRATION SUMMIT 2019 The API-driven World
- 3. INTEGRATION SUMMIT 2019 The API-driven World
- 4. INTEGRATION SUMMIT 2019 The API-driven World
- 5. INTEGRATION SUMMIT 2019 The API-driven World
- 6. INTEGRATION SUMMIT 2019 The API-driven World
- 7. INTEGRATION SUMMIT 2019 The API-driven World
- 8. INTEGRATION SUMMIT 2019 The API-driven World
- 9. INTEGRATION SUMMIT 2019 IAM in The API-driven World ID Token Access Token Refresh Token
- 11. INTEGRATION SUMMIT 2019 ● Authorization Code ● Implicit ● Client Credentials ● Resource Owner Password Grant types
- 14. INTEGRATION SUMMIT 2019 Client Credentials
- 15. INTEGRATION SUMMIT 2019 Resource Owner Password
- 16. INTEGRATION SUMMIT 2019 IAM in The API-driven World 1. How to onboard users ? 2. How to authenticate users ?
- 17. INTEGRATION SUMMIT 2019 Users Onboarding
- 18. INTEGRATION SUMMIT 2019 Users Onboarding X Registration Fatigue
- 19. INTEGRATION SUMMIT 2019 Users Onboarding - BYoID Service Provider Identity Providers
- 20. INTEGRATION SUMMIT 2019 Users Authentication
- 21. INTEGRATION SUMMIT 2019 ● Over 70% of employees reuse passwords at work ● 59% reuse their passwords everywhere ● 81% of hacking-related breaches leveraged either stolen and/or weak passwords ● The above rate has gone from 50% to 66% to 81% during the past three years (2017) ‘Passwords’ are Not Secure! Source - 2017 Verizon Data Breach Investigations Report (DBIR)
- 22. INTEGRATION SUMMIT 2019 Users Authentication X
- 23. INTEGRATION SUMMIT 2019 Use Strong Customer Authentication
- 24. INTEGRATION SUMMIT 2019 Multi-factor Authentication Break authentication into multiple steps and verify different authentication factors at each step.
- 25. INTEGRATION SUMMIT 2019 Authentication Factors 1. Knowledge ■ Something you know ■ Password, passphrase, pin, secret fact 2. Possession ■ Something you have ■ Phone, token, badge, smart card 3. Inherence ■ Something you are ■ Fingerprint, facial feature, voice
- 26. INTEGRATION SUMMIT 2019 Authentication Factors Step 1 Step 2
- 27. INTEGRATION SUMMIT 2019 90% Google users have no 2FA Multi-factor Authentication in Reality
- 28. INTEGRATION SUMMIT 2019 What is the Reason?
- 31. INTEGRATION SUMMIT 2019 Authentication needs to be more dynamic, responsive and context sensitive = Adaptive Authentication
- 32. INTEGRATION SUMMIT 2019 Use Case: Geo Velocity
- 33. INTEGRATION SUMMIT 2019 Use Case: An Application Request LoA
- 34. INTEGRATION SUMMIT 2019 Use Case: Authentication from New Devices
- 35. INTEGRATION SUMMIT 2019 WSO2 Identity Server Offering - Overview
- 36. INTEGRATION SUMMIT 2019 WSO2 Identity Server Offering - Overview Static Authentication Flow ● IdP offers static authentication flow to the user ● Multi-factor & Multi-option authentication ● In Multi-option authentication user can pick one option from each step Request-based Conditional Authentication Flow ● IdP offers dynamic authentication flow to the user ● Based on attributes of request message authentication steps will change ● HTTP message, SAML ACR, OIDC ACR
- 37. INTEGRATION SUMMIT 2019 WSO2 Identity Server Offering - Overview User-based Conditional Authentication Flow ● IdP offers static authentication flow to the user ● Based on attributes of identified user authentication steps will change Adaptive/Risk-based Authentication Flow ● IdP offers dynamic authentication flow to the user ● Authentication steps can be based on user behaviors, environments, history and risk score
- 38. INTEGRATION SUMMIT 2019 ● Basic API Security can be provided using OAuth2 and OIDC ● Everyone knows passwords are no longer secure. ● Multi-factor authentication offers a perfect solution but less adopted due to usability issues. ● Multi-factor authentication needs to be more dynamic, responsive and context sensitive, and we called it ‘Adaptive Authentication’ ● WSO2 Identity Server can support any adaptive or risk-based authentication use case. Conclusion
- 39. INTEGRATION SUMMIT 2019 THANK YOU wso2.com