SlideShare una empresa de Scribd logo

OpenSSO Deployments

Eduardo Pelegri-Llopart
Eduardo Pelegri-Llopart

Verizon Wireless deployed Sun OpenSSO Enterprise across its wireless and broadband lines of business to provide single sign-on for over 50 million customer accounts. This allows customers to access all authorized Verizon products and services with one login. The deployment involved integrating OpenSSO with over 25 vendors and implementing high availability, high performance authentication, and identity federation between Verizon brands. Key aspects included geographic redundancy across data centers, session failover, a highly tuned architecture leveraging Sun hardware, and over 50 million user identities.

TecnologíaEmpresariales
1 de 10
Descargar para leer sin conexión
Real world deployment with Sun OpenSSO Enterprise at Verizon Wireless Ajay Sondhi 1
Verizon Wireless OpenSSO Deployment Verizon Wireless is a leader in wireless voice, data,  information and entertainment services  Joint venture of Verizon Comms (NYSE: VZ) + Vodafone (NYSE: VOD)  85 million customers  71,000 employees  $44 billion annual revenue  More than 2,600 retail stores & kiosks  One of the most reliable wireless network in the U.S. ● Network coverage: 267M POPs ● Rapid Disaster Response, Portable Cell Site 2
Verizon Wireless OpenSSO Deployment Goals Give users a unified experience across all ● authorized products and services by Single Sign On (SSO) by assigning Account Owner and Account Member roles and multi-line accounts ● Permit standardization across all self-serve platforms by authentication and authorization logic to prevent site intrusion ● Provide seamless integration between Verizon Wireless (VZW) and other lines of businesses (LOBs) to improve customer experience Benefits Easy to integrate new products and services ● ● Simplified SSO reduces IT cost and improves security ● Access Manager (AM) improves security by authentication & authorization logic ● Enable cross-domain SSO unifies user experience between VZW and ASPs ● Enable customized audit capabilities through AM for log access information and diagnostic information analysis 3
Verizon Wireless (Technical Requirements) A Deployment Topology & Architecture that supports High Availability ● High Throughput ● High Performance ● A flexible Systems Design that supports SSO with applications hosted on disparate platforms & containers ● Federation & Liberty Protocols ● Customization at all levels including Authentication, Authorization and ● Federation 4
Verizon Wireless OpenSSO Deployment Access Manager SSO : Implemented for both B2C and B2B on Wireless ● and Broadband ● 50M MyVerizon wireless customers registered online ● 2M logins/day on VZW ● Supports role based access ● 25 different product vendors integrated Federation : Implemented Federation across VZW and VZT for ● B2C customers ● Implement Federation across VZW and .Net for SMB customers ● Implemented Federation across VZW and VZB for business customers ● Login once & toggle between two distinct My Account websites. ● Convenient access for One-Bill and bundle services 5
Verizon Wireless (AM SSO Features) Account Management Registration & Login (2M Logins/day) ● ● Password Management ● Profile & Preference Management User Authentication Cross-Domain Single Sign-On and ● ● State Management ● Role-based Access Control ● Standard User Authentication System for All External Sites Customized APIs Customized Services for Billing, ● Handset, Provisioning and Post-Login Functions 6
Verizon Wireless (AM Federation Features) Seamless integration between Verizon Wireless ● and other Verizon LOBs ● Login once & toggle between two distinct My Account web sites ● Convenient access for One-Bill and bundle services ● Cross-sell opportunities on both sites 7
Verizon Wireless Architecture High Availability Geographic redundancy in two data ● centers (East & West) ● Session failover capabilities with four instances of AM within each data center. ● Six way multi-mastered directory servers across data centers High Performance Over 50M identities ● ● Over 4000 successful authentications per minute (peak) ● Over 250K active users (peak) ● Provide SSO with over 25 ASPs 8
Verizon Wireless Architecture Superior Sun hardware Web servers -T2K (Niagra chipset) for superior multithreaded performance ● ● Directory –x4600 (Opteron chipset) for high disk i/o Design Choices Use of Session Attributes (as opposed to profile) ● ● Turn off profile notifications from AM to agents ● Segregating the configuration Realm ● Restrict the use of URL policy and J2EE policy mode ● Load balancer configuration to ensure stickiness ● Writing to one master LDAP Tuning OS –Memory, File system and Networking ● ● AM Tuning ● JVM tuning ● Agent Tuning ● Directory Server Tuning 9
Questions? 10

Recomendados

ALOHA Load Balancer - Virtual Appliance
ALOHA Load Balancer - Virtual ApplianceALOHA Load Balancer - Virtual Appliance
ALOHA Load Balancer - Virtual Appliance
EXCELIANCE
 
Mfp80 certificate pinning
Mfp80 certificate pinningMfp80 certificate pinning
Mfp80 certificate pinning
Jorge Iglesias Fernández
 
Asymmetric deployment mfp
Asymmetric deployment mfpAsymmetric deployment mfp
Asymmetric deployment mfp
Jorge Iglesias Fernández
 
Single Sign On - The Basics
Single Sign On - The BasicsSingle Sign On - The Basics
Single Sign On - The Basics
Ishan A B Ambanwela
 
FoxT BoKS ServerControl Full Specifications Document
FoxT BoKS ServerControl Full Specifications DocumentFoxT BoKS ServerControl Full Specifications Document
FoxT BoKS ServerControl Full Specifications Document
Ryan Gallavin
 
WebSphere DataPower B2B Appliance overview
WebSphere DataPower B2B Appliance overviewWebSphere DataPower B2B Appliance overview
WebSphere DataPower B2B Appliance overview
Sarah Duffy
 
MS TechDays 2011 - How to Run Middleware in the Cloud Story of Windows Azure ...
MS TechDays 2011 - How to Run Middleware in the Cloud Story of Windows Azure ...MS TechDays 2011 - How to Run Middleware in the Cloud Story of Windows Azure ...
MS TechDays 2011 - How to Run Middleware in the Cloud Story of Windows Azure ...
Spiffy
 
SSO Strategy Implementation Considerations
SSO Strategy Implementation ConsiderationsSSO Strategy Implementation Considerations
SSO Strategy Implementation Considerations
John Bauer
 

Recomendados

ALOHA Load Balancer - Virtual Appliance
ALOHA Load Balancer - Virtual ApplianceALOHA Load Balancer - Virtual Appliance
ALOHA Load Balancer - Virtual Appliance
EXCELIANCE
 
Mfp80 certificate pinning
Mfp80 certificate pinningMfp80 certificate pinning
Mfp80 certificate pinning
Jorge Iglesias Fernández
 
Asymmetric deployment mfp
Asymmetric deployment mfpAsymmetric deployment mfp
Asymmetric deployment mfp
Jorge Iglesias Fernández
 
Single Sign On - The Basics
Single Sign On - The BasicsSingle Sign On - The Basics
Single Sign On - The Basics
Ishan A B Ambanwela
 
FoxT BoKS ServerControl Full Specifications Document
FoxT BoKS ServerControl Full Specifications DocumentFoxT BoKS ServerControl Full Specifications Document
FoxT BoKS ServerControl Full Specifications Document
Ryan Gallavin
 
WebSphere DataPower B2B Appliance overview
WebSphere DataPower B2B Appliance overviewWebSphere DataPower B2B Appliance overview
WebSphere DataPower B2B Appliance overview
Sarah Duffy
 
MS TechDays 2011 - How to Run Middleware in the Cloud Story of Windows Azure ...
MS TechDays 2011 - How to Run Middleware in the Cloud Story of Windows Azure ...MS TechDays 2011 - How to Run Middleware in the Cloud Story of Windows Azure ...
MS TechDays 2011 - How to Run Middleware in the Cloud Story of Windows Azure ...
Spiffy
 
SSO Strategy Implementation Considerations
SSO Strategy Implementation ConsiderationsSSO Strategy Implementation Considerations
SSO Strategy Implementation Considerations
John Bauer
 
Uccx social miner_presentation_v01
Uccx social miner_presentation_v01Uccx social miner_presentation_v01
Uccx social miner_presentation_v01
Emin Aliev
 
CICS Transaction Gateway V9.1 Overview
CICS Transaction Gateway V9.1 OverviewCICS Transaction Gateway V9.1 Overview
CICS Transaction Gateway V9.1 Overview
Robert Jones
 
Access To CICS From WebSphere Application Server Using CTG- zJournal 1209
Access To CICS From WebSphere Application Server Using CTG- zJournal 1209Access To CICS From WebSphere Application Server Using CTG- zJournal 1209
Access To CICS From WebSphere Application Server Using CTG- zJournal 1209
Elena Nanos
 
Single sign on - benefits, challenges and case study : iFour consultancy
Single sign on - benefits, challenges and case study : iFour consultancySingle sign on - benefits, challenges and case study : iFour consultancy
Single sign on - benefits, challenges and case study : iFour consultancy
Devam Shah
 
Aerohive-GuestManager
Aerohive-GuestManagerAerohive-GuestManager
Aerohive-GuestManager
ppuichaud
 
ALOHA Load Balancer - Rackable Appliance
ALOHA Load Balancer - Rackable ApplianceALOHA Load Balancer - Rackable Appliance
ALOHA Load Balancer - Rackable Appliance
EXCELIANCE
 
Single sign on - SSO
Single sign on - SSOSingle sign on - SSO
Single sign on - SSO
Ajit Dadresa
 
Web Single sign on system
Web Single sign on systemWeb Single sign on system
Web Single sign on system
Swati Sinha
 
APIC/DataPower security
APIC/DataPower securityAPIC/DataPower security
APIC/DataPower security
Shiu-Fun Poon
 
Webim English
Webim EnglishWebim English
Webim English
Webim
 
A Single Strong Authentication Platform for Cloud and On-Premise Applications
A Single Strong Authentication Platform for Cloud and On-Premise ApplicationsA Single Strong Authentication Platform for Cloud and On-Premise Applications
A Single Strong Authentication Platform for Cloud and On-Premise Applications
SafeNet
 
OpenSSO Tech Overview Aquarium
OpenSSO Tech Overview AquariumOpenSSO Tech Overview Aquarium
OpenSSO Tech Overview Aquarium
Eduardo Pelegri-Llopart
 
Data power use cases
Data power use casesData power use cases
Data power use cases
sflynn073
 
Common DataPower use cases, incl Caching with XC-10 appliance.
Common DataPower use cases, incl Caching with XC-10 appliance.Common DataPower use cases, incl Caching with XC-10 appliance.
Common DataPower use cases, incl Caching with XC-10 appliance.
sflynn073
 
Whats new in data power
Whats new in data powerWhats new in data power
Whats new in data power
sflynn073
 
Azure Services Platform
Azure Services PlatformAzure Services Platform
Azure Services Platform
David Chou
 
Dave Carroll Application Services Salesforce
Dave Carroll Application Services SalesforceDave Carroll Application Services Salesforce
Dave Carroll Application Services Salesforce
deimos
 
WSO2 Ecosystem platform for Connected Telco
WSO2 Ecosystem platform for Connected TelcoWSO2 Ecosystem platform for Connected Telco
WSO2 Ecosystem platform for Connected Telco
Mifan Careem
 
Webinar NETGEAR - Insight, le funzionalita' per il Networking Management
Webinar NETGEAR - Insight, le funzionalita' per il Networking ManagementWebinar NETGEAR - Insight, le funzionalita' per il Networking Management
Webinar NETGEAR - Insight, le funzionalita' per il Networking Management
Netgear Italia
 
Aeroscout 090325154500 Phpapp02
Aeroscout 090325154500 Phpapp02Aeroscout 090325154500 Phpapp02
Aeroscout 090325154500 Phpapp02
Marc
 
Application Services On The Web Sales Forcecom
Application Services On The Web Sales ForcecomApplication Services On The Web Sales Forcecom
Application Services On The Web Sales Forcecom
QConLondon2008
 
The Video Service Assurance (VSA) Platform
The Video Service Assurance (VSA) PlatformThe Video Service Assurance (VSA) Platform
The Video Service Assurance (VSA) Platform
Andrew Tram
 

Más contenido relacionado

La actualidad más candente

ALOHA Load Balancer - Rackable Appliance
ALOHA Load Balancer - Rackable ApplianceALOHA Load Balancer - Rackable Appliance
ALOHA Load Balancer - Rackable Appliance
EXCELIANCE
 
A Single Strong Authentication Platform for Cloud and On-Premise Applications
A Single Strong Authentication Platform for Cloud and On-Premise ApplicationsA Single Strong Authentication Platform for Cloud and On-Premise Applications
A Single Strong Authentication Platform for Cloud and On-Premise Applications
SafeNet
 

La actualidad más candente (11)

Uccx social miner_presentation_v01
Uccx social miner_presentation_v01Uccx social miner_presentation_v01
Uccx social miner_presentation_v01
 
CICS Transaction Gateway V9.1 Overview
CICS Transaction Gateway V9.1 OverviewCICS Transaction Gateway V9.1 Overview
CICS Transaction Gateway V9.1 Overview
 
Access To CICS From WebSphere Application Server Using CTG- zJournal 1209
Access To CICS From WebSphere Application Server Using CTG- zJournal 1209Access To CICS From WebSphere Application Server Using CTG- zJournal 1209
Access To CICS From WebSphere Application Server Using CTG- zJournal 1209
 
Single sign on - benefits, challenges and case study : iFour consultancy
Single sign on - benefits, challenges and case study : iFour consultancySingle sign on - benefits, challenges and case study : iFour consultancy
Single sign on - benefits, challenges and case study : iFour consultancy
 
Aerohive-GuestManager
Aerohive-GuestManagerAerohive-GuestManager
Aerohive-GuestManager
 
ALOHA Load Balancer - Rackable Appliance
ALOHA Load Balancer - Rackable ApplianceALOHA Load Balancer - Rackable Appliance
ALOHA Load Balancer - Rackable Appliance
 
Single sign on - SSO
Single sign on - SSOSingle sign on - SSO
Single sign on - SSO
 
Web Single sign on system
Web Single sign on systemWeb Single sign on system
Web Single sign on system
 
APIC/DataPower security
APIC/DataPower securityAPIC/DataPower security
APIC/DataPower security
 
Webim English
Webim EnglishWebim English
Webim English
 
A Single Strong Authentication Platform for Cloud and On-Premise Applications
A Single Strong Authentication Platform for Cloud and On-Premise ApplicationsA Single Strong Authentication Platform for Cloud and On-Premise Applications
A Single Strong Authentication Platform for Cloud and On-Premise Applications
 

Similar a OpenSSO Deployments

Data power use cases
Data power use casesData power use cases
Data power use cases
sflynn073
 
Common DataPower use cases, incl Caching with XC-10 appliance.
Common DataPower use cases, incl Caching with XC-10 appliance.Common DataPower use cases, incl Caching with XC-10 appliance.
Common DataPower use cases, incl Caching with XC-10 appliance.
sflynn073
 
Whats new in data power
Whats new in data powerWhats new in data power
Whats new in data power
sflynn073
 
Dave Carroll Application Services Salesforce
Dave Carroll Application Services SalesforceDave Carroll Application Services Salesforce
Dave Carroll Application Services Salesforce
deimos
 
Aeroscout 090325154500 Phpapp02
Aeroscout 090325154500 Phpapp02Aeroscout 090325154500 Phpapp02
Aeroscout 090325154500 Phpapp02
Marc
 
Application Services On The Web Sales Forcecom
Application Services On The Web Sales ForcecomApplication Services On The Web Sales Forcecom
Application Services On The Web Sales Forcecom
QConLondon2008
 
The Video Service Assurance (VSA) Platform
The Video Service Assurance (VSA) PlatformThe Video Service Assurance (VSA) Platform
The Video Service Assurance (VSA) Platform
Andrew Tram
 
An Enhanced User Experience for Automobile Purchases with the WSO2 Mobile Ser...
An Enhanced User Experience for Automobile Purchases with the WSO2 Mobile Ser...An Enhanced User Experience for Automobile Purchases with the WSO2 Mobile Ser...
An Enhanced User Experience for Automobile Purchases with the WSO2 Mobile Ser...
WSO2
 
Convertigo Mobile Application Development platform for Enterprises
Convertigo Mobile Application Development platform for EnterprisesConvertigo Mobile Application Development platform for Enterprises
Convertigo Mobile Application Development platform for Enterprises
Convertigo | MADP & MBaaS
 

Similar a OpenSSO Deployments (20)

OpenSSO Tech Overview Aquarium
OpenSSO Tech Overview AquariumOpenSSO Tech Overview Aquarium
OpenSSO Tech Overview Aquarium
 
Data power use cases
Data power use casesData power use cases
Data power use cases
 
Common DataPower use cases, incl Caching with XC-10 appliance.
Common DataPower use cases, incl Caching with XC-10 appliance.Common DataPower use cases, incl Caching with XC-10 appliance.
Common DataPower use cases, incl Caching with XC-10 appliance.
 
Whats new in data power
Whats new in data powerWhats new in data power
Whats new in data power
 
Azure Services Platform
Azure Services PlatformAzure Services Platform
Azure Services Platform
 
Dave Carroll Application Services Salesforce
Dave Carroll Application Services SalesforceDave Carroll Application Services Salesforce
Dave Carroll Application Services Salesforce
 
WSO2 Ecosystem platform for Connected Telco
WSO2 Ecosystem platform for Connected TelcoWSO2 Ecosystem platform for Connected Telco
WSO2 Ecosystem platform for Connected Telco
 
Webinar NETGEAR - Insight, le funzionalita' per il Networking Management
Webinar NETGEAR - Insight, le funzionalita' per il Networking ManagementWebinar NETGEAR - Insight, le funzionalita' per il Networking Management
Webinar NETGEAR - Insight, le funzionalita' per il Networking Management
 
Aeroscout 090325154500 Phpapp02
Aeroscout 090325154500 Phpapp02Aeroscout 090325154500 Phpapp02
Aeroscout 090325154500 Phpapp02
 
Application Services On The Web Sales Forcecom
Application Services On The Web Sales ForcecomApplication Services On The Web Sales Forcecom
Application Services On The Web Sales Forcecom
 
The Video Service Assurance (VSA) Platform
The Video Service Assurance (VSA) PlatformThe Video Service Assurance (VSA) Platform
The Video Service Assurance (VSA) Platform
 
Datapower Steven Cawn
Datapower Steven CawnDatapower Steven Cawn
Datapower Steven Cawn
 
An Enhanced User Experience for Automobile Purchases with the WSO2 Mobile Ser...
An Enhanced User Experience for Automobile Purchases with the WSO2 Mobile Ser...An Enhanced User Experience for Automobile Purchases with the WSO2 Mobile Ser...
An Enhanced User Experience for Automobile Purchases with the WSO2 Mobile Ser...
 
Layer 7 and Oracle -
Layer 7 and Oracle - Layer 7 and Oracle -
Layer 7 and Oracle -
 
Framework WSo2 orientato ai servizi
Framework WSo2 orientato ai serviziFramework WSo2 orientato ai servizi
Framework WSo2 orientato ai servizi
 
Consul Connect - EPAM SEC - 22nd september 2018
Consul Connect - EPAM SEC - 22nd september 2018Consul Connect - EPAM SEC - 22nd september 2018
Consul Connect - EPAM SEC - 22nd september 2018
 
Convertigo Mobile Application Development platform for Enterprises
Convertigo Mobile Application Development platform for EnterprisesConvertigo Mobile Application Development platform for Enterprises
Convertigo Mobile Application Development platform for Enterprises
 
ForgeRock Platform Release - Summer 2016
ForgeRock Platform Release - Summer 2016 ForgeRock Platform Release - Summer 2016
ForgeRock Platform Release - Summer 2016
 
WebSphere Integration User Group 13 July 2015 : DataPower session
WebSphere Integration User Group 13 July 2015 : DataPower sessionWebSphere Integration User Group 13 July 2015 : DataPower session
WebSphere Integration User Group 13 July 2015 : DataPower session
 
WSO2Con EU 2016: Understanding the WSO2 API Management Platform
WSO2Con EU 2016: Understanding the WSO2 API Management PlatformWSO2Con EU 2016: Understanding the WSO2 API Management Platform
WSO2Con EU 2016: Understanding the WSO2 API Management Platform
 

Más de Eduardo Pelegri-Llopart

What is IoT and how Modulus and Pacific can Help - Featuring Node.js and Roll...
What is IoT and how Modulus and Pacific can Help - Featuring Node.js and Roll...What is IoT and how Modulus and Pacific can Help - Featuring Node.js and Roll...
What is IoT and how Modulus and Pacific can Help - Featuring Node.js and Roll...
Eduardo Pelegri-Llopart
 

Más de Eduardo Pelegri-Llopart (20)

Juggling at freenome
Juggling at freenomeJuggling at freenome
Juggling at freenome
 
Csumb capstone-fall2016
Csumb capstone-fall2016Csumb capstone-fall2016
Csumb capstone-fall2016
 
Digital activitymanagement
Digital activitymanagementDigital activitymanagement
Digital activitymanagement
 
Progress next iot_pelegri
Progress next iot_pelegriProgress next iot_pelegri
Progress next iot_pelegri
 
Pelegri Desarrollando en una nueva era de software
Pelegri Desarrollando en una nueva era de software Pelegri Desarrollando en una nueva era de software
Pelegri Desarrollando en una nueva era de software
 
Market trends in IT - exchange cala - October 2015
Market trends in IT - exchange cala - October 2015Market trends in IT - exchange cala - October 2015
Market trends in IT - exchange cala - October 2015
 
The impact of IOT - exchange cala - 2015
The impact of IOT - exchange cala - 2015The impact of IOT - exchange cala - 2015
The impact of IOT - exchange cala - 2015
 
IOT - Presentation to PEP @ Progress
IOT - Presentation to PEP @ ProgressIOT - Presentation to PEP @ Progress
IOT - Presentation to PEP @ Progress
 
Node.js as an IOT Bridge
Node.js as an IOT BridgeNode.js as an IOT Bridge
Node.js as an IOT Bridge
 
What is IoT and how Modulus and Pacific can Help - Featuring Node.js and Roll...
What is IoT and how Modulus and Pacific can Help - Featuring Node.js and Roll...What is IoT and how Modulus and Pacific can Help - Featuring Node.js and Roll...
What is IoT and how Modulus and Pacific can Help - Featuring Node.js and Roll...
 
What is the Internet of Things and How it Impacts You
What is the Internet of Things and How it Impacts YouWhat is the Internet of Things and How it Impacts You
What is the Internet of Things and How it Impacts You
 
Community Update 25 Mar2010 - English
Community Update 25 Mar2010 - EnglishCommunity Update 25 Mar2010 - English
Community Update 25 Mar2010 - English
 
GlassFish Community Update 25 Mar2010
GlassFish Community Update 25 Mar2010GlassFish Community Update 25 Mar2010
GlassFish Community Update 25 Mar2010
 
Glass Fish Portfolio C1 West V3.Mini
Glass Fish Portfolio C1 West V3.MiniGlass Fish Portfolio C1 West V3.Mini
Glass Fish Portfolio C1 West V3.Mini
 
Virtual Box Aquarium May09
Virtual Box Aquarium May09Virtual Box Aquarium May09
Virtual Box Aquarium May09
 
Introduction To Web Beans
Introduction To Web BeansIntroduction To Web Beans
Introduction To Web Beans
 
Ehcache Architecture, Features And Usage Patterns
Ehcache Architecture, Features And Usage PatternsEhcache Architecture, Features And Usage Patterns
Ehcache Architecture, Features And Usage Patterns
 
OpenDS Primer Aquarium
OpenDS Primer AquariumOpenDS Primer Aquarium
OpenDS Primer Aquarium
 
Fuji Overview
Fuji OverviewFuji Overview
Fuji Overview
 
Nuxeo 5.2 Glassfish
Nuxeo 5.2 GlassfishNuxeo 5.2 Glassfish
Nuxeo 5.2 Glassfish
 

Último

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 

Último (20)

How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 

OpenSSO Deployments

  • 1. Real world deployment with Sun OpenSSO Enterprise at Verizon Wireless Ajay Sondhi 1
  • 2. Verizon Wireless OpenSSO Deployment Verizon Wireless is a leader in wireless voice, data,  information and entertainment services  Joint venture of Verizon Comms (NYSE: VZ) + Vodafone (NYSE: VOD)  85 million customers  71,000 employees  $44 billion annual revenue  More than 2,600 retail stores & kiosks  One of the most reliable wireless network in the U.S. ● Network coverage: 267M POPs ● Rapid Disaster Response, Portable Cell Site 2
  • 3. Verizon Wireless OpenSSO Deployment Goals Give users a unified experience across all ● authorized products and services by Single Sign On (SSO) by assigning Account Owner and Account Member roles and multi-line accounts ● Permit standardization across all self-serve platforms by authentication and authorization logic to prevent site intrusion ● Provide seamless integration between Verizon Wireless (VZW) and other lines of businesses (LOBs) to improve customer experience Benefits Easy to integrate new products and services ● ● Simplified SSO reduces IT cost and improves security ● Access Manager (AM) improves security by authentication & authorization logic ● Enable cross-domain SSO unifies user experience between VZW and ASPs ● Enable customized audit capabilities through AM for log access information and diagnostic information analysis 3
  • 4. Verizon Wireless (Technical Requirements) A Deployment Topology & Architecture that supports High Availability ● High Throughput ● High Performance ● A flexible Systems Design that supports SSO with applications hosted on disparate platforms & containers ● Federation & Liberty Protocols ● Customization at all levels including Authentication, Authorization and ● Federation 4
  • 5. Verizon Wireless OpenSSO Deployment Access Manager SSO : Implemented for both B2C and B2B on Wireless ● and Broadband ● 50M MyVerizon wireless customers registered online ● 2M logins/day on VZW ● Supports role based access ● 25 different product vendors integrated Federation : Implemented Federation across VZW and VZT for ● B2C customers ● Implement Federation across VZW and .Net for SMB customers ● Implemented Federation across VZW and VZB for business customers ● Login once & toggle between two distinct My Account websites. ● Convenient access for One-Bill and bundle services 5
  • 6. Verizon Wireless (AM SSO Features) Account Management Registration & Login (2M Logins/day) ● ● Password Management ● Profile & Preference Management User Authentication Cross-Domain Single Sign-On and ● ● State Management ● Role-based Access Control ● Standard User Authentication System for All External Sites Customized APIs Customized Services for Billing, ● Handset, Provisioning and Post-Login Functions 6
  • 7. Verizon Wireless (AM Federation Features) Seamless integration between Verizon Wireless ● and other Verizon LOBs ● Login once & toggle between two distinct My Account web sites ● Convenient access for One-Bill and bundle services ● Cross-sell opportunities on both sites 7
  • 8. Verizon Wireless Architecture High Availability Geographic redundancy in two data ● centers (East & West) ● Session failover capabilities with four instances of AM within each data center. ● Six way multi-mastered directory servers across data centers High Performance Over 50M identities ● ● Over 4000 successful authentications per minute (peak) ● Over 250K active users (peak) ● Provide SSO with over 25 ASPs 8
  • 9. Verizon Wireless Architecture Superior Sun hardware Web servers -T2K (Niagra chipset) for superior multithreaded performance ● ● Directory –x4600 (Opteron chipset) for high disk i/o Design Choices Use of Session Attributes (as opposed to profile) ● ● Turn off profile notifications from AM to agents ● Segregating the configuration Realm ● Restrict the use of URL policy and J2EE policy mode ● Load balancer configuration to ensure stickiness ● Writing to one master LDAP Tuning OS –Memory, File system and Networking ● ● AM Tuning ● JVM tuning ● Agent Tuning ● Directory Server Tuning 9