CIS 2015 OpenID Connect and Mobile Applications - David Chase

•

0 recomendaciones•363 vistas

Look under the hood of several applications that implement the standard using various profiles and discuss the benefits of OpenID Connect versus OAuth2.0. Our goal is to deepen understanding of the protocol and its uses.

Tecnología

OpenID Connect and Mobile Applications
David Chase

Implicit
•  When using the Implicit Flow, all tokens are returned
from the Authorization Endpoint; the Token Endpoint is
not used.
•  The Access Token and ID Token are returned directly
to the Client
•  The Authorization Server does not perform Client
Authentication.
Copyright © 2015 Cloud Identity Summit. All rights reserved. 3

Implicit Flow
1.  Client prepares an Authentication Request
containing the desired request parameters.
2.  Client sends the request to the Authorization Server.
3.  Authorization Server Authenticates the End-User.
Copyright © 2015 Cloud Identity Summit. All rights reserved. 4

Implicit Flow Continued
4.  Authorization Server obtains End-User Consent/
Authorization.
5.  Authorization Server sends the End-User back to the
Client with an ID Token and, if requested, an Access
Token.
6.  Client validates the ID token and retrieves the End-
User's Subject Identifier.
Copyright © 2015 Cloud Identity Summit. All rights reserved. 5

Prepare Authentication Request
•  http://openid.net/specs/openid-connect-
implicit-1_0.html#AuthenticationRequest
Copyright © 2015 Cloud Identity Summit. All rights reserved. 6

Preferences
•  System Browser
•  Pros
•  May have session
•  HTTPS is visible
•  Con
•  Poor UX
Copyright © 2015 Cloud Identity Summit. All rights reserved. 7

AuthN & AuthZ
Copyright © 2015 Cloud Identity Summit. All rights reserved. 8

End User grants authZ
•  http://openid.net/specs/openid-connect-
implicit-1_0.html#ImplicitOK
Copyright © 2015 Cloud Identity Summit. All rights reserved. 9

Fragment handling
•  http://openid.net/specs/openid-connect-
implicit-1_0.html#ImplicitCallback
Copyright © 2015 Cloud Identity Summit. All rights reserved. 10

Validate the ID_token
•  http://openid.net/specs/openid-connect-
implicit-1_0.html#IDTokenValidation
Copyright © 2015 Cloud Identity Summit. All rights reserved. 11

Access Token Validation
•  http://openid.net/specs/openid-connect-
implicit-1_0.html#AccessTokenValidation
Copyright © 2015 Cloud Identity Summit. All rights reserved. 12

UserInfo Request
•  http://openid.net/specs/openid-connect-
implicit-1_0.html#UserInfoRequest
Copyright © 2015 Cloud Identity Summit. All rights reserved. 13

Standard Claims
•  http://openid.net/specs/openid-connect-
implicit-1_0.html#StandardClaims
Copyright © 2015 Cloud Identity Summit. All rights reserved. 14

Authorization Code
•  NO NO NO NO!
•  Well… sorta
Copyright © 2015 Cloud Identity Summit. All rights reserved. 15

Hybrid Flow
•  When using the Hybrid Flow, some tokens are
returned from the Authorization Endpoint and others
are returned from the Token Endpoint.
•  An example use case is a native application which
passes tokens to backend APIs.
Copyright © 2015 Cloud Identity Summit. All rights reserved. 16

Copyright © 2015 Cloud Identity Summit. All rights reserved. 17
Questions?

Más contenido relacionado

La actualidad más candente

Websites and applications are implementing social single sign-on to allow users to login using trusted authentication providers such as Google, Facebook, and even Salesforce. Join us to learn how to configure the OpenID Connect authentication provider to allow users to authenticate at Google to access a Salesforce environment. We'll also look at how you can relieve yourself of the burden of password management by having your web app login users via Salesforce.

OpenID Connect and Single Sign-On for Beginners

Salesforce Developers

With the proliferation of cloud applications, mobile devices, and the need to connect to external users, IT organizations are increasingly challenged with how to manage and gain transparency into user access to systems and applications. As your organization looks to deploy Identity in the cloud, it’s critical that this is backed by open-standards. In this webinar, Chuck Mortimore, Pat Patterson, and Ian Glazer will give you a broad overview of how OpenID Connect can help better connect you with your customers, partners, apps, and devices Key Takeaways Get introduced to OpenID Connect, learn how it builds on top of OAuth, and discover why it’s an important new standard for your organization Consume OpenID Connect from popular Identity providers with Social Sign-On Provide a single, branded Identity to your own users and applications using OpenID Connect Use OpenID Connect to easily build Identity-enabled mobile applications Plan for the next generation of connected devices Intended Audience This webinar is aimed at a technical audience of administrators, developers, architects and business analysts who are wishing to learn more about Identity and Standards

OpenID Connect: The new standard for connecting to your Customers, Partners, ...

Salesforce Developers

As products and companies move towards IoT model, users and machines alike need to interact with various APIs. Securing these APIs in a connected world can be a challenge faced by many. Fortunately, there are open standards addressing even the most complex of use cases - OAuth, OpenID and OpenID Connect happen to be widely adopted and have a growing support across many API and Identity Providers. In this session I'll talk about these standards, and walk through common use cases/flows from an API Provider as well as consumer's side. We will explore how these standards come together to not only secure the APIs, but also manage identity.

Securing your APIs with OAuth, OpenID, and OpenID Connect

Manish Pandit

OAuth & OpenID Connect Deep Dive

Nordic APIs

Spring security oauth2

axykim00

OAuth2 primer

Manish Pandit

OAuth2 + API Security

Amila Paranawithana

Why Assertion-based Access Token is preferred to Handle-based one?

Hitachi, Ltd. OSS Solution Center.

CIS14: Working with OAuth and OpenID Connect

CloudIDSummit

OpenID Connect Explained

Vladimir Dzhuvinov

The adoption of Mobile and Cloud applications drives API traffic across domains. OAuth 2.0 is being implemented in complex enterprise environments where new authorization endpoints are combined with various existing identity components, in various configurations. Handshakes are federated to help provide a single sign-on experience across applications and enhance adoption. Mediation between tokens at the edge of each domain helps extend existing data to new channels. Core grant types, extension grant types, custom schemes, standards, patterns and use cases – let us count the ways in which API access control is applied. This presentation will examine the role of API management infrastructure in API Security, API Access Control and API Federation and its interaction with enterprise infrastructure, social identity and application developers.

API Security & Federation Patterns - Francois Lascelles, Chief Architect, Lay...

CA API Management

OpenID Connect 1.0 Explained

Eugene Siow

OAuth2 Presentaion

Bhargav Surimenu

Entreprises are deploying more applications to workers phones and tablets. These applications are currently all using separate authentications to establish user identity and authorization. This session will look at how the Native Application profile of OpenID Connect creates a local token broker on the device to centralize authentication for multiple enterprise and SaaS applications on a device. This can be used to increase security by enabling additional authentication factors and a enhanced view of device posture, as well as increasing usability, bu reducing the number of unnecessary authentications that interrupt the users work flow every day.

CIS 2015 Extreme OpenID Connect - John Bradley

CloudIDSummit

JWT SSO Inbound Authenticator

MifrazMurthaja

Single-Page-Application & REST security

Igor Bossenko

Creating a Sign On with Open id connect

Derek Binkley

OAuth 2.0 & OpenID Connect @ OpenSource Conference 2011 Tokyo #osc11tk

Nov Matake

This talk is about how to secure your front-end + backend applications using a RESTful approach. As opposed to traditional and monolithic server-side applications (where the HTTP session is used), when your front-end application is running on a browser and not securely from the server, there are few things you need to consider. In this session Alvaro will explore standards like OAuth and JWT to achieve a stateless, token-based authentication and authorisation. He will explore the existing impl More specifically, the demonstration will be made using Spring Security REST, a popular Grails plugin written by Álvaro. Authentication is normally a stateful service. Most of the implementations rely on the HTTP session, thus introducing state as the session is an in-memory data structure in the application server. In the microservices era, most of the companies are developing such called RESTful services, where one of the principles is to create stateless systems. In such scenario, authentication should be stateless too. There is a standard specification to secure web application and API's, that is being adopted massively by the industry: OAuth 2. The specification doesn't explicitly cover how to make a stateless implementation. And most of the existing ones depend on some sort of external storage (such as a DB) to store the tokens generated for a later validation. Fortunately, there is another specification by the IETF called JSON Web Token, that can be combined with OAuth 2 to achieve a stateless authentication system. In the session, Alvaro will explain the core concepts of OAuth 2, as well as JWT and how can them be used together to achieve the last 2 letters of REST: State Transfer.

Stateless authentication with OAuth 2 and JWT - JavaZone 2015

Alvaro Sanchez-Mariscal

OAuth 2.0 and OpenId Connect

Saran Doraiswamy

La actualidad más candente (20)

OpenID Connect and Single Sign-On for Beginners

OpenID Connect: The new standard for connecting to your Customers, Partners, ...

Securing your APIs with OAuth, OpenID, and OpenID Connect

OAuth & OpenID Connect Deep Dive

Spring security oauth2

OAuth2 primer

OAuth2 + API Security

Why Assertion-based Access Token is preferred to Handle-based one?

CIS14: Working with OAuth and OpenID Connect

OpenID Connect Explained

API Security & Federation Patterns - Francois Lascelles, Chief Architect, Lay...

OpenID Connect 1.0 Explained

OAuth2 Presentaion

CIS 2015 Extreme OpenID Connect - John Bradley

JWT SSO Inbound Authenticator

Single-Page-Application & REST security

Creating a Sign On with Open id connect

OAuth 2.0 & OpenID Connect @ OpenSource Conference 2011 Tokyo #osc11tk

Stateless authentication with OAuth 2 and JWT - JavaZone 2015

OAuth 2.0 and OpenId Connect

Similar a CIS 2015 OpenID Connect and Mobile Applications - David Chase

CIS 2015 What’s next? Discovery, Dynamic Registration, Mobile Connect and mor...

CloudIDSummit

Spring4 security oauth2

axykim00

Spring4 security oauth2

Sang Shin

TrialPay Security Tech Talk at Stanford ACM

hackingtrialpay

Application Security in ASP.NET Core

NETUserGroupBern

OAuth 2.0 (RFC 6749/50) is a delegated authorization framework that makes requesting access for and authenticating as a client to an API as easy as getting a token and using a token. This session will explore the different OAuth flows in the spec as will as discuss extensions such as the JWT assertion flow and SAML bearer extension, and will also discuss security mitigations needed to use the protocol safely.

CIS 2015 Extreme OAuth - Paul Meyer

CloudIDSummit

A central authentication server to rule all your services Many companies or organizations run not only one ore two services, but 10 and more. Often each of these services has its own isolated user management implementation, or talks to other micro services over hardcoded API keys. The OAuth2 standard supports multiple authentication mechanisms to rule all of these requirements in one central place. Don’t reinvent the wheel with every new application.

SFScon 2020 - Alex Lanz Martin Malfertheiner - OAuth2 OpenID

South Tyrol Free Software Conference

OAuth2 and OpenID with Spring Boot

Geert Pante

Securing .NET Core, ASP.NET Core applications

NETUserGroupBern

We know and love our authentication standards for the web, yet on mobile we often still resort to usernames & passwords in our apps. This presentation explores OpenID Connect (OIDC) and OAuth 2.0 in the context of mobile apps to see how they decouple authentication logic from your app and promote simpler and more flexible patterns for user authentication and API authorization. This presentation was first given in the London Mobile Security Meetup https://www.meetup.com/London-Mobile-Developer-Security/

Mobile Authentication - Onboarding, best practices & anti-patterns

Pieter Ennes

Intro to OAuth2 and OpenID Connect

LiamWadman

API security is always a major consideration, but most API developers feel like they are not equipped with the skills necessary to properly secure an API. In this presentation, we will talk about how some common API gateway security mechanisms can work effectively to secure a MuleSoft API. We will start with key concepts of API security such as zero trust, OAuth 2.0, and access control. Then, we will demonstrate a secure method to protect your APIs using OAuth 2.0 and token introspection to achieve access control on a MuleSoft API. The solution will demonstrate how to use the combination of MuleSoft security policies and a powerful identity provider in PingFederate by Ping Identity to achieve API security on MuleSoft APIs. No API security session is complete without discussing different methods of API security and lessons learned from working through the demo so we will close with discussing various options that can be used to achieve similar results for API security and what the benefits or downfalls are of each option.

Securing ap is oauth and fine grained access control

AaronLieberman5

DevConf.CZ 2020 @ Brno, Czech Republic : WebAuthn support for keycloak

Hitachi, Ltd. OSS Solution Center.

Data synchronization and offline capabilities are key to creating successful mobile applications and there are many factors to consider. – What data format should you use? – How do you manage security? – How do you efficiently manage syncing data to hundreds of applications independently? In this session, you’ll learn about various factors that drive answers to these questions. You’ll also learn from live code and interactive demonstrations how to use SSL and OAUTH2 to securely synchronize JSON data with a remote REST service and how to use synchronization tokens to efficiently keep your clients up to date. There will be client examples included for both the iOS and Android platforms, but you’ll be able to apply these concepts to any client, regardless of your platform.

Data Synchronization Patterns in Mobile Application Design

Eric Maxwell

Wso2 is integration with .net core

Ismaeel Enjreny

Ch 13: Attacking Users: Other Techniques (Part 2)

Sam Bowne

Accessing APIs using OAuth on the federated (WordPress) web

Felix Arntz

WebAuthn & FIDO2

Leonard Moustacchis

Clef security architecture

jessepollak

Keycloak for Science Gateways - SGCI Technology Sampler Webinar

marcuschristie

Similar a CIS 2015 OpenID Connect and Mobile Applications - David Chase (20)

CIS 2015 What’s next? Discovery, Dynamic Registration, Mobile Connect and mor...

Spring4 security oauth2

TrialPay Security Tech Talk at Stanford ACM

Application Security in ASP.NET Core

CIS 2015 Extreme OAuth - Paul Meyer

SFScon 2020 - Alex Lanz Martin Malfertheiner - OAuth2 OpenID

OAuth2 and OpenID with Spring Boot

Securing .NET Core, ASP.NET Core applications

Mobile Authentication - Onboarding, best practices & anti-patterns

Intro to OAuth2 and OpenID Connect

Securing ap is oauth and fine grained access control

DevConf.CZ 2020 @ Brno, Czech Republic : WebAuthn support for keycloak

Data Synchronization Patterns in Mobile Application Design

Wso2 is integration with .net core

Ch 13: Attacking Users: Other Techniques (Part 2)

Accessing APIs using OAuth on the federated (WordPress) web

WebAuthn & FIDO2

Clef security architecture

Keycloak for Science Gateways - SGCI Technology Sampler Webinar

Más de CloudIDSummit

CIS 2016 Content Highlights

CloudIDSummit

The Cloud Identity Summit was founded by Ping Identity with support from industry leaders in 2010 to bring together the brightest minds across the identity and security industry. Today the event is recognized as the world’s premier identity industry conference and includes tracks from industry thought leaders, CIOs and practitioners. Cloud Identity Summit serves as a multi-year roadmap to deploy solutions that are here today but built for the future. For more info, go to www.cloudidentitysummit.com. Be apart of the convo on Twitter: @CloudIDSummit + #CISNOLA

Top 6 Reasons You Should Attend Cloud Identity Summit 2016

CloudIDSummit

CIS 2015 Security Without Borders: Taming the Cloud and Mobile Frontier - And...

CloudIDSummit

Mobile security, identity & authentication reasons for optimism 20150607 v2

CloudIDSummit

In an ever interconnected and inter-reliant world, the state of security has been a cause for deep pessimism. In the midst of all the gloom, there is good cause for optimism. With some fits and starts, the building blocks for transforming mobile security are taking shape at every level from the processor, to the chipset to special purpose hardware to operating systems and protocols that address use cases from device integrity to user authentication to payments. How do we think about security, privacy, identity and authentication in this world? This talk will provide a rapid overview of some selected building blocks and some practical examples that are now deployed at scale to illustrate the coming wave and how you as a practitioner or customer can participate and position yourself for maximum benefit.

CIS 2015 Mobile Security, Identity & Authentication: Reasons for Optimism - R...

CloudIDSummit

CIS 2015 Virtual Identity: The Vision, Challenges and Experiences in Driving ...

CloudIDSummit

Does anybody remember seeing a big red button with the word “PANICK!” written on it? I know it was around here somewhere. Also, there’s all these cats running pell-mell around the place, can someone give me a hand in herding them? In this real-world case study, come and learn how a Fortune 100 with a diverse and extremely mobile work-force was able to turn up strong authentication protections for our critical cloud resources, and how the IT department lived to tell the tale. You’ll hear about the technical implementation of strong authentication enforcement, and how we made key design decisions in the ongoing balancing act between security and user experience, and how we managed up-and-down the chain from executive stakeholders to the boots-on-the-ground who were being asked to join us on this new security adventure.

CIS 2015 Deploying Strong Authentication to a Global Enterprise: A Comedy in ...

CloudIDSummit

CIS 2015 Without Great Security, Digital Identity is Not Worth the Electrons ...

CloudIDSummit

You'll laugh, you'll cry, and you might even pick up a useful nugget or two listening to a real-world enterprise IT architect share the experiences of the past year trying to support his business migrating to cloud services, and sharing the lessons learned from trying to integrate 2 hybrid enterprises into a single, streamlined company. You'll hear where the cloud came through for us, and how we often had to fall back to on-prem services such as FIM, Ping Federate, and ADFS to make the glue which binds it all together.

CIS 2015 Mergers & Acquisitions in a Cloud Enabled World - Brian Puhl

CloudIDSummit

CIS 2015 IoT and IDM in your Mobile Enterprise - Brian Katz

CloudIDSummit

CIS 2015 Practical Deployments Enterprise Cloud Access Management Platform - ...

CloudIDSummit

The IAM program needs to align behind the shift towards ITaaS, building the platform for execution and supporting transformation and migration activities. CIOs should keep informed through a relevant IAM capability roadmap in order to make calculated decisions on where investments should be made. Ongoing investments in the IAM program are crucial in order to fill capability gaps, keep up-to-date with support and license agreements and make opportunistic progress on the strategic roadmap. In this talk, Steve discusses recent experiences and lessons learned in preparing for and pitching VMware’s CIO on enterprise IAM program initiatives.

CIS 2015 What I Learned From Pitching IAM To My CIO - Steve Tout

CloudIDSummit

Companies and researchers are exploring ways to make software and hardware development easier for the masses. Soon you will be able to build your own autonomous drone, create a sensor that assess the watering needs of your plants, and develop a cat tracking device with minimal coding and hardware skills. What is the place of security and privacy in this exciting development? Are we building the next generation of Internet security vulnerabilities right now? In his talk Hannes Tschofenig will highlight challenges with Internet of Things, what role standardization plays, and what contributions ARM, a provider of microprocessor IP, is making to improve IoT security.

CIS 2015 How to secure the Internet of Things? Hannes Tschofenig

CloudIDSummit

The IDaaS (identity as a service) market segment continues to grow in popularity, and the scope of its vendor's capabilities continue to grow as well. It's still not a match for everyone, however. Join identity architect Sean Deuby for an overview of the most popular IDaaS deployment scenarios, scenarios where IDaaS has a tougher time meeting customer requirements, and whether your company is likely to find its perfect IDaaS mate.

CIS 2015 The IDaaS Dating Game - Sean Deuby

CloudIDSummit

CIS 2015 SSO for Mobile and Web Apps Ashish Jain

CloudIDSummit

The Industrial Internet, the Identity of Everything and the Industrial Enterp...

CloudIDSummit

CIS 2015 SAML-IN / SAML-OUT - Scott Tomilson & John Dasilva

CloudIDSummit

Centralized session management has long been a goal of Web Access Management systems: the idea that one session can give end users access to dozens of protected applications with a seamless SSO experience, and terminating it (either by the end user themselves, or by an administrator) cuts off access instantly. It’s a nice dream isn’t it? Turns out that while most WAM products claim they can do this, when deployment time comes around (especially in globally distributed organizations) serious security and scalability challenges emerge that make it unfeasible. In this “session”, come and learn our vision for deploying session management at scale and see how Ping Identity has implemented it in our Federated Access Management solution.

CIS 2015 Session Management at Scale - Scott Tomilson & Jamshid Khosravian

CloudIDSummit

Are you asking yourself how do I take my inhouse application and make it available to internal users, partners or customers using SSO and access management technologies? Oh, and you don't want it to be a 6 month project? No problem. Come and find out how to leverage your existing investments and move to modern standards like OpenID Connect, without having to rip and replace infrastructure. Learn the capabilities and tradeoffs you can make to deploy the right level of identity and access management infrastructure to match your security needs.

CIS 2015 So you want to SSO … Scott Tomilson & John Dasilva

CloudIDSummit

Devices need owners, people need confidence in device authenticity, data needs to persist in systems long after devices change hands, and access needs to be authorized selectively. That's a lot to ask; even if emerging web identity and security technologies are simpler than the models of yesteryear, IoT devices have complicating limitations when it comes to processing power, memory, user interface, and connectivity. But many use cases span web and IoT environments, so we must try! What are the specific requirements? What elements of web technologies can we borrow outright? What elements may need tweaking?

CIS 2015 Identity Relationship Management in the Internet of Things

CloudIDSummit

Más de CloudIDSummit (20)

CIS 2016 Content Highlights

Top 6 Reasons You Should Attend Cloud Identity Summit 2016

CIS 2015 Security Without Borders: Taming the Cloud and Mobile Frontier - And...

Mobile security, identity & authentication reasons for optimism 20150607 v2

CIS 2015 Mobile Security, Identity & Authentication: Reasons for Optimism - R...

CIS 2015 Virtual Identity: The Vision, Challenges and Experiences in Driving ...

CIS 2015 Deploying Strong Authentication to a Global Enterprise: A Comedy in ...

CIS 2015 Without Great Security, Digital Identity is Not Worth the Electrons ...

CIS 2015 Mergers & Acquisitions in a Cloud Enabled World - Brian Puhl

CIS 2015 IoT and IDM in your Mobile Enterprise - Brian Katz

CIS 2015 Practical Deployments Enterprise Cloud Access Management Platform - ...

CIS 2015 What I Learned From Pitching IAM To My CIO - Steve Tout

CIS 2015 How to secure the Internet of Things? Hannes Tschofenig

CIS 2015 The IDaaS Dating Game - Sean Deuby

CIS 2015 SSO for Mobile and Web Apps Ashish Jain

The Industrial Internet, the Identity of Everything and the Industrial Enterp...

CIS 2015 SAML-IN / SAML-OUT - Scott Tomilson & John Dasilva

CIS 2015 Session Management at Scale - Scott Tomilson & Jamshid Khosravian

CIS 2015 So you want to SSO … Scott Tomilson & John Dasilva

CIS 2015 Identity Relationship Management in the Internet of Things

Último

What is a good lead in your organisation? Which leads are priority? What happens to leads? When sales and marketing give different answers to these questions, or perhaps aren't sure of the answers at all, frustrations build and opportunities are left on the table. Join us for an illuminating session with Cian McLoughlin, HubSpot Principal Customer Success Manager, as we look at that crucial piece of the customer journey in which leads are transferred from marketing to sales.

04-2024-HHUG-Sales-and-Marketing-Alignment.pptx

HampshireHUG

Histor y of HAM Radio presentation slide

vu2urc

Real Time Object Detection Using Open CV

Khem

Finology Group – Insurtech Innovation Award 2024

The Digital Insurer

MySQL Webinar, presented on the 25th of April, 2024. Summary: MySQL solutions enable the deployment of diverse Database Architectures tailored to specific needs, including High Availability, Disaster Recovery, and Read Scale-Out. With MySQL Shell's AdminAPI, administrators can seamlessly set up, manage, and monitor these solutions, ensuring efficiency and ease of use in their administration. MySQL Router, on the other hand, provides transparent routing from the application traffic to the backend servers in the architectures, requiring minimal configuration. Completely built in-house and supported by Oracle, these solutions have been adopted by enterprises of all sizes for their business-critical applications. In this presentation, we'll delve into various database architecture solutions to help you choose the right one based on your business requirements. Focusing on technical details and the latest features to maximize the potential of these solutions.

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...

Miguel Araújo

Abhishek Deb(1), Mr Abdul Kalam(2) M. Des (UX) , School of Design, DIT University , Dehradun. This paper explores the future potential of AI-enabled smartphone processors, aiming to investigate the advancements, capabilities, and implications of integrating artificial intelligence (AI) into smartphone technology. The research study goals consist of evaluating the development of AI in mobile phone processors, analyzing the existing state as well as abilities of AI-enabled cpus determining future patterns as well as chances together with reviewing obstacles as well as factors to consider for more growth.

Exploring the Future Potential of AI-Enabled Smartphone Processors

debabhi2

BooK Now Call us at +918448380779 to hire a gorgeous and seductive call girl for sex. Take a Delhi Escort Service. The help of our escort agency is mostly meant for men who want sexual Indian Escorts In Delhi NCR. It should be noted that any impersonator will get 100 attention from our Young Girls Escorts in Delhi. They will assume the position of reliable allies. VIP Call Girl With Original Photos Book Tonight +918448380779 Our Cheap Price 1 Hour not available 2 Hours 5000 Full Night 8000 TAG: Call Girls in Delhi, Noida, Gurgaon, Ghaziabad, Connaught Place, Greater Kailash Delhi, Lajpat Nagar Delhi, Mayur Vihar Delhi, Chanakyapuri Delhi, New Friends Colony Delhi, Majnu Ka Tilla, Karol Bagh, Malviya Nagar, Saket, Khan Market, Noida Sector 18, Noida Sector 76, Noida Sector 51, Gurgaon Mg Road, Iffco Chowk Gurgaon, Rajiv Chowk Gurgaon All Delhi Ncr Free Home Deliver

08448380779 Call Girls In Greater Kailash - I Women Seeking Men

Delhi Call girls

What are drone anti-jamming systems? The drone anti-jamming systems and anti-spoof technology protect against interference, jamming, and spoofing of the UAVs. To protect their security, countries are beginning to research drone anti-jamming systems, also known as drone strike weapons. The anti-jam and anti-spoof technology protects against interference, jamming and spoofing. A drone strike weapon is a drone attack weapon that can attack and destroy enemy drones. So what is so unique about this amazing system?

What Are The Drone Anti-jamming Systems Technology?

Antenna Manufacturer Coco

As privacy and data protection regulations evolve rapidly, organizations operating in multiple jurisdictions face mounting challenges to ensure compliance and safeguard customer data. With state-specific privacy laws coming up in multiple states this year, it is essential to understand what their unique data protection regulations will require clearly. How will data privacy evolve in the US in 2024? How to stay compliant? Our panellists will guide you through the intricacies of these states' specific data privacy laws, clarifying complex legal frameworks and compliance requirements. This webinar will review: - The essential aspects of each state's privacy landscape and the latest updates - Common compliance challenges faced by organizations operating in multiple states and best practices to achieve regulatory adherence - Valuable insights into potential changes to existing regulations and prepare your organization for the evolving landscape

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments

TrustArc

08448380779 Call Girls In Diplomatic Enclave Women Seeking Men

Delhi Call girls

Created by Mozilla Research in 2012 and now part of Linux Foundation Europe, the Servo project is an experimental rendering engine written in Rust. It combines memory safety and concurrency to create an independent, modular, and embeddable rendering engine that adheres to web standards. Stewardship of Servo moved from Mozilla Research to the Linux Foundation in 2020, where its mission remains unchanged. After some slow years, in 2023 there has been renewed activity on the project, with a roadmap now focused on improving the engine’s CSS 2 conformance, exploring Android support, and making Servo a practical embeddable rendering engine. In this presentation, Rakhi Sharma reviews the status of the project, our recent developments in 2023, our collaboration with Tauri to make Servo an easy-to-use embeddable rendering engine, and our plans for the future to make Servo an alternative web rendering engine for the embedded devices industry. (c) Embedded Open Source Summit 2024 April 16-18, 2024 Seattle, Washington (US) https://events.linuxfoundation.org/embedded-open-source-summit/ https://ossna2024.sched.com/event/1aBNF/a-year-of-servo-reboot-where-are-we-now-rakhi-sharma-igalia

A Year of the Servo Reboot: Where Are We Now?

Igalia

The Raspberry Pi 5 was announced on October 2023. This new version of the popular embedded device comes with a new iteration of Broadcom’s VideoCore GPU platform, and was released with a fully open source driver stack, developed by Igalia. The presentation will discuss some of the major changes required to support this new Video Core iteration, the challenges we faced in the process and the solutions we provided in order to deliver conformant OpenGL ES and Vulkan drivers. The talk will also cover the next steps for the open source Raspberry Pi 5 graphics stack. (c) Embedded Open Source Summit 2024 April 16-18, 2024 Seattle, Washington (US) https://events.linuxfoundation.org/embedded-open-source-summit/ https://eoss24.sched.com/event/1aBEx

Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...

Igalia

Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024

The Digital Insurer

Heather Hedden, Senior Consultant at Enterprise Knowledge, presented “The Role of Taxonomy and Ontology in Semantic Layers” at a webinar hosted by Progress Semaphore on April 16, 2024. Taxonomies at their core enable effective tagging and retrieval of content, and combined with ontologies they extend to the management and understanding of related data. There are even greater benefits of taxonomies and ontologies to enhance your enterprise information architecture when applying them to a semantic layer. A survey by DBP-Institute found that enterprises using a semantic layer see their business outcomes improve by four times, while reducing their data and analytics costs. Extending taxonomies to a semantic layer can be a game-changing solution, allowing you to connect information silos, alleviate knowledge gaps, and derive new insights. Hedden, who specializes in taxonomy design and implementation, presented how the value of taxonomies shouldn’t reside in silos but be integrated with ontologies into a semantic layer. Learn about: - The essence and purpose of taxonomies and ontologies in information and knowledge management; - Advantages of semantic layers leveraging organizational taxonomies; and - Components and approaches to creating a semantic layer, including the integration of taxonomies and ontologies

The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf

Enterprise Knowledge

Sara Mae O’Brien Scott and Tatiana Baquero Cakici, Senior Consultants at Enterprise Knowledge (EK), presented “AI Fast Track to Search-Focused AI Solutions” at the Information Architecture Conference (IAC24) that took place on April 11, 2024 in Seattle, WA. In their presentation, O’Brien-Scott and Cakici focused on what Enterprise AI is, why it is important, and what it takes to empower organizations to get started on a search-based AI journey and stay on track. The presentation explored the complexities of enterprise search challenges and how IA principles can be leveraged to provide AI solutions through the use of a semantic layer. O’Brien-Scott and Cakici showcased a case study where a taxonomy, an ontology, and a knowledge graph were used to structure content at a healthcare workforce solutions organization, providing personalized content recommendations and increasing content findability. In this session, participants gained insights about the following: Most common types of AI categories and use cases; Recommended steps to design and implement taxonomies and ontologies, ensuring they evolve effectively and support the organization’s search objectives; Taxonomy and ontology design considerations and best practices; Real-world AI applications that illustrated the value of taxonomies, ontologies, and knowledge graphs; and Tools, roles, and skills to design and implement AI-powered search solutions.

IAC 2024 - IA Fast Track to Search Focused AI Solutions

Enterprise Knowledge

This presentations targets students or working professionals. You may know Google for search, YouTube, Android, Chrome, and Gmail, but did you know Google has many developer tools, platforms & APIs? This comprehensive yet still high-level overview outlines the most impactful tools for where to run your code, store & analyze your data. It will also inspire you as to what's possible. This talk is 50 minutes in length.

Powerful Google developer tools for immediate impact! (2023-24 C)

wesley chun

Choosing the right accounts payable services provider is a strategic decision that can significantly impact your business's financial performance and operational efficiency. By considering factors such as expertise, range of services, technology infrastructure, scalability, cost, and reputation, businesses can make informed decisions and select a provider that aligns with their unique needs and objectives. Partnering with the right provider can streamline accounts payable processes, drive cost savings, and position your business for long-term success. https://katprotech.com/accounts-payable-and-purchase-order-automation/

Factors to Consider When Choosing Accounts Payable Services Providers.pptx

Katpro Technologies

Automating Google Workspace (GWS) & more with Apps Script

wesley chun

Data Cloud, More than a CDP by Matt Robison

Anna Loughnan Colquhoun

2024: Domino Containers - The Next Step. News from the Domino Container commu...

Martijn de Jong

CIS 2015 OpenID Connect and Mobile Applications - David Chase

2. OpenID Connect and Mobile Applications David Chase

3. Implicit •  When using the Implicit Flow, all tokens are returned from the Authorization Endpoint; the Token Endpoint is not used. •  The Access Token and ID Token are returned directly to the Client •  The Authorization Server does not perform Client Authentication. Copyright © 2015 Cloud Identity Summit. All rights reserved. 3

4. Implicit Flow 1.  Client prepares an Authentication Request containing the desired request parameters. 2.  Client sends the request to the Authorization Server. 3.  Authorization Server Authenticates the End-User. Copyright © 2015 Cloud Identity Summit. All rights reserved. 4

5. Implicit Flow Continued 4.  Authorization Server obtains End-User Consent/ Authorization. 5.  Authorization Server sends the End-User back to the Client with an ID Token and, if requested, an Access Token. 6.  Client validates the ID token and retrieves the End- User's Subject Identifier. Copyright © 2015 Cloud Identity Summit. All rights reserved. 5

16. Hybrid Flow •  When using the Hybrid Flow, some tokens are returned from the Authorization Endpoint and others are returned from the Token Endpoint. •  An example use case is a native application which passes tokens to backend APIs. Copyright © 2015 Cloud Identity Summit. All rights reserved. 16

CIS 2015 OpenID Connect and Mobile Applications - David Chase

Recomendados

Recomendados

Más contenido relacionado

La actualidad más candente

La actualidad más candente (20)

Similar a CIS 2015 OpenID Connect and Mobile Applications - David Chase

Similar a CIS 2015 OpenID Connect and Mobile Applications - David Chase (20)

Más de CloudIDSummit

Más de CloudIDSummit (20)

Último

Último (20)

CIS 2015 OpenID Connect and Mobile Applications - David Chase