13. Provisioning
Authentication
Single Sign On
An
open
source
Identity
&
Entitlement
management
server
Federation
Auditing Delegation
SAML2 WS-TRUST
NBQSA
~
2011
15. Role Based Access Control
An
open
source
Identity
&
Entitlement
management
server
NBQSA
~
2011
16. Attribute Based Access Control
Role Based Access Control
An
open
source
Identity
&
Entitlement
management
server
NBQSA
~
2011
17. Attribute Based Access Control
Role Based Access Control
An
open
source
Identity
&
Entitlement
management
server
Policy Based Access Control
XACML
NBQSA
~
2011
18. Attribute Based Access Control
Role Based Access Control
An
open
source
Identity
&
Entitlement
management
server
SOAP
Policy Based Access Control
XACML / WS-XACML
NBQSA
~
2011
19. Attribute Based Access Control
Role Based Access Control
REST
An
open
source
Identity
&
Entitlement
management
server
SOAP
Policy Based Access Control
XACML
NBQSA
~
2011
20. An
open
source
Identity
&
Entitlement
management
server
Web based management console
NBQSA
~
2011
21. An
open
source
Identity
&
Entitlement
management
server
SOAP based API
Web based management console
NBQSA
~
2011
22. ¡ User
stores
with
LDAP/AD/JDBC
¡ OpenID
¡
SAML2
¡
Kerberos
¡
Information
Cards
¡
XACML
¡
OAuth
¡
Security
Token
Service
with
WS-‐Trust
NBQSA
~
2011
25. ¡ Open
source
&
open
standards
¡ Lean
¡ No
vendor
lock-‐in
¡ All
in
a
single
product
¡ Interoperability
¡ Extensibility
¡ The
power
of
WSO2
SOA
stack
¡ Short
learning
curve
NBQSA
~
2011
26. ¡ Decentralized
Single
Sign
On
¡ Single
user
profile
¡ Widely
used
for
community
&
collaboration
aspects
¡ Multifactor
Authentication
[Infocard,
XMPP]
¡ OpenID
relying
party
components
NBQSA
~
2011
27. ¡ Single
Sign
On
/
Single
Logout
¡ Widely
used
*aaS
providers
[Google
Apps,
Salesforce]
¡
SAML2
Web
SSO
Profile
¡ Used
in
WSO2
StratosLive
NBQSA
~
2011
29. ¡ The
de-‐facto
standard
for
authorization
¡ Support
for
multiple
PIPs
¡ Policy
distribution
¡ Decision
/
Attribute
caching
¡ UI
wizard
for
defining
policies
¡ Notifications
on
policy
updates
¡ TryIt
tool
NBQSA
~
2011
30. EntitlementService
EntitlementPolicyAdminService
SOAP
SOAP
Attribute Finder Policy Decision Point
Extensions Decision Policy
Extensions Administration
Cache
Attribute Point
Cache XACML
Engine
Default
Finder
Policy Cache
LDAP
NBQSA
~
2011