SlideShare una empresa de Scribd logo

Identity Management: Using OIDC to Empower the Next-Generation Apps

Descargar como PPTX, PDF
Tom Freestone
Tom Freestone

The document discusses using OpenID Connect (OIDC) to enable authentication for mobile and cloud applications. It outlines some challenges of moving to mobile and cloud platforms, such as how to reuse existing systems and maximize past investments. The document then presents OIDC as a solution, describing how it allows for flexible authentication of users across devices and applications through an open standard for identity federation. It provides examples of how OIDC improves upon traditional authentication methods for both service accounts and user-based access.

Internet
1 de 28
Identity Management: Using OIDC to Empower the Next-Generation of Applications Tom Freestone LDS Church © 2016 by Intellectual Reserve, Inc. All rights reserved.
The future computing platforms are MOBILE and CLOUD! Mobile Computing - present and the future 2.4 billion mobile devices in 2013 and 2.5 billion in 2014. 81+ billion apps downloaded in 2013. There are 6.8 billion people on the planet at present. 4 billion own mobile phones. Gartner Group - World Wide Devices Shipments Internet of Things In the Cloud EVERYTHING is an API. APIs are an integral part of what are arguably the three major forces currently transforming the Web and IT landscape —Mobile, Social and Cloud Computing. API © 2016 by Intellectual Reserve, Inc. All rights reserved.
• How do we design and develop solutions that meet the growth and the diversity of a global user base? • How do we move large enterprise solutions and systems to embrace mobile and cloud computing? • How do we maximize our past investments in technology solutions and embrace new and evolving industry technology advancements? • How do we significantly reduce costs and encourage greater reuse of core systems and services across the enterprise? Preparing for the future - MOBILE and CLOUD! © 2016 by Intellectual Reserve, Inc. All rights reserved.
Legacy Applications & Systems Monolithic Application-centric DB-coupled Component & Services Architecture Web Services Integrations Mobile/Web Components Mobile – Web - Device Platform as a Service Hybrid CloudData Center AWS Azure Cloud Mobile Application Architecture © 2016 by Intellectual Reserve, Inc. All rights reserved.
IdentityIdentity ? © 2016 by Intellectual Reserve, Inc. All rights reserved.
Identity ? AuthorizationAuthentication © 2016 by Intellectual Reserve, Inc. All rights reserved.
? Who is the user? Entity Claims Attributes Identity is a set of claims. © 2016 by Intellectual Reserve, Inc. All rights reserved.
Entity Attributes https://www.flickr.com/photos/74373690@N00/13949707621/ via Compfight (License: https://creativecommons.org/licenses/by-nc/2.0/)
What is the user allowed to do? Who What Why WhenHow Attributes Policy © 2016 by Intellectual Reserve, Inc. All rights reserved.
What is the user allowed to do? Authenticated Users Users that work for … Users that belong to Web Access Mgmt. © 2016 by Intellectual Reserve, Inc. All rights reserved.
Reverse Proxies • Passes Headers • Protects URL’s • Manages SSO Session • Data Center Co-location The Traditional Solution: Authorization/Authentication? © 2016 by Intellectual Reserve, Inc. All rights reserved.
The world of reverse proxies … protected, but ... https://www.flickr.com/photos/13748147@N02/2070083736/ via Compfight (License: https://creativecommons.org/licenses/by-nc-nd/2.0/)
The real world is complex and interconnected. http://steffondavis.com/visualizing-taste-in-art-with-big-data-curation-analysis-curalytics-and-curiator/
Enterprise SaaS Private Cloud PaaS (Cloud foundry) Development Stacks Web Services PaaS Web Services Public CloudPublic Cloud Hybrid Cloud Cloud Approach Hybrid Cloud: A cloud computing service that is composed of some combination of private, public, and community cloud services, from different service providers, for capacity or capability Cloud Mobile Integration • Must support existing systems (legacy) = Hybrid • Everything moving to “Services” (APIs) • Mobile/Web Development (Open Standards) • Services Oriented Architecture (SOA) • Migration/On Ramp (Security, SaaS, etc.) © 2016 by Intellectual Reserve, Inc. All rights reserved.
How do we move to the cloud and still authenticate our users? © 2016 by Intellectual Reserve, Inc. All rights reserved.
Federation © 2016 by Intellectual Reserve, Inc. All rights reserved.
Traditional vs. Federated Reverse Proxies • Passes Headers • Protects URL’s • Manages SSO Session • Data Center Colocation Application • Consumes attributes • Protects its own URL’s • Manages its own session • Data Center Independence © 2016 by Intellectual Reserve, Inc. All rights reserved.
Icon design by Paomedia and Ivan Boyko Interoperable Flexible Secure Simple OIDC Benefits © 2016 by Intellectual Reserve, Inc. All rights reserved.
Basic OIDC Protocol End User OIDC Provider Client 1. AuthN Request 2. AuthN & AuthZ 3. AuthN Response 4. UserInfo Request 5. UserInfo Response Abstract OIDC Protocol: 1.2 OIDC-Core Spec Client application requiring End-User Authentication and Claims from an OIDC Provider. Provides identity as a service using OIDC through the Token endpoint, UserInfo endpoint, & Authorization endpoint. Also referred to as the “User Agent,” meaning the browser. © 2016 by Intellectual Reserve, Inc. All rights reserved.
AntiPattern #1 LDAP Service Accounts Application / Client Get Use Protected API (Resource Server) LDAP 1. Request (Basic Auth username: password) 2. LDAP Bind username:password 3. Data © 2016 by Intellectual Reserve, Inc. All rights reserved.
Pattern #1 Service Account using OIDC Application / Client Get Use 1. Request Token (Client_id / userId) Token Token 2. 3. Make Request Protected API Authorization Server 4. Validate Token 5. Valid Token 7. Return Data Token © 2016 by Intellectual Reserve, Inc. All rights reserved.
Pattern #1 Service Account – Getting Tokens curl https://openam.example.com:8443/openam/.well-known/openid-configuration { "response_types_supported": [ "token id_token", "code token", "code token id_token", "token", "code id_token", "code", "id_token" ], "registration_endpoint": "https://ident.example.com:8443/openam/oauth2/connect/register", "token_endpoint": "https://ident.example.com:8443/openam/oauth2/access_token", "end_session_endpoint": "https://ident.example.com:8443/openam/oauth2/connect/endSession", "version": "3.0", "userinfo_endpoint": "https://ident.example.com:8443/openam/oauth2/userinfo", "subject_types_supported": [ "public" ], "issuer": "https://ident.example.com:8443/openam", "jwks_uri": "https://ident.example.com:8443/openam/oauth2/connect/jwk_uri?realm=/", "id_token_signing_alg_values_supported": [ "HS256", "HS512", "RS256", "HS384" ], "check_session_iframe": "https://ident.example.com:8443/openam/oauth2/connect/checkSession", "claims_supported": [ "phone", "email", "address", "openid", "profile" ], "authorization_endpoint": "https://ident.example.com:8443/openam/oauth2/authorize" } curl --request POST --user "masterClient:password" --data "grant_type=password&username=someUser&password=password" https://ident.example.com:8443/openam/oauth2/access_token { "expires_in": 59, "token_type": "Bearer", "refresh_token": "26938cd0-6870-4e31-ade9-df31afc37ee1", "access_token": "515d6551-4512-4279-98b6-c0ef3f03a722" } Authorization, Bearer 515d6551-4512-4279-98b6-c0ef3f03a722 © 2016 by Intellectual Reserve, Inc. All rights reserved.
1. Using App Client Login Page Owner 3. Post User/password to login page 4. Get cookies 5. Request Data 6. Data 2. Collect User/Password Get Use AntiPattern #2 Session Hijack © 2016 by Intellectual Reserve, Inc. All rights reserved
1. Using App Client Authorization Server Owner 3.Authorize 4. Authorization Code 5. Authorization Code Token 6. Resource Server Token Token7. Request Data 8. Validate Token 9. Valid Token10. Data 2. Redirect to Login Get Use Pattern #2 Service Provider Access Using OIDC [1]R. Boyd, Getting started with Oauth 2.0. Sebastopol, CA: O’Reilly, 2012.c © 2016 by Intellectual Reserve, Inc. All rights reserved.
Pattern #2 Service Provider Access -- Responses [2] Backstage.forgerock.com, ‘ForgeRock BackStage’, 2015. [Online]. Available: https://backstage.forgerock.com/#!/docs/ openam/12.0.0/admin-guide/chap- opened-connect. [Accessed: 08- Oct- 2015]. © 2016 by Intellectual Reserve, Inc. All rights reserved.
Legacy Applications & Systems Monolithic Application-centric DB-coupled Component & Services Architecture Web Services Integrations Mobile/Web Components Mobile – Web - Device Platform as a Service Hybrid CloudProvo/Church Data Center AWS Azure © 2016 by Intellectual Reserve, Inc. All rights reserved. Cloud Mobile Application Architecture
The future computing platforms are MOBILE and CLOUD! Mobile Computing - present and the future 2.4 billion mobile devices in 2013 and 2.5 billion in 2014. 81+ billion apps downloaded in 2013. There are 6.8 billion people on the planet at present. 4 billion own mobile phones. Gartner Group - World Wide Devices Shipments Internet of Things In the Cloud EVERYTHING is an API. APIs are an integral part of what are arguably the three major forces currently transforming the Web and IT landscape —Mobile, Social and Cloud Computing. API © 2016 by Intellectual Reserve, Inc. All rights reserved.
Questions? © 2016 by Intellectual Reserve, Inc. All rights reserved.

Recomendados

Catalyst 2015: Patrick Harding
Catalyst 2015: Patrick HardingCatalyst 2015: Patrick Harding
Catalyst 2015: Patrick HardingPing Identity
 
Integrated social solutions, the power and pitfalls of mashups
Integrated social solutions, the power and pitfalls of mashupsIntegrated social solutions, the power and pitfalls of mashups
Integrated social solutions, the power and pitfalls of mashupsNordic APIs
 
You Can't Spell Enterprise Security without MFA
You Can't Spell Enterprise Security without MFA You Can't Spell Enterprise Security without MFA
You Can't Spell Enterprise Security without MFA Ping Identity
 
Connecting The Real World With The Virtual World
Connecting The Real World With The Virtual WorldConnecting The Real World With The Virtual World
Connecting The Real World With The Virtual WorldPing Identity
 
Mobile Single-Sign On: Extending SSO Out to the Client - Layer 7's CTO Scott ...
Mobile Single-Sign On: Extending SSO Out to the Client - Layer 7's CTO Scott ...Mobile Single-Sign On: Extending SSO Out to the Client - Layer 7's CTO Scott ...
Mobile Single-Sign On: Extending SSO Out to the Client - Layer 7's CTO Scott ...CA API Management
 
Identity-Defined Privacay & Security for Internet of Things
Identity-Defined Privacay & Security for Internet of ThingsIdentity-Defined Privacay & Security for Internet of Things
Identity-Defined Privacay & Security for Internet of ThingsPing Identity
 
User-Managed Access: Why and How? - Access Control in Digital Contract Contexts
User-Managed Access: Why and How? - Access Control in Digital Contract ContextsUser-Managed Access: Why and How? - Access Control in Digital Contract Contexts
User-Managed Access: Why and How? - Access Control in Digital Contract ContextsForgeRock
 
Gartner IAM London 2017 Session - Security, Standards & User Experience: The ...
Gartner IAM London 2017 Session - Security, Standards & User Experience: The ...Gartner IAM London 2017 Session - Security, Standards & User Experience: The ...
Gartner IAM London 2017 Session - Security, Standards & User Experience: The ...Ping Identity
 

Recomendados

Catalyst 2015: Patrick Harding
Catalyst 2015: Patrick HardingCatalyst 2015: Patrick Harding
Catalyst 2015: Patrick HardingPing Identity
 
Integrated social solutions, the power and pitfalls of mashups
Integrated social solutions, the power and pitfalls of mashupsIntegrated social solutions, the power and pitfalls of mashups
Integrated social solutions, the power and pitfalls of mashupsNordic APIs
 
You Can't Spell Enterprise Security without MFA
You Can't Spell Enterprise Security without MFA You Can't Spell Enterprise Security without MFA
You Can't Spell Enterprise Security without MFA Ping Identity
 
Connecting The Real World With The Virtual World
Connecting The Real World With The Virtual WorldConnecting The Real World With The Virtual World
Connecting The Real World With The Virtual WorldPing Identity
 
Mobile Single-Sign On: Extending SSO Out to the Client - Layer 7's CTO Scott ...
Mobile Single-Sign On: Extending SSO Out to the Client - Layer 7's CTO Scott ...Mobile Single-Sign On: Extending SSO Out to the Client - Layer 7's CTO Scott ...
Mobile Single-Sign On: Extending SSO Out to the Client - Layer 7's CTO Scott ...CA API Management
 
Identity-Defined Privacay & Security for Internet of Things
Identity-Defined Privacay & Security for Internet of ThingsIdentity-Defined Privacay & Security for Internet of Things
Identity-Defined Privacay & Security for Internet of ThingsPing Identity
 
User-Managed Access: Why and How? - Access Control in Digital Contract Contexts
User-Managed Access: Why and How? - Access Control in Digital Contract ContextsUser-Managed Access: Why and How? - Access Control in Digital Contract Contexts
User-Managed Access: Why and How? - Access Control in Digital Contract ContextsForgeRock
 
Gartner IAM London 2017 Session - Security, Standards & User Experience: The ...
Gartner IAM London 2017 Session - Security, Standards & User Experience: The ...Gartner IAM London 2017 Session - Security, Standards & User Experience: The ...
Gartner IAM London 2017 Session - Security, Standards & User Experience: The ...Ping Identity
 
Standard Based API Security, Access Control and AI Based Attack - API Days Pa...
Standard Based API Security, Access Control and AI Based Attack - API Days Pa...Standard Based API Security, Access Control and AI Based Attack - API Days Pa...
Standard Based API Security, Access Control and AI Based Attack - API Days Pa...Ping Identity
 
Layer 7 Mobile Security Workshop with CA Technologies and Forrester Research ...
Layer 7 Mobile Security Workshop with CA Technologies and Forrester Research ...Layer 7 Mobile Security Workshop with CA Technologies and Forrester Research ...
Layer 7 Mobile Security Workshop with CA Technologies and Forrester Research ...CA API Management
 
Single sign-on Across Mobile Applications from RSAConference
Single sign-on Across Mobile Applications from RSAConferenceSingle sign-on Across Mobile Applications from RSAConference
Single sign-on Across Mobile Applications from RSAConferenceCA API Management
 
Identity Beyond Employees: How Customer Experience Impacts Your IAM Practices
Identity Beyond Employees: How Customer Experience Impacts Your IAM PracticesIdentity Beyond Employees: How Customer Experience Impacts Your IAM Practices
Identity Beyond Employees: How Customer Experience Impacts Your IAM PracticesPing Identity
 
Managing Identity without Boundaries
Managing Identity without BoundariesManaging Identity without Boundaries
Managing Identity without BoundariesPing Identity
 
Hitchhikers Guide to the Identiverse - How Federated Business will Rule the W...
Hitchhikers Guide to the Identiverse - How Federated Business will Rule the W...Hitchhikers Guide to the Identiverse - How Federated Business will Rule the W...
Hitchhikers Guide to the Identiverse - How Federated Business will Rule the W...Ping Identity
 
Hybrid IAM: Fuelling Agility in the Cloud Transformation Journey | Gartner IA...
Hybrid IAM: Fuelling Agility in the Cloud Transformation Journey | Gartner IA...Hybrid IAM: Fuelling Agility in the Cloud Transformation Journey | Gartner IA...
Hybrid IAM: Fuelling Agility in the Cloud Transformation Journey | Gartner IA...Ping Identity
 
OAuth 101 & Secure APIs 2012 Cloud Identity Summit
OAuth 101 & Secure APIs 2012 Cloud Identity SummitOAuth 101 & Secure APIs 2012 Cloud Identity Summit
OAuth 101 & Secure APIs 2012 Cloud Identity SummitBrian Campbell
 
RSA Conference 2016: Don't Use Two-Factor Authentication... Unless You Need It!
RSA Conference 2016: Don't Use Two-Factor Authentication... Unless You Need It!RSA Conference 2016: Don't Use Two-Factor Authentication... Unless You Need It!
RSA Conference 2016: Don't Use Two-Factor Authentication... Unless You Need It!Mike Schwartz
 
GDPR & Customer IAM: The Real Winners Won’t Stop At Compliance
GDPR & Customer IAM: The Real Winners Won’t Stop At ComplianceGDPR & Customer IAM: The Real Winners Won’t Stop At Compliance
GDPR & Customer IAM: The Real Winners Won’t Stop At CompliancePing Identity
 
The Case For Next Generation IAM
The Case For Next Generation IAM The Case For Next Generation IAM
The Case For Next Generation IAM Patrick Harding
 
Webinar: Consent 2.0: Applying User-Managed Access to the Privacy Challenge
Webinar: Consent 2.0: Applying User-Managed Access to the Privacy ChallengeWebinar: Consent 2.0: Applying User-Managed Access to the Privacy Challenge
Webinar: Consent 2.0: Applying User-Managed Access to the Privacy ChallengeForgeRock
 
How to Make Your IoT Devices Secure, Act Autonomously & Trusted Subjects
How to Make Your IoT Devices Secure, Act Autonomously & Trusted SubjectsHow to Make Your IoT Devices Secure, Act Autonomously & Trusted Subjects
How to Make Your IoT Devices Secure, Act Autonomously & Trusted SubjectsMaxim Salnikov
 
Successful Enterprise Single Sign-on: Addressing Deployment Challenges
Successful Enterprise Single Sign-on: Addressing Deployment ChallengesSuccessful Enterprise Single Sign-on: Addressing Deployment Challenges
Successful Enterprise Single Sign-on: Addressing Deployment ChallengesHitachi ID Systems, Inc.
 
OAuth 2.0 and the Internet of Things (IoT) (Jacob Ideskog)
OAuth 2.0 and the Internet of Things (IoT) (Jacob Ideskog)OAuth 2.0 and the Internet of Things (IoT) (Jacob Ideskog)
OAuth 2.0 and the Internet of Things (IoT) (Jacob Ideskog)Nordic APIs
 
Beyond MDM: 5 Things You Must do to Secure Mobile Devices in the Enterprise
Beyond MDM: 5 Things You Must do to Secure Mobile Devices in the EnterpriseBeyond MDM: 5 Things You Must do to Secure Mobile Devices in the Enterprise
Beyond MDM: 5 Things You Must do to Secure Mobile Devices in the EnterpriseCA API Management
 
Trust Elevation: Implementing an OAuth2 Infrastructure using OpenID Connect &...
Trust Elevation: Implementing an OAuth2 Infrastructure using OpenID Connect &...Trust Elevation: Implementing an OAuth2 Infrastructure using OpenID Connect &...
Trust Elevation: Implementing an OAuth2 Infrastructure using OpenID Connect &...Mike Schwartz
 
Implementing MITREid - CIS 2014 Presentation
Implementing MITREid - CIS 2014 PresentationImplementing MITREid - CIS 2014 Presentation
Implementing MITREid - CIS 2014 PresentationJustin Richer
 
OAuth 2.0 and Mobile Devices: Is that a token in your phone in your pocket or...
OAuth 2.0 and Mobile Devices: Is that a token in your phone in your pocket or...OAuth 2.0 and Mobile Devices: Is that a token in your phone in your pocket or...
OAuth 2.0 and Mobile Devices: Is that a token in your phone in your pocket or...Brian Campbell
 
CIS13: Bootcamp: PingOne as a Simple Identity Service
CIS13: Bootcamp: PingOne as a Simple Identity ServiceCIS13: Bootcamp: PingOne as a Simple Identity Service
CIS13: Bootcamp: PingOne as a Simple Identity ServiceCloudIDSummit
 
Mobile marketing.social media international studentsr1
Mobile marketing.social media international studentsr1Mobile marketing.social media international studentsr1
Mobile marketing.social media international studentsr1National University
 
Arab woman tv channel
Arab woman tv channelArab woman tv channel
Arab woman tv channelHalinaKhaled
 

Más contenido relacionado

La actualidad más candente

Standard Based API Security, Access Control and AI Based Attack - API Days Pa...
Standard Based API Security, Access Control and AI Based Attack - API Days Pa...Standard Based API Security, Access Control and AI Based Attack - API Days Pa...
Standard Based API Security, Access Control and AI Based Attack - API Days Pa...Ping Identity
 
Layer 7 Mobile Security Workshop with CA Technologies and Forrester Research ...
Layer 7 Mobile Security Workshop with CA Technologies and Forrester Research ...Layer 7 Mobile Security Workshop with CA Technologies and Forrester Research ...
Layer 7 Mobile Security Workshop with CA Technologies and Forrester Research ...CA API Management
 
Single sign-on Across Mobile Applications from RSAConference
Single sign-on Across Mobile Applications from RSAConferenceSingle sign-on Across Mobile Applications from RSAConference
Single sign-on Across Mobile Applications from RSAConferenceCA API Management
 
Identity Beyond Employees: How Customer Experience Impacts Your IAM Practices
Identity Beyond Employees: How Customer Experience Impacts Your IAM PracticesIdentity Beyond Employees: How Customer Experience Impacts Your IAM Practices
Identity Beyond Employees: How Customer Experience Impacts Your IAM PracticesPing Identity
 
Managing Identity without Boundaries
Managing Identity without BoundariesManaging Identity without Boundaries
Managing Identity without BoundariesPing Identity
 
Hitchhikers Guide to the Identiverse - How Federated Business will Rule the W...
Hitchhikers Guide to the Identiverse - How Federated Business will Rule the W...Hitchhikers Guide to the Identiverse - How Federated Business will Rule the W...
Hitchhikers Guide to the Identiverse - How Federated Business will Rule the W...Ping Identity
 
Hybrid IAM: Fuelling Agility in the Cloud Transformation Journey | Gartner IA...
Hybrid IAM: Fuelling Agility in the Cloud Transformation Journey | Gartner IA...Hybrid IAM: Fuelling Agility in the Cloud Transformation Journey | Gartner IA...
Hybrid IAM: Fuelling Agility in the Cloud Transformation Journey | Gartner IA...Ping Identity
 
OAuth 101 & Secure APIs 2012 Cloud Identity Summit
OAuth 101 & Secure APIs 2012 Cloud Identity SummitOAuth 101 & Secure APIs 2012 Cloud Identity Summit
OAuth 101 & Secure APIs 2012 Cloud Identity SummitBrian Campbell
 
RSA Conference 2016: Don't Use Two-Factor Authentication... Unless You Need It!
RSA Conference 2016: Don't Use Two-Factor Authentication... Unless You Need It!RSA Conference 2016: Don't Use Two-Factor Authentication... Unless You Need It!
RSA Conference 2016: Don't Use Two-Factor Authentication... Unless You Need It!Mike Schwartz
 
GDPR & Customer IAM: The Real Winners Won’t Stop At Compliance
GDPR & Customer IAM: The Real Winners Won’t Stop At ComplianceGDPR & Customer IAM: The Real Winners Won’t Stop At Compliance
GDPR & Customer IAM: The Real Winners Won’t Stop At CompliancePing Identity
 
The Case For Next Generation IAM
The Case For Next Generation IAM The Case For Next Generation IAM
The Case For Next Generation IAM Patrick Harding
 
Webinar: Consent 2.0: Applying User-Managed Access to the Privacy Challenge
Webinar: Consent 2.0: Applying User-Managed Access to the Privacy ChallengeWebinar: Consent 2.0: Applying User-Managed Access to the Privacy Challenge
Webinar: Consent 2.0: Applying User-Managed Access to the Privacy ChallengeForgeRock
 
How to Make Your IoT Devices Secure, Act Autonomously & Trusted Subjects
How to Make Your IoT Devices Secure, Act Autonomously & Trusted SubjectsHow to Make Your IoT Devices Secure, Act Autonomously & Trusted Subjects
How to Make Your IoT Devices Secure, Act Autonomously & Trusted SubjectsMaxim Salnikov
 
Successful Enterprise Single Sign-on: Addressing Deployment Challenges
Successful Enterprise Single Sign-on: Addressing Deployment ChallengesSuccessful Enterprise Single Sign-on: Addressing Deployment Challenges
Successful Enterprise Single Sign-on: Addressing Deployment ChallengesHitachi ID Systems, Inc.
 
OAuth 2.0 and the Internet of Things (IoT) (Jacob Ideskog)
OAuth 2.0 and the Internet of Things (IoT) (Jacob Ideskog)OAuth 2.0 and the Internet of Things (IoT) (Jacob Ideskog)
OAuth 2.0 and the Internet of Things (IoT) (Jacob Ideskog)Nordic APIs
 
Beyond MDM: 5 Things You Must do to Secure Mobile Devices in the Enterprise
Beyond MDM: 5 Things You Must do to Secure Mobile Devices in the EnterpriseBeyond MDM: 5 Things You Must do to Secure Mobile Devices in the Enterprise
Beyond MDM: 5 Things You Must do to Secure Mobile Devices in the EnterpriseCA API Management
 
Trust Elevation: Implementing an OAuth2 Infrastructure using OpenID Connect &...
Trust Elevation: Implementing an OAuth2 Infrastructure using OpenID Connect &...Trust Elevation: Implementing an OAuth2 Infrastructure using OpenID Connect &...
Trust Elevation: Implementing an OAuth2 Infrastructure using OpenID Connect &...Mike Schwartz
 
Implementing MITREid - CIS 2014 Presentation
Implementing MITREid - CIS 2014 PresentationImplementing MITREid - CIS 2014 Presentation
Implementing MITREid - CIS 2014 PresentationJustin Richer
 
OAuth 2.0 and Mobile Devices: Is that a token in your phone in your pocket or...
OAuth 2.0 and Mobile Devices: Is that a token in your phone in your pocket or...OAuth 2.0 and Mobile Devices: Is that a token in your phone in your pocket or...
OAuth 2.0 and Mobile Devices: Is that a token in your phone in your pocket or...Brian Campbell
 
CIS13: Bootcamp: PingOne as a Simple Identity Service
CIS13: Bootcamp: PingOne as a Simple Identity ServiceCIS13: Bootcamp: PingOne as a Simple Identity Service
CIS13: Bootcamp: PingOne as a Simple Identity ServiceCloudIDSummit
 

La actualidad más candente (20)

Standard Based API Security, Access Control and AI Based Attack - API Days Pa...
Standard Based API Security, Access Control and AI Based Attack - API Days Pa...Standard Based API Security, Access Control and AI Based Attack - API Days Pa...
Standard Based API Security, Access Control and AI Based Attack - API Days Pa...
 
Layer 7 Mobile Security Workshop with CA Technologies and Forrester Research ...
Layer 7 Mobile Security Workshop with CA Technologies and Forrester Research ...Layer 7 Mobile Security Workshop with CA Technologies and Forrester Research ...
Layer 7 Mobile Security Workshop with CA Technologies and Forrester Research ...
 
Single sign-on Across Mobile Applications from RSAConference
Single sign-on Across Mobile Applications from RSAConferenceSingle sign-on Across Mobile Applications from RSAConference
Single sign-on Across Mobile Applications from RSAConference
 
Identity Beyond Employees: How Customer Experience Impacts Your IAM Practices
Identity Beyond Employees: How Customer Experience Impacts Your IAM PracticesIdentity Beyond Employees: How Customer Experience Impacts Your IAM Practices
Identity Beyond Employees: How Customer Experience Impacts Your IAM Practices
 
Managing Identity without Boundaries
Managing Identity without BoundariesManaging Identity without Boundaries
Managing Identity without Boundaries
 
Hitchhikers Guide to the Identiverse - How Federated Business will Rule the W...
Hitchhikers Guide to the Identiverse - How Federated Business will Rule the W...Hitchhikers Guide to the Identiverse - How Federated Business will Rule the W...
Hitchhikers Guide to the Identiverse - How Federated Business will Rule the W...
 
Hybrid IAM: Fuelling Agility in the Cloud Transformation Journey | Gartner IA...
Hybrid IAM: Fuelling Agility in the Cloud Transformation Journey | Gartner IA...Hybrid IAM: Fuelling Agility in the Cloud Transformation Journey | Gartner IA...
Hybrid IAM: Fuelling Agility in the Cloud Transformation Journey | Gartner IA...
 
OAuth 101 & Secure APIs 2012 Cloud Identity Summit
OAuth 101 & Secure APIs 2012 Cloud Identity SummitOAuth 101 & Secure APIs 2012 Cloud Identity Summit
OAuth 101 & Secure APIs 2012 Cloud Identity Summit
 
RSA Conference 2016: Don't Use Two-Factor Authentication... Unless You Need It!
RSA Conference 2016: Don't Use Two-Factor Authentication... Unless You Need It!RSA Conference 2016: Don't Use Two-Factor Authentication... Unless You Need It!
RSA Conference 2016: Don't Use Two-Factor Authentication... Unless You Need It!
 
GDPR & Customer IAM: The Real Winners Won’t Stop At Compliance
GDPR & Customer IAM: The Real Winners Won’t Stop At ComplianceGDPR & Customer IAM: The Real Winners Won’t Stop At Compliance
GDPR & Customer IAM: The Real Winners Won’t Stop At Compliance
 
The Case For Next Generation IAM
The Case For Next Generation IAM The Case For Next Generation IAM
The Case For Next Generation IAM
 
Webinar: Consent 2.0: Applying User-Managed Access to the Privacy Challenge
Webinar: Consent 2.0: Applying User-Managed Access to the Privacy ChallengeWebinar: Consent 2.0: Applying User-Managed Access to the Privacy Challenge
Webinar: Consent 2.0: Applying User-Managed Access to the Privacy Challenge
 
How to Make Your IoT Devices Secure, Act Autonomously & Trusted Subjects
How to Make Your IoT Devices Secure, Act Autonomously & Trusted SubjectsHow to Make Your IoT Devices Secure, Act Autonomously & Trusted Subjects
How to Make Your IoT Devices Secure, Act Autonomously & Trusted Subjects
 
Successful Enterprise Single Sign-on: Addressing Deployment Challenges
Successful Enterprise Single Sign-on: Addressing Deployment ChallengesSuccessful Enterprise Single Sign-on: Addressing Deployment Challenges
Successful Enterprise Single Sign-on: Addressing Deployment Challenges
 
OAuth 2.0 and the Internet of Things (IoT) (Jacob Ideskog)
OAuth 2.0 and the Internet of Things (IoT) (Jacob Ideskog)OAuth 2.0 and the Internet of Things (IoT) (Jacob Ideskog)
OAuth 2.0 and the Internet of Things (IoT) (Jacob Ideskog)
 
Beyond MDM: 5 Things You Must do to Secure Mobile Devices in the Enterprise
Beyond MDM: 5 Things You Must do to Secure Mobile Devices in the EnterpriseBeyond MDM: 5 Things You Must do to Secure Mobile Devices in the Enterprise
Beyond MDM: 5 Things You Must do to Secure Mobile Devices in the Enterprise
 
Trust Elevation: Implementing an OAuth2 Infrastructure using OpenID Connect &...
Trust Elevation: Implementing an OAuth2 Infrastructure using OpenID Connect &...Trust Elevation: Implementing an OAuth2 Infrastructure using OpenID Connect &...
Trust Elevation: Implementing an OAuth2 Infrastructure using OpenID Connect &...
 
Implementing MITREid - CIS 2014 Presentation
Implementing MITREid - CIS 2014 PresentationImplementing MITREid - CIS 2014 Presentation
Implementing MITREid - CIS 2014 Presentation
 
OAuth 2.0 and Mobile Devices: Is that a token in your phone in your pocket or...
OAuth 2.0 and Mobile Devices: Is that a token in your phone in your pocket or...OAuth 2.0 and Mobile Devices: Is that a token in your phone in your pocket or...
OAuth 2.0 and Mobile Devices: Is that a token in your phone in your pocket or...
 
CIS13: Bootcamp: PingOne as a Simple Identity Service
CIS13: Bootcamp: PingOne as a Simple Identity ServiceCIS13: Bootcamp: PingOne as a Simple Identity Service
CIS13: Bootcamp: PingOne as a Simple Identity Service
 

Destacado

Mobile marketing.social media international studentsr1
Mobile marketing.social media international studentsr1Mobile marketing.social media international studentsr1
Mobile marketing.social media international studentsr1National University
 
Arab woman tv channel
Arab woman tv channelArab woman tv channel
Arab woman tv channelHalinaKhaled
 
An Intro to Online Media File Types
An Intro to Online Media File TypesAn Intro to Online Media File Types
An Intro to Online Media File TypesDave Rizzio
 
ENSAYO SOBRE LAS REACCIONES QUIMICAS DEL ENAMORAMIENTO
ENSAYO SOBRE LAS REACCIONES QUIMICAS DEL ENAMORAMIENTOENSAYO SOBRE LAS REACCIONES QUIMICAS DEL ENAMORAMIENTO
ENSAYO SOBRE LAS REACCIONES QUIMICAS DEL ENAMORAMIENTOnalaOP
 
Setting up an llp in india by legal raasta
Setting up an llp in india by legal raastaSetting up an llp in india by legal raasta
Setting up an llp in india by legal raastaLegal Raasta
 
OpenID Connect - a simple[sic] single sign-on & identity layer on top of OAut...
OpenID Connect - a simple[sic] single sign-on & identity layer on top of OAut...OpenID Connect - a simple[sic] single sign-on & identity layer on top of OAut...
OpenID Connect - a simple[sic] single sign-on & identity layer on top of OAut...Brian Campbell
 
5 star hotel desing.compressed
5 star hotel desing.compressed5 star hotel desing.compressed
5 star hotel desing.compressedMehnaj Tabassum
 
OpenID Connect and Single Sign-On for Beginners
OpenID Connect and Single Sign-On for BeginnersOpenID Connect and Single Sign-On for Beginners
OpenID Connect and Single Sign-On for BeginnersSalesforce Developers
 

Destacado (15)

Mobile marketing.social media international studentsr1
Mobile marketing.social media international studentsr1Mobile marketing.social media international studentsr1
Mobile marketing.social media international studentsr1
 
Arab woman tv channel
Arab woman tv channelArab woman tv channel
Arab woman tv channel
 
An Intro to Online Media File Types
An Intro to Online Media File TypesAn Intro to Online Media File Types
An Intro to Online Media File Types
 
El universo
El universoEl universo
El universo
 
Xxi
XxiXxi
Xxi
 
Rgga bolivia
Rgga bolivia Rgga bolivia
Rgga bolivia
 
PTaxEnrollmentCertificate_2015-16
PTaxEnrollmentCertificate_2015-16PTaxEnrollmentCertificate_2015-16
PTaxEnrollmentCertificate_2015-16
 
Rash bolivia
Rash boliviaRash bolivia
Rash bolivia
 
ENSAYO SOBRE LAS REACCIONES QUIMICAS DEL ENAMORAMIENTO
ENSAYO SOBRE LAS REACCIONES QUIMICAS DEL ENAMORAMIENTOENSAYO SOBRE LAS REACCIONES QUIMICAS DEL ENAMORAMIENTO
ENSAYO SOBRE LAS REACCIONES QUIMICAS DEL ENAMORAMIENTO
 
Setting up an llp in india by legal raasta
Setting up an llp in india by legal raastaSetting up an llp in india by legal raasta
Setting up an llp in india by legal raasta
 
OpenID Connect - a simple[sic] single sign-on & identity layer on top of OAut...
OpenID Connect - a simple[sic] single sign-on & identity layer on top of OAut...OpenID Connect - a simple[sic] single sign-on & identity layer on top of OAut...
OpenID Connect - a simple[sic] single sign-on & identity layer on top of OAut...
 
IDRC 2014 Bukvic presentation
IDRC 2014 Bukvic presentationIDRC 2014 Bukvic presentation
IDRC 2014 Bukvic presentation
 
5 star hotel desing.compressed
5 star hotel desing.compressed5 star hotel desing.compressed
5 star hotel desing.compressed
 
OpenID Connect and Single Sign-On for Beginners
OpenID Connect and Single Sign-On for BeginnersOpenID Connect and Single Sign-On for Beginners
OpenID Connect and Single Sign-On for Beginners
 
Rotary Sociala media
Rotary Sociala mediaRotary Sociala media
Rotary Sociala media
 

Similar a Identity Management: Using OIDC to Empower the Next-Generation Apps

Securing your Applications for the Cloud Age
Securing your Applications for the Cloud AgeSecuring your Applications for the Cloud Age
Securing your Applications for the Cloud AgeArtur Alves
 
EduID Mobile App - Use-Cases, Concepts and Implementation
EduID Mobile App - Use-Cases, Concepts and ImplementationEduID Mobile App - Use-Cases, Concepts and Implementation
EduID Mobile App - Use-Cases, Concepts and ImplementationChristian Glahn
 
A Backstage Tour of Identity - Paris Identity Summit 2016
A Backstage Tour of Identity - Paris Identity Summit 2016A Backstage Tour of Identity - Paris Identity Summit 2016
A Backstage Tour of Identity - Paris Identity Summit 2016ForgeRock
 
Who’s Knocking? Identity for APIs, Web and Mobile
Who’s Knocking? Identity for APIs, Web and MobileWho’s Knocking? Identity for APIs, Web and Mobile
Who’s Knocking? Identity for APIs, Web and MobileNordic APIs
 
APIdays London 2019 - Why the Financial Industry Needs Intelligent API Securi...
APIdays London 2019 - Why the Financial Industry Needs Intelligent API Securi...APIdays London 2019 - Why the Financial Industry Needs Intelligent API Securi...
APIdays London 2019 - Why the Financial Industry Needs Intelligent API Securi...apidays
 
API, Integration, and SOA Convergence
API, Integration, and SOA ConvergenceAPI, Integration, and SOA Convergence
API, Integration, and SOA ConvergenceKasun Indrasiri
 
Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...
Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...
Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...CA API Management
 
#1922 rest-push2 ap-im-v6
#1922 rest-push2 ap-im-v6#1922 rest-push2 ap-im-v6
#1922 rest-push2 ap-im-v6Jack Carnes
 
Oauth and SharePoint 2013 Provider Hosted apps
Oauth and SharePoint 2013 Provider Hosted appsOauth and SharePoint 2013 Provider Hosted apps
Oauth and SharePoint 2013 Provider Hosted appsJames Tramel
 
OAuth for QuickBooks Online REST Services
OAuth for QuickBooks Online REST ServicesOAuth for QuickBooks Online REST Services
OAuth for QuickBooks Online REST ServicesIntuit Developer
 
Oracle: Building Cloud Native Applications
Oracle: Building Cloud Native ApplicationsOracle: Building Cloud Native Applications
Oracle: Building Cloud Native ApplicationsKelly Goetsch
 
AWS November meetup Slides
AWS November meetup SlidesAWS November meetup Slides
AWS November meetup SlidesJacksonMorgan9
 
Identity for IoT: An Authentication Framework for the IoT
Identity for IoT: An Authentication Framework for the IoTIdentity for IoT: An Authentication Framework for the IoT
Identity for IoT: An Authentication Framework for the IoTAllSeen Alliance
 
Cisco Connect Vancouver 2017 - Cloud and on premises collaboration security e...
Cisco Connect Vancouver 2017 - Cloud and on premises collaboration security e...Cisco Connect Vancouver 2017 - Cloud and on premises collaboration security e...
Cisco Connect Vancouver 2017 - Cloud and on premises collaboration security e...Cisco Canada
 
Identiverse - Microservices Security
Identiverse - Microservices SecurityIdentiverse - Microservices Security
Identiverse - Microservices SecurityBertrand Carlier
 
Cloud and On Premises Collaboration Security Explained
Cloud and On Premises Collaboration Security ExplainedCloud and On Premises Collaboration Security Explained
Cloud and On Premises Collaboration Security ExplainedCisco Canada
 
Trust No One: The New Security Model for Web APIs - SecTor talk by Greg Kliew...
Trust No One: The New Security Model for Web APIs - SecTor talk by Greg Kliew...Trust No One: The New Security Model for Web APIs - SecTor talk by Greg Kliew...
Trust No One: The New Security Model for Web APIs - SecTor talk by Greg Kliew...CA API Management
 

Similar a Identity Management: Using OIDC to Empower the Next-Generation Apps (20)

API Security with OAuth2.0.
API Security with OAuth2.0.API Security with OAuth2.0.
API Security with OAuth2.0.
 
Securing your Applications for the Cloud Age
Securing your Applications for the Cloud AgeSecuring your Applications for the Cloud Age
Securing your Applications for the Cloud Age
 
EduID Mobile App - Use-Cases, Concepts and Implementation
EduID Mobile App - Use-Cases, Concepts and ImplementationEduID Mobile App - Use-Cases, Concepts and Implementation
EduID Mobile App - Use-Cases, Concepts and Implementation
 
A Backstage Tour of Identity - Paris Identity Summit 2016
A Backstage Tour of Identity - Paris Identity Summit 2016A Backstage Tour of Identity - Paris Identity Summit 2016
A Backstage Tour of Identity - Paris Identity Summit 2016
 
Who’s Knocking? Identity for APIs, Web and Mobile
Who’s Knocking? Identity for APIs, Web and MobileWho’s Knocking? Identity for APIs, Web and Mobile
Who’s Knocking? Identity for APIs, Web and Mobile
 
APIdays London 2019 - Why the Financial Industry Needs Intelligent API Securi...
APIdays London 2019 - Why the Financial Industry Needs Intelligent API Securi...APIdays London 2019 - Why the Financial Industry Needs Intelligent API Securi...
APIdays London 2019 - Why the Financial Industry Needs Intelligent API Securi...
 
API, Integration, and SOA Convergence
API, Integration, and SOA ConvergenceAPI, Integration, and SOA Convergence
API, Integration, and SOA Convergence
 
Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...
Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...
Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...
 
#1922 rest-push2 ap-im-v6
#1922 rest-push2 ap-im-v6#1922 rest-push2 ap-im-v6
#1922 rest-push2 ap-im-v6
 
Oauth and SharePoint 2013 Provider Hosted apps
Oauth and SharePoint 2013 Provider Hosted appsOauth and SharePoint 2013 Provider Hosted apps
Oauth and SharePoint 2013 Provider Hosted apps
 
OAuth for QuickBooks Online REST Services
OAuth for QuickBooks Online REST ServicesOAuth for QuickBooks Online REST Services
OAuth for QuickBooks Online REST Services
 
OAuth 2.0 101
OAuth 2.0 101OAuth 2.0 101
OAuth 2.0 101
 
Oracle: Building Cloud Native Applications
Oracle: Building Cloud Native ApplicationsOracle: Building Cloud Native Applications
Oracle: Building Cloud Native Applications
 
AWS November meetup Slides
AWS November meetup SlidesAWS November meetup Slides
AWS November meetup Slides
 
AWS User Group November
AWS User Group NovemberAWS User Group November
AWS User Group November
 
Identity for IoT: An Authentication Framework for the IoT
Identity for IoT: An Authentication Framework for the IoTIdentity for IoT: An Authentication Framework for the IoT
Identity for IoT: An Authentication Framework for the IoT
 
Cisco Connect Vancouver 2017 - Cloud and on premises collaboration security e...
Cisco Connect Vancouver 2017 - Cloud and on premises collaboration security e...Cisco Connect Vancouver 2017 - Cloud and on premises collaboration security e...
Cisco Connect Vancouver 2017 - Cloud and on premises collaboration security e...
 
Identiverse - Microservices Security
Identiverse - Microservices SecurityIdentiverse - Microservices Security
Identiverse - Microservices Security
 
Cloud and On Premises Collaboration Security Explained
Cloud and On Premises Collaboration Security ExplainedCloud and On Premises Collaboration Security Explained
Cloud and On Premises Collaboration Security Explained
 
Trust No One: The New Security Model for Web APIs - SecTor talk by Greg Kliew...
Trust No One: The New Security Model for Web APIs - SecTor talk by Greg Kliew...Trust No One: The New Security Model for Web APIs - SecTor talk by Greg Kliew...
Trust No One: The New Security Model for Web APIs - SecTor talk by Greg Kliew...
 

Más de Tom Freestone

Apps storesandbrowsers
Apps storesandbrowsersApps storesandbrowsers
Apps storesandbrowsersTom Freestone
 
Understanding your Audience Through Numbers
Understanding your Audience Through NumbersUnderstanding your Audience Through Numbers
Understanding your Audience Through NumbersTom Freestone
 
Rapid deployment models for uPortal
Rapid deployment models for uPortalRapid deployment models for uPortal
Rapid deployment models for uPortalTom Freestone
 
Are portals really dead? “The reports of my death have been greatly exaggerat...
Are portals really dead? “The reports of my death have been greatly exaggerat...Are portals really dead? “The reports of my death have been greatly exaggerat...
Are portals really dead? “The reports of my death have been greatly exaggerat...Tom Freestone
 
Authentication, authorization and identity o my!
Authentication, authorization and identity o my!Authentication, authorization and identity o my!
Authentication, authorization and identity o my!Tom Freestone
 
06-13-2012 Can anyone use our portal?
06-13-2012 Can anyone use our portal?06-13-2012 Can anyone use our portal?
06-13-2012 Can anyone use our portal?Tom Freestone
 

Más de Tom Freestone (6)

Apps storesandbrowsers
Apps storesandbrowsersApps storesandbrowsers
Apps storesandbrowsers
 
Understanding your Audience Through Numbers
Understanding your Audience Through NumbersUnderstanding your Audience Through Numbers
Understanding your Audience Through Numbers
 
Rapid deployment models for uPortal
Rapid deployment models for uPortalRapid deployment models for uPortal
Rapid deployment models for uPortal
 
Are portals really dead? “The reports of my death have been greatly exaggerat...
Are portals really dead? “The reports of my death have been greatly exaggerat...Are portals really dead? “The reports of my death have been greatly exaggerat...
Are portals really dead? “The reports of my death have been greatly exaggerat...
 
Authentication, authorization and identity o my!
Authentication, authorization and identity o my!Authentication, authorization and identity o my!
Authentication, authorization and identity o my!
 
06-13-2012 Can anyone use our portal?
06-13-2012 Can anyone use our portal?06-13-2012 Can anyone use our portal?
06-13-2012 Can anyone use our portal?
 

Último

Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine ServiceHot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Servicesexy call girls service in goa
 
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort ServiceEnjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort ServiceDelhi Call girls
 
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...Sheetaleventcompany
 
Networking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOGNetworking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOGAPNIC
 
On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024APNIC
 
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.soniya singh
 
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With RoomVIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Roomishabajaj13
 
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
Hot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night Stand
Hot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night StandHot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night Stand
Hot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night Standkumarajju5765
 
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls KolkataRussian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkataanamikaraghav4
 
Challengers I Told Ya ShirtChallengers I Told Ya Shirt
Challengers I Told Ya ShirtChallengers I Told Ya ShirtChallengers I Told Ya ShirtChallengers I Told Ya Shirt
Challengers I Told Ya ShirtChallengers I Told Ya Shirtrahman018755
 
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts serviceChennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts servicesonalikaur4
 
Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With RoomVIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Roomdivyansh0kumar0
 
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...Diya Sharma
 
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024APNIC
 
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls KolkataVIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkataanamikaraghav4
 
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With RoomVIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Roomdivyansh0kumar0
 

Último (20)

Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine ServiceHot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
 
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort ServiceEnjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
 
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
 
Rohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No AdvanceRohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
 
Networking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOGNetworking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOG
 
On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024
 
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
 
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With RoomVIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
 
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
 
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
 
Hot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night Stand
Hot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night StandHot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night Stand
Hot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night Stand
 
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls KolkataRussian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
 
Challengers I Told Ya ShirtChallengers I Told Ya Shirt
Challengers I Told Ya ShirtChallengers I Told Ya ShirtChallengers I Told Ya ShirtChallengers I Told Ya Shirt
Challengers I Told Ya ShirtChallengers I Told Ya Shirt
 
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts serviceChennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts service
 
Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝
 
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With RoomVIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
 
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
 
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
 
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls KolkataVIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
 
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With RoomVIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
 

Identity Management: Using OIDC to Empower the Next-Generation Apps

  • 1. Identity Management: Using OIDC to Empower the Next-Generation of Applications Tom Freestone LDS Church © 2016 by Intellectual Reserve, Inc. All rights reserved.
  • 2. The future computing platforms are MOBILE and CLOUD! Mobile Computing - present and the future 2.4 billion mobile devices in 2013 and 2.5 billion in 2014. 81+ billion apps downloaded in 2013. There are 6.8 billion people on the planet at present. 4 billion own mobile phones. Gartner Group - World Wide Devices Shipments Internet of Things In the Cloud EVERYTHING is an API. APIs are an integral part of what are arguably the three major forces currently transforming the Web and IT landscape —Mobile, Social and Cloud Computing. API © 2016 by Intellectual Reserve, Inc. All rights reserved.
  • 3. • How do we design and develop solutions that meet the growth and the diversity of a global user base? • How do we move large enterprise solutions and systems to embrace mobile and cloud computing? • How do we maximize our past investments in technology solutions and embrace new and evolving industry technology advancements? • How do we significantly reduce costs and encourage greater reuse of core systems and services across the enterprise? Preparing for the future - MOBILE and CLOUD! © 2016 by Intellectual Reserve, Inc. All rights reserved.
  • 4. Legacy Applications & Systems Monolithic Application-centric DB-coupled Component & Services Architecture Web Services Integrations Mobile/Web Components Mobile – Web - Device Platform as a Service Hybrid CloudData Center AWS Azure Cloud Mobile Application Architecture © 2016 by Intellectual Reserve, Inc. All rights reserved.
  • 5. IdentityIdentity ? © 2016 by Intellectual Reserve, Inc. All rights reserved.
  • 6. Identity ? AuthorizationAuthentication © 2016 by Intellectual Reserve, Inc. All rights reserved.
  • 7. ? Who is the user? Entity Claims Attributes Identity is a set of claims. © 2016 by Intellectual Reserve, Inc. All rights reserved.
  • 8. Entity Attributes https://www.flickr.com/photos/74373690@N00/13949707621/ via Compfight (License: https://creativecommons.org/licenses/by-nc/2.0/)
  • 9. What is the user allowed to do? Who What Why WhenHow Attributes Policy © 2016 by Intellectual Reserve, Inc. All rights reserved.
  • 10. What is the user allowed to do? Authenticated Users Users that work for … Users that belong to Web Access Mgmt. © 2016 by Intellectual Reserve, Inc. All rights reserved.
  • 11. Reverse Proxies • Passes Headers • Protects URL’s • Manages SSO Session • Data Center Co-location The Traditional Solution: Authorization/Authentication? © 2016 by Intellectual Reserve, Inc. All rights reserved.
  • 12. The world of reverse proxies … protected, but ... https://www.flickr.com/photos/13748147@N02/2070083736/ via Compfight (License: https://creativecommons.org/licenses/by-nc-nd/2.0/)
  • 13. The real world is complex and interconnected. http://steffondavis.com/visualizing-taste-in-art-with-big-data-curation-analysis-curalytics-and-curiator/
  • 14. Enterprise SaaS Private Cloud PaaS (Cloud foundry) Development Stacks Web Services PaaS Web Services Public CloudPublic Cloud Hybrid Cloud Cloud Approach Hybrid Cloud: A cloud computing service that is composed of some combination of private, public, and community cloud services, from different service providers, for capacity or capability Cloud Mobile Integration • Must support existing systems (legacy) = Hybrid • Everything moving to “Services” (APIs) • Mobile/Web Development (Open Standards) • Services Oriented Architecture (SOA) • Migration/On Ramp (Security, SaaS, etc.) © 2016 by Intellectual Reserve, Inc. All rights reserved.
  • 15. How do we move to the cloud and still authenticate our users? © 2016 by Intellectual Reserve, Inc. All rights reserved.
  • 16. Federation © 2016 by Intellectual Reserve, Inc. All rights reserved.
  • 17. Traditional vs. Federated Reverse Proxies • Passes Headers • Protects URL’s • Manages SSO Session • Data Center Colocation Application • Consumes attributes • Protects its own URL’s • Manages its own session • Data Center Independence © 2016 by Intellectual Reserve, Inc. All rights reserved.
  • 18. Icon design by Paomedia and Ivan Boyko Interoperable Flexible Secure Simple OIDC Benefits © 2016 by Intellectual Reserve, Inc. All rights reserved.
  • 19. Basic OIDC Protocol End User OIDC Provider Client 1. AuthN Request 2. AuthN & AuthZ 3. AuthN Response 4. UserInfo Request 5. UserInfo Response Abstract OIDC Protocol: 1.2 OIDC-Core Spec Client application requiring End-User Authentication and Claims from an OIDC Provider. Provides identity as a service using OIDC through the Token endpoint, UserInfo endpoint, & Authorization endpoint. Also referred to as the “User Agent,” meaning the browser. © 2016 by Intellectual Reserve, Inc. All rights reserved.
  • 20. AntiPattern #1 LDAP Service Accounts Application / Client Get Use Protected API (Resource Server) LDAP 1. Request (Basic Auth username: password) 2. LDAP Bind username:password 3. Data © 2016 by Intellectual Reserve, Inc. All rights reserved.
  • 21. Pattern #1 Service Account using OIDC Application / Client Get Use 1. Request Token (Client_id / userId) Token Token 2. 3. Make Request Protected API Authorization Server 4. Validate Token 5. Valid Token 7. Return Data Token © 2016 by Intellectual Reserve, Inc. All rights reserved.
  • 22. Pattern #1 Service Account – Getting Tokens curl https://openam.example.com:8443/openam/.well-known/openid-configuration { "response_types_supported": [ "token id_token", "code token", "code token id_token", "token", "code id_token", "code", "id_token" ], "registration_endpoint": "https://ident.example.com:8443/openam/oauth2/connect/register", "token_endpoint": "https://ident.example.com:8443/openam/oauth2/access_token", "end_session_endpoint": "https://ident.example.com:8443/openam/oauth2/connect/endSession", "version": "3.0", "userinfo_endpoint": "https://ident.example.com:8443/openam/oauth2/userinfo", "subject_types_supported": [ "public" ], "issuer": "https://ident.example.com:8443/openam", "jwks_uri": "https://ident.example.com:8443/openam/oauth2/connect/jwk_uri?realm=/", "id_token_signing_alg_values_supported": [ "HS256", "HS512", "RS256", "HS384" ], "check_session_iframe": "https://ident.example.com:8443/openam/oauth2/connect/checkSession", "claims_supported": [ "phone", "email", "address", "openid", "profile" ], "authorization_endpoint": "https://ident.example.com:8443/openam/oauth2/authorize" } curl --request POST --user "masterClient:password" --data "grant_type=password&username=someUser&password=password" https://ident.example.com:8443/openam/oauth2/access_token { "expires_in": 59, "token_type": "Bearer", "refresh_token": "26938cd0-6870-4e31-ade9-df31afc37ee1", "access_token": "515d6551-4512-4279-98b6-c0ef3f03a722" } Authorization, Bearer 515d6551-4512-4279-98b6-c0ef3f03a722 © 2016 by Intellectual Reserve, Inc. All rights reserved.
  • 23. 1. Using App Client Login Page Owner 3. Post User/password to login page 4. Get cookies 5. Request Data 6. Data 2. Collect User/Password Get Use AntiPattern #2 Session Hijack © 2016 by Intellectual Reserve, Inc. All rights reserved
  • 24. 1. Using App Client Authorization Server Owner 3.Authorize 4. Authorization Code 5. Authorization Code Token 6. Resource Server Token Token7. Request Data 8. Validate Token 9. Valid Token10. Data 2. Redirect to Login Get Use Pattern #2 Service Provider Access Using OIDC [1]R. Boyd, Getting started with Oauth 2.0. Sebastopol, CA: O’Reilly, 2012.c © 2016 by Intellectual Reserve, Inc. All rights reserved.
  • 25. Pattern #2 Service Provider Access -- Responses [2] Backstage.forgerock.com, ‘ForgeRock BackStage’, 2015. [Online]. Available: https://backstage.forgerock.com/#!/docs/ openam/12.0.0/admin-guide/chap- opened-connect. [Accessed: 08- Oct- 2015]. © 2016 by Intellectual Reserve, Inc. All rights reserved.
  • 26. Legacy Applications & Systems Monolithic Application-centric DB-coupled Component & Services Architecture Web Services Integrations Mobile/Web Components Mobile – Web - Device Platform as a Service Hybrid CloudProvo/Church Data Center AWS Azure © 2016 by Intellectual Reserve, Inc. All rights reserved. Cloud Mobile Application Architecture
  • 27. The future computing platforms are MOBILE and CLOUD! Mobile Computing - present and the future 2.4 billion mobile devices in 2013 and 2.5 billion in 2014. 81+ billion apps downloaded in 2013. There are 6.8 billion people on the planet at present. 4 billion own mobile phones. Gartner Group - World Wide Devices Shipments Internet of Things In the Cloud EVERYTHING is an API. APIs are an integral part of what are arguably the three major forces currently transforming the Web and IT landscape —Mobile, Social and Cloud Computing. API © 2016 by Intellectual Reserve, Inc. All rights reserved.
  • 28. Questions? © 2016 by Intellectual Reserve, Inc. All rights reserved.

Notas del editor

  1. Develop an API First - Before you build your website, web, mobile or single page application you develop an API first, then you get to work on defining the channels you will be making the API resources available on. APIs are core to every cloud, social and mobile computing strategy. Everything and everyone will be API enabled. APIs are an economic imperative. Organizations must provide their core competence through APIs. Organizations must consume core competences of others through APIs. Comment on Internet of Things Over 50% of Internet connections are things. In 2011, there were over 15 billion things on the Web, with 50 billion+ intermittent connections. By 2020, there will be over 30 billion connected things, with over 200 billion with intermittent connections. Gartner Group – 2014 Trends How cool would it be to display your daily spiritual thought on your Microwave each morning? 
  2. “Why We need to be preparing for the Future in Cloud and Mobile. How do we design and develop solutions that meet the growth and diversity of a globally expanding Church? How does the Church move their large enterprise solutions and systems to embrace mobile and cloud computing? How do we maximize our past investments in technology solutions and embrace new and evolving industry technology advancements? How do we significantly reduce costs and encourage greater reuse of core systems and services across the Church?
  3. To meet the current and future needs of a globally diverse church we must embrace Mobile and Cloud Computing as the means to reach our world-wide audience. Mobile computing is the future – and in many ways is the only means we have to reach the world-wide population. Cloud computing distributes computing and storage services around the world in a way that wasn’t possible just a few years ago. To effectively leverage both mobile and cloud computing, Web Services (APIs) are required. APIs allow us to integrate with legacy systems, databases, and back-end enterprise systems. The Cloud Mobile Integration (CMI) Platform delivers the technologies, systems, principles, processes, patterns, and services that enable ICS and the Church to fully embrace the “Services and Component Architecture” to support Mobile and Cloud computing.
  4. Identity answers the questions: who is the user? What is that user allowed to do?
  5. Who the user is = authentication What the user is allowed to do = authorization
  6. Because of the large investment in enterprise (on-premise) systems, the need to maximize these investments requires we build web services to front-end these systems. As we build web services to expose key information and functionality, we are able to build new web services that use these existing systems while at the same time, can access public cloud systems to deliver the next generation cloud and mobile solutions. Because of our legacy infrastructure, the CMI platform is designed to run on-premise (within our own data centers) or off-premise (in public cloud data centers). This approach provides a consistent environment of security, governance, API management, and use. The CMI platform is designed to support the Hybrid Cloud model so that solutions that run on the CMI platform can leverage both on-premise computing and off-premise computing transparently.
  7. Maintain WAM approach, but standardizing it. OpenID allows us to authenticate/authorize applications in a standard way (as opposed to WAM—proprietary way)
  8. Oauth 2.0 provides the base protocol. OpenID Connect is the identity layer. And OpenAM provides our OIDC implementation.
  9. Maintain WAM approach, but standardizing it. OpenID allows us to authenticate/authorize applications in a standard way (as opposed to WAM—proprietary way) OpenID Connect is a federation standard Federated makes calls: agree upon a common language to share information WAM: force our variables on you. Your application has to use WAM’s infrastructure No longer protected by wall – have to protect yourself
  10. Interoperable Standard was to requesting to claims. Claim: Attribute or a piece of information about an entity’s identity Scope: Short hands for predefined sets of claims User Endpoint to Get Attributes about the user and to translate various tokens Flexible How do we deal with Web vs Mobile vs Web services vs …? Identity as Services (IDaaS) Profiles / flows Secure Crypto awesome Levels of Security Simple / mobile friendly Don’t need harder protocols to implement Use JSON / REST
  11. Request authentication Login page / consent page Access token Get attributes
  12. To meet the current and future needs of a globally diverse church we must embrace Mobile and Cloud Computing as the means to reach our world-wide audience. Mobile computing is the future – and in many ways is the only means we have to reach the world-wide population. Cloud computing distributes computing and storage services around the world in a way that wasn’t possible just a few years ago. To effectively leverage both mobile and cloud computing, Web Services (APIs) are required. APIs allow us to integrate with legacy systems, databases, and back-end enterprise systems. The Cloud Mobile Integration (CMI) Platform delivers the technologies, systems, principles, processes, patterns, and services that enable ICS and the Church to fully embrace the “Services and Component Architecture” to support Mobile and Cloud computing.
  13. Develop an API First - Before you build your website, web, mobile or single page application you develop an API first, then you get to work on defining the channels you will be making the API resources available on. APIs are core to every cloud, social and mobile computing strategy. Everything and everyone will be API enabled. APIs are an economic imperative. Organizations must provide their core competence through APIs. Organizations must consume core competences of others through APIs. Comment on Internet of Things Over 50% of Internet connections are things. In 2011, there were over 15 billion things on the Web, with 50 billion+ intermittent connections. By 2020, there will be over 30 billion connected things, with over 200 billion with intermittent connections. Gartner Group – 2014 Trends How cool would it be to display your daily spiritual thought on your Microwave each morning? 