Ping solutions overview_111904
-
Upload
eaiti -
Category
Technology
-
view
96 -
download
0
Transcript of Ping solutions overview_111904
Copyright 2004 Ping Identity Corporation
Identity Management BriefIdentity Management BriefNovember 19, 2004November 19, 2004
04/12/23
Slide 2
Agenda Agenda
Talking PointsEvolution of Identity ManagementPing Identity SnapshotFederated Identity In DepthPing Products and ServicesFederation Protocol OverviewUse Cases
04/12/23
Slide 3
Identity Management EvolvesIdentity Management Evolves
Stovepipe SystemsInternal – Apps, Directories, Databases
External – Partner systems
Proprietary Identity CentralizationThe Stack – Cookies, Agents, SSO
Identity Portability via Standards(SAML, Liberty, WS-*, XACML, SPML)
Vendor IndependentSystem Independent
04/12/23
Slide 4
Company Overview Company Overview
Customers & Partners
Investors
Management
SourceID Users
04/12/23
Slide 5
What is “Federated Identity?”What is “Federated Identity?”
Federated Identity allows enterprises to securely link and exchange identity information across autonomous security domains
Federated Identity enables seamless access to distributed resources and applications
04/12/23
Slide 6
Federated Identity – An Enabling Technology Federated Identity – An Enabling Technology
Networking of Identity Enables Tighter partner interaction Improved service and convenience to customers Improved security of outsourced services Lowered costs and complexity managing users and redundant directories
Identity “Portability” Enables Reduced transactional friction Lower costs associated with SSO and password reset New revenue opportunities
04/12/23
Slide 7
Who’s FederatingWho’s Federating
04/12/23
Slide 8
Current Federation Protocol LandscapeCurrent Federation Protocol Landscape
LibertyID-WSF 1.0
SOAP, SSL/TLS,HTTP, HTML, WAP
OASIS SAML 1.1
Libert
y
ID-F
F 1.2
XML, WSDL, WS-Security, XML Dsig, WS-*, SPML, XACML, XKMS
Binding, Network, and Transport
XML and Security
Federation
Sh
ibbole
th1.2
Identity Services
WS-F
edera
tion
04/12/23
Slide 9
Federated Identity Basic ModelFederated Identity Basic Model
Logon
User Attributes
Identity Provider“Asserting Party”
Service Provider“Relying Party”
Fed ServerApp Server
ProtectedResources
Fed Server
Session Mgr(e.g. AAA)
Identity Assertion(Authentication &
Attributes)
Session Mgr(e.g. AAA)
User Attributes
04/12/23
Slide 10
Products & Services OverviewProducts & Services Overview
04/12/23
Slide 11
Products & Services OverviewProducts & Services Overview
PingFederate – Multi-protocol Federation GatewayPingDeploy – Accelerated Deployment ServicesSourceID - Open Source ToolkitsBusiness & Legal FrameworksIntegration Services
04/12/23
Slide 12
Use Case: Integrating Hosted ServicesUse Case: Integrating Hosted Services
User Store
Login
User Store
Global Travel ServiceService Provider
Company AIdentity Provider
John SmithLogin: john123
john123jsmith
Travel Application
XML
GatewayGateway
Intranet
Federation
1
SSO Access 2
Protocol: Liberty
Federated ID(linked accounts)
04/12/23
Slide 13
Use Case: Integrating Hosted ServicesUse Case: Integrating Hosted Services
Login
User Store
Global Travel ServiceService Provider
Company AIdentity Provider
John SmithLogin: john123
john123
Travel Application
XML
GatewayGateway
Intranet
Federation
1
SSO Access 2
Protocol: SAML
No User Store Exists
Federated ID(UserID & Role)
04/12/23
Slide 14
Use Case: Link Redundant Accounts Use Case: Link Redundant Accounts (Internal)(Internal)
User Store
Login
User Store
Company AJohn SmithLogin: john123
john123jsmith
Security Domain B
XML
GatewayGateway
Security Domain A
Federation1
SSO Access 2
Protocol: Liberty
Federated ID(Linked Accounts)
04/12/23
Slide 15
Use Case: Secure CollaborationUse Case: Secure Collaboration
User StoreUser Store
Airline Co.Authentication Authority
Aircraft MfgRelying Party
John SmithLogin: john123Role: 747 Mechanic
john123
Intranet
XML
GatewayGateway
Online Manuals Federation
SSO Access2
747 Manual
777 Manual
Protocol: SAML
Federated ID(John123 &
747 Mechanic)
1
04/12/23
Slide 16
Use Case: Attribute Exchange (B2C)Use Case: Attribute Exchange (B2C)
My Portal(Identity Provider)
Books.com
Portal
XML
GatewayGateway
eCommerce Site
Federation
SSO Access2
Protocol: SAML
Get Attributes (address, cc # etc.)
1
3Federated ID
(UserID & Role)User Store
&Attributes
04/12/23
Slide 17
Multi-Protocol Federate GatewaysMulti-Protocol Federate Gateways
Company A Company A
PingFederatePingFederateA Multi-Protocol GatewayA Multi-Protocol Gateway
(Partner Specific Configuration)
SAML Liberty
Internet
WS-FedShibboleth
Partner University Partner University Public & Private Sector - Enterprise & CarriersPublic & Private Sector - Enterprise & Carriers
Internal Federation
PingDeployPingDeployInterop. Service
04/12/23
Slide 18
FREEFREE Ping Resources Ping Resources
Federation ChecklistFederation Agreements Federation Business Use-CasesFederation Developer Use-CasesOpen Source Toolkits (Liberty, SAML, WS-Federation)
www.sourceid.orgwww.pingidentity.com