All posts by Samudra Weerasinghe

Welcome Back Paul: Our old and new CTO!

Paul met Sanjiva back in 1998 (almost a lifetime ago for some!). Their shared vision for the future encouraged them to leave IBM and start up their own open source company — WSO2. They soon ramped up their first project, Apache Axis2, and became one of the most competitive middleware companies in the industry.

Paul has been with us for the most part of our journey but decided to take some time off to work on his Ph.D., something he had wanted to do for quite a while. He now comes back as Dr. Paul Fremantle, our newly reinstated CTO. “He is someone who will challenge you and expect you to challenge him back,” said Sanjiva. So we welcome you back with open arms and are looking forward to being challenged.

Here’s a little bit of what Paul has been doing over the last two and a half years. For his Ph.D. he focused on security for IoT devices. As he pointed out, we feel that buying a device gives us control over our data, but in reality, the control is with the companies that manufacture these devices. During his research and after going through a lot of painful mathematics, he was able to create a new architecture model, OAuthing, which

  • Provides a simple way for you to take ownership of the device through an improved federated identity approach for IoT
  • Creates an instance of the server that handles a device for each user (personal cloud middleware)
  • Enables pseudonymity by not having to share your identity by default

His research directly influenced the Internet Engineering Task Force (IETF) and was even partly used in our own WSO2 IoT Server!

Even with all of this going on, he managed to pick up the hobby of making musical instruments and has now leveled up from crafting ukuleles to mandolins and guitars. He says his current pet project of making a violin (one of the hardest yet) is the complete opposite of software development. In software development, if you make a mistake you can easily learn from it, iterate and fix it. But the smallest mistake in violin-making means you have to start right from the beginning all over again!

“I’ve been trying to learn patience, but I can’t seem to learn it quick enough,” jokes Paul. Glad to have you back Paul. We all look forward to working with you again.

We’re Celebrating Our People This Year!

We turned 12 last month and to celebrate this year we picked 12 amazing humans of WSO2 (by popular vote) and shared their stories. The people at WSO2 are our biggest asset and the drivers of our success. Here are some of those who have inspired us all:

Flora Ariyapala – Assistant Administration Officer

“I can’t pick the best memory. I’ve never had a bad day here. This is family. This is my home,” said Flora with a gleam in her eye while talking about her workplace — one she has been at for the past 12 years. Her stint at WSO2 is what she calls her first “proper” job. From being one of the first employees at WSO2 she has grown to be the person you look for in times of need, very similar to when you look for your mom at home. Be it having all the biscuit jars in our pantry filled, making sure you get a plaster for that scratch or looking after each and every employee like they were her own children (including the ones in their 30’s). Flora has played numerous roles in WSO2 and her unwavering dedication and affection towards the WSO2 family are admirable. We’re nothing but grateful for everything that Flora has done for us.

Nandika Jayawardana – Associate Director and Architect

You come to know a person for who they are when they are under stress or when they are in power. Nandika has been in both these situations at WSO2, mostly at the same time. Yet he’s calm and down-to-earth at all times and never projects his emotions, no matter how frustrated he is. “He’s a person who makes everyone laugh even when they’re panicking about emerging deadlines or in a “war room”,” said his team. As a starting member of the team, Nandika has proven to be a friendly, kind-hearted and knowledgeable person for the past 12 years. For a guy who’s as smart as he is, he’s surprisingly humble. He also knows what it means to be truly empathetic. When it comes to Nandika we’re told that “You surely know that you have enjoyed work life if you have worked with him.”. Thanks for being super cool, Nandika!

Jackie Wheeler – Vice President of Technical Content

Jackie is a thrill-seeker who has a wide spectrum of interests ranging from the Burning Man and bats to karaoke, skiing, and sailing. In addition to this, she’s a self-published author of four novels, a fantastic singer and a black belt in martial arts. Yes, she can kick your a** while singing about our documentation! That’s not all, she even put aside her fear of heights and went skydiving. When asked what her favorite thing at WSO2 was she said “The people. I’ve come to see Sri Lanka as a second home and the team as my extended family. We’ve had too many fun adventures and hilarious times, usually involving tuk tuks.” And we love her too; everyone raves about her leadership and writing skills. You’re a true rock star, Jackie!

Kapila Chandana – Assistant Administration Officer

Often found rushing to the scene of a faulty AC or making sure the lobby is equipped with music by The Chainsmokers or Daler Mehndi, Kapila a.k.a. KC is also a part-time comedian and Superman — in-house of course. Don’t be alarmed if you see him with a hammer or a sharp tool, this brave ex-soldier is your friendly fixer-upper for all things broken. He seems to have an ever-ready thumbs up or a salute and a Tennison Cooray-esque joke every time you greet him. He will gladly be your go-to-man when running an event or an executive business meeting, just to make sure nothing falls apart — it’s almost as if the words “no” or “can’t” don’t exist in his vocabulary. Kapila has nothing but undying love and affection towards WSO2, a place that he refers to as the “talent spot”. He’s even won the outstanding contribution award for 3 years in a row for the three and a half years he’s been here. KC, what a dude!

Asma Cader – Senior Marketing Officer

Asma Cader affectionately known as Aso exuberates confidence, isn’t afraid to speak her mind and stands up for both herself and others. Her bubbly personality is so lovable that people often overlook her constant insults. A lover of all things Disney and Pixar, she’s an avid collector of Minion merchandise and anything fluffy. She even went through a ‘Frozen’ phase where everyone had the pleasure of listening to her endlessly singing ‘Do you want to build a snowman’…for a year! But what she lacks in singing she makes up for in basketball. Her command of the sport makes her one of the best players at WSO2. She also thinks she’d be a suitable mascot for BallerinaLang and is dedicated to making it the most popular programming language out there. Thank you for being you, Aso!

Sumedha Rubasinghe – Director of IoT Architecture

Most of Sumedha’s stories can’t (and shouldn’t!) be shared in public. One that can be shared, however, is the time he convinced a team member to report his height and weight to HR, to attend a company trip! While Sumedha is famously known for his pranks, everyone agrees that he is one of the best mentors around. He identifies his team mates’ talents quickly and encourages them to work on their strengths. Sumedha is an all rounder — he’s a fantastic storyteller, an amazing singer, and conga player, a part-time banana cultivator and an IoT and API guru. The number of tools in his massive pickup truck show his enthusiasm in creating anything cool. Keep inspiring us all Sumedha!

Danesha Unantenne – Associate Lead in Administration

Danesha makes sure everyone at WSO2 is well fed and happy. Not only does she let us choose from fantastic lunch options, she hides in the pantry and eats them too…for testing purposes of course. Her inability to say no has roped her into many games of basketball, a sport she’s slowly warming up to. She recollects her favorite memory at WSO2 as the time she climbed Sanjiva’s (our CEO’s) desk to reach for chocolate stuck on the ceiling. “Fortunately he wasn’t there. He would have kicked me out,” said Danesha. She is the epitome of going the extra mile and is always willing to help you out. Her team overlooks (tries) her extraordinary gift of talking non-stop, loves her open-mindedness and considers her as a ‘machan’ (dude). We’re very lucky to have you Danesha!

Asela Pathberiya – Technical Lead

With multiple titles such as ‘one man army’, an ‘ambassador for the WSO2 security domain’, and ‘father of XACML’, Asela is an integral part of WSO2. He is a celebrity in his own right as the writer of one of the most popular blogs (http://xacmlinfo.org/) in the security space. He is also famously known for carrying a water bottle around whenever he’s overseas (not to drink, but because only toilet paper isn’t ideal). He is a mentor to many and generously shares his knowledge with everyone. Asela has been a devoted employee at WSO2 for the past 8 years and has made it his home. He has quite literally lived in each Sri Lankan WSO2 office (our snooze room and gym showers are very accommodating) and the popular belief is that had he not got married he would still be living at Palm Grove. “Although Asela worked remotely in Finland for a short period of time, he migrated back to Sri Lanka because of his attachment to the company and its people,” said a colleague. He even had a go bag with toiletries in his car whenever he had to work late. We really admire your dedication Asela!

Evanthika Amarasiri – Senior Technical Lead

Traveling from Kiribathgoda? Meet the owner of “(Evan)Thika travels”, a term coined by her colleagues who make use of her carpool service. Evanthika was born to be a mentor and has been a pseudo therapist at WSO2 for the past 10 years. She guides both newcomers and those who’ve been at WSO2 for a while. Her teammates call her their best friend and counselor and she’s known to be a hardcore techie fashionista — not a combo you see often. “The culture is what makes me love WSO2. Becoming the quality assurance lead here was pretty special too,” said Evanthika about her experience at WSO2. She’s always cheerful and is the first person to yell “I’m in” if there’s any fun activity. She gives people due credit and makes sure everyone around her is having a great time. Thank you for being a good sport, Evanthika!

Sriskandarajah Suhothayan – Associate Director and Architect

Suho is the kind of team player that hits home runs. So much so that even his intern project became a hugely successful product – WSO2 Siddhi (CEP engine) – that’s currently used by Uber. “That was pretty memorable,” recalled Suho. He’s well known for his leadership skills and intelligence and is also one of the friendliest guys with the best sense of humor. “Even though Suho’s a busy person, he always helps and advises team members on their problems,” said his colleagues. He often goes on walks where he falls into deep thinking — the faster he walks the more he thinks. Even when he sits down he starts shaking his leg to fuel his thought. Fidget spinners are clearly not for everyone. Despite his excellent work ethic, he’s rather a slob when it comes to his car, often waiting til it rains so the dirt washes off. That’s ok Suho, we get it. Thank you for prioritizing WSO2!

Dimuthu Leelarathne, Director – Solutions Architecture

“She’s one of the pillars of WSO2, is an exemplary lady and everything that WSO2 stands for. Everyone looks up to her, especially all the new female engineers” said one of Dimuthu’s team members. If there’s anyone in the team that has a “never say die” attitude, it’s Dimuthu. She wasn’t raised to be a quitter, which is evident in how she taught herself to swim…online! Dimuthu is a hard working, committed person who brings the best out of everyone she mentors. She’s fun loving and always enthusiastic about trying out new things. You can tell how much her team loves her by the song they wrote for her when she returned from maternity leave. Keep shining Dimuthu!

Sameera Jayasoma, Director – Platform Architecture

“Oka podi wadak (It’s a small job)”, Sameera said. Days into the project, everyone realizes it isn’t. It never is. We’re assuming he said the same about BallerinaLang. All stories about Sameera are R-rated and best kept a secret. We can probably talk about his talents as a cha cha dancer, but let’s not go there. The things he loves most in life can be ranked in this order: Leopards, photography (which he’s extremely talented at), table tennis and then perhaps his wife. He’s an excellent leader who drives his team while looking into every individual’s needs. His vast technical knowledge makes him a great problem solver too. But don’t expect a serious response from this brilliant mind when talking about life, he’ll most likely act dumb and avoid it. Thanks for being the cool smart you, Sameera!

We’d like to thank each and everyone — past, present and future — who have shaped and will shape WSO2 into an exciting place to work in.

Here’s to many more years of hard work and fun!

WSO2Con EU 2017: The countdown for #digitaltransformation begins

The time has come to eagerly await our next user conference in Europe. With inspiring keynotes, in-depth technical sessions, customer success stories and a hackathon, we’ll be counting down to these three days of knowledge-sharing and fun networking events. WSO2Con EU 2017 will run from November 6 – 8 at Royal Garden Hotel in London.

Our user conference is ideal for CIOs, CTOs, architects, integration engineers and developers from all industries who are looking to digitally transform their businesses. We’ve announced most of the speakers and will be adding more customer sessions in the days to come. Check out our agenda for details.

So why should you attend our conference? You will be able to

  • Meet with experienced WSO2 architects who can understand your business goals and technical architecture.
  • Meet other customers who are in different stages of their journey with WSO2 and discuss how they have succeeded in meeting their goals of digital transformation.

Here’s a short clip by Jonathan Marsh, vice president of IoT at WSO2, on what other benefits you can get by attending.

Here are some of the exciting new things at this year’s conference:

  • A dedicated track for Ballerina that deep-dives into how you can use Ballerina for all your integration needs.
  • A hackathon on microservices that will let you get down and dirty with Ballerina and use it for real world integration use cases.
  • The Oxygen Bar gives you the chance to meet our solutions architecture team face-to-face. Request a demo or simply have a meaningful discussion on how WSO2 can help your enterprise innovate.

Also don’t miss out on

  • The opening keynote by WSO2 Founder, CEO and Chief Architect Sanjiva Weerawarana on how you can navigate the digital transformation landscape followed by a series of keynotes by industry thought leaders.
  • Real-world success stories of how our customers used WSO2 to digitally transform. You can expect talks from Travis Perkins, SUVA, Informatica, Finam and more.
  • A keynote by WSO2 Head of Financial Solution Seshika Fernando on the advantages of open banking and how WSO2 can help you help you become PSD2 compliant.
  • Technical sessions on API management, integration, identity and access management, analytics and IoT ranging from high-level introductions to advanced hands-on sessions.
  • A dedicated strategy track specially designed for CxOs that explores how you can address your enterprise challenges with the right technology and strategies.
  • A networking event that will let you mingle with like-minded peers over light music and tapas.
  • A conference after party that will help you cut loose and go wild!

Now doesn’t that sound exciting? If you haven’t registered already, you have until August 31 to get our early bird offer. Get your tickets now and don’t miss out!

Verifone: Using WSO2 Technology to Provide a Unique Payment Terminal that Increases Customer Engagement

In Honolulu, Hawaii, one man’s vision for the future of commerce has now become one of the world’s largest point-of-sale (POS) terminal vendors and a leading provider of payment and commerce solutions. Verifone still upholds this vision and keeps innovating for the future. At WSO2Con USA 2017 Ulrich Herberg, a senior Java architect at Verifone, joined us via Skype to speak about how they leveraged WSO2 technology when creating Verifone Carbon – a powerful device that combines elegant design into an integrated POS solution.

Verifone Carbon is a payment terminal that sets a new standard for a valuable and engaging consumer experience. It consists of two parts: a larger Android tablet facing the merchant and a smaller terminal with different kinds of payment functionality, such as Apple pay and payment through credit cards. These two devices are placed on a mobile base, which is used for charging the devices, printing receipts, and connecting to the ethernet.

What makes Verifone Carbon unique is that it’s embedded in an ecosystem called the Verifone Commerce Platform, which consists of a number of additional systems that provide more than what a typical payment terminal offers, explained Ulrich.

  • The developer portal allows third-party developers to create their own customer and merchant facing application by using Verifone’s APIs to download software development kits (SDKs) that can trigger payments, get information of successful or failed payments and more.
  • The app marketplace provides an interface similar to the Google Play Store or the Apple App Store where these apps can be placed and purchased.
  • The estate owner portal is used by large corporations that directly deal with the merchants to
    • Manage the estate (all the devices)
    • Get an overview of the devices
    • Manage, create, remove and update merchants
    • Purchase apps for the merchants
  • The merchant portal provides a smaller scope for the merchants only, which allows them to see their devices and purchase apps for their devices

With Verifone Carbon, merchants can now reward their best customers with loyalty points, display promotional media and coupons, leverage beacons for store analytics and invite customers to redeem personalized offers in real-time among other things.

Ulrich explained that for all of this to happen, they needed a solution that allowed them to manage and monitor all the Carbon devices. They started by evaluating commercial products. The commercial products worked on a pay-per-device model which would have been costly as they scaled up. At often times they didn’t have all the features they required and didn’t provide the flexibility to create any customized features.

The fully open source WSO2 Enterprise Mobility Manager (WSO2 EMM which is now significantly enhanced to provide enterprise IoT solutions as well as mobile device and app management in a single download via WSO2 IoT Server) overcame all of these challenges. “We were able to create a solution that fit our exact needs by either modifying the product on our own or getting WSO2 support services to help modify it,” said Ulrich. They avoided vendor lock-in and are independent of anyone else because they have control over the source code. They were also able to easily integrate WSO2 EMM with their existing terminal management infrastructure.

Ulrich then went on to discuss three major use cases of WSO2 EMM in Verifone Carbon.

Use case 1: Blank Android devices are shipped to the merchants so that they all have the same operating system image. WSO2 EMM uses individual device certificates to identify, authorize and authenticate these devices using mutual Transport Layer Security (TLS).

Use case 2: Verifone already has a legacy terminal management system which runs on a different operating system that can’t directly connect with and use Android features. So they used WSO2 EMM to communicate with the tablet.

Use case 3: Verifone doesn’t use the interface provided by WSO2 EMM so they had figure out how to use WSO2 EMM as a black box. They call it from their terminal management system, sends commands and monitors all the devices through it without having to know how it works internally. They did this by working closely with WSO2 to create a thorough list of RESTful APIs that were documented in Swagger.

Ulrich went on to list a few more WSO2 EMM features they currently use including

  • Getting device information including location data
  • Over-the-air (OTA) update that allows you to update the OS remotely
  • APK installation/update/removal in the background
  • Remotely locking, rebooting or factory resetting the devices
  • Debugging and sending Android logs to the server
  • Sending pop up notification to the tablet

He concluded by explaining in detail how they plan on scaling WSO2 EMM as the number of devices becomes larger.

To learn more about how Verifone used WSO2 technology to increase customer engagement through a unique payment terminal watch his talk at WSO2Con USA 2017.

West Interactive: Using WSO2 Identity Server to Enhance Customer Experience

Headquartered in Omaha, West Corporation is all about telecommunication – be it conferencing solutions, safety services, interactive voice response solutions or speech application automation. Pranav Patel, the vice president of systems development at West Interactive, recently spoke at WSO2Con USA 2017 about the unique customer experience they offer through their multi-tenanted role-based identity and access management solution built using WSO2 Identity Server.

An increasing numbers of users today are turning to various different channels like the web, mobile devices, and social media to interact with vendors. Pranav explained that knowing the customer and making sure that they can access West Interactive’s services from whichever channel they prefer is a key requirement for them.

West has been in the telecommunication industry for the last 30 years, and quite commonly, have many solutions that are siloed and distributed. Connecting all these solutions was a major challenge they needed to overcome in order to provide a holistic experience to their customers, explained Pranav. This meant dealing with and managing various different identities that belonged to many different customer portals. They needed to create a solution that revolves around centralizing user identities to a single user portal and creating an efficient identity and access management system.

Pranav then examined the requirements they needed to meet in order to achieve operational efficiency, easily manage accounts, save costs, and provide great customer experience. Other than the evident single sign-on and federation requirements, multitenancy with hierarchical tenant management was an important feature that enabled them to serve all their tenants (a client of West represented as a domain in the system) and users (individuals that require access to the portal and are grouped at the tenant level) through their portal. The system also needed to enforce rule-based access control that allows access to certain products (web applications that need to be integrated) depending on who the user is. In addition to this, they had corporate policy requirements for passwords, needed to maintain password history and had a password expiry date that prompted users to frequently change the password. Audit logging and user bulk imports were some other requirements.

“WSO2 fulfilled several of our requirements out-of-the-box, especially support for various protocols and heterogeneous multiple user stores,” observed Pranav. He went on to explain that they could easily extend the product and customize it for any features that it didn’t already have, making it the perfect solution for West.

WSO2 Identity Server is used for

  • Introducing a relationship hierarchy between the parent tenant and child subtenant and allowing multi-tenancy
  • Asking for and storing answers to five security questions per user
  • Defining permissions or roles for products (web applications) and users
  • Providing single sign-on and federation for users
  • Allowing employees to mimic a user and see how they perceive the user portal
  • Enforcing password policies set by tenants

Pranav expressed how WSO2 Identity Server meets all their current requirements and how they would like to introduce customizable login pages (by tenant), two-factor and multi-factor authentication, automated user provisioning and self-registration among other features in the future. He concluded by saying they were looking forward to adding WSO2 Data Analytics Server to the mix in order to monitor what’s really going on in the system.

To learn more about West Interactive’s story listen to Pranav’s talk at WSO2Con USA 2017.

WSO2Con USA 2017 – ballerinas, blockchain, oxygen bars and more!

San Francisco met us with bitter, cold winds, but we didn’t let that stop us from hosting the best user conference ever! With a fully restructured agenda, major product and roadmap reveals and phenomenal entertainment, this year’s WSO2Con USA was bigger and better than ever.

This year, we even had an actual oxygen bar inside the WSO2 Oxygen Bar: a place where attendees were able to meet with WSO2’s solutions architecture and engineering teams to answer all their questions on integration, API management, analytics, identity and access management, and the Internet of Things.

The conference started off with a bang, literally. The Taiko drummers marched on to stage and gave a warm welcome to everyone in the crowd!

WSO2 Founder, CEO and Chief Architect Dr. Sanjiva Weerawarana then presented the repositioning of WSO2’s product strategy to focus on providing a platform that enables digital transformation through integration, API management, identity and access management, smart analytics, and the Internet of Things.

Thomas Squeo, the senior vice president of digital transformation and enterprise architecture at West Corporation, followed this with another keynote. He explored how to digitally disrupt from within your enterprise by empowering your employees who will in turn engage with customers, transform your products and optimize operations.

Next, cue the ballerinas…

…which led to WSO2’s big reveal: Ballerinalang

Sanjiva examined Ballerina in detail: the general purpose, concurrent and strongly typed programming language with both textual and graphical syntaxes, optimized for integration. Following this, Sameera Jayasoma, the associate director, architect and lead choreographer of Ballerina showcased a few demos of the language in use.

The first day then broke off into the individual tracks; integration, analytics and strategy; with introductory, advanced and hand-on sessions as well as customer talks from Motorola Mobility and State of Arizona.

The end of day one was met with smooth Jazz sounds of The San Francisco Metro Combo at our networking event where attendees got to mingle with their peers and WSO2 experts.

The second day commenced with a keynote by State of Arizona Chief Technology Officer Jason Simpson who examined their cloud-first strategy towards becoming a digital government. He spoke on the challenges of moving their legacy technology and systems to the cloud with low budgets to meet the increasing demands of their users and went on to explain how State of Arizona overcame them.

This was followed by an insightful customer panel on bridging IT and business in digital transformation moderated by our very own Vice President of Solutions Architecture Asanka Abeysinghe. The panel consisted of Jason Simpson, the CTO of State of Arizona, Sri Harsha Pulleti, an integration architect at Motorola Mobility and Naresh Sikha, the chief architect at StubHub.

The second day’s tracks consisted of technical sessions on integration, analytics, API management, IoT and Security by WSO2 experts and many customer talks and panels including:

Yet another day of learning and exchanging ideas came to an end. But that wasn’t it for day two! Right after the sessions we went into the carnival themed conference party where attendees got to mingle, play old-school arcade games like Street Fighter, take funky pictures at the photo booth and dance the night away. DJ Nikkie Matteo scratched some killer beats but the band, Pacific Soul, stole the show and made everyone cut loose, footloose and kick of their Sunday shoes!

Day three went straight into the tracks that included technical sessions in the areas of IoT, security and devops. It also had a track specially for partners and one specially by partners. The customer and partner talks on day three included:

  1. IoT in Airline Operations, Suresh Subasinghe, Principal Architect, United Airlines
  2. Multi-tenanted, Role-based Identity & Access Management Solution at West, Pranav Patel, VP, Systems Development, West Interactive
  3. 0-60 with WSO2: API Management and User Authentication and Authorization Automation, Ismail Seyfi, Lead Software Architect, iJET International and Matt Barnes, Automation and Software Engineer, iJET International
  4. Enhancing Customer Experience with WSO2 Identity Server, Manoj Thirutheri, Director, SaaS and Tools Engineering, Nutanix
  5. Providing a Pathway from Stovepipe Systems to a Secure SOA Enterprise, Neil Custer, Senior Enterprise Systems Engineer, Eagle TG
  6. Rise to the Challenge with WSO2 Identity Server and WSO2 API Manager, Stefan Smeets, Enterprise Architect & Unit Manager, RealDolmen
  7. Journey of Migration from Legacy ESB to Modern WSO2 ESB Platform, Michael Enos, Senior Director, Techsoup and Ratnavel Sundaramurthi, Integration Architect, Aspire Systems
  8. Integrating Systems for University of Exeter Using Zero and the WSO2 Platform, Jack A. Rider, CTO, Chakray

We even had a session through Skype on Managing Verifone’s New Payment Device “Carbon” with WSO2’s EMM by Ulrich Herberg, a senior Java architect at Verifone, who couldn’t be physically present at the venue!

For the unconference sessions, Sameera had to get back on stage to do more Ballerina demos for the eager crowd. They just couldn’t get enough of it!

The attendees gathered in the main hall once again to listen to the last few keynotes of the conference.

Catheryn Nicholson, an engineer, entrepreneur, mother, and former U.S. Naval Officer, who is also the Founder of BlockCypher gave the first engrossing keynote on blockchain’s digital disruption and why developers, startups, corporations, academic institutions, and governments are all examining what blockchain technology can solve.

After exploring the past and present of blockchain technology and how it may influence your business, Catheryn made quite an exciting reveal on the future of blockchain and cryptocurrency. A group of open source developers with Harry Potter pseudonyms are currently developing a protocol (called Mimblewimble), which is still largely theoretical but has a lot of potential to solve a number of the clunkiness issues that bitcoin has. She predicts that the project will come out this year. So make sure to keep an eye out for that!

WSO2 Vice President of Solutions Architecture Asanka Abeysinghe, gave the closing keynote on a pragmatic approach to digital transformation through iterative architecture. He spoke of his experience as a consultant and evangelist of digital transformation and examined how to overcome technical and non-technical barriers to your vision by thinking big and acting small.

Before the final adieu, we made sure to recognize customers who have been with us for the past ten (of our eleven) years. Sanjiva presented Ron Murphy from eBay, Jey Bala from Kaiser Permanente, Prakash Iyer from Trimble, and Concur (who wasn’t able to attend the conference) with a small token of appreciation for taking our first steps with us, and helping us get to where we are today.

Stay tuned for news on our next conference, and hope to see you there soon!

Join the #WSO2 Identity and Access Management Tweet Jam!

In today’s connected business, increased business interactions and activities create complex environments. Because of this, identity and access management not just across organizations, but across different technologies, standards, and models becomes a key factor in an enterprise architecture.

We’re hosting our first two-hour long Tweet Jam on Thursday, December 2 at 12:00 p.m. PT. Prabath Siriwardena, the director of security architecture at WSO2, will be moderating this session and answering all questions on the topic of ‘Identity and Access Management’. Anyone with a Twitter account is welcome to join us by using the #WSO2 hashtag to accompany all tweeted questions.

TweetJamFB

Participation Guidelines

  • To participate, just follow the #WSO2 hashtag at 12:00 p.m. PT.
  • Ask any of your questions related to the topic, accompanying #WSO2
  • Start all questions with the question number and #WSO2.
    • Example – “Q1: <question> #WSO2”

About the Moderator

Prabath Siriwardena has over 11 years of industry experience that currently involves providing security architecture solutions to many of WSO2’s key customers such as Dubai eGovernment, WEST, Seagate and VeriFone. He has spoken at numerous conferences including ApacheCon, OSCON, QCon and European Identity Conference. He has also authored four books related to Apache Maven, enterprise integration, and API security.

What questions about identity and access management would you like to see at the jam? Questions can be given ahead of time by direct messaging us on Twitter.

We look forward to your participation!

Add to your calendar

Managing Identity Across the Internet of Things

 

network-782707_960_720 (1)

It’s estimated that at least 50 billion devices will be connected to the Internet by end-2020. That’s more than six times the entire population of the world! With this rapid increase of the Internet of Things (IoT), the concept of identity management has extended to the Identity of Things (IDoT).

WSO2 Director of Security Architecture Prabath Siriwardena wrote a white paper that explores the benefits, risks and challenges of implementing an IDoT solution based on the concept of “connected identity”.

He explains that through IDoT, organizations can assign unique identifiers with associated metadata to devices, enabling them to connect and communicate securely and effectively with other entities over the Internet. Your ultimate goal is to reach out to as many customers, partners, distributors, and suppliers as possible that would result in more business interactions and revenue growth. This would greatly increase the number of external digital identities that interact with your enterprise. An external identity provider can be treated as an identity silo that shares its identity data or IDoT via APIs. You first need to trust the identity provider in order to accept the given user identity. Beyond this, you need to speak the same language to transport the identity data. If not, you need to either fix the identity provider’s end to speak the same language or do the same for your own enterprise.

This is not a scalable approach, and will eventually end up in a spaghetti identity anti-pattern. To avoid this, you should build a protocol-agnostic security model. With the identity bus or identity broker pattern, your enterprise isn’t coupled to a specific identity provider or a given federation protocol. The broker maintains the trust relationships between each entity as well as identity tokens between multiple heterogeneous security protocols. This creates a common, connected identity platform that enforces controlling, auditing and monitoring of identities.

Some benefits of this pattern include

  • Frictionless approach to introducing new service and identity providers and removing existing ones.
  • Easy enforcement of new authentication protocols.
  • Ability to perform claim transformations, role mapping, and just-in-time provisioning.
  • Centralized monitoring, auditing and access control.
  • Easy introduction of a new federation protocol.

When implementing an identity broker you need to follow certain fundamentals. It needs to be federation protocol, transport protocol, and authentication protocol agnostic. Additionally, it should provide the ability to perform claim transformations, home realm discovery, and multi-option and multi-step authentication, among others.

WSO2 helps you solve identity management needs across your enterprise applications, services, and APIs by utilizing the full breadth of the WSO2 platform. By combining WSO2 Identity Server’s comprehensive security model based on OAuth 2.0 with WSO2 API Manager, you can easily build an end-to-end API security ecosystem for your enterprise. Avoid vendor lock-in and enable integration across systems with WSO2’s open source model, which acts as a fully functional enterprise identity bus.

To learn more, download Prabath’s white paper here.

Enterprise Mobility Management: Moving Beyond Traditional Mobile Device Management

Today, managing mobility is not just confined to embracing the bring your own device (BYOD) or corporately owned, personally enabled (COPE) concepts in your enterprise, or which device platform or operating system you use. The focus has shifted to more advanced strategies that enable enterprises to become connected and reach a new level of agility through digital transformation.

While the modern enterprise mobility management landscape has transformed significantly, it has also brought about more complexities.

Employees now work from locations all over the world, access data from various data centers and share this data not only through corporate networks, but also through cloud services and APIs. Because of this sense of globalization and the advent of cooler and more convenient mobile devices, enterprises started adopting mechanisms that consider all these factors in their infrastructure in order make their employees and their company as a whole more productive.

Mobile_Device_Management

This made device management not only about managing, securing and storing device data. It’s now about making mobility management part of the entire enterprise ecosystem. This means you need to think about broader aspects like governance, analytics, and identity provisioning. Such a system needs to

  • Be extensible enough to support all devices and operating system types.
  • Have a plug-in model that allows you to integrate with other tools (such as analytics and governance tools) existing in your environment.
  • Be able to moderate, approve and provision applications through a corporate app store.
  • Produce analytics dashboards, audit trails and reports to supplement business strategies.
  • Have comprehensive policy management and enforcement functionality with capabilities such as compliance monitoring, containerization, data encryption and password enforcement.

So how exactly do you go about building such a comprehensive enterprise mobility management system? By using the right tool for the right job. You need to implement a tool that not only meets the above requirements, but is also scalable enough to accommodate your enterprise’s growth. It should also be user-friendly and customizable in order to win over your employees.

Where can you find such a solution? Right here. WSO2 Enterprise Mobility Manager (WSO2 EMM) offers all of this and more. Key advantages of adopting WSO2 EMM:

  • Gives you the ability to compose, enforce and manage granular level security policies for individual and groups of devices.
  • Enables strategic decision making by making information gathered across all mobile business activities available through powerful dashboards with analytics and reporting.
  • Strengthens security through data encryption and password enforcement among other things.
  • Embraces device ownership schemes like BYOD enabling employees to be more efficient and make decisions faster while saving enterprises the procurement and data plan cost associated with each user.

WSO2 EMM is a 100% open source comprehensive enterprise-grade platform with all the capabilities you need for enterprise mobility management including device configuration management, policy enforcement, app management, device data security, and compliance monitoring.

To learn more about WSO2 EMM and its capabilities, watch WSO2 Technical Lead Prabath Abeysekara’s talk on Enterprise Mobility Management: Moving Beyond Traditional MDM at WSO2Con Asia 2016.

Modern Solution Development: The Battle Between ‘Retaining’ and ‘Changing’ Technology

In today’s fast-paced technology world, change is constant and rapid. New concepts continually emerge, gain traction, disappear, and reemerge. While it’s important to embrace this evolution, core concepts that work in older technology should not be tossed out either.  

During his closing keynote at WSO2Con USA 2015, Dr. Donald Ferguson – former vice president and CTO of Dell, identified concepts independent of the specific technology realization in order to highlight requirements that current technologies don’t meet.

image00

He noted that although concepts such as loose coupling, service delivery, and asynchronous messaging have been used for various different technologies like common object request broker architecture (CORBA), Web services, and service-oriented architecture (SOA), each of these is just an improvement, yet based on the same ideas. “The key thing when going forward is to make sure that we don’t loose some of the things that we managed to bring forward because they were good,” he adds.

He explains these similarities, improvements, and limitations are apparent when comparing SOA to microservices for instance; features such as programming style, code type, messaging type, and the use of databases are similar in both concepts whereas there are certain important distinctions in means of evolution, systematic change, and scaling. “It’s more about how you do it – the internal architecture, than the externals. With one exception – smart endpoints and dumb pipes” says Ferguson. This concept encourages the microservice community to use a light-weight message bus (a hub) that acts solely as a message router and leaves the smart part of things (receiving a request, applying appropriate logic and producing a response) to the service itself.

But as Ferguson states, “You don’t want just a hub, you want it to be active”. If you open any book on enterprise application design patterns, they first show you what not to do – a monolithic point-to-point architecture. To avoid doing this you need to connect everything through a hub that needs to be able to reformat, route and combine messages as well as understand different protocols and data types that will travel across it. This is where middleware, or specifically the enterprise service bus (ESB) becomes important.

Ferguson notes that dumb fast messaging seems more appealing than using a powerful ESB but it just repeats the fallacies of quick point-to-point connections. Using an active hub and taking advantage of middleware to do it is much more advantageous because it adds value and improves robustness, reusability and scalability.

He further adds that any organization can realize tremendous value from microservices and other new technology; however, this could sometimes result in the risk of losing benefits like interface dependency and optimized composition that emerged in the past. “This needs to be done through application design patterns and middleware that empowers them…that’s part of the value WSO2 is,”he concludes.

WSO2’s complete middleware stack includes the WSO2 integration, API management, security and analytics platforms. By leveraging these components and more you can easily develop modern solutions despite what technology you use.

To learn more, watch Don Ferguson’s presentation at WSO2Con US 2015.