Speakers
 |
Jonathan Marsh VP, Business Development & Product Design |
 |
Asanka Abeysinghe Director, Solutions Architecture |
 |
Thilina Mahesh Buddhika Associate Technical Lead & Product Manager |
With data protection at the peak of scrutiny, identity and security are fundamental tools in the management of enterprise web applications.
This full-day interactive workshop will highlight the growing challenges of identity and security management. We will demonstrate how enterprise architects and developers may overcome these challenges and gain insight in to key security standards and identity management for SOA.
Topics to be covered :
Identity, Single sign-on, SAML2, OpenID, OAuth, Information Card
How has Identity evolved in the age of Internet? Is OpenID becoming obsolete due to the increasing popularity of FBAuth? Why haven’t Information Cards caught up to the Identity hype? Why do we have different standards to address the same problem? Who won, SAML2 or OpenID? Do you still need both on-premise and in-the-cloud user stores? All these questions and more will be answered in our detailed, introductory presentation on Identity and what it means for you.
Entitlement and Authorization – XACML
“I want my colleague Peter to be able to access Employee Information, but not salary. And no way should he be able to do this remotely, or over the weekend”.
Worried about defining authorization policies to this level of fine granularity. Our second session outlining how XACML can be used to define fine-grained authorization policies and the applicability of XACML based authorization in SOAP based web services as well as in RESTful services is a real eye-opener for those who want to do more with their security without sacrificing existing usability.
How Governance affects your Security?
Is it possible for your data to be the next scandal courtesy of Wikileaks? Surely not. The CableGate affair has shown even classified systems can have huge Governance and Security issues. One reaction is to remove CD drives from classified systems. But is this the only choice you have? Won’t this radical step hurt productivity and moral. We at WSO2 think that the “FIX”for these kinds of issues goes much deeper. Fundamentally, some of the blame for CableGate must lie with the systems design that allowed too many people to access classified and confidential data.
We will explore how to use Data Services to reduce batch data transfer and create audit-able, limited access data systems based on policy-based entitlement to ensure that users only access what they need to. Also, we will suggest ways to create processes and procedures for managing entitlement policies and audit logs.
Best practices for securing your SOA, REST and Cloud (Patterns)
Rather than getting into yet another debate about message level security versus transport level security, or SOAP Vs. REST; we’d rather do some good and highlight the best practices and the patterns we have learned for both SOAP and REST.
For example, what is the best practice one should follow while exposing internal services outside via a DMZ? How to enforce security centrally to make sure no unauthenticated access is permitted? Want your internal apps connected to the ones running on Cloud or vice versa? We’ll be exploring all this and much more during this, our final discussion of the day.