With data protection at the peak of scrutiny, identity and security are fundamental tools in themanagement of enterprise web applications.
This full-day interactive workshop will highlight the growing challenges of identity and securitymanagement. We will demonstrate how enterprise architects and developers may overcomethese challenges and gain insight in to key security standards and identity management for SOA.
Topics to be covered :
Identity, Single sign-on, SAML2, OpenID, OAuth, Information Card
How has Identity evolved in the age of Internet? Is OpenID becoming obsolete due to theincreasing popularity of FBAuth? Why haven't Information Cards caught up to the Identity hype?Why do we have different standards to address the same problem? Who won, SAML2 orOpenID? Do you still need both on-premise and in-the-cloud user stores? All these questionsand more will be answered in our detailed, introductory presentation on Identity and what itmeans for you.
Entitlement and Authorization - XACML
I want my colleague Peter to be able to access Employee Information, but not salary. Andno way should he be able to do this remotely, or over the weekend.
Worried about defining authorization policies to this level of fine granularity. Our secondsession outlining how XACML can be used to define fine-grained authorization policies and theapplicability of XACML based authorization in SOAP based web services as well as in RESTfulservices is a real eye-opener for those who want to do more with their security withoutsacrificing existing usability.
How Governance affects your Security?
Is it possible for your data to be the next scandal courtesy of Wikileaks? Surely not. TheCableGate affair has shown even classified systems can have huge Governance and Securityissues. One reaction is to remove CD drives from classified systems. But is this the only choiceyou have? Won't this radical step hurt productivity and moral. We at WSO2 think that the "FIX"for these kinds of issues goes much deeper. Fundamentally, some of the blame for CableGatemust lie with the systems design that allowed too many people to access classified andconfidential data.
We will explore how to use Data Services to reduce batch data transfer and createaudit-able, limited access data systems based on policy-based entitlement to ensure that usersonly access what they need to. Also, we will suggest ways to create processes and proceduresfor managing entitlement policies and audit logs.
Best practices for securing your SOA, REST and Cloud (Patterns)
Rather than getting into yet another debate about message level security versus transportlevel security, or SOAP Vs. REST; we'd rather do some good and highlight the best practicesand the patterns we have learned for both SOAP and REST.
For example, what is the best practice one should follow while exposing internal servicesoutside via a DMZ? How to enforce security centrally to make sure no unauthenticated access ispermitted? Want your internal apps connected to the ones running on Cloud or vice versa? We'llbe exploring all this and much more during this, our final discussion of the day.