1 / 23

Navigating Security Challenges in Claims-Based Identity Management

Join Niraj Bhatt, a Windows Azure MVP from India, in this enlightening session on accessing control services and addressing security challenges in claims-based identity management. Learn about the struggles developers and IT operations face, explore effective strategies to mitigate login screen frustrations, and understand how to manage identities using WIF, ADFS, and ACS. With real-world examples and engaging demos, this virtual tech event will equip you with the knowledge to enhance user authentication while addressing various business challenges.

noleta
Télécharger la présentation

Navigating Security Challenges in Claims-Based Identity Management

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. virtual techdays AppFabric Futures – Access Control Service Niraj Bhatt │ Windows Azure MVP

  2. INDIA │ 9-11 February2011 virtual techdays • Security Challenges • Developer • IT Ops • Business • Claims Based Identity • IP, RP and FP • WIF, ADFS, ACS • Demos S E S S I O N A G E N D A

  3. INDIA │ 9-11 February2011 virtual techdays Security Challenges How many of you love login screens?

  4. INDIA │ 9-11 February2011 virtual techdays Security Challenges Developer Challenges Applications are identity prisoners

  5. INDIA │ 9-11 February2011 virtual techdays • Strategic Application • 40,000+ Users • 5000 Concurrent Users • TBs data and growing • No NLBs No Clusters • SQL 2000 • ASP / ASP.NET 1.1 – In ProcSession Security Challenges Cutting 80% of Ops issues How ??? IT Pro Challenges

  6. INDIA │ 9-11 February2011 virtual techdays Security Challenges IT Pro Challenges Option B Option A

  7. INDIA │ 9-11 February2011 virtual techdays • Alice wants to sell ABC’s bikes • Signs agreements on behalf of her bike’s shop • Sends a list of her employees who can make purchase • ABC issues Username / Password for the all on the list Security Challenges Business Challenges – ABC Corp

  8. INDIA │ 9-11 February2011 virtual techdays Security Challenges Business Challenges – ABC Corp Employee at Alice’s shop

  9. INDIA │ 9-11 February2011 virtual techdays • Multiple Suppliers • Multiple Agreements • Multiple Lists Security Challenges Business Challenges – ABC Corp I was promised a Salary hike after 6 months No value addition for past 6 months… FIRES • Multiple Logins • Multiple Policies

  10. INDIA │ 9-11 February2011 virtual techdays Security Challenges How do we address these challenges?

  11. INDIA │ 9-11 February2011 virtual techdays Learning from other disciplines

  12. INDIA │ 9-11 February2011 virtual techdays Learning from other disciplines

  13. INDIA │ 9-11 February2011 virtual techdays Learning from other disciplines

  14. INDIA │ 9-11 February2011 virtual techdays Learning from other disciplines

  15. INDIA │ 9-11 February2011 virtual techdays Learning from other disciplines

  16. INDIA │ 9-11 February2011 virtual techdays Learning from other disciplines

  17. INDIA │ 9-11 February2011 virtual techdays • Always carry your license (age proof) to the beer bar • Relying on a trusted External Entity (Identity Provider) for • Authenticating users • Providing user attributes (claims) • Saves us from Identity nightmares Lessons learned ???

  18. INDIA │ 9-11 February2011 virtual techdays IP, RP, Tokens, WIF, ADFS

  19. virtual techdays DEMO Outsourcing authentication to Identity Provider (STS)

  20. INDIA │ 9-11 February2011 virtual techdays Access Control Service - Federation Provider

  21. virtual techdays DEMO Using Access Control Service as a Federation Provider

  22. INDIA │ 9-11 February2011 virtual techdays • Vittorio Bertocci • http://blogs.msdn.com/b/vbertocci/ • MSDN Article • Re-Introducing the Windows Azure AppFabric Access Control Service • AppFabric Labs & Tools • https://portal.appfabriclabs.com/Default.aspx • https://aclaims.accesscontrol.appfabriclabs.com/v2/mgmt/web • http://acs.codeplex.com/ • http://code.msdn.microsoft.com/TokenVisualizerCtrl/ • http://code.msdn.microsoft.com/SelfSTS References

  23. Thank you http://nirajrules.wordpress.com niraj@indiamvps.net

More Related