1 / 3

Open Letter to Tim O’Reilly : Publish the Open Source IAM Co

Internet standards for identity will also help us battle some of the smaller identity fiefdoms: for example the websites and applications who do a bad job storing our passwords. This will make the electronic world safer for the average person.

gluu
Download Presentation

Open Letter to Tim O’Reilly : Publish the Open Source IAM Co

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Open Letter to Tim O’Reilly : Publish the Open Source IAM Cookbook Tim, 10-20 years ago there were no open standards for identity and access management. It was not even clear that “identity” would use HTTPS for transport. I speak with system administrators, security architects, and web application developers who are describing how day by day it is becoming more difficult for them to manage inbound SSO from partners, and outbound SSO to an array of internal websites, SaaS services and Federated Sso. Without Internet standards to authenticate a person at a domain, bridge identity solutions have emerged, for example Face book Connect and Google sign in. At the same time, enterprises are locked-in to bridge solutions like “CA Site Minder” or “Oracle Access Manager” — high priced, proprietary “identity provider saml and Access Management” suites. 20 years after the Internet explodes, open standards for Identity and Access Management have finally evolved. And there are a few open source implementations of these standards.

  2. Like TCP/IP or the Web, standards for identity can be the coral reef for an ecosystem of enhanced services. Just to give one example, think about document sharing. Google has jumped out in front… but it only works if you a have a Google ID. Without Internet standards to build on, document sharing applications will have to use identity from centralized hubs. As a society, Internet standards for identity can reduce our reliance on big centralized identity kingdoms like Google, Face book, and Verizon, who have proven to be easy targets for government spying. Internet standards for identity will also help us battle some of the smaller identity fiefdoms: for example the websites and applications who do a bad job storing our passwords. This will make the electronic world safer for the average person. In the next 1-2 years, every domain on the Internet will adopt Internet standards for authentication. Will these organizations use (a) a cloud providers like Microsoft or Sales Force? (b) Enterprise software from a company like Oracle? Or (c) Open Source? The last option will have to overcome a serious handicap without a book from O’Reilly, telling them that it’s possible.

  3. How the various platforms interact is complex. Although silo’d guides exist to document these platforms, it’s hard to figure out how to get the components to work together to deliver a robust authentication and entitlements management service for your domain. This book is late… it should have been written in the ’90s, but the problem of “Internet identity” was inconveniently large and complex. It requires both “tools” and “rules” to make it happen, and neither were clear when the Internet was under-aged. The book would have the following sections: (1) OAuth2 (2) SAML (3) LDAP. The sections could contain sub-chapters on available open source platforms. For example Shibboleth, SimpleSAMLphp, and Asimba for SAML. OX, NRI, or MitreID for OpenID Connect, and OpenDJ and OpenLDAP for LDAP. Article resource:-http://thegluu.weebly.com/blog1/open-letter-to-tim-oreilly-publish-the-open-source-iam-cookbook

More Related