1 / 19

Introduction to:

Introduction to:. Single Sign On Evolved. Claudio Sanchez | LinkedIn.com /in/ ClaudioASanchez | @ ClaudioASanchez. Realtime feedback . @ ClaudioASanchez # CMAPCCWIF #CMAPCC. Agenda. Application Security Federated Identity What problem are we trying to solve? Case study

sidone
Download Presentation

Introduction to:

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Introduction to: Single Sign On Evolved Claudio Sanchez | LinkedIn.com/in/ClaudioASanchez | @ClaudioASanchez

  2. Realtime feedback • @ClaudioASanchez • #CMAPCCWIF • #CMAPCC

  3. Agenda Application Security Federated Identity What problem are we trying to solve? Case study Current state of affairs Identity in Real Life Terminology The Federated Authdance Code demo Q&A

  4. Application Security • Not Sexy • Requires specialized knowledge • Often times, depends on the environment • Never hear about it, unless it fails

  5. Federated Identity • Organization for the Advancement of Structured Information Standards (OASIS) • WS-Federation • WS-Trust • SAML • OpenID, Oauth, Facebook Connect

  6. The Face of WIF Vittorio Bertocci | Microsoft | Vibro.NET NOT Vittorio

  7. LOL

  8. What problem are we solving? • How many accounts/passwords do you currently have? “Various Gartner studies have estimated that 25% to 35% of calls made to help desks are related to password resets” “Analysts’ estimate costs at approximately $25 to $40 per call with four password reset calls per user per year ”

  9. Case Study | Health Care • Clinicians use an average of 6.4 passwords per day • SSO solution can save an average of 9.51 minutes per day per clinician • $2,675 per year, per clinician1 • 1,051 patient beds • More than 1,710 full-time attending physicians • 700 full-time equivalent clinicians can save more than $1.88 million per year with an SSO solution in place. $2,675 lost productivity per clinician*1,710 physicians= $4,574,250 1 Based on a $135K/Year Salary, and 250 working days. Source: The Gartner Group, 2002 & The PonemonInstitute, 2010

  10. Our apps are prisoners Login.aspx Page1.aspx Credential Stores Credential Types / APIs User Attributes Stores

  11. Each app is an island

  12. Identity in Real Life Externalizes Authentication ? ? ! Gets user info from the document

  13. Terminology • Claim • Anything that can be said about a user • Name, email, age, role, gender, Sports Team Affiliation, etc • Security Token • Serialized collection of claims • Crypto-signed by issuer • Identity Provider (IdP) • The issuer responsible for authenticating the user • Relaying Party • An application configured to trust an IdP for authentication (Your application)

  14. Claims Can Set Your Application Free Identity Provider Windows Azure ACS STS Claims Relying Party Security Token

  15. Multiple apps “One token to rule them all”

  16. Code

  17. Q & A

  18. One last thing

  19. LinkedIn.com/in/ClaudioASanchez @ClaudioASanchez http://ClaudioASanchez.blogspot.com

More Related