Superpatterns

Pat Patterson on Identity Management, Federation and Single Malt Scotch
         

accessmanager adoption authentication bloggers burtongroup catalyst community extensions federation google identity libertyalliance lightbulb links opends openid opensource opensso php saml sdn security sso sun webservices
 

14 Jun · Thu 2007

Slides on Feide, SAML 2.0, OpenID and more
[ ]

Andreas over at Feide has just published a bunch of presentations he, um, presented the other day in Oslo. Great stuff - and I really like the sparse, clean look. I HATE slides with 15 bullets in 10 point text. The presentations cover the basics of SSO, SAML 2.0, OpenID and a look at Nordic/European collaboration in the education sector. Check them out.

@ 07:32 AM PDT
 
 
 

14 Feb · Wed 2007

David Goldsmith - Federation TV Star!
[ ]

Thanks to Charles for this pointer (and to Dennis for pointing it out): David Goldsmith does a great job in this video explaining the problems inherent in the proliferation of online identities and how federation and Sun's product line (Sun Java System Access Manager and Sun Java System Federation Manager) address them. After working through a couple of real-world examples, David goes on to provide useful definitions of common federation buzzwords, such as 'circle of trust', 'identity provider' and 'service provider'. Well worth watching if you want to get up to speed quickly! Click here for the video.

@ 04:26 PM PST
 
 
 

06 Feb · Tue 2007

Norway using Access Manager/Federation Manager for SAML 2.0
[ ]

It being RSA week, the news comes thick and fast... I've just seen the press release announcing that the Government of Norway has deployed a whole slew of Sun hardware and software, including Access Manager and Federation Manager, for its pioneering citizen portal, MinSide (English translation: MyPage). Quoting from the press release:

[...] the MinSide [MyPage] portal will roll-out six initiatives that will enable secure, browser-based access to healthcare, tax, motor vehicle registration, social security, student loans and many other government services.

...and...

As part of the solution, Sun Java(TM) System Access Manager and Sun Java(TM) Federation Manager help the Norwegian government manage secure access to services by offering single sign-on (SSO) as well as enabling federation across trusted networks of government agencies, service providers and customers. It provides open, standards-based authentication and policy-based authorization with a single, unified framework. This improved security framework is based on the Liberty and SAML standards to protect all aspects of the portal.

The Liberty Alliance website has a presentation by Dag Efjestad that gives much more detail. Cool stuff, Norway - douze points!

@ 03:55 PM PST
 
Speaking at RSA Conference on Friday Feb 9 2007
[ ]

I'll be speaking at the RSA Conference on Friday at 9am in Gold Room 310 on Federated SOA: Harmonizing ID Security and Web Services. I'll be looking at the role of identity in Web services, from the very basics of transport-level security to the Liberty Alliance's Identity Web Services Framework (ID-WSF), and how these are realized in Sun Java System Access Manager and Sun Java System Federation Manager. Do come along and say "Hi!"

You might also be interested in Eve Maler and Brett McDowell's session Federated Identity: Evolving Past Industry Strife - Eve and Brett will be talking about the Liberty Alliance's current course and roadmap for the future.

@ 10:41 AM PST
 
 
 

07 Nov · Tue 2006

Federation Boot Camp
[ ]

You might have read Hubert's recent blog entry on the Federation Boot Camp - an intensive week-long course covering advanced Federation Manager topics. Hubert has more news on the Boot Camp today - hop on over there for the course description, and email for more information.

@ 10:14 PM PST
 
 
 

20 Nov · Sun 2005

Demonstration of Identity Web Services
[ ]

Following on from my recent posting of a Federation Manager demo showing Liberty ID-FF federated single sign-on, here is a demo of Access Manager and Federation Manager I showed at a Liberty 'eGovernment Forum' in Dublin back in April.

This demo shows an employee of the 'Department of Health and Children' logging into the department's portal, visiting another government department, the 'Stationery Office', to obtain an official report, and having the Stationery Office query their 'home' department for a mailing address via the Liberty Identity Web Services Framework (ID-WSF).

This is a very simple demo, but it demonstrates some key aspects of Liberty ID-WSF:

  • 'Bootstrap' from federated web single sign-on (ID-FF) to web services (ID-WSF).
  • Use of the Discovery Service to locate a web service for a given user. (This takes place 'under the covers' - the bootstrap provides the service provider, in this example the Stationery Office, with the location of the Discovery Service and a credential to use on behalf of the employee. The service provider queries the Discovery Service for the location of the Personal Profile service).
  • Use of the Personal Profile Service to retrieve a user's profile attributes.
  • Use of the RedirectRequest protocol (specified in the Liberty ID-WSF Interaction Service Specification) to allow the employee's 'home' department to prompt for confirmation that address information is to be released to the Stationery Office.

Just click the screenshot below to view the demo...


Click to view Flash presentation

UPDATED 11/21/2005 - corrected Interaction Service to RedirectRequest protocol - see comments

@ 10:13 PM PST Comments [2]
 
 
 

10 Oct · Mon 2005

Sun Federation Manager Demonstration
[ ]
My previous job at Sun (until January 2005) was as technical product manager for Access Manager. The main reason I moved back to engineering to take a technical architect role was so that my business card didn't read like a tongue-twister :-). Anyway - I still dabble on the technical marketing side, helping out when things get busy over there, like last month's technical sales training boondoggle event in Las Vegas - two days of lectures and labs bringing together Sun's identity management marketing team and the Sun system engineers (=sales engineers) affiliated with identity management.
My contribution (no - I didn't get to go to Vegas!) was a new front end for the Federation Manager Liberty Identity Federation Framework (ID-FF) single sign-on (SSO) sample. This sample, shipped with Federation Manager, shows how to get Liberty ID-FF SSO working between an Identity Provider and a Service Provider. Out-of-the-box, this sample comprised a set of functional, yet plain, JSPs. I re-used some old demo layouts to give the sample a bit of pizazz so the SEs could take something away as the basis for a demo. I was going to just put up a few screenshots here to walk you, the reader, through a simple SSO scenario, but then I realised that it would actually be less work to use Qarbon's Viewletbuilder to whip up a flash presentation. So - here it is - just click on the screen below and discover the magic of federated single sign-on...

Click to view Flash presentation
@ 09:32 PM PDT
 
 
 
 

    OpenSSO - Get It Now

    Identity Management Buzz Podcast
    Stay connected to news, show notes and leave your feedback.
    » More
    Contact Me
  • My status
  • View Pat Patterson's profile on LinkedIn
  • ohloh profile for Pat Patterson
  • Feedback form
  • i-name
    Listening To
    Listen to Radio Pat
    www.flickr.com
    superpat7's photos More of superpat7's photos
    Technorati
Valid XHTML or CSS?
[This is a Roller site]
    Disclaimer
  • I work at Sun Microsystems. The opinions expressed here are my own, and neither Sun nor any other party necessarily agrees with them.
Original theme by Rowell Sotto. Heavily modified by Pat Patterson.