the platform big picture
TRANSCRIPT
Copyright © Identity Summit 2015, all rights reserved.
The Platform Big Picture Jamie Nelson, SVP of Global Engineering, ForgeRockJohn Barco, VP of Product Management, ForgeRock
Copyright © Identity Summit 2015, all rights reserved.
• Attribute Data Store• Password Policy Store
• API / Mobile Gateway• App / SSO Gateway
• Registration & Self-Service• Auditing & Reporting• Workflow & Business Logic
• Authentication & Session• Authorization & Policy• Adaptive Risk• Federation
Port
als,
app
licati
ons,
web
ser
vice
s, A
PIs
APIs
Enterprise Apps
Partners
Cloud AppsIDM Connectos
Agents
Standards
API
Standards-Based Gateway
LDAP
REST
APIs
Data
Copyright © Identity Summit 2015, all rights reserved.
Return on Identity
Platform Levers for Maximizing ROI
API Economy
IoTScale
IoT Ready
Privacy &Consent
Security DataEnrichment
Run Anywhere
Copyright © Identity Summit 2015, all rights reserved.
API EconomyAPI Gateway
e.g. API
Client ResourceAuthN
• Secure services with standards
• Enable monetization with auditing and throttling
• Publish APIs to developers
• Integrate with any Identity Provider
Copyright © Identity Summit 2015, all rights reserved.
Internet of Things ScaleStateless Sessions
12:00:00 AM
1:00:00 AM
2:00:00 AM
3:00:00 AM
4:00:00 AM
5:00:00 AM
6:00:00 AM
7:00:00 AM
8:00:00 AM
9:00:00 AM
10:00:00 AM
11:00:00 AM
11:59:59 AM
Demand
Clus
ter S
ize
Internet
Elastic Load Balancer
• Built on new stateless sessions• JWT-based sessions• Per-Realm configuration• Enables true elastic deployment• Massive horizontal scalability
Copyright © Identity Summit 2015, all rights reserved.
Privacy & ConsentUser Managed Access (UMA)
• Standards based privacy and consent
• Giving people the right to control access to their data across providers
• Interoperable OAuth2-based protocol
• Shipping as an integrated feature of OpenAM and OpenIG
Copyright © Identity Summit 2015, all rights reserved.
SecurityContinuous Authorization
OpenAM Session
Contextual Change
System Detects New Location
System detects change during session and
requests 1x password
• Context based authentication and authorization
• Includes the device print and request context in the policy evaluation
• Custom logic easily integrated into Policy decisions with JavaScript, Groovy, or Java
• REST-calls to external Policy Information Points
Copyright © Identity Summit 2015, all rights reserved.
Data EnrichmentCommon Audit Framework
Send to Multiple Targets
Copyright © Identity Summit 2015, all rights reserved.
MANAGE
PUBLICCLOUD
PRIVATECLOUD
Run AnywhereOptimize for Next Generation DevOps Tools
• Focus on enabling common “DevOps” tools
• Base line parameterized scripts and tooling
• Integration and protection of PaaS environments and applications
• IDP provider and integration with top IaaS and PaaS platforms
Copyright © Identity Summit 2015, all rights reserved.
Return on Identity
Platform Levers for Maximizing ROI
API Economy
IoTScale
IoT Ready
Privacy &Consent
Security DataEnrichment
Run Anywhere