ebook img

How I Built an IAM System using Java and Apache Directory Fortress PDF

100 Pages·2016·5.43 MB·English
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview How I Built an IAM System using Java and Apache Directory Fortress

How I Built an Access Management System Using Apache Directory Fortress Shawn McKinney May 13, 2016 ApacheCon NA, Vancouver Session Objectives  Learn about some access management specifications  Take an unflinching view of an open source project named Apache Directory Fortress ApacheCon NA, Vancouver 2016 2 Introductions Shawn McKinney • Software Architect • PMC Apache Directory Project • Engineering Team ApacheCon NA, Vancouver 2016 3 Session Agenda • Examine specs, req’s and designs to create an access mgmt product. • Intro to Apache Fortress – Project Stuff – Demo(s) Image from: HTTP://EVENTS.LINUXFOUNDATION.ORG/EVENTS/APACHECON-NORTH-AMERICA ApacheCon NA, Vancouver 2016 4 Cut to the Chase The recipe for any successful technology project: Mix well: • Well defined set of functional specifications • Understanding of the non-functional requirements • Usage of common platform elements • Practice accepted development methodologies ApacheCon NA, Vancouver 2016 5 Specs & Requirements What do we Build? Image from: http://www.cockpitseeker.com/aircraft/ ApacheCon NA, Vancouver 2016 6 System Requirements • Policy Enforcement APIs – Works on multiple platforms • Authentication – Works within various protocols, i.e. SAML, OpenID Connect • Authorization – Fine-grained and standards-based • Audit Trail – Centralized and queryable • Administration – Manage policy lifecycle • Service-based SLA – Security, performance, and reliability ApacheCon NA, Vancouver 2016 7 Why Use Functional Specifications? • Saves the trouble (and risk) of deciding what to do. • Instead we get to focus on the how. ApacheCon NA, Vancouver 2016 8 Which Functional Specifications • Protocols Must Be Standards-Based: – Role-Based Access Control - ANSI INCITS 359 – Attribute-Based Access Control (ABAC) – IETF Password Policies (Draft) – ARBAC02 Delegated Administration Model ApacheCon NA, Vancouver 2016 9 Role-Based Access Control (RBAC) ApacheCon NA, Vancouver 2016 10

Description:
Authorization – Fine-grained and standards-based. • Audit Trail Role-Based Access Control - ANSI INCITS 359 .. Practice makes perfect. 57.
See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.