Anders Abel: Federative Identity and Access Management in the Cloud - Level: 200

Anders Abel: Federative Identity and Access Management in the Cloud - Level: 200

M5

Level: 200, Utvecklare

Denna session tillhör spåret Architecting in the New World.

Authentication used to be simple, just a simple user name and password dialog and it worked. It is not the same any more. Application logic is moving out from the server to browser single page applications and mobile apps. They are all clients calling API:s that need to be properly secured.

Organisations expect applications to be able to use their existing user stores instead of having to register users in every single application. Any decent cloud offering must be able to federate with existing user directories. More and more, organisations even expect their applications to be able to accept users from partner organisations.

Identity and Access Management is no longer an internal issue for applications. Modern applications must work well in a landscape where user identities are federated across organisation borders and the cloud is a first-class citizen.

This session gives an overview of the identity and access management landscape. It shows how the federation gateway architectural pattern can decouple applications from authentication. The resulting architecture is flexible and can be scaled to work with many applications and user stores.

Main target: Utvecklare