Matt Flaherty, IBM Mary Ruddy, Meristic. Security & Identity : From present to future. Agenda. Securing the platform... security features in 3.4 Platform security... what's coming next Beyond the platform.. Higgins identity framework 1.0 Higgins identity framework... what's coming next.
Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.
Mary Ruddy, MeristicSecurity & Identity : From present to future
Securing the platform... security features in 3.4
Platform security... what's coming next
Beyond the platform.. Higgins identity framework 1.0
Higgins identity framework... what's coming next
The platform security goal:
Protect the operating system, application code and user’s data from each other and from malicious code packaged as bundles
Security features to attain this span the software stack
OSGi Service Platform
Java Runtime Environment
Java Runtime Environment
Support for Java features: signing, permissions, etc
Strict classloading policies between bundles
Bundle “private classes”
Administrative services for permissions
User registry for managing users and roles
Signature checking during bundle provisioning
NEW! Signature checking during bundle loading
NEW! Certificate management UI
NEW! Secure storage via preferences API
NEW! JAAS enhancements - declarative wiring, events
Manageable Java2 permission infrastructure
Code sanitation for doPrivileged
User interface, policy management
Expose certificate management facilities
Public APIs for label providers, viewers, wizards, etc
Trust model integration with OSGi, P2, ECF
Deeper JAAS integration
Potential: RCP Lifecycle integration, Jobs integration
Identity management support with Higgins
The web of today isn’t people-centered
Type type type, click, click, click. Clickety-clack, clickety-clack.
1: a species of Tasmanian long-tailed mouse
2: an open source identity selector and interoperability framework being developed by IBM, Novell, Oracle, CA, Google, Parity…
Something that works on behalf of the user (citizen, patient, consumer). Really.
Click on a card Financial Services, healthcare, eCommerce) is the key to convenience and adoption
(No password required)
Higgins Browser Extension
Protocol Providers implement protocols for interacting with Relying Parties
I-Card Providers implement identity protocols and card types
CardSpace Managed (WS-Trust)
Token Providers implement different kinds of security tokens
IdAS Context Providers connect to different identity data sources
JNDI / LDAP
7 Solutions now available
Three Identity Selectors
2 Identity Providers (WS-Trust and SAML2)
A Relying Parity
Identity Attribute Service (interoperability framework)
Coming in Higgins 1.1
Additional Identity Selectors
More Identity Protocols….
More i-card types
IBM and the IBM logo are trademarks or registered trademarks of IBM Corporation, in the United States, other countries or both.
Java and all Java-based marks, among others, are trademarks or registered trademarks of Sun Microsystems in the United States, other countries or both.
Eclipse and the Eclipse logo are trademarks of Eclipse Foundation, Inc.
Other company, product and service names may be trademarks or service marks of others.
THE INFORMATION DISCUSSED IN THIS PRESENTATION IS PROVIDED FOR INFORMATIONAL PURPOSES ONLY. WHILE EFFORTS WERE MADE TO VERIFY THE COMPLETENESS AND ACCURACY OF THE INFORMATION, IT IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, AND IBM SHALL NOT BE RESPONSIBLE FOR ANY DAMAGES ARISING OUT OF THE USE OF, OR OTHERWISE RELATED TO, SUCH INFORMATION. ANY INFORMATION CONCERNING IBM'S PRODUCT PLANS OR STRATEGY IS SUBJECT TO CHANGE BY IBM WITHOUT NOTICE.