|
K. Scott Morrison is the VP of Engineering and Chief Architect at Layer 7 Technologies, where he is leading a team to develop the next generation of security infrastructure for Web services. An architect and developer of highly scalable, enterprise systems for over 15 years, he has extensive experience across industry sectors as diverse as health, travel and transportation, and financial services. Scott has also been a Director of Architecture and Technology at Infowave Software, a maker of wireless security and acceleration software for mobile devices, and held senior architect positions with IBM. Before shifting to the private sector, he spent a number of years at the world-renowned medical research program of the University of British Columbia, studying neurodegenerative disorders using medical imaging technology. Scott is a dynamic and highly sought-after speaker. He has published over 50 book chapters, magazine articles, and papers in medical, physics, and engineering journals. He is the recent co-author of Java Web Services Unleashed and Professional JMS. Scott is an editor of the WS-I Basic Security Profile, as well as a co-author of the WS-Federation specification. His current interests are in Web services security, secure mobile computing, grid systems, and enterprise system architectures. Â Â
|
|
|
|
Presentation
Federating Identity in SOA
Federated Identity allows users to seamlessly operate across different systems, even if these reside in different security domains. This is a logical extension to single sign-on, in which an identity context can propagate between local systems without constant re-input/re-validation of credentials. Web browser-based federation is on track to becoming a mainstream technology in government and the private sector. But can the same standards, techniques and infrastructure be used to federate generalized applications in a SOA? The answer is complicated. Federation, it turns out, is considerably more difficult in an application-to-application environment and requires a different approach to architecture and deployment. In this session, we will understand why SOA federation is more complex than conventional web federation. We will explore how standards such as WS-Federation and Liberty are providing the building blocks for federated communications. Finally, we will examine the critical architectural patterns and infrastructure that need to be considered to build a secure SOA.
return
to program
|
|
|