Wednesday Mar 04, 2009

THE .NET FEDLET APPROACHES! (Make spooky sounds as you read)



What's less than 1.5MB, SAML2 compliant and allows for super lightweight federation between an Identity Provider and a .NET Service Provider application? Yup . . . you guessed it! The .NET version of our game changing Fedlet. My .NET nerd friend and colleague, Giuseppe (also known as Gui), has just blogged about an updated prototype of the .NET Fedlet for people to try.

The key benefit of the Fedlet is that it's an appliance killer. Yup. I said it. An appliance killer! How you ask? Well the key reason we get requests for an appliance is because customers are searching for a simple way to enable partner federation with little effort. This is due to the fact that they want as little overhead as possible when trying to onboard a new partner.

Well, if you ask me having to maintain a federation deployment and infrastructure is still too high of a baseline and implies cost, cost, cost. The Fedlet is truly light and requires no hardware, maintenance, upgrades or license. That's right. I said no license. When you buy OpenSSO Enterprise you can provide as many Fedlets as you want to partners at no additional cost. In fact, Fedlets can also be enabled for multi-partner federation. Partners are covered under your OpenSSO license and can receive support at no extra charge. How's that for impacting Total Cost of Ownership?

The Fedlet will be officially supported in OpenSSO Express Build 8, which will be available July 2009.

Monday Mar 02, 2009

OpenSSO Feature Release Schedule Published

I am very excited to announce that the OpenSSO Feature Release Schedule is now available on wiki.opensso.org. The coolest thing about this schedule is that we are releasing product every three months!!!! Every build listed in this schedule is also supported by Sun, so if you put it in to development or production you always have the option to buy an OpenSSO Enterprise license or subscription to receive support and indemnification. Pretty cool stuff! Check out the schedule by clicking the image below.

Wednesday Feb 18, 2009

OpenSSO: Massive Verizon Wireless Deployment


What has over 40,000,000 users, 1,000,000 logins per day, and peaks at 4,000 logins per minute? Verizon's OpenSSO deployment, that's what!

At Gartner's Identity & Access Management Conference in Orlando this past fall, Verizon presented on how OpenSSO is being used to support Verizon.net. This is a great example of an IAM deployment that scales beyond belief.

The presentation shows how Sun's OpenSSO and Directory Server work together to provide unparalleled, mission critical service and scale. The cool thing about the preso is that Verizon also highlights that they replicated this deployment in less than 2 months to support 25 million users at Verizon Broadband! Wowza!

Download the presentation and enjoy the video below!

Tuesday Feb 17, 2009

Gartner IAM London After-Hours Party -- March 23rd

As Grand Poobah of Identity Festivities, I'd to invite all Gartner IAM attendees to join the Sun Identity Management Team and Accenture Team to an after-hours party in the Kingpin Suite at Bloomsbury Lanes where you can:

\* Enjoy delicious food and beverages
\* Bowl (top scoring bowler at the end of the night wins a prize pak)
\* Play pool and table tennis
\* Show off your Karaoke skills
\* Enter an onsite raffle to win a Wii console with WiiSports. Must be present to win.

When: Monday, March 23rd from 9:00 p.m. to 1:00 a.m.
Where: Kingpin Suite at Bloomsbury Lanes (basement of Tavistock Hotel on Bedford Way)

RSVP before March 20th and your cab fare to the party is on us! Gartner IAM Badge Required for Entry!

Look forward to seeing you there!

RSVP NOW!

Wednesday Feb 11, 2009

WEBINAR: Attacking complexity with simplicity - Sun Identity Management


The Sun Identity Team is kicking off a monthly webinar program outlining our overall portfolio and how it can help you solve everyday identity challenges. The first session will be held on February 18 at 8AM PT and will provide an overview around how Sun approaches everyday identity and offer an overview of our methodology to build strong identity foundation that lasts. So . . . what are you waiting for! Register for our life changing webinar now!

Monday Feb 09, 2009

OpenSSO Community Perk: 20% Discount to European Identity Conference, Munich

Great news! Anyone who registers and attends our OpenSSO Community Day in Munich will qualify for a 20% discount to the European Identity Conference (EIC), also in Munich. Our community day is on May 5 during the EIC preconference events and EIC officially begins on May 6.

To take advantge of this offer, all you need to do is register for our OpenSSO Community Day at Meeetup.com and register for EIC. The discount code to get 20% off is OPENSSO. We will be passing an attendance list to Kuppinger-Cole so you need to show-up to our community day to get this discount.

Saturday Feb 07, 2009

OpenSSO Community Day in Munich -- May 5, 2009


"Ohhhh, it's been a long journey from Munich to Minsk, Rochelle, Rochelle!"

You asked and we listened . . . OpenSSO Community Day 2.0 will be held in Munich for all of our European OpenSSO friends to attend for FREE!!! Hosted by our colleages at Kuppinger Cole, this event will be held during the European Identity Conference 2009 at the Deutschen Museum in Munich, Germany and sponsored by Sun Microsystems. This is another opportunity for OpenSSO contributors, deployers and users to come together in an informal 'unconference' setting.

Being an unconference, the only rigid item on the agenda will be to decide at 9am on the sessions for the rest of the day. You can show up and talk about any OpenSSO-related topic you like. Maybe you have an interesting deployment, a new extension or a nagging question - sessions can be discussions as much as presentations. Now, that doesn't mean that there need be zero preparation - if you have a session in mind, go to the wiki and add it there, so folks can get an idea of the likely content ahead of time. We've already posted a few ideas.

All are welcome, attendance is free, and lunch will be provided. We'll likely adjourn to a nearby bar at the end of the day to continue the conversation

We're using meetup.com to manage the registration process - just join the OpenSSO group and RSVP!

Thursday Feb 05, 2009

OpenSSO Enterprise 12 Month Outlook

A few weeks ago I did a customer webinar to about 150+ people on OpenSSO with Jamie Nelson, my engineering brother in arms. The preso outlines our direction over the next 12 months. Check it out. No muppet songs in this video.

OpenSSO Community Day Super Sized!


Due to early demand, the OpenSSO Community Day @ NYU has super sized to a larger room so that we can hold up to 75 participants! So . . . if you are working on an access management, federation, or a secure web services project using OpenSSO or are just interested in learning about open source web access management tools then sign-up before the registration fills! First come, first served!

I have to admit that when we were planning this event we thought the first event would be quite small. Maaaaaaaan were we wrong. People are really excited about our first community event and it's sparked some ideas on doing more events in other regions -- stay tuned Europa!

Register Now

Tuesday Feb 03, 2009

Roadmap Preview: 1x Password w/ Mobile Phone

At the end of last week, I did a write-up on how we are extending OpenSSO to include Service-Level Monitoring. Today I'd like to talk about 1x Password capabilities that we are adding to OpenSSO.

One time passwords are used when an organization wants a higher level of authentication for users trying to access a web application. That is, they want to require a second way to authenticate users, such as a physical token card, besides simply entering a user name and password. This is commonly seen in the financial services sector when trying to access bank accounts or when accessing a corporate intranet remotely.

The challenge with physical token cards is that they tend to be expensive to purchase and disseminate. As an alternative, we are in the process of adding capabilities to OpenSSO that allows a user to obtain a 1x password via your mobile phone (i.e. - using SMS text messages). This is not a replacement for traditional multi-factor authentication solutions, but rather a lightweight alternative for those that don't want to buy a robust offering to complement their web access management solution. The key benefit of this solution is that organizations will be able to lower operational expenses by allowing consumers to use their cell phones as a physical token device rather than buying a separate piece of hardware.

Above is a video of what we are building. The solution uses Open Authentication (OATH) to do standards-based strong authentication. It's still rough, but this will give you a taste of what we are building.

Friday Jan 30, 2009

Roadmap Preview: OpenSSO Service-Level Monitoring

A few weeks ago I blogged that I would start going in to detail on the OpenSSO roadmap. I've been a bit slow in doing this so no more procrastination on my side. Here's the skinny on service-level monitoring.

The goal of service-level monitoring is to provide standards-based way for systems management solutions to view reports on OpenSSO component behavior, quickly view a dashboard for trends and deloyment status, diagnose problems and set threshhold alarms. OpenSSO was instrumented with the Java Enterprise System Monitoring framework APIs, which is CIM compliant, but we are now expanding it to support SNMP and plain JMX to monitor deployment status.

Within the OpenSSO community we are actively working to develop robust monitoring for large-scale deployments that allows system and network administrators to proactively manage important enterprise assets that range from physical devices to systems and applications. Through our new service-level monitoring capabilities deployers will be able to monitor their deployment health, detect and diagnose problems and use reported metrics to size deployments.

The monitoring solution will use monitoring agents and leverage existing agents such as those provided with OpenDS, GlassFish and the Java Virtual Machine. The mosaic of agents will all reporting management data to a management console, which can aggregate the information and present a single consolidated view for administrators.

Data captured by the OpenSSO monitoring solution will fall into the following categories for each OpenSSO component:

\* Configuration overview : number of servers, auth modules, Realms, agent types, etc
\* Metrics related to resource usage : cache sizes, connection pools, sessions, etc
\* Counts on operations : authentication success/failures, authZ sucess/failures etc
\* Faults and diagnostics : server/agent down, ldap health, connectivity issues, etc
\* Thresholds and alerts : events emitted when certain configured limits are met -- number of authentication failures exceeds limit, number of in-memory session exceeds limit, etc.

The traditional commercial release of service-level monitoring is March 2010, but as you know we support features upon completion in OpenSSO Express Builds the moment they are done, so regularly check the OpenSSO project to "monitor" development status.

Tuesday Jan 27, 2009

OpenSSO Community Day @ NYU - March 17, 2009


Join us for the very first OpenSSO Community Day!

Hosted by New York University and sponsored by Sun Microsystems, this is an opportunity for OpenSSO contributors, deployers and users to come together in an informal 'unconference' setting.

Being an unconference, the only rigid item on the agenda is to decide at 9am on the sessions for the rest of the day. You can show up and talk about any OpenSSO-related topic you like. Maybe you have an interesting deployment, a new extension or a nagging question - sessions can be discussions as much as presentations. Now, that doesn't mean that there need be zero preparation - if you have a session in mind, go to the wiki and add it there, so folks can get an idea of the likely content ahead of time. We've already posted a few ideas:

OpenSSO Community Day Agenda

All are welcome, attendance is free, and continental breakfast plus lunch will be provided. We'll likely adjourn to a nearby bar at the end of the day to continue the conversation :-)

We're using meetup.com to manage the registration process. Join the OpenSSO group and RSVP. And don't delay - 5 of the 40 places are already gone!

Cheers

Friday Jan 16, 2009

OpenSSO Enterprise: Developer.com Security Product of the Year 2009!

HOORAY! Developer.com selected OpenSSO Enterprise as the Security Product of the Year. I definitely did a Pee Wee Herman dance (see below) when I saw this one. We're real proud of our relationship with the development community and make it a huge part of our focus. We're glad people are noticing and expect to see lots of great things out of the OpenSSO Community again this year. Congrats everyone!

Everyday Access Management Webinar

Hey All! As "Pat mentioned, I'm doing a webinar on Everyday Access, Federation and Secure Web Services on Tuesday, Januaray 21. Preso is aimed at highlighting the core problems that web access management tools address and a tiered approach to conquering them from easiest to hardest. If you want to hear my schpeal click the link below to register. I may not be the IdentiCat this time, but I promise to entertain and make some jokes at Pat's expense.

REGISTER NOW

Friday Jan 09, 2009

Ping Star Wars Parody: May the Schwaaaaartz be with you!


Happy New Year! I just finished watching a portion of the new Ping Star Wars parody. (Sorry Ping friends. I didn't make it through the entire thing. It's just reeeeeaaaal loooooong.) I have to laugh though when I see them making the open v. proprietary and big v. small argument because Ping's commercial product is closed and proprietary!

OpenSSO is 100% open source, has a thriving external community and is completely free in all aspects of the word. We have lots of stories of companies deploying it on there own without Sun knowledge and from an innovation stand point we are moving at a trailblazing pace.

So . . . In the spirit of openness, it's that time of year where I plan to outline what we'll be doing in the OpenSSO Project over the next few months. I plan to write a multi-part series outlining the major features we will be adding to the product. To give a teaser, the core features that I'll be writing about are listed below. Stay tuned for more details over the next week or so.

UPCOMING FEATURES FOR OPENSSO:

1. Service-level Monitoring - service-level monitoring for large scale deployments.

2. Access Entitlement Management - Fine grained authorization for protecting web objects

3. 1x Passwords using SMS - Light-weight two-factor authentication using mobile phones.

4. Password Replay / Enhanced Reverse Proxy - The ability to memorize and recall passwords for web-apps not protected by your single sign-on solution

5. Embedded Container Option - Embedding Glassfish Application Server in OpenSSO so you don't need to deploy and configure a container prior to deploying OpenSSO

6. Ease-of-Use Task Flows - Lots more task flows that make it easier than ever to use OpenSSO services

About

Read my extraordinary thoughts about the world of identity and access management. As an identity child prodigy, I have much to say about these subjects.

Search

Categories
Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today