Welcome to Scribd!

APP Identity Security by Walter Wong

Uploaded by

0% found this document useful (0 votes)

125 views18 pages

Walter Wong is presenting on Windows Identity Foundation. The presentation includes an introduction to WIF and the challenges of identity, demonstrations of linking an identity provider to a relying party and consuming claims, and using ASP.NET membership and Active Directory Federation Services as credential stores. WIF provides a claims-based programming model integrated with .NET identity APIs to simplify authentication, authorization, and customization across ASP.NET and WCF applications.

Original Description:

Copyright

Available Formats

PDF, TXT or read online from Scribd

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Report this Document

Copyright:

Attribution Non-Commercial (BY-NC)

Available Formats

Download as PDF, TXT or read online from Scribd

Flag for inappropriate content

0% found this document useful (0 votes)

125 views18 pages

APP Identity Security by Walter Wong

Uploaded by

Microsoft TechDays APAC

Copyright:

Attribution Non-Commercial (BY-NC)

Available Formats

Download as PDF, TXT or read online from Scribd

Flag for inappropriate content

Jump to Page

You are on page 1of 18

Search inside document

Application: Whats your identity?

Walter Wong MVP Developer Security walter_wws@hotmail.com

Agenda
Todays Identity Challenge Introduction to Windows Identity Foundation Implementation of WIF

The Prisoner Model of Security

Credential Types / APIs

Credential Stores

User Attributes Stores

What is the problem?

Required great security knowledge Difficult to re-host

Identity in Real Life

? ? !
Gets user info from the document

Externalizes Authentication

Claims Can Set Application Free!

Identity Provider

ActiveToken Service Security Directory Federation Services 2.0

Claims Security Token Relying Party

Demo #1
Link up Identity Provider And Relying Party

Introducing WIF
Windows Identity Foundation Essential claims programming model Claims Object Model integrated with the .NET identity API Single programming model for ASP.NET & WCF Config driven Single programming model for on-premises & cloud Tools for metadata-driven automatic app configuration WS-Federation, WS-Trust Framework for custom STS development

Demo #2
Consuming Claims

ASP.Net Membership as Credential Store

Demo #3
ASP.Net Membership

ADFS as Credential Store

Demo #4
ADFS

Secure WCF Services

Demo #5
Secure WCF Services

Conclusions
Claims-base identity simplifies authentication, authorization and customization for your apps WIF makes easy for .NET developers to program with claims

Thank You Q&A

IBM WebSphere Application Server v7.0 Security
From Everand
IBM WebSphere Application Server v7.0 Security
Omar Siliceo
No ratings yet
Azure Key Vault Integration With IICS
Document23 pages
Azure Key Vault Integration With IICS
Orachai Tassanamethin
No ratings yet
Single Sign On
Document35 pages
Single Sign On
Deepthi Thilagar
0% (1)
04 Microsoftazurefundamentalssecurity 1606403886308
Document23 pages
04 Microsoftazurefundamentalssecurity 1606403886308
cvb vbn
No ratings yet
MVC With Angular Development
Document12 pages
MVC With Angular Development
Mauro Alfonso
No ratings yet
Mastering LOB Development for Silverlight 5: A Case Study in Action
From Everand
Mastering LOB Development for Silverlight 5: A Case Study in Action
Braulio DÃez
No ratings yet
Vs 1250 Certified Node Js Developer Brochure
Document5 pages
Vs 1250 Certified Node Js Developer Brochure
maqindia
No ratings yet
M06 - PaaS Security
Document87 pages
M06 - PaaS Security
dlafuented
No ratings yet
12 Ceh Hacking Web Applications
Document111 pages
12 Ceh Hacking Web Applications
Jacobus Booysen
0% (1)
Implementing Azure Active Directory
Document26 pages
Implementing Azure Active Directory
Ostilio Systems
No ratings yet
Tapaswini Ransingh
Document3 pages
Tapaswini Ransingh
sanjay.mysore.1947
No ratings yet
Jesal Patel Internship 3eY5UNvdBs
Document9 pages
Jesal Patel Internship 3eY5UNvdBs
abhiramfiverr
No ratings yet
AZ 900T00 Microsoft Azure Fundamentals 03
Document67 pages
AZ 900T00 Microsoft Azure Fundamentals 03
Richie Poo
No ratings yet
SSL VPN : Understanding, evaluating and planning secure, web-based remote access
From Everand
SSL VPN : Understanding, evaluating and planning secure, web-based remote access
Joseph Steinberg
No ratings yet
Intro - Web and Application Security
Document21 pages
Intro - Web and Application Security
Heenisha Lachemykanden
No ratings yet
Web Security (CAT-309) - Unit 1 Lecture 2
Document11 pages
Web Security (CAT-309) - Unit 1 Lecture 2
20BCA1382 GYAN VARDHAN
No ratings yet
Microsoft Azure Virtual Training Day Fundamentals Part 2
Document79 pages
Microsoft Azure Virtual Training Day Fundamentals Part 2
Hamza babar
100% (1)
Developing A Web Application by Using Silverlight
Document20 pages
Developing A Web Application by Using Silverlight
delfion
No ratings yet
Robust Cloud Integration with Azure
From Everand
Robust Cloud Integration with Azure
Gyanendra Kumar Gautam
No ratings yet
Mobilepki
Document48 pages
Mobilepki
Heta Desai
No ratings yet
Cyber Web App Security Roadmap v0 9
Document29 pages
Cyber Web App Security Roadmap v0 9
anil
No ratings yet
Cert-In Training Program For Government, Psus and Critical Sector Oragnizations
Document51 pages
Cert-In Training Program For Government, Psus and Critical Sector Oragnizations
Guru Prasath
No ratings yet
Single Sign-On: Vijay Kumar, CISSP
Document27 pages
Single Sign-On: Vijay Kumar, CISSP
api-27294532
No ratings yet
MVC Development Syllabus
Document11 pages
MVC Development Syllabus
adityabharti19854u
No ratings yet
Introduction To Web Engineering
Document34 pages
Introduction To Web Engineering
Muhammad Luqman khan
No ratings yet
Chaitanya Resume
Document4 pages
Chaitanya Resume
Rama Krishna
No ratings yet
Spring Security
Document2 pages
Spring Security
aymanmabdelsalam
No ratings yet
Koriscenje SSO - Uputstvo
Document20 pages
Koriscenje SSO - Uputstvo
Zoran
No ratings yet
Spi Workshop Preso Worm Hack2
Document56 pages
Spi Workshop Preso Worm Hack2
Parth R. Shah
No ratings yet
Beginning Access 2003 VBA
From Everand
Beginning Access 2003 VBA
Denise M. Gosnell
Rating: 5 out of 5 stars
5/5 (1)
Security Hardening Guide
Document21 pages
Security Hardening Guide
Deepak Thapa
No ratings yet
Lesson 7: Summarizing Virtualization and Cloud Concepts
Document17 pages
Lesson 7: Summarizing Virtualization and Cloud Concepts
DECC DESARROLLO EMPRESARIAL
No ratings yet
Vdocuments - MX - Mcsa 70 412 Chapter 06
Document56 pages
Vdocuments - MX - Mcsa 70 412 Chapter 06
bryan.mochizuki985
No ratings yet
WCF Security
Document116 pages
WCF Security
Vinay Bansal
No ratings yet
OCI Security: Rohit Rahi Oracle Cloud Infrastructure Feb 2020
Document19 pages
OCI Security: Rohit Rahi Oracle Cloud Infrastructure Feb 2020
Harish Naik
No ratings yet
Microsoft Certified Azure Developer Associate
Document8 pages
Microsoft Certified Azure Developer Associate
DotNetTricks
No ratings yet
Client Authentication Using Digital Certificates in Websphere Application Server Community Edition
Document19 pages
Client Authentication Using Digital Certificates in Websphere Application Server Community Edition
stevic
No ratings yet
SOA Security
Document48 pages
SOA Security
api-3829446
No ratings yet
Company Profile Orca Digital Indonesia
Document11 pages
Company Profile Orca Digital Indonesia
anya nyanya
No ratings yet
Untitled
Document316 pages
Untitled
Juanca
No ratings yet
IBmCloud Part1
Document97 pages
IBmCloud Part1
Nouradin Hassan Darar
No ratings yet
15 - Lesson 5C
Document19 pages
15 - Lesson 5C
ajay_anav
No ratings yet
IIT Roorkee CyberSecurity Brochure
Document15 pages
IIT Roorkee CyberSecurity Brochure
Nihal Reddy
No ratings yet
Implementing AD FS
Document39 pages
Implementing AD FS
Marculino Lima
No ratings yet
Auditing The Development of Web-Based Applications: Jian Zhen
Document44 pages
Auditing The Development of Web-Based Applications: Jian Zhen
Wajahat Ali
No ratings yet
Deploying and Managing Active Directory Certificate Services
Document30 pages
Deploying and Managing Active Directory Certificate Services
Feijao Rb
No ratings yet
Jeyaprakash (1 3)
Document7 pages
Jeyaprakash (1 3)
Rejo Antony
No ratings yet
Visual Basic Applications and Programming (Institute II
Document3 pages
Visual Basic Applications and Programming (Institute II
shahsapan
No ratings yet
Mastering Angular
Document9 pages
Mastering Angular
Akshay Rahane
No ratings yet
CISSP Session 04
Document93 pages
CISSP Session 04
wfelicesc
No ratings yet
Senior Software Engineer M: 9635954840 Email:: Experience Summary
Document4 pages
Senior Software Engineer M: 9635954840 Email:: Experience Summary
Rohit0506
No ratings yet
Certified Secure Web Application Engineer (CSWAE) Course Outline - Rev.2.1
Document4 pages
Certified Secure Web Application Engineer (CSWAE) Course Outline - Rev.2.1
Zidane Lance
No ratings yet
Mohammed Ismail Borkar CV
Document3 pages
Mohammed Ismail Borkar CV
gourav Gupta
No ratings yet
Core MVC
Document346 pages
Core MVC
ebunoluwakamikun
No ratings yet
Aws Cicd
Document33 pages
Aws Cicd
Narendra
No ratings yet
Virtualization and Cloud Computing: How To Manage The Risk?
Document20 pages
Virtualization and Cloud Computing: How To Manage The Risk?
Zza ZH
No ratings yet
MCSA Web 20486D - 02
Document19 pages
MCSA Web 20486D - 02
Anshu
100% (1)
CISSP Session 05
Document74 pages
CISSP Session 05
wfelicesc
No ratings yet
Introduction To API Security
Document33 pages
Introduction To API Security
Kalpa De Silva
No ratings yet
20486B 01
Document22 pages
20486B 01
iron 0494
No ratings yet
MSDN 2 - Ian Su
Document33 pages
MSDN 2 - Ian Su
Microsoft TechDays APAC
No ratings yet
TechNet 3 - Azra & Sanjay
Document49 pages
TechNet 3 - Azra & Sanjay
Microsoft TechDays APAC
No ratings yet
Heriyadi Janwar - Microsoft Openness
Document24 pages
Heriyadi Janwar - Microsoft Openness
Microsoft TechDays APAC
No ratings yet
Darmawan Suandi - Best Practice, .NET Performance and Optimization
Document6 pages
Darmawan Suandi - Best Practice, .NET Performance and Optimization
Microsoft TechDays APAC
No ratings yet
Microsoft Premier Support Increasing The Business Value of IT
Document14 pages
Microsoft Premier Support Increasing The Business Value of IT
Microsoft TechDays APAC
No ratings yet
Fuady Rosma Hidayat - Need Specific App in Share Point, Custom It!
Document24 pages
Fuady Rosma Hidayat - Need Specific App in Share Point, Custom It!
Microsoft TechDays APAC
No ratings yet
Hyper-V Security by Kevin Lim
Document44 pages
Hyper-V Security by Kevin Lim
Microsoft TechDays APAC
No ratings yet
Understanding and Implementing Windows Azure Platform Security - Lai Hoong Fai
Document28 pages
Understanding and Implementing Windows Azure Platform Security - Lai Hoong Fai
Microsoft TechDays APAC
No ratings yet
Darmawan Suandi - Best Practice, .NET Performance and Optimization
Document6 pages
Darmawan Suandi - Best Practice, .NET Performance and Optimization
Microsoft TechDays APAC
No ratings yet
Private Cloud Security Via Microsoft Forefront by Esmaeil Sara Bad Ani
Document30 pages
Private Cloud Security Via Microsoft Forefront by Esmaeil Sara Bad Ani
Microsoft TechDays APAC
No ratings yet
Gone (Your Privacy) in 32 Bit by Azra Rizal
Document16 pages
Gone (Your Privacy) in 32 Bit by Azra Rizal
Microsoft TechDays APAC
No ratings yet
What's New in Azure
Document20 pages
What's New in Azure
Microsoft TechDays APAC
No ratings yet
CC++ Security by Tim Chew
Document27 pages
CC++ Security by Tim Chew
Microsoft TechDays APAC
No ratings yet
Cloud Security by Sanjay Willie
Document44 pages
Cloud Security by Sanjay Willie
Microsoft TechDays APAC
No ratings yet