Security - PowerPoint PPT Presentation

1 / 24
About This Presentation
Title:

Security

Description:

... code and user's data from each other and from malicious code packaged as bundles ... Code sanitation for doPrivileged. User interface, policy management ... – PowerPoint PPT presentation

Number of Views:14
Avg rating:3.0/5.0
Slides: 25
Provided by: eclip2
Category:
Tags: security

less

Transcript and Presenter's Notes

Title: Security


1
Security Identity From present to future
  • Matt Flaherty, IBM
  • Mary Ruddy, Meristic

2
Agenda
  • Securing the platform... security features in 3.4
  • Platform security... what's coming next
  • Beyond the platform.. Higgins identity framework
    1.0
  • Higgins identity framework... what's coming next

3
Platform security... what's available and where
  • The platform security goal
  • Protect the operating system, application code
    and users data from each other and from
    malicious code packaged as bundles
  • Security features to attain this span the
    software stack

Eclipse Platform
OSGi Service Platform
Java Runtime Environment
4
Platform security... what's available in the JRE
Java Runtime Environment
JCA
JCE
JAAS
JSSE
  • Java Cryptography Architecture
  • Java Cryptography Extensions
  • Java Authentication and Authorization Service
  • Java Secure Sockets Extensions

5
Platform security... what's available in OSGI
  • Support for Java features signing, permissions,
    etc
  • Strict classloading policies between bundles
  • Bundle private classes
  • Administrative services for permissions
  • org.osgi.service.PermissionAdmin
  • org.osgi.service.condpermadmin.ConditionalPermissi
    onAdmin
  • User registry for managing users and roles
  • org.osgi.service.UserAdmin

6
Platform security... what's available in Eclipse
  • Signature checking during bundle provisioning
  • NEW! Signature checking during bundle loading
  • NEW! Certificate management UI
  • NEW! Secure storage via preferences API
  • NEW! JAAS enhancements - declarative wiring,
    events

7
Platform security... what's coming next!
  • Manageable Java2 permission infrastructure
  • Code sanitation for doPrivileged
  • User interface, policy management
  • Expose certificate management facilities
  • Public APIs for label providers, viewers,
    wizards, etc
  • Trust model integration with OSGi, P2, ECF
  • Deeper JAAS integration
  • Potential RCP Lifecycle integration, Jobs
    integration
  • Identity management support with Higgins

8
How do you bring security and identity to
people? The web of today isnt people-centered
9
Its silo-centered
Site A
Site B
Site C
Site B
Type type type, click, click, click.
Clickety-clack, clickety-clack.
10
There is a better way
11
Automatic identity sharing
Site A
Site B
Site C
The BIG IDEA for People
Identity Selector
12
Automatic identity sharing
Site A
Site B
Site C
The BIG IDEA for People
Identity Selector
13
Automatic identity sharing
Site A
Site B
Site C
The BIG IDEA for People
Identity Selector
14
Then youd have Higgins
15
Higgins
Higgins 1 a species of Tasmanian long-tailed
mouse 2 an open source identity selector and
interoperability framework being developed by
IBM, Novell, Oracle, CA, Google, Parity
16
A consistent user experience across contexts
(including Financial Services, healthcare,
eCommerce) is the key to convenience and adoption
17
i-cards
Managed
Personal (self-issued)?
18
These i-cards are managed by an Identity Selector
  • Something that works on behalf of the user
    (citizen, patient, consumer). Really.

19
Click on a card
20
youre signed in.
  • (No password required)?

21
The Identity selector is powered by an
interoperability framework
22
Interoperability framework
Higgins Browser Extension
Apps
Identity Providers
Relying Parties
Apps and Services
Higgins Framework
Common data model
Plug-ins
CardSpace
Protocol Providers implement protocols for
interacting with Relying Parties
OpenID
RSS/Atom
SAML
I-Card Providers implement identity protocols and
card types
CardSpace Managed (WS-Trust)?
CardSpace Personal
Higgins Relationship
Token Providers implement different kinds of
security tokens
SAML
X509
Kerberos
UN/PS
Idemix
IdAS Context Providers connect to different
identity data sources
JNDI / LDAP
Enterprise Apps
RDF OWL
Active Directory
Comms Clients
23
Higgins 1.0 has just been released
  • 7 Solutions now available
  • Three Identity Selectors
  • 2 Identity Providers (WS-Trust and SAML2)?
  • A Relying Parity
  • Identity Attribute Service (interoperability
    framework)?
  • Coming in Higgins 1.1
  • Additional Identity Selectors
  • More Identity Protocols.
  • More i-card types

24
Legal information
  • IBM and the IBM logo are trademarks or registered
    trademarks of IBM Corporation, in the United
    States, other countries or both.
  • Java and all Java-based marks, among others, are
    trademarks or registered trademarks of Sun
    Microsystems in the United States, other
    countries or both.
  • Eclipse and the Eclipse logo are trademarks of
    Eclipse Foundation, Inc.
  • Other company, product and service names may be
    trademarks or service marks of others.
  • THE INFORMATION DISCUSSED IN THIS PRESENTATION
    IS PROVIDED FOR INFORMATIONAL PURPOSES ONLY.
    WHILE EFFORTS WERE MADE TO VERIFY THE
    COMPLETENESS AND ACCURACY OF THE INFORMATION, IT
    IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND,
    EXPRESS OR IMPLIED, AND IBM SHALL NOT BE
    RESPONSIBLE FOR ANY DAMAGES ARISING OUT OF THE
    USE OF, OR OTHERWISE RELATED TO, SUCH
    INFORMATION. ANY INFORMATION CONCERNING IBM'S
    PRODUCT PLANS OR STRATEGY IS SUBJECT TO CHANGE BY
    IBM WITHOUT NOTICE.
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Security" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!