Post on 26-Jan-2015
description
transcript
Enterprise Security & Identity Management with WSO2 Identity Server
Prabath Siriwardena Hasini Gunasinghe
Enterprise Security & Identity Management Use Cases
Use cases taken from Healthcare IT domain
Use Case 1
Managing identity and entitlements of the users securely & efficiently.
Use Case 1 with WSO2 IS
User & role management Active
DirectoryClaim
management
Profile management
Self service
Exposing over standard APIs
JDBC
LDAP
Custom user
stores
Use Case 2
Create, maintain and terminate user accounts along with user identities across multiple systems including cloud applications.
Internal apps
Provisioning system
Other cloud apps/services
LDAP
Use Case 2 with WSO2 IS
Use Case 3
When there are multiple applications which require authentication, users should be able to login at one place and still have seamless access to all the other applications.
Use Case 3 with WSO2 IS
Use Case 4Authorizing users to perform patient management operations based on fine grained rules :
• Add – Allowed only for users in admin role
• Update – Allowed only for doctors of medicare.com during working hours
• View one – Allowed for doctors and nurses of medicare.com
• View all – Allowed only for doctors of medicare.com
• Delete – Allowed only for users in admin role
Use Case 4 with WSO2 Products
Use Case 5
A doctor from MediHealth – which is a partner of MediCare should be able to view records of a patient under his/her consultancy.
Use Case 5 with WSO2 Products
Secure Token Service of
MediHealth
MediHealth
MediCare
MediHealthcredential
store
Patient’s Records:Name:Age:Medications:
Secured Proxy
1
23
4
Use Case 6
Enable internal users as well as general public to authenticate to the collaborative portal based on Liferay using a common authentication mechanism.
Use Case 6 with WSO2 IS
3
3
1
2
1 – provide OpenID URL2 – discover OpenID provider3 – provide credentials and authenticate
Exercises
Question 1:
• Doctors of MediCare needs to retrieve their channeling appointment details in their mobile phones from a backend REST service.
Exercises
Question 2:
• Doctors in a research role of MediCare needs to import electronic medical records of patients into a web based analysis application from the backend system.
Exercises
Question 3:
• External researcher who authenticates to the collaborative portal using OpenID needs to access a BE service which requires a SAML token with certain identity information, in order to obtain anonymized electronic health records.
Exercises
Question 4:
• MediCare expands globally with many branches – each maintaining their own user store and Identity Provider. How a doctor from SL branch can access the patient management portal of the india branch?
Thank you