Upload
nathaniel-palmer
View
3.417
Download
0
Embed Size (px)
DESCRIPTION
Citation preview
Welcome Pat G. Cappelaere
President / CEOVightel Corporation
Session Title:Workflows, Identity 2.0 & Delegated Authorization
April 21-23, 2008 Renaissance Washington, DC
The RESTFul Way 安らぎの道
SOA Journey: Two Paths
April 21-23, 2008 Renaissance Washington, DC
WOAFocused on Describing Operations
April 21-23, 2008 Renaissance Washington, DC
ROAFocused on Resources Of Value to A User
ROA
WOA
April 21-23, 2008 Renaissance Washington, DC
April 21-23, 2008 Renaissance Washington, DC
April 21-23, 2008 Renaissance Washington, DC
REST+
APP +…
I cannot drink zis!
http://host/R
CRUD
Business Case
Workflows, Identity 2.0 & Delegated Authorization
Who Is The Customer?
Science
DoD
Red Cross/First Responders
Web Services Access
What Does Our Customer Really Want?
Flood. . . . .
Flood
Science
DoD
Red Cross/First Responders
Security Problems
Manage Users
Authenticate/Authorize
Control Access
Delegate User Authority To Workflows
And Still Need Fairly Secure Transactions
WfCS Issues
Standardize API in a RESTFul Way
Discover Workflows
Many Workflow Engines!
April 21-23, 2008 Renaissance Washington, DC
Identity 2.0
Delegate User Identity to Trusted Identity Providers
Provides Single Sign-on Across Enterprise
Provides Profile Exchange Capabilities
Benefits:Simplify Password Management
Accept Users From Specific Communities of InterestDerive Access Privileges From Exchanged ProfileRESTFulMinimum Infrastructure Requirement
Dick Hardt, Founder & CEO, Sxip Identity
Web Services Secure Communications
Basic Authentication
SSL / PKI
OAuth 1.0 And User Pre-Approved Transactions
WebConsumer
WebProvider
WebConsumer
WebProvider
April 21-23, 2008 Renaissance Washington, DC
OAuth 1.0
Uses HTTP Authentication Header
http://oauth.net/
POST http://eo1.geobliki.com/sps HTTP/1.1Connection: closeAccept: */*Content-Type: application/x-www-form-urlencodedAuthorization: OAuth realm="/geobliki/sps", oauth_nonce="DknhjM5kkvhS1yT8dWgjTXzG3D8CpUQpd1c5zDx16cw", oauth_signature_method="HMAC-SHA1", oauth_token="http%3A%2F%2Fcappelaere.pip.verisignlabs.com%2F", oauth_timestamp="1206048828", oauth_consumer_key="test", oauth_signature="8N2tOq6KEj%2FSWCjDHs63ncYNVO8%3D", oauth_version="1.0"Content-Length: 1041Host: eo1.geobliki.com
April 21-23, 2008 Renaissance Washington, DC
Web Service Orchestration
Workflow EngineBPMN, XPDL…
But You Want To Keep it SimpleFor Your Service Provider PartnersFor Yourself
RESTFul Web Services Including Engine Itself
Workflow Reference Model
From SOAPy WfXML 2.0 to WfXML-R
QuickTime™ and a decompressor
are needed to see this picture.
Putting it Together
April 21-23, 2008 Renaissance Washington, DC
Applications
GEO/GEOSS, CEOS, IFRCSouth Africa Wild Fires Monitoring (fire)Mozambique Floods (flood)Southern California Fires (fire)Empire Challenge 08 (red dye, ships, fire)
Workflow Discovery
CS/W Is Now An Automated Feed Aggregator
April 21-23, 2008 Renaissance Washington, DC
Lessons Learned
Security is achievable using existing standards
Workflows Can Be Discovered Easily!
Everything is a Workflow!
April 21-23, 2008 Renaissance Washington, DC
Thank You!
Pat G. CappelaerePresident / CEOVightel Corporationhttp://www.vightel.com
Contact Information:443 283 [email protected]