Cloud Identity Access Control Services Cloud Computing Soup

Cloud Identity & Access Control Services Cloud Computing Soup to Nuts Mike Benkovich Microsoft Corporation www. benko. Tips. com - @mbenko btlod-74

Azure Compute ü ü Caching CDN Storage Database Additional Services ü ü Service Bus Reporting ü ü Data Sync Azure Connect ü ü Identity HPC

Who are you?

Really?

Can you prove it?

Identity in the cloud

geeks

security

Identity

definitions

ACS authenticate • Standards-based authorize

Sequence Identity Provider Browser Access Control Application 1. Request Resource 2. Redirect to Identity Provider 4. Authenticate & Issue Token 3. Login 5. Redirect to AC service 6. Send Token to ACS 8. Redirect to RP with ACS Token 9. Send ACS Token to Relying Party 11. Return resource representation 7. Validate Token, Run Rules Engine, Issue Token 10. Validate Token

Features • WIF Claims-based formats • OData-based

Configuring • Provision http: //windows. azure. com https: //<namespace>. accesscontrol. windows. net identity providers relying rules

Configuration demo

Identity STS Reference http: //bit. ly/bqt. WIFsdk issuer

ACS + Web demo

Device http: //acs. codeplex. com Nu. Get PM> Install-Package Phone. Identity. Access. Control. Base. Page http: //bit. ly/bqt. WATWP http: //bit. ly/bqt. WATAndroid http: //bit. ly/bqt. WATi. OS

ACS + Mobile demo

providers http: //bit. ly/bqt. Az. Reg. SQL

Providers demo

Summary simplify identity providers STS reference

http: //www. benkotips. com • http: //bit. ly/s 2 n. Cloud http: //aka. ms/Waz. OH-Live