During the next couple of weeks, Southworks will be presenting together with a Fortune 500 pharmaceutical company a project that we’ve developed during the last couple of months around Claims Based Federated Identity and the Cloud. Hong Choing and Ben Flock from Microsoft DPE are hosting the event in New Jersey and Boston and kindly invited us to share with other organizations from the Life Science industry the work we’ve done together.
We will be presenting 3 different scenarios and how we approached them using Federated Identity (ADFS and Windows Identity Foundation) and Cloud Computing (Windows Azure and Amazon EC2). We will talk about the architecture behind, involving an ADFS acting as a Federation Hub, the notion of different level of trusts/assurance and the inclusion of social identity providers like Facebook, Yahoo, LiveId, Twitter, etc.
The solution shows
- A web site hosted on Windows Azure that is something like “Federated SkyDrive” where a user can assign cross-organization permissions based on email, group and organization claim.
- Organizations plugged to the hub using identity providers like ADFS, CA SiteMinder or PingFederate
- Other organizations plugged to the hub using social identity providers like Facebook, Yahoo, Google, Twitter, LiveID
- Different level of trusts depending on the identity provider that issued the token
- Multiple cloud computing providers like Amazon EC2 hosting an ADFS v2 and Windows Azure hosting the website
|The scenario and architecture used is similar to the one we described in the Federation with Multiple Partners chapter of the Claims-Based Identity and Access Control guide from patterns & practices. The guide was key to help some of the stakeholders understand the concepts and artifacts of the solution.|
With the advent of the cloud, the need of collaborating fast and securely between organizations in a cost effective way, these kind of concepts and architectures should become the de-facto solution. Looking forward to that future!