barcamp hong kong 2015 - authbucket - open source identity management system
TRANSCRIPT
BarCamp Hong Kong 2015
AuthBucket - Open SourceIdentity Management System
PantaRei Design LimitedWong Hoi Sing, Edison
2015 Oct 17th
Edison Wong
• 2005 - Drupal Developer & Contributor– https://drupal.org/user/33940
• 2008 - HKDUG Co-founder– https://groups.drupal.org/drupalhk
• 2010 - CEO, PantaRei Design– [email protected]
Edison Wong
• 2005 - Drupal Developer & Contributor– https://drupal.org/user/33940
• 2008 - HKDUG Co-founder– https://groups.drupal.org/drupalhk
• 2010 - CEO, PantaRei Design– [email protected]
PantaRei Design• Everything Changes and Nothing Remains Still
• Reinvent Enterprise with Open Source Software and Cloud Computing
• Hong Kong based FOSS service provider– Content Management System (CMS) with Drupal– Cloud Hosting Solution with Amazon Web Services (AWS)– Team collaborate solution with Atlassian
• Business Partner with industry leaders– 2012, AWS Consulting Partner– 2013, Acquia Partner– 2013, Atlassian Experts– 2014, Rackspace Hosting Partner
• http://pantarei-design.com
Outline
• AuthBucket in 3 mins
• What is Identity Management System (IMS)?
• Why Do I Need IMS?
• Development Roadmap
• What's Next?
AuthBucket in 3mins
• AuthBucket is an Enterprise IdentityManagement System with Open SourceSoftware, allowing users securely manageand utilize their profile across multipleWebs/Apps/Devices under enterpriseenvironment.
• OAuth2.0, RESTful, PHP, Drupal, OSS
AuthBucket in 3mins (cont.)• The Identity Management System market would be forecast as
USD18B in 2019, as a double when compare with that on 2014with USD9B.
• Most existing solution are specialized design for family-softwareproduct, in proprietary and close-source software style, withexpensive deployment and maintenance cost.
• From the other point of view, AuthBucket will coming withgenerically design for any Webs/Apps/Devices, managed in Freeand Open Source Software style, and charing customers basedon support service subscription which create the real value.
What is Identity ManagementSystem (IMS)?
• An identity management system refers to an informationsystem, or to a set of technologies that can be used forenterprise or cross-network identity management
• Additional terms are used synonymously with "identitymanagement system" including;– Access governance system– Identity and access management system– Entitlement management system– User provisioning system
16
Social Media Authentication
17
Social Media Authorization
18
Unify Authorization Sample
19
Unify Authorization Sample
Why Do I Need IMS?
• Company can share authenticated useramong groups of websites
• Company can get completed user profilewith authenticated social network
• User can share content thru single pointto unlimited social network
• User update profile thru single point tounlimited social network
21
For Now
Tweeter
User
(Client Side)
Developer
(Develop Side)
N-N Mapping
Request (API)
Resources
22
With AuthBucket
Tweeter
Google+
User
(Client Side)
Developer
(Develop Side)
AuthBucket
• (Service & Product)
N-1 Mapping 1-1 Mapping
Resources
Resources
Request (API) Request (API)
23
Development Roadmap
Alpha Release
6 Months 6 Months 6 Months
Beta Release
Public RC
24
Development Roadmap (cont.)
• 6th Months (Alpha Release)– For Developer– Simple CLI/API/SDK for multiple Webs/Apps/Devices
integration and development– Support multiple web open standard protocols such as
OAuth/SAML/OpenID/JWT/etc– Running on-premises or in the cloud– Scalable and reliable no matter how big the user base is
• Developer can save time and focus on what really matters
25
Development Roadmap (cont.)
• 12th Months (Beta Release)– For Administrator– Allow Users to authenticate securely by using
● Popular social providers such as Facebook/Twitter/LinkedIn/etc, or● Enterprise internal identity provider such as AD/LDAP/SAML/etc, or● AuthBucket locally managed user credentials
– Provides powerful reporting and analytic so Administratorcan easily see what's going on
26
Development Roadmap (cont.)
• 18th Months (Public RC)– For Users– Simple profile management with mobile-friendly Web interface– Sign into multiple Webs/Apps/Devices with single user account– Control the authorization about which Webs/Apps/Devices can
access their data– Connect with their public social network account
• User authentication and authorization is managedconsistently across the user’s device of choice
27
28
29
30
31
What's Next?
• Drupal 8.0.x + authbucket/oauth2-php– OAuth2.0 on top of core RESTful support– Utilize core user management functionality– Utilize LDAP support– Utilize 3rd party plugin system– CLI/API/SDK for simple deployment and
integration
What's Next? (cont.)
• Bootstrap + AngularJS + Cordova– Single Page Architecture– Focus on Mobile Responsive UI/UX– Functionality provided by backend CLI/API/SDK– Not only for WebApps, also as Native Apps
What's Next (cont.)
• 3rd Party Integration– SDK, e.g. WordPress/Drupal/Joomla/Moodle/etc– Social Network integration, e.g. FB/TW/G+/etc– 2-step Verification
What's Next (cont.)
• Fork from GitHub– Report bug– Comment with your idea– Send us Pull Request
• Subscript our mailing list
Q&A
References
• http://authbucket.com/
• https://github.com/authbucket/oauth2-php
• http://oauth2-php.authbucket.com/
• https://www.drupal.org/project/oauth2
• https://en.wikipedia.org/wiki/OAuth
• http://oauth.net/2/
• https://auth0.com/why-auth0
Thank You
• Please feel free to contact us:– PantaRei Design Limited– Unit 326, 3/F, Building 16W
No.16 Science Park West AvenueHong Kong Science Park, Shatin, N.T.
– Phone: +852 2576 3812– Fax: +852 3753 3663– Email: [email protected]– Web: http://pantarei-design.com