December 07, 2007
COLOMBO, Sri Lanka, and MOUNTAIN VIEW, Calif., Dec. 11 -- WSO2, the open source SOA company, announced today the launch of the WSO2 Identity Solution (IS) to help customers address the challenges of managing user identities in Web applications and protect against attacks, such as phishing. Providing an easy-to-use management console, the highly interoperable WSO2 IS removes the barriers to implementing consistent identity management across the many applications, data sources and services that comprise a service-oriented architecture (SOA).
The WSO2 IS enables LAMP and Java Web sites to provide strong authentication based on the new interoperable Microsoft CardSpace technology, which is built on the open standards Security Assertion Mark-up Language (SAML) and WS-Trust. WSO2’s new open source security offering features an easy-to-use Identity Provider that is controlled by a simple Web-based management console and supports interoperability with multiple vendors’ CardSpace components, including those provided by Microsoft .NET. The WSO2 IS also works with enterprises’ current identity directories, such as those based on the Lightweight Directory Access Protocol (LDAP) and Microsoft Active Directory, allowing them to leverage their existing infrastructure.
“The inherent heterogeneous nature of modern SOA and Web applications brings a new challenge in managing and protecting the identities of the users it serves,” said Sanjiva Weerawarana, CEO of WSO2. “With our new Identity Solution, we can help developers and administrators solve this challenge using open standards and open source to deliver a proven secure and interoperable system with a simple, intuitive interface that anyone can readily use.”
WSO2 Open Source Approach to Identity Metasystem
CardSpace is Microsoft’s approach to the Identity Metasystem, an interoperable architecture for digital identity that has emerged to address the growing problem of securely maintaining and managing identities across extended spaces, including large enterprises and the Web. WSO2’s Identity Solution offers customers a new open source alternative that works with popular open source and Java websites while supporting the new CardSpace approach found in Microsoft’s Internet Explorer 7.0 browser and Mozilla’s Firefox.
Built on a core of open standards such as SAML and WS-Trust with proven interoperability, the WSO2 IS ensures interoperability with CardSpace components from different vendors. At the same time, it allows easy integration and migration of traditional identity management solutions to CardSpace-based identity management. The WSO2 Identity Solution also works closely with existing websites, including those built on the market-leading Apache HTTPD and Tomcat servers, as well as many PHP, LAMP and J2EE servers.
By working with existing IT infrastructures, the WSO2 IS helps enterprises to address the top identity management issues they face today, including:
WSO2 Identity Solution Features
The WSO2 IS features two primary components: the Identity Provider and Relying Party Component Set.
The Identity Provider is an application that provides the ability to issue “cards” -- a new cross-vendor standard for identity management. WSO2 supports both managed information cards, which are issued by the Identity Provider and backed by a username and password, as well as self-issued cards, which enable users to manage their own identities using software in their browsers. Once a user has a card, this can be used to login to any Web application that supports CardSpace authentication. One key benefit is that the security details are only stored by the trusted Identity Provider -- the Web site doesn’t need to store any passwords or other personal details. Key features of the Identity Provider include:
The other key part of the WSO2 Identity Solution is the Relying Party Component Set which plugs into the most common website servers to add support for CardSpace authentication requests. At the core is the Apache HTTPD module (mod_cspace), which processes incoming CardSpace authentication requests and provides the extracted information from the received token to the Web application. Because this is independent of any server-side Web framework, the module can be used to set up CardSpace authentication with any Web framework running on Apache2, including PHP, Python and Perl applications.
Significantly, the Apache HTTPD Relying Party component enables CardSpace authentication for both dynamic Web applications and static content, including a special feature to allow access control for static content in Apache HTTPD. Other key features of the Apache HTTPD module include an easy integration interface for developers; simple configuration for server administrators; and support for leading content management frameworks, such as Drupal and MediaWiki. In addition, the Relying Party support includes a Java servlet filter that provides an easy integration point for J2EE-based Web applications, including the popular Apache Tomcat and JBoss application servers.
Service and Support Options
WSO2 offers a range of service and support options for the WSO2 Identity Solution. These include full commercial support, training, consulting, custom development, and sponsorship of open source feature development. For information on the webinars, as well as service and support fees, visit www.wso2.com. Additionally, the WSO2 Oxygen Tank (wso2.org) is an open portal that provides in-depth product information, tutorials, tools, forums, wikis and more.
WSO2 is the open source SOA company founded by pioneers in Web services and of members of the Apache Software Foundation Web services community. The company is delivering a new, entirely open source middleware stack that is optimized for Web services and SOA. The company’s first products are the WSO2 Web Services Application Server (based on Apache Axis2) and WSO2 Enterprise Service Bus (based on Apache Synapse), which are built on the WSO2 Web Services Framework. The company is backed by Intel Capital and maintains operations in the United States, United Kingdom and Sri Lanka.
Frank Ding, engineering analysis & technical computing manager at Simpson Strong-Tie, discussed the advantages of utilizing the cloud for occasional scientific computing, identified the obstacles to doing so, and proposed workarounds to some of those obstacles.
The private industry least likely to adopt public cloud services for data storage are financial institutions. Holding the most sensitive and heavily-regulated of data types, personal financial information, banks and similar institutions are mostly moving towards private cloud services – and doing so at great cost.
In this week's hand-picked assortment, researchers explore the path to more energy-efficient cloud datacenters, investigate new frameworks and runtime environments that are compatible with Windows Azure, and design a uniﬁed programming model for diverse data-intensive cloud computing paradigms.
May 16, 2013 |
When it comes to cloud, long distances mean unacceptably high latencies. Researchers from the University of Bonn in Germany examined those latency issues of doing CFD modeling in the cloud by utilizing a common CFD and its utilization in HPC instance types including both CPU and GPU cores of Amazon EC2.
May 10, 2013 |
Australian visual effects company, Animal Logic, is considering a move to the public cloud.
May 10, 2013 |
Program provides cash awards up to $10,000 for the best open-source end-user applications deployed on 100G network.
May 08, 2013 |
For engineers looking to leverage high-performance computing, the accessibility of a cloud-based approach is a powerful draw, but there are costs that may not be readily apparent.
05/10/2013 | Cleversafe, Cray, DDN, NetApp, & Panasas | From Wall Street to Hollywood, drug discovery to homeland security, companies and organizations of all sizes and stripes are coming face to face with the challenges – and opportunities – afforded by Big Data. Before anyone can utilize these extraordinary data repositories, however, they must first harness and manage their data stores, and do so utilizing technologies that underscore affordability, security, and scalability.
04/02/2012 | AMD | Developers today are just beginning to explore the potential of heterogeneous computing, but the potential for this new paradigm is huge. This brief article reviews how the technology might impact a range of application development areas, including client experiences and cloud-based data management. As platforms like OpenCL continue to evolve, the benefits of heterogeneous computing will become even more accessible. Use this quick article to jump-start your own thinking on heterogeneous computing.