Speaker: Mattias Tristl
What does OpenAM do?
- Authentication: Who are you?
- Must be easy & safe
- Authorization: What can you do?
- Audit: What have you done?
- Federation: Sharing authentication & access
- Share access to your resources with people who may not have an account in your ecosystem. Ex. share Google docs with someone outside your org, or use your Facebook credentials to log into another site/ecosystem unrelated
- secure if you use more than 5 characters
- but not secure if someone steals it
- Second factor
- social media accounts are good option, because you’re usually signed in for a long time (so you don’t need to sign in again), but someone stealing your password would have to steal your social logins as well
- Biometric fingerprint on phone is another good option, because someone who stole your password would also have to steal your phone
- Your geolocation can be a factor too, as long as you are ok with sharing your location data (which can be used to track you)
Scales to handle hundreds of millions of identities
Can install in 10 min or less
Action Items/Follow up: None