Downloaded 15 times
Uploaded byMicrosoft Private Cloud
Microsoft Windows Azure Platform Appfabric for Technical Decision Makers
This document discusses Microsoft's Service Bus and Access Control capabilities on the Windows Azure platform. It provides an overview of how they enable secure connectivity across network boundaries, simplify authorization, and support federated identity. Examples are given of how they allow for high availability, scale out, and multi-tenancy. The presentation also includes case studies of how various companies have used Service Bus and Access Control to improve efficiency, agility, and focus.
More Related Content
Similar to Microsoft Windows Azure Platform Appfabric for Technical Decision Makers
More from Microsoft Private Cloud
![Support, Monitoring, Continuous Improvement & Scaling Agentic Automation [3/3]](https://cdn.slidesharecdn.com/ss_thumbnails/agenticcommunityseries-day3-cfd-251120170304-ddef8112-thumbnail.jpg?width=640&height=640&fit=bounds)
Microsoft Windows Azure Platform Appfabric for Technical Decision Makers
- 2. TDM Strategy BriefingPresenter’sName | November 09Service Bus and Access Control
- 3.
- 4.
- 5. How Microsoft Viewsthe CloudFundamentalsAutomatedServiceManagementHighAvailabilityScale outMulti-tenancyConsiderationsLocationOn premisesOff premisesInfrastructureHeterogeneousHomogeneousOpExCapExBusiness modelLease/RentedOwnedOwnershipThird PartySelfManagement
- 6. Software + ServicesClientPCPhoneTVToolsand Cross-Platform SupportServerCloud
- 7. Software + ServicesArchitecture“When you combine the ever-growing power of devices and the increasing ubiquity of the Web, you come up with a sum that is greater than its parts.” —RAY OZZIE
- 8. Introducing Windows AzureWindowsAzure is an internet-scale cloud services platform hosted in Microsoft data centers around the world, proving a simple, reliable and powerful platform for the creation of web applications and services.
- 9.
- 10. Simplified, Secure Connectivityfor the Cloud Service Bus and Access Control in Windows Azure platform AppFabric are powerful building blocks.Secure ConnectivityBridge cloud services, on-premises apps, and hosted assets
- 11. Build distributed appsfor your business or to collaborate with partnersAcross boundariesNavigate network and security boundaries, securely and simply
- 12. Federate identity andaccess across organizations and ID providers
- 13. Simplify claims-based authorizationfor distributed apps and web servicesAt Cloud ScaleScale up and down as your business requires
- 14. Automated service mgmt.and dynamic scale
- 15. Interoperate with avariety of languages and industry standardsAppFabric SERVICE BUSConnect apps & servicesAppFabric ACCESS CONTROLControl & secure access
- 16. AppFabric Service BusConnectivity TextXMLGraphicsBinary DataStreamingReceiveReceiveFirewallSendSendExchange messages between loosely coupled, composite applications.Direct Connection facilitated by Service Bus if that is best connection mechanism.Application #1Application #2
- 17. AppFabric Service BusExposeapps and servicesover the internet across firewall, domain, and network boundariesCommunicate bi-directionally between in an interoperable mannerChoose interaction patterns to fit your application architecture,like eventing, service remoting, and protocol tunnelingScale out naturally and reliably as applications and services grow
- 18. Interaction Patterns EventingFB status,lightweight updates, event driven. Something happens and you get a notification.Service remotingReach in and have some control over the information that I get from a service that lives elsewhere. Stock: I want to get price, next time I want to get volume.TunnelingEstablished set of formats where information is exchanged. Exchange is asynchronous. Dedicated connection. Something closer to full remote control and visibility of application.
- 19. AppFabric Service BusCapabilitiesFederated Identity and Access Control Service Registry Application Messaging Patterns Connectivity FabricConnectivity Fabric lets you setup a raw link across boundariesNAT / firewall traversal
- 20. Mobile & intermittentlyconnected receiversApplication Messaging features provide various ways to communicate across that linkBi-directional/peer-to-peer communication
- 21. Cloud buffering –web integration and message buffersService Registry makes apps and services discoverable to each otherStable URIs for services
- 22. Discovery – supportsAtom pub, …AppFabric Access ControlSimplify and automate complex authorization schema requests.Provide abstraction for federated claims-based authentication.Easily establish secure trust relationship.Applications or UsersData and Applications
- 23. AppFabric Access ControlOverviewWhat it is:Federated authorization management serviceWhat it does:Simplify user access authorization across organizations and ID providers
- 24. Perform claims transformationto map identities with access levelsUse it to:Secure AppFabric Service Bus communications
- 25. Secure RESTful webservicesAppFabric Access Control CapabilitiesDefine and manage rules to map claims to claimsCreate and manage scopes; e.g. URLs
- 26. Create and manageclaim types
- 27. Create and managesigning and encryption keys
- 28. Create and managerules within an application scope
- 29. Rules can bechained; e.g. Bob Manager, Manager Edit-enables RBAC or more
- 30. Manage permissions onscopes; e.g. delegationHosted Security Token ServiceThe output security token contains claims computed from claims in incoming tokensStandards BasedWorks with Java, Ruby, PHP, etc. Architecture of AppFabric Access Control3. Map input claims to output claims based on access control rules 1. Define access control rulesYour AccessControl Project4. Return token (output claims from 3)0. Trust exchanged; secrets, certs2. Send token (initial claims; e.g. identity)6. Check for claimsYour App(Relying Part)User(Application)5. Send token with request
- 31. Windows Identity FoundationComplements AppFabric Access ControlFederated Identity with Microsoft “Geneva”Active Directory and Live ID provide the authentication via Windows Identity Foundation: Who are you?AppFabric Access Control simplifies and externalizes complex authorization requests: What are you now ALLOWED to do? Enterprise On-premisesFEDERATED IDENTITYScalable ServicesFinished ServicesFinished ServicesActive DirectoryFederation Server v2Active DirectoryAppFabric Access ControlWindows Identity FoundationWeb applicationsFEDERATED IDENTITYMicrosoft FederationGatewayWindows Live ID
- 32. Case StudyBenefit Drivers:Trustworthy:Customer’s confidence in Microsoft’s scalability
- 33. Agility: Scalability forcustomers’ needs
- 34. Focus: Deliver servicesrather than working on coding integration interfacesSituation/Solution:When Microsoft announced the Windows Azure™ platform, Cast Iron wanted to enhance its integration solution with better connectivity to other public and private cloud offerings and to on-premises data.Cast Iron used AppFabric’s Service Bus and Access Control, developer services that run on Windows Azure, to quickly provide broad connectivity with other data sources.Key Advances:The ability to scale and gain confidence from customers by doing so with Windows Azure platform and the ability to focus on delivering services instead of wasting resources on coding integration interfaces.Integration Specialist Speeds to Market with Cloud-to-Cloud Interoperation“Without the Service Bus and Access Control, we would have had to create our own service bus infrastructure, which would have taken months.” —RishiVaish, Vice President of Engineering, Cast Iron SystemsCompany Profile:Cast Iron Systems provides application integration solutions that help organizations connect many kinds of business software. The Mountain View, California–based firm employs 100 people.
- 35. Case StudyBenefit Drivers:Efficiency:Avoidance of huge capital costs
- 36. Agility: Massive scalabilityand faster time to market
- 37. Focus: Create newmarket opportunities and less resources on infrastructure needs.Situation/Solution:AWS needed a way to scale its successful sea-safety application so that more lives could be saved, but wanted to avoid an expensive development effort and costly infrastructure expansion.AWS migrated its application to the Windows Azure™ platform and used AppFabric’s Service Bus and Access Control to provide global communications scalability.Key Advances:The ability to scale without huge infrastructure costs, move new applications and software to market faster, and create new market opportunities. Developer Scales Search-and-Rescue Application to Help Save More Lives at Sea“Our original architecture supported 10,000 vessels, but the Windows Azure platform enables us to support hundreds of thousands or even millions of vessels, without any capital expenses.” —Richard Prodger, Technical Director, Active Web SolutionsCompany Profile:Active Web Solutions (AWS), based in Ipswich, United Kingdom, is a Microsoft® Gold Certified Partner that specializes in Web application and custom software development. It has 35 employees.
- 38.
- 39.
- 40.
- 41.
- 42. Ease of DeploymentSituation/Solution:Toimprove its own development process, Dot Net Solutions created a virtual project-collaboration application. When the software, called ScrumWall, drew great interest from customers, the company used the Windows Azure™ platform to offer it as a hosted service. Key Advances:The ability to bring a new product to market without a risky capital investment, allowing the company to safely foray into new territory that may hold high revenue potential. Systems Integrator Launches Innovative Software with Minimal Capital Investment“Windows Azure enables us to move into the realm of the ISV. We’re already experts at delivering custom software for customers. We can now take these skills and build a software product, delivering it to a potentially massive user base—but without the risk of hosting it on our own infrastructure.”—Dan Scarfe, Chief Executive Officer, Dot Net SolutionsCompany Profile:Dot Net Solutions is a United Kingdom–based systems integrator specializing in building bespoke solutions with Microsoft® products and technologies. The company takes pride in producing defect-free software—on time and within budget.
- 43. Benefit Drivers:Efficiency: Lowup-front investment and easy-to-use development tools.
- 44. Agility: Scale toreach demands and quick prototype and implementation.
- 45. Focus: Simplified capacityplanning and innovate new business opportunities.Situation/Solution:AP wanted to open potential revenue streams and find new customers for AP content with a highly scalable application programming interface (API) that developers worldwide could use to incorporate into their applications. AP originally considered an on-premises solution, but was concerned about the up-front investment in hardware and software. After considering several “cloud computing” platforms, AP chose to base its offering on the Windows Azure™ platform.Key Advances:The ability to scale and meet demand, work with smart development tools, plan a capacity budget, decrease up-front costs, and focus on new business opportunities.Case StudyWorldwide News Provider Creates New Content Channels with Hosted Computing “Capacity planning is the thing that stands out as the biggest advantage of the Microsoft cloud model. The Windows Azure platform takes that out of the equation for us, unlike the other cloud providers.” —Jonathan Malek, Chief Architect and Director of Research, Associated PressCompany Profile:The Associated Press (AP) provides up-to-the-minute news and information for newspapers, radio, television, and the Internet, 24 hours a day, 7 days a week. It is the world’s largest and oldest news organization, with 243 bureaus in 97 countries and a worldwide staff of 4,100. AP serves 1,700 newspapers and 5,000 broadcast outlets in the United States, along with 550 international broadcasters.
- 46. The Developer ExperienceFlexible,Internet-scale servicePart of the Windows Azure platform
- 47. Use it toconnect cloud services to on-premises assets
- 48. Or consume asa cloud service for composing “traditional” web and enterprise servicesStandards-based and interoperableSupport web standards
- 49. Program in multiplelanguages and frameworks, including .NET, Java and Ruby
- 50. Interface via APIor Web console
- 51. Compose apps thatspan multiple platform providersExtends existing investmentsBuild on prove Microsoft technology and programming models
- 52. Leverage your familiaritywith .NET experience, tools, frameworks
- 53. Develop, debug, test,and deploy from Visual Studio
- 54. Compatible with MSstackDevelopers use existing skills and tools.
- 55.
- 56.
- 57.
- 58.
- 59. Active Directory andWeb ID
- 60. Relational & VirtualizedDatabase
- 61.
- 62.
- 63.
- 64.
- 65.
- 66.
- 67. Service Bus, AccessControl
- 68.
- 69. Geo Replication &On Premises
- 70.
- 71.
- 72.
- 73.
- 74. Data Synch (DataHub)Web2.0PartnersEnterpriseWindows Azure Platform Roadmap
- 75. Service Bus andAccess ControlRESOURCES:www.microsoft.com/windowsazure/partnerspartner.microsoft.com/azure www.azurequickstart.com
- 76. Using Service BusPatterns Applications, Workflows, …Federated Identity and Access ControlService RegistryApplication Messaging PatternsConnectivity FabricClientsCloud ServicesOn-PremisesYour ServicesDesktop, RIA, Web ESBBillingStorageDesktop, RIA, Web Web, Desktop, RIAs, ……ComputeCorp Service
- 77. Stay UpdatedKnow Moreabout Windows Azure- http://www.microsoft.com/windowsazure/Know more about Microsoft Cloud Services- http://www.microsoft.com/india/cloud/Request for an Enterprise Cloud Assessment workshop- email us at azurepro@microsoft.comFollow us
Editor's Notes
- #14 Add lines on this like slide 11
- #20 WIF is an intermediary that:Federates with ADFS or MFGExtracts ADFS tokensProvides last-mile authorization within an app/service
- #23 Link to case study and video: www.microsoft.com/resources/casestudies/CaseStudy.asp?CaseStudyID=4000004847
- #28 Add speaker notes here.