Openam Consortium Tokyo Japan Feb 2014

OpenAM Consortium Tokyo Japan Feb 2014

Allan Foster CTO Office IRM

2013

Future

2 IRM Origin Story …

3 Evolution of Identity

Relationships

Things Attributes Context Stateless Consumers

Employees & Perimeter-less Partners Federation Cloud Employees SaaS Perimeter-less Mobility Federation Cloud / SaaS Perimeter Perimeter Federation

4 Identity Relationship Management Business Values …

■ CONSUMERS & THINGS over employees only

■ ADAPTABLE over predictable

■ TOP LINE REVENUE over operating expense

■ VELOCITY over process and tools

5 CONSUMERS & THINGS over employees only

6 ADAPTABLE over predictable

7 TOP LINE REVENUE over operating expense

8 VELOCITY over process and tools

9 IRM Technical Emphasis …

■ INTERNET SCALE over enterprise scale

■ DYNAMIC INTELLIGENCE over static intelligence

■ BORDERLESS over perimeter

■ MODULAR over monolithic

10 INTERNET SCALE over enterprise scale

11 DYNAMIC INTELLIGENCE over static intelligence

12 BORDERLESS over perimeter

13 MODULAR over monolithic

14 ForgeRock Technical Vision … Next Generation Identity & Access Management for the Modern Web

15 Our Open Identity Stack

. Platform agnostic for Enterprise, Social, Mobile, & Cloud Environments

. Modular & Embeddable for Cloud Providers

. Massively Scalable for External Enterprise Customers and private /public clouds

. One common API to access ALL services

FORGEROCK.COM | CONFIDENTIAL 16 Open Identity Stack

OpenAM OpenDJ

OpenIDM Bridge SPE Commercial Open Source Identity Services

Directory Authentication Federation Entitlements Provisioning Synchronization Authentication Services

Web Services Password Authorization Risk Engine Workflow Directory Proxy Security Management

Role Policy Engine Session Failover Strong AuthN Password Reset Replication Provisioning

FORGEROCK.COM | CONFIDENTIAL 17 OpenAM

. “All-in-One” solution delivered as a single application

. Access to any application – Enterprise, SaaS, Social, Mobile

. Flexible and extensible architecture

. Social sign-on and one-time mobile password

. Architected for consumer scale -- +100M users

FORGEROCK.COM | CONFIDENTIAL 18 OpenAM

Key Features Benefits

■ Session Fail-Over architecture ■ Provides the highest level of HA to using embedded OpenDJ ensure users are always online

■ Full Oauth 2.0 and OpenID ■ Latest protocols for simplified Connect 1.0 support Federation and Mobile SSO

■ Device Fingerprinting adaptive ■ Adds advanced authentication module authentication support for fraud prevention

■ Complete Mobile development ■ Create device agnostic applications support through REST APIs for a Web or a native O/S apps

■ OATH device and One Time ■ Use mobile phone as a second factor Password support using either SMS or Soft-Token generator

FORGEROCK.COM | CONFIDENTIAL OpenIDM

. Lightweight provisioning built on REST principles

. Flexible architecture with pluggable workflow engine

. Standards based APIs and scripting

. Architected for consumer scale with +100’s of creates/second

FORGEROCK.COM | CONFIDENTIAL 20 OpenIDM

Key Features Benefits

■ Modern architectural design ■ Lightweight approach reduces built on the OSGi framework deployment and development costs

■ Purpose built for high scale ■ Provides easy to implement consumer applications and provisioning, syncing for online services services such as banking, insurance…

■ Flexible data model and data ■ Reduces time and cost by leveraging store existing model for managing data

■ Program business logic using ■ Standards based languages enable Java or Groovy faster development and zero lock in ■ Customizable UI using JSON ■ Decoupled UI enables easy and REST development of custom-tailored solutions

FORGEROCK.COM | CONFIDENTIAL OpenDJ

. Lightweight / embeddable directory

. LDAP / REST APIs

. High availability & replication

. Architected for massive scale -- +100M Users

FORGEROCK.COM | CONFIDENTIAL 22 OpenDJ

Key Features Benefits

■ Java based architecture ■ Architecture supports the most designed for scale and demanding environments with performance high throughput

■ Supports HA deployments ■ Enables global data center with N-way multi-master deployment for managing failover replication and disaster recovery

■ Developer friendly LDAP to ■ Exposes directory data as JSON REST Gateway developer resource enabling access for non- tool LDAP apps

■ RESTful API developer ■ Simplifies by using standard REST access for managing all core functions

FORGEROCK.COM | CONFIDENTIAL ForgeRock Identity Bridge SPE Secure connection between On-Premise & Cloud infrastrcture

Ease adoption Business Impact Technical Approach of cloud • Cloud Service Providers: • Turnkey software appliance for Increase service adoption by provisioning, federating and synching services and eliminating IDs and identities between enterprise customers reduce passwords. and the services they offer enterprise / • Enterprise: Eliminate • Designed to be easily modified to match copious amounts of time service provider's brand and application cloud friction onboarding new cloud look and feel, and to seamlessly integrate services. with existing service offerings

FORGEROCK.COM | CONFIDENTIAL 24 Identity Bridge SPE

Key Features Benefits

. Simple wizard based ■ Enables 15 minute setup and administration configuration . User provisioning engine . Instantly add and remove users with account reconciliation and sync in changes in real-time . Federated SSO using . Single Sign-on using SAML-based SAML for secure connections . Designed as a software . Deploys with any IAM appliance Infrastructure in the DMZ . Windows support for SSO . Leverages standard Integrated to SaaS service Windows AuthN and Kerboros . Flexible configuration . Can be customized for many different SaaS and data stores

FORGEROCK.COM | CONFIDENTIAL Our IRM Platform …

ForgeRock Open Identity Stack

26 ForgeRock Today Building Relationships Across the Web

PEOPLE SYSTEMS CONTEXT THINGS DEVELOPMENT

Create users / IP Risk-based Authentication Enterprise Apps Modular Services things Authentication

Delete users / Coarse-grained Device Mobile Apps Common REST things Authorization Fingerprinting

Fine-grained One-Time Mobile Synchronization Social Apps Session Failover Authorization Password

Password Strong IP-Connected Federated SSO Data Replication Management Authentication Devices

Web Services Bridge for Cloud Workflow Security Providers

FORGEROCK.COM | CONFIDENTIAL 27 ForgeRock Tomorrow Building Relationships Across the Web

PEOPLE SYSTEMS CONTEXT THINGS DEVELOPMENT

Create users / IP Risk-based Authentication Enterprise Apps Modular Services things Authentication

Delete users / Coarse-grained Device Mobile Apps Common REST things Authorization Fingerprinting

One-Time Mobile Synchronization Entitlements Social Apps Performance Password

Strong IP-Connected Password Federated SSO Management Authentication Devices Multi-Tenant

REST Token Mobile Security Workflow Risk Analytics Bridge for SFDC Service Gateway

Role-based Risk-Based Simplified Social Bridge for Monitoring Provisioning Authentication Sign-On Enterprises

Bridge for Enterprises 28 ForgeRock Roadmap

2015 STACK ROADMAP OpenDJ: Virtual Directory OpenAM: Knowledge-based Authentication Risk Analytics (NEW) Mobile Identity Management Phase 2 (NEW)

2015 2014 STACK ROADMAP 1H2014 OpenIDM: Role-based Provisioning OpenDJ: Identity Proxy OpenAM: Simplified Social Sign-on 2 2014 2H2014 Bridge Enterprise Edition (NEW) Mobile Identity Management Phase 1 (NEW)

FORGEROCK.COM | CONFIDENTIAL 29 ForgeRock Momentum • 800% sales growth from Q4FY12 to Q4FY13 • 207% sequential sales growth from Q3FY13 to Q4FY13 • Average deal size is up 166% Year over Year. • Revenue continues to be distributed evenly between North America and European markets.

Business is Skyrocketing

30 Marquee Customers

FORGEROCK.COM | MARQUEE CUSTOMERS 31 Government of Norway Providing 4M citizens access to 300+ Government services

Tax Office “OpenAM’s simple, secure access to government services played a large part in the

Water & Health success of the eGovernment Energy Economics Directorate Agency initiative”

TOR ALVIK, COO Agency for Public Management & eGoverment

Labor & Welfare Agency

5 million citizens access • Over 1 million concurrent users • 500k businesses access

FORGEROCK.COM | CONFIDENTIAL 32 Government Success …

Canada Belgium Norway (35M Citizens) (11M Citizens) (5M Citizens)

The Vatican New Zealand New Caledonia (~1000 Citizens) (650K citizens) (256K Citizens Enabling Government Services Globally!

FORGEROCK.COM | CONFIDENTIAL 33 Toyota User Portal Authenticating more than people—cars & devices included

1 2

Automobile Application & Data Authentication Synchronization Powered by ForgeRock

FORGEROCK.COM | CONFIDENTIAL 34 Thank You!