ApacheCon Europe 2012

Rhein-Neckar-Arena, Sinsheim, Germany

5–8 November 2012

Open Source Identity Management

Francesco Chicchiriccò

Audience level:

Tuesday 1 p.m.–1:45 p.m. in Rhein-Neckar


Identity management (or IdM) is the joint result of business process and IT to manage user data on systems and apps. IdM tries to give an answer to sysadms: Who has access to What, When, How, and Why?


Identity management (or IdM) represents the joint result of business process and IT to manage user data on systems and applications. IdM involves considering user attributes, roles, resources and entitlements in trying to give a decent answer to the question bumping at every time in IT administrators' mind:

Who has access to What, When, How, and Why?

Inside a given organization, an IdM solution will basically

  • provide the right information and tools to the right people, at the right time;
  • enable approval process and delegation of authority;
  • protect IT infrastructure from information theft;
  • help the organization to comply with regulations;
  • ensure the privacy of customer, partner and employee information;
  • facilitate the creation and automate the enforcement of business policies that strengthen security, reduce administration costs and improve productivity.

Conversely, when not implementing an IdM solution, an organization can easily fall into situations in which, for example, new-hired and promoted employees sit idle waiting for granted access to needed tools while former employees can continue to have access for days and weeks after they left the organization. Moreover, compliance process cannot rely upon a verifiable, accurate and timely control over the identities of the people and resources distributed across the organization itself.

This talk will introduce a new approach to build and maintain the identity management infrastructure by leveraging the fresh and rising IdM Open Source product named Apache Syncope. This talk will examine what is required of an identity infrastructure today and introduce Apache Syncope specifications, architecture and technicalities.