Archive for social media

Social Login to Enterprise Apps using BIG-IP & OAuth 2.0

Posted in security, f5, big-ip, cloud, silva, authentication, social media, devcentral by psilva on March 14th, 2017

 

social_login_gigya.jpgPassword fatigue is something we’ve all experienced at some point. Whether it’s due to breaches and the ever present, ‘update password’ warnings, the corporate policy of a 90-day rotation or simply registering for a website with yet another unique username and password. Social login or social sign-in allows people to use their existing Google, Twitter, Facebook, LinkedIn or other social credentials to enter a web property, rather than creating a whole new account for the site. These can be used to authenticate, verify identity or to allow posting of content to social networks and the main advantage is convenience and speed.

With v13, BIG-IP APM offers a rich set of OAuth capabilities allowing organizations to implement OAuth Client, OAuth Resource Server and OAuth Authorization Server roles to implement social logins.

Let's look at BIG-IP’s capabilities (from the user's perspective) as an OAuth Client, OAuth Resource Server. We’ll navigate to our BIG-IP login screen and immediately you’ll notice it looks slightly different than your typical APM login.

sl1.jpg

Here, you now have a choice and can authenticate using any one of the 4 external resources. Azure AD Enterprise and AD B2C along with Google and Facebook. Google and Facebook are very popular social login choices - as shown in the initial image above - where organizations are looking to authenticate the users and allow them to authorize the sharing of information that Google and Facebook already have, with the application.

In this case, we have an application behind BIG-IP that is relying on getting such information from an external third party. For this, we’ll select Facebook. When we click logon, BIG-IP will redirect to the Facebook log into screen.

sl23.jpg

Now we’ll need to log into Facebook using our own personal information. And with that, Facebook has authenticated us and has sent BIG-IP critical info like name, email and other parameters.

sl4.jpg

BIG-IP has accepted the OAuth token passed to it from Facebook, extracted the info from the OAuth scope and now the application knows my identity and what resources I’m authorized to access.

We can do the same with Google. Select the option, click logon and here we’re redirected to the Google authentication page. Here again, we enter our personal credentials and arrive at the same work top.

sl564.jpg

Like Facebook, Google sent an authorization code to BIG-IP, BIG-IP validated it, extracted the username from the OAuth scope, passed it to the backend application so the application knows who I am and what I can access.

Let's look at Microsoft. For Microsoft, we can authenticate using a couple editions of Azure AD – Enterprise and B2C. Let’s see how Enterprise works. Like the others, we get redirected to Microsoftonline.com to enter our MS Enterprise credentials.

In this instance, we’re using an account that’s been Federated to Azure AD from another BIG-IP and we’ll authenticate to that BIG-IP. At this point that BIG-IP will issue a SAML assertion to Azure AD to authenticate me to Azure AD. After that, Azure AD will issue an OAuth token to that BIG-IP. BIG-IP will accept it, extract the user information and pass it to the application.

sl7894.jpg

Finally, let’s see how Azure AD B2C works. B2C is something that companies can use to store their non-corporate user base. Folks like partners, suppliers, contractors, etc. B2C allows users to maintain their own accounts and personal information. In addition, they can login using a typical Microsoft account or a Google account. In this case, we’ll simply use a Microsoft account and are directed to the Microsoft authentication page.

slb2c_all.jpg

We’ll enter our personal info, the servers communicate and we’re dropped into our WebTop of resources.

Social logins can not only help enterprises offer access to certain resources, it also improves the overall customer experience with speed and convenience and allows organizations to capture essential information about their online customers.

ps

Related:

 




Apps Driving Attention

Posted in f5, silva, application delivery, mobile, social media, smartphone, human behavior, access by psilva on July 14th, 2014

The mobile platform, meaning tablets and smartphones, now account for 60% of total digital media time spent according to comScore. This is a 10 point jump from 50% just a year ago. On top of that, mobile apps accounted for 51% of all digital media time spent in May 2014. Many of the content categories like radio, photos and maps are becoming almost exclusively mobile. Digital radio and photos both generate 96% of their engagement from mobile while maps and instant messaging get 90% of interaction from mobile devices.

You might be wondering, like I did, where do social networks come in since it seem like almost everyone updates their social feeds through mobile. Social is actually the #1 category for overall digital engagement taking about 20% of overall digital time spent and gets 71% of it's activity from mobile. It, social media engagement on mobile, has grown 55% over the last year and has accounted for 31% of all growth of internet engagements.

ShareofTimeSpentbyPlatformLeadingCategor

So who is driving the mobile app explosion? Teenagers. About 60% of 12 to 17 year olds had a smartphone in 2013, topping even the 45+ crowd for smartphone ownership, according to Arbitron and Edison Research. The app money makers are not the initial charge for the program but all the in-app purchases along with the ads attached to the app.

Mobile is clearly the new way we consume digital content and continues to grow. We are also interacting with specific apps rather than browsing and those apps are growing at an amazing pace. Today's infrastructure needs to be even more flexible, intelligent and resilient to handle the surge. And ultimately, the apps and the content/experience they provide need to be highly available and delivered quickly and securely to the person...just like any other typical application.

ps

Related:

 

Connect with Peter: Connect with F5:
o_linkedin[1] o_rss[1] o_twitter[1]   o_facebook[1] o_twitter[1] o_slideshare[1] o_youtube[1]



Velocity 2014 – TMOS & LineRate: A Tale of Two Proxies (feat Giacomoni)

Posted in f5, big-ip, cloud computing, silva, video, application delivery, social media, velocity, linerate by psilva on July 2nd, 2014

John Giacomoni, LineRate Founder and Sr Architect, joins us to give the lowdown on F5’s TMOS proxy and LineRate proxy. He explains the nuances of each, how they function within architecture and the associated deployments within an organization. Each can be deployed individually or work together in concert. If you wondered also, watch this video.

Watch Now:



The Applications of Our Lives

The Internet of Things will soon become The Internet of Nouns

There are a few 'The ______ of Our Lives' out there: Days. Time. Moments. Love. They define who we are, where we've been and where we are going. And today, many of those days, times, moments and loves interact with applications. Both the apps we tap and the back end applications used to chronicle these events have become as much a part of our lives as the happenings themselves.

The app, Life.

As reported on umpteen outlets yesterday, Twitter went down for about an hour. As news broke, there were also some fun headlines like, Twitter goes down, chaos and productivity ensue, Twitter is down. NFL free agency should be postponed, Twitter is down, let the freak-out commence and Twitter goes down, helps man take note it’s his wife’s birthday. It is amazing how much society has come to rely on social media to communicate. Another article, Why Twitter Can’t Keep Crashing, goes right into the fact that it is globally distributed, real-time information delivery system and how the world has come to depend on it, not just to share links and silly jokes but how it affects lives in real ways.

Whenever Facebook crashes for any amount of time people also go crazy. Headlines for that usually read something like, 'Facebook down, birthdays/anniversaries/parties cease to exist!' Apparently since people can't tell, post, like, share or otherwise bullhorn their important events, it doesn't actually occur. 'OMG! How am I gonna invite people to my bash in two weeks without social media?!? My life is over!' Um, paper, envelopes, stamps anyone?

We have connected wrist bracelets keeping track of our body movements, connected glasses recording every move, connected thermostats measuring home environments and pretty much any other 'thing' that you want to monitor, keep track of or measure. From banking to buying, to educating to learning, to connecting to sharing and everything in between, our lives now rely on applications so much so, that when an application is unavailable, our lives get jolted. Or, we pause our lives for the moment until we can access that application. As if we couldn't go on without it. My, how application availability has become critical to our daily lives.

I think The Internet of Things will soon become The Internet of Nouns since every person, place or thing will be connected. I like that. I call 'The Internet of Nouns' as our next frontier!

Sorry adverbs, love ya but you're not connected.

ps

Related

 

 

Connect with Peter: Connect with F5:
o_linkedin[1] o_rss[1] o_twitter[1]   o_facebook[1] o_twitter[1] o_slideshare[1] o_youtube[1]



Blog Roll 2013

It’s that time of year when we gift and re-gift, just like this text from last year.  And the perfect opportunity to re-post, re-purpose and re-use all my 2013 blog entries.  If you missed any of the 112 attempts including 67 videos, here they are wrapped in one simple entry.  I read somewhere that lists in blogs are good.  This year I broke it out by month to see what was happening at the time and let's be honest, pure self promotion. 

Thanks for reading and watching throughout 2013.

Have a Safe and Happy New Year.

January

February

March

April

May

June

July

August

September

October

November

December

And a couple special holiday themed entries from years past.

 

ps

Related

Connect with Peter: Connect with F5:
o_linkedin[1] o_rss[1] o_twitter[1]   o_facebook[1] o_twitter[1] o_slideshare[1] o_youtube[1]

 




Are You Ready For Some…Technology!!

Posted in f5, silva, control, social media, smartphone by psilva on September 5th, 2013

Every year around this time football fans are drafting their fantasy leagues, wearing their favorite team's jerseys, stocking tailgate items and experiencing the new technologies that have become part of the game.  From Second Screen apps to Catapult, technology is not only changing the game but also how fans experience the contest.

As more fans engage with mobile devices, the TV broadcast is being regulated as the Second Screen.  Usually the mobile device is used to access information that compliments the program but with NFL fans, particularly those who play fantasy leagues, it is the reverse.  They are locked in to their mobile app, following multiple games, tracking stats, clicking on-demand videos and even watching teams not associated with their local market.  The NFL sees a huge opportunity to reach and engage fans even more.

Australia-based Catapult is being used by many NFL teams to track athlete performance among other metrics.  A 3.5-ounce monitor situated between the player's shoulder blades monitors player movements within 15 centimeters and gives coaches acceleration, distance covered, speed, explosion times, exertion, hitting force and every other imaginable piece of data on a player's specific movements.  It is changing the manner in which teams practice, recover from injuries and even plan for games.

The San Francisco 49ers’ new Levi’s Stadium is touted as the most technologically advanced stadium in the league.  With their stadium app, fans can check bathroom, food and beer lines along with streaming replays (with your choice of camera angle) and streaming NFL Redzone.  There is plenty of WiFi capacity, which is actually uncommon at NFL stadiums.  There is only a handful of teams with WiFi service in their football stadiums but Roger Goodell (NFL commissioner) wants to make wireless internet a standard in NFL stadiums in the coming years.

There are many other advances like safer helmets with a chip that monitors the force of a hit, 2100-inch HDTVs, retractable grass and sustainable stadiums all making an impact.  The best place to watch football is in the comfort of your own living room and teams are looking at ways of creating a living room atmosphere for 80,000 fans. 

And as you're waiting for tonight's kickoff, check out what this dad did for his kids.

ps

Related:

 

Connect with Peter: Connect with F5:
o_linkedin[1] o_rss[1] o_twitter[1]   o_facebook[1] o_twitter[1] o_slideshare[1] o_youtube[1]



You Got a Minute?

Like most of us, I try to read the entire internet on a daily basis but for some reason, these slipped through.  They both came out in 2011 and I am sure the numbers have changed in many cases.  For instance, the graphic shows 70+ domains registered every minute and for Sept 3 (thus far for today), on average 78 per minute have been registered.  Yet for twitter, the chart indicates 320 new accounts per minute but my look up today, if my math is correct, shows 94 new twitter accounts every minute but with 546,000 (vs. 98,000+) tweets per minute today.

Regardless, the somewhat, slightly dated info is still mind boggling and it is always fun to see historical data.

Things that happen on the Internet every 60 Seconds circa 2011.

And the products we use:

ps

Related:

60 Seconds – Things That Happen On Internet Every Sixty Seconds [Infographic]

Connect with Peter: Connect with F5:
o_linkedin[1] o_rss[1] o_twitter[1]   o_facebook[1] o_twitter[1] o_slideshare[1] o_youtube[1]



This Blog May Have Jumped the Shark

Really?  Already?!?

For whatever reason, the phrase 'Jump the Shark' has been jumping out at me recently.  From the Jump the Shark Hat Tutorial to watching past episodes of Supernatural on Netflix to Cloud Computing to the many #jumptheshark tags added to tweeps tweets.  Originally linked to the Happy Days episode where the water-skiing Fonz jumps over a shark, it has since become the term to describe when writer's storylines have moved into the absurd and the show itself quickly deteriorates.  Today it is attached to almost anything that has either hung around too long, is past it's prime or is simply fallen off the hype-cliff.  I sometimes feel this way after producing a bunch of videos (like the last two weeks) and need to get back to writing...like this entry.  So I decided to investigate a couple recent hype technologies (that I also write about) and if they've already Jumped the Shark.

Rumblings of Cloud Computing jumping the shark came as early as 2009 and 2010.  In 2009 PCWorld ran an article titled, Has Cloud Computing Jumped the Shark? talking about the different definitions of cloud, which company prefers what definition and the rush of vendors into the space.  In 2010, a ServerWatch article titled, Did Cloud Computing Jump the Shark? discusses how various analyst firms view and predict cloud's future along with the differing opinions about it's hype and hope.  Another 2010 article from ebizQ titled Has Cloud Computing Jumped the Shark? references another Infoworld article named Confessions of a cloud skeptic which, in the first sentence says, "the cloud" has jumped the shark. There are many more articles from 2010 wondering if Cloud has become chum.  I think this was due to the hype, battling opinions on just what cloud is/was and eventually can be, along with the types - SaaS, PaaS and IaaS and the categories of public, private, hybrid.  Now some 3 years later, has it officially jumped, crashed or landed safely on the other side?  Depends on who you ask.

Throughout 2012, there were plenty of articles titled 'Cloud Computing is Here to Stay' filled with survey results, anecdotal evidence and analyst cites.  At RSA this year, however, I heard a few folks say that the term 'Cloud' was forbidden to be uttered in the Expo Hall.  While the term itself has been overused, abused, misconstrued, and has probably Jumped the Shark, the underlying technology/philosophy will be a part of an organization's hybrid and distributed infrastructure for years to come.  Mobility is one of the main cloud drivers.

Which brings me to my other check.

Has BYOD Jumped the Shark? Maybe.  Or it might be heading up the ramp.  Almost every pundit thinks BYOD, using one's personal device for work, will be the trend of the year for 2013 but some are questioning that.  A few weeks ago I wrote Is BYO Already D? talking about the few surveys indicating that BYOD could cost more than imagined including The Aberdeen Group who says BYOD could cost organizations 33% more than a IT owned mobile device plan.  The Nov 2012 CITEWorld article titled Has BYOD jumped the shark? One researcher thinks so also talks about the Aberdeen research but adds a research note from Nucleus which predicts that BYOD will decline as enterprise mobility heats up. They explain that support costs, compliance risks and usage reimbursement will lead to higher TCO with no discernable ROI or productivity gains.

While I don't think that BYOD has officially moved to the absurd, for 2013 I do think organizations will better understand the BYOD implications  and how it fits in the overall Enterprise Mobility strategy.  Enterprise Mobility includes BYOD, managed devices and other communication tools, including laptops potentially.  Just like cloud, I think organizations will have a mix of options to support a mash of devices - including those you use at or bring from home.  There will still be IT issued fully managed devices (that require a VPN tunnel) for years to come mixed in with unmanaged personal devices where just the corporate data and apps are under IT control.  This is the BYOD 2.0 stuff we've been talking about with the F5 Mobile App Manager.  So while the term BYOD might be starting to hit saturation, Enterprise Mobility should be the focus.  Access to any app, from any device, from anywhere.

So, has this blog Jumped the Shark?  While some of the topics, err, terms I cover might be candidates, only you can determine if/when I've crossed into that absurdity realm.  I do hope you'll let me know when I start resembling a cool dude wearing a leather jacket while water skiing.

ps

Related:

Connect with Peter: Connect with F5:
o_linkedin[1] o_twitter[1] o_facebook[1] o_twitter[1] o_slideshare[1] o_youtube[1]



Is TV’s Warm Glowing Warming Glow Fading?

Posted in Uncategorized, application security, silva, social media, apple, smartphone, andriod by psilva on January 3rd, 2013

If Homer only knew back in 1994 that smartphone mobile apps would someday start to creep into precious TV viewing time, he probably would have written, 'No Smartphone and No Specialty Beer Make Homer Go Crazy,' in the Simpson's classic Treehouse of Horror V.  It's no surprise that time spent on mobile apps have overtaken time spent on desktop web usage.  Typical smartphone owners have an average of 41 apps per device, 9 more than they had last year according to the Nielsen report, State of the Appnation – A Year of Change and Growth in U.S. Smartphones.   Mobile app usage has jumped 35% from 94 minutes a day a year ago to almost 130 minutes a day today while desktop web usage dropped from 72 to 70 minutes a day, according to Flurry.  Almost twice as much time mobile app'ing than web browsing.  Many of us probably spend more than two hours a day fiddling with mobile apps.  And the time spent doing that is now challenging our beloved TV viewing time.

mobile-app-tv-consumption

Based on United States Bureau of Labor Statistics for 2010 and 2011, Flurry estimates that Americans watch about 168 minutes of television a day.  They expect that tablet and smartphone apps will compete with TV as the primary method for media consumption.  Personally, I think that might occur in many households, but with internet capable TVs and our love of the big screen, I don't think it'll go away.  In fact, I think the TV will become more of a communications hub.  Simply a big monitor on the wall that handles video calls, closed circuit cameras, streaming media, broadcast media, web surfing and any other IP related task.  Moving around and mobile, cool...but sitting on my couch, I'd rather look at a larger screen than some 5 inch display.  Just me.  I've mentioned in the past that, I think that TVs, cars and any other connected device could be considered BYOD in the near future.  Why wouldn’t a mobile employee want secure VDI access from his car’s Ent/GPS display?  Why couldn’t someone check their corporate email from the TV during commercials?

The category of top apps is also shifting.  While gaming is still the top app at 43% (down from 50%), entertainment apps and utilities gained more of our attention at the expense of games and social networking (30% to now 26% of our time).  Clearly mobile apps are touching many aspects of our life and as more BYOD deployments occur in 2013, there will probably be more business specific apps on our devices and our daily 'media' consumption will rise.  Yet, I gotta believe that (at least in the U.S.), we love our televisions so much and I have a hard time thinking that we're going to shove them aside for something we can carry in our pocket.  At least in the home.  And as more TVs get cameras, are internet ready, have our favorite streaming channels loaded, allow us to check email and can browse the web (all the things a smartphone can do with the processing power), I think we may gravitate back to a family on the living room couch.  Do you think mobile apps will overtake TV one day? As an aside, I was having a little trouble coming up with a blog topic to start 2013 but anytime I can include a 1990's reference, a Simpsons quote and BYOD in the same entry, that's a pretty good start to the year.

ps

References:

Connect with Peter: Connect with F5:
o_linkedin[1] o_rss[1] o_facebook[1] o_twitter[1] o_facebook[1] o_twitter[1] o_slideshare[1] o_youtube[1]



The Top 10, Top 10 2013 Predictions

Posted in security, application security, cloud computing, silva, social media, blogging, identity theft, byod by psilva on December 12th, 2012

Like last year, everyone has their Technology predictions with their annual lists for the coming year.  Instead of coming up with my own, I figured I’d simply regurgitate what many others are expecting to happen.

Cloud computing in 2013: Two warnings: @DavidLinthicum has his two tragic cloud computing predictions for 2013 (price wars & skills shortage).  Nice to see some realism mixed with all the 'this is the greatest.'

10 Cloud Predictions for 2013: CIO has an interesting slide show covering things like Hybrid Cloud, Management, Brokers, SDN, Outages and a few other critical components.

RSA's Art Coviello: 8 Computer Security Predictions For 2013: Attacks grow, Hackers grow, business's not prepared grows along with investment, analysis and intelligence to mitigate threats.

Security Predictions 2013-2014: Emerging Trends in IT and Security: SANS gets some input from various industry folks on what they think.  Areas like authentication, mobile devices, Windows 8, geo-forensics, gamification and others are highlighted

Top 6 security predictions for 2013: InformationWeek India lists FortiGuard Labs predictions covering APT, two factor auth, M2M exploits. mobile malware, and botnets.

Tech Guru Mark Anderson's Top 10 Predictions For 2013: Forbes' list is cool since it goes beyond just security, cloud and IT.  Yes, mobile and hacktivism are covered but also Driverless Cars, eBooks, Net TVs and the LTE vs. Fiber battle.

Top predictions, about IT predictions, for 2013: Of course I love the title and this article digs into the question of  'is any real insight uncovered' with these predictions?.

Forrester: Networking predictions for 2013: ComputerWeekly shares 4 of Forrester's report on eight critical predictions for 2013.  SDN, WLAN, Strategic sourcing and staffing make the list.

7 Predictions for Cloud Computing in 2013 That Make Perfect Sense: Back to Forbes again, this time specific to cloud.  Private clouds, personal clouds, community clouds, cloud brokers, and even a prediction that the term 'cloud' starts to fade.

2013 Astrology Predictions: Gotta have a little fun and give you something to look forward to based on your astrological sign.  That is, of course, if we make it past Dec 21.

Certainly not even close to an exhaustive list of all the various 2013 predictions but a good swath of what some experts believe is coming.

OK, and here are just a few of my own:

BYOD Matures - instead of managing entire device, only those corporate apps and data will be in control.  Mobile Security and BYOD come together.  Also, things like cars and TVs that have internet connections will get added to the BYOD realm.  Why couldn't a road warrior access his VDI from the car's NAV screen?  Why couldn't someone check their email between commercials.  Anything with an IP and screen is game.

Major Mobile Malware - we've seen some here and there but think there will be a big jump in attempts to get at device's info...especially as more BYOD gets deployed.

Cloud Classification (Pub/Pri/Hy) - lines become even more blurry as they all are used to create Hybrid Infrastructures.  No one cloud will take over but will be a part of the entire infrastructure which includes in-house, cloud, leased raised floor, and just about any place that data can live.  There might also be some movement on Cloud Standards.

More Breaches/DoS/Hacktivism - if 2012 is any indication, this will continue.

Hacker Defection - I think there will be more ex-malicious hackers going mainstream and joining legit companies - and they will expose some of the tricks of the trade.

ps

Resources

The Top 10, Top Predictions for 2012

Connect with Peter: Connect with F5:
o_linkedin[1] o_rss[1] o_facebook[1] o_twitter[1] o_facebook[1] o_twitter[1] o_slideshare[1] o_youtube[1]




« Older episodes ·