Mark Perry is Asia Pacific Chief Technology Officer at Ping Identity. His career has included stints at IT industry leaders like IBM, Netscape, Sun Microsystems, and Oracle. Over the last 25+ years, he has helped design and deliver major Identity and Access Management projects at large enterprises and governments across all industry verticals in the APAC region. His experience with LDAP directory services goes back to Netscape in 1997 when he worked with Netscape Directory Server version 1.03!
Mark speaks regularly at industry events around the world and is a strong advocate for modern Identity and Access Management methodologies. He works closely with companies implementing Open Banking and in 2018, was appointed to the Australian Government advisory committee for Consumer Data Right, defining that country’s Open Banking standards for implementation in 2019.
He is a founding member of IDPro, the professional organisation for Identity Management, and has a B. Eng. from RMIT University in Melbourne, Australia.
Modelling and evaluating complex user entitlements in directory services using JSON and REST
Internet-scale consumer services and large corporations have a similar problem: once a user is authenticated, what should they have access to? Major security incidents and data breaches have shown that authorisation problems can have a catastrophic impact on organisations. Group memberships no longer provide the granularity or data model required by these complex scenarios, so many organisations are forced to model entitlements in non-LDAP services. This presentation will show that with the introduction of JSON attributes and RESTful interfaces, LDAP directories can provide the capabilities required for complex entitlement modelling and evaluation.