A few months ago, Canonical started to work with a set of partners to address the challenges around single sign-on for new services within an organisation. We created a committee to develop a solution that would ensure service authentication could happen instantaneously, saving organisations often months in the roll out of new services.
Today, we’re announcing that two of our partners, Gluu and ForgeRock, will lead the Committee to develop the standards which will enable organisations to integrate any enterprise-grade security infrastructure in minutes with any compliant application. The Committee will define the relationships needed to enable orchestration between applications and common security components, like user provisioning systems, authentication services, and API access management. Where possible, we’ll use existing standards and best practices. For example, OpenID Connect could be adopted for authentication, the Simple Cloud Identity Management (SCIM) API for user provisioning, and the User Managed Access protocol (UMA) for API access management.
Juju is already saving enterprises time by enabling rapid deployment, integration and scaling of sophisticated applications across a number of different platforms. With the work of the Committee, Juju could have a significant impact on how organisations design and deploy a cloud infrastructure that scales to meet modern security requirements, making it easier for developers to move away from managing user accounts and for domains to offer stronger authentication and trust elevation.
“By providing a standard Juju framework for application security, we can reduce the ‘last mile’ cost that organisations face when securing an ever-expanding array of websites and mobile applications.” said Lasse Andresen CTO at ForgeRock. “Driving down the deployment and operational costs are essential for improving security on the Internet.”
“The Juju labs project will enable businesses of all sizes to implement an enterprise-grade security infrastructure,” said Mike Schwartz, CEO at Gluu. “Our vendor agnostic and interoperable approach will support open source, SaaS and commercial applications. We want to give domains as much flexibility as possible to choose a security solution that makes sense for their requirements, and to integrate a wide array of applications quickly and easily. Canonical is a clear industry leader in orchestration, which is key to driving down the cost and complexity of domain security.”