Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Azure ™ Services Platform Microsoft.NET Services An Introduction Clemens Vasters Technical Lead Microsoft Corporation.

Published byDamian Patterson Modified over 8 years ago

Similar presentations

Presentation on theme: "1 Azure ™ Services Platform Microsoft.NET Services An Introduction Clemens Vasters Technical Lead Microsoft Corporation."— Presentation transcript:

1 1 Azure ™ Services Platform Microsoft.NET Services An Introduction Clemens Vasters Technical Lead Microsoft Corporation

2 2

3 A Look Inside Azure

4 Extending.NET technologies to the cloud Open and Interoperable REST, SOAP, ATOM, … Class libraries for Java, Ruby, … Easy-to-use from.NET Build on existing skills and concepts Initial focus on three key challenges Application Integration Application Extensibility Federated Access Control.NET Services - Principles

5 Enterprise Service Bus Service Orchestration Service Orchestration Service Registry Naming Federated Identity and Access Control Messaging Fabric CRMCRM Customers Leads Trends Campaigns Supply Chain Inventory Order Entry Planning Purchasing Point Of Sale POS Integration Product Catalog Returns Web Store

6 Internet Service Bus Service Orchestration Service Orchestration Service Registry Naming Federated Identity and Access Control Messaging Fabric ClientsClients MS/3 rd Party Services MS/3 rd Party Services On-Premise ESB ESBESB Desktop, RIA, Web Desktop, RIA, & Web Your Services

7 Secure Cross-Enterprise Integration FabrikamFabrikam AD.NET Service Bus. NET Access Control Service ContosoContoso AD Purcha- sing Order Entry Identity Provider Trust Access Control Rules govern endpoint access Zero Inbound Firewall/NAT Ports

8 Secure Cross-Enterprise Integration FabrikamFabrikam AD Access Control ContosoContoso AD Purcha- sing Order Entry Identity Provider Trust Access Control Rules govern endpoint access Outbound-only Internet edges Access Control AD Purcha- sing Order Entry 1. Acquire Identity Token 2. Acquire Access Token w/ ID Token 3. Send Message with Access Token 4. Validate Access Token 5. Relay Message to Target

9 Point Of Sale Integration FabrikamFabrikam AD.NET Service Bus. NET Access Control Service Partner Store Helsinki AnalyticsInventory Factory Store Madrid Inventory Factory Store Brussels Inventory Real-time Sales and Inventory Analytics

10 Document Itineraries FabrikamFabrikam AD.NET Workflow Service.NET Service Bus. NET Access Control Service Parts Vendor B Purcha- sing Order Entry Parts Vendor A Order Entry Logistics Partner Order Entry Just-In-Time Acquisition and Delivery On-Demand Delivery Workflow

11 Personal Photo Sharing. NET Access Control Service Borge’s Home Server Photos Ahti’s PDA Photos Maria’s Mac Photos Celine’s PC Photos.NET Service Bus Eva’s Phone Photos Residential Broadband or GSM or 3G

12 .NET Access Control Service Service Orchestration Service Orchestration Service Registry NamingNaming Federated Identity and Access Control Messaging Fabric

13 Many identity providers, many vendors, many protocols, complex semantics – tricky to get right Application strewn with one-off access logic Hard to get right, not agile, not compliant, many dead ends Access Control – Key Challenges Corporate Directory Solution Identities Extranet Identities SaaS Platform Identities … …

14 Automate federation for a wide-range of identity providers and technologies Factor the access control logic from the application into manageable collection of rules Easy-to-use framework that ensures correct token processing Access Control – Approach Corporate Directory Solution Identities Extranet Identities SaaS Platform Identities … ….NET Access Control Service

15 Access Control Interactions Your Access Control Project (a hosted STS) Your Access Control Project (a hosted STS) Relying Party (Your App) Relying Party (Your App) 2. Send Claims 4. Send Token (output claims from 3) 5. Send Message w/token 0. Certificate exchange; periodically refreshed Requestor (Your Customer) Requestor (Your Customer) Define access control rules for a customer 6.Claims checked in Relying Party 3. Map input claims to output claims based on access control rules IP 1. Acquire Claims

16 Scope: Protected resource hierarchy Subscope: Delegated, independent branch Rule: ‘All’ or ‘Any’ input-claims match Positive rule match yields single output-claim Access Control Rules Contoso Litware Fabrikam Scope – http://contoso.com/ Subscope – http://contoso.com/sales/ Group ‘CorpSales’ from Contoso  ‘Contrib-Internal’ Group ‘Contoso’ from Litware  ‘Contrib-External’ Group ‘Purchasing’ from Fabrikam  ‘Read-Partners’ Group ‘Admins’ from Contoso  ‘Administrator’

17 Flexible, rules-driven access control Rich support for a wide range of identity providers The Geneva framework is the.NET developer experience Easy to incorporate into existing applications Works with lots of other environments; e.g. Sun’s Java Metro 1.3, … Access Control Summary

18 .NET Workflow Service Service Orchestration Service Orchestration Service Registry NamingNaming Federated Identity and Access Control Messaging Fabric

19 Want to describe long-running processes Want to orchestrate work across services Want modularity and nesting Easy to describe but in practice harder to run Hosting and scaling can be challenging Setup and installing, define scale-out approach, ensure long-running availability, manage upgrades, … Workflow – Key Challenges

20 Internet-Scoped Service Orchestration Specialized Activity Library Workflow Service – Overview.NET Workflow Service.NET Workflow Service Types Instances WF Models (XOML) Control Flow + Activities Portal API Visual Studio Workflow Designer Custom Designers / Generators

21 WF is a general-purpose Framework Broad extensibility: Custom and code activities Simple hosting options (standalone or via WCF) Sophisticated hosting options via extensions.NET Workflow Service builds on WF Specialized, high-scale, resilient hosting environment Specialized set of activities for Orchestration Intentionally not a general-purpose host Windows Workflow Foundation vs..NET Workflow Service Scalability & Fault Resilience Less Constrained RuntimeMore Constrained Runtime

22 22 Supported Workflow Activities (PDC) Standard WF ActivityDescription IfElseConditional Branch SequenceSequence of Activities SuspendSuspends execution until external intervention TerminateTerminates the workflow WhileExecutes a conditional loop.NET Workflow ActivityDescription DelayDelays execution for a period of time HttpSendSends an outbound HTTP request HttpReceiveWaits for an inbound HTTP request ServiceBusSendSends a message via the Service Bus XPathReadExtracts a value from a message using XPath XPathUpdateUpdates a value in a message using XPath

23 Execute Workflows with high availability Design Workflows using existing tools Easily deploy and manage Workflows Portal for easy access Management APIs for rich automation Workflow Service Summary

24 .NET Service Bus Service Orchestration Service Orchestration Service Registry NamingNaming Federated Identity and Access Control Messaging Fabric

25 Key developer challenges Want to make it easy and secure for partners to use your application Don’t always know the characteristics or scale of the integration Partners / customers / users have devices and services running behind firewalls Approach Provide a high-scale, high-available “Service Bus” that supports open Internet protocols Service Bus

26 IPv4 Address Shortage Dynamic IP address allocation Network Address Translation (NAT) Internet is pwn3d by the bad guys Firewalls layered over firewalls over firewalls Connectivity Challenges Sender Receiver ? Machine Firewall Network Firewall Network Address Translation Dynamic IP

27 Service Bus Naming Root Solution NameB NameC Name1 Name2 Name3 NameA

28 [http|sb]://servicebus.windows.net/services/account/svc/… Service Registry Root servicebus. windows. net services account contoso … … svc Service Registry Root Multi-Tenant The service registry provides a mapping from URIs to services

29 Three key capabilities Multi-protocol, relayed connectivity Ensure applications can interconnect Discovery via common service registry NAT-NAT Traversal Uses the relay to establish communication Then shortcuts for efficiency One-way datagram/event distribution Unicast, Multicast and – soon – Anycast Lightweight publish/subscribe model Model will expand to cover queues and topics Available in.NET via WCF Bindings Connectivity

30 Relayed Communication Service Bus Sender Receiver sb://servicebus.windows.net/services/solution/a/b/ outbound connect one-way net.tcp TCP/SSL 828 Backend Naming Routing Fabric Frontend Nodes TCP/SSL 808/828 outbound connect bidi socket Msg NAT Firewall Dynamic IP Subscribe Route NLB

31 Service Registry Relay and direct connect connectivity Event distribution Integrated with Access Control services Service Bus Summary

32 32

33

Download ppt "1 Azure ™ Services Platform Microsoft.NET Services An Introduction Clemens Vasters Technical Lead Microsoft Corporation."

Similar presentations

Hello i am so and so, title/role and a little background on myself (i.e. former microsoft employee or anything interesting) set context for what going.

Hello i am so and so, title/role and a little background on myself (i.e. former microsoft employee or anything interesting) set context for what going.
Clemens Vasters Technical Lead, Service Bus.NET Services BB12.

Clemens Vasters Technical Lead, Service Bus.NET Services BB12.
Service Bus Service Bus Access Control.

Service Bus Service Bus Access Control.
Christian Weyer Solution Architect thinktecture

Christian Weyer Solution Architect thinktecture
Web Service Architecture

Web Service Architecture
John Shewchuk Dennis Pilarinos Microsoft Corporation.

John Shewchuk Dennis Pilarinos Microsoft Corporation.
A Java Architecture for the Internet of Things Noel Poore, Architect Pete St. Pierre, Product Manager Java Platform Group, Internet of Things September.

A Java Architecture for the Internet of Things Noel Poore, Architect Pete St. Pierre, Product Manager Java Platform Group, Internet of Things September.
Don’t Let Anybody Slip into Your Network! Using the Login People Multi-Factor Authentication Server Means No Tokens, No OTP, No SMS, No Certificates MICROSOFT.

Don’t Let Anybody Slip into Your Network! Using the Login People Multi-Factor Authentication Server Means No Tokens, No OTP, No SMS, No Certificates MICROSOFT.
The Microsoft Cloud Azure Platform This presentation incorporates some content from Microsoft.

The Microsoft Cloud Azure Platform This presentation incorporates some content from Microsoft.
“It’s going to take a month to get a proof of concept going.” “I know VMM, but don’t know how it works with SPF and the Portal” “I know Azure, but.

“It’s going to take a month to get a proof of concept going.” “I know VMM, but don’t know how it works with SPF and the Portal” “I know Azure, but.
SOA with Progress Philipp Walther Consultant. © 2007 Progress Software Corporation2 Agenda  SOA  Enterprise Service Bus (ESB)  The Progress SOA Portfolio.

SOA with Progress Philipp Walther Consultant. © 2007 Progress Software Corporation2 Agenda  SOA  Enterprise Service Bus (ESB)  The Progress SOA Portfolio.
Unified Logs and Reporting for Hybrid Centralized Management

Unified Logs and Reporting for Hybrid Centralized Management
Asper School of Business University of Manitoba Systems Analysis & Design Instructor: Bob Travica System architectures Updated: November 2014.

Asper School of Business University of Manitoba Systems Analysis & Design Instructor: Bob Travica System architectures Updated: November 2014.
 Clemens Vasters Service Bus Technical Lead Microsoft Corporation BB38.

 Clemens Vasters Service Bus Technical Lead Microsoft Corporation BB38.
.Net services Azure Services Platform. Introduction to Microsoft.Net Services.Net Service Bus.Net Access Control Service.Net WorkFlow Service Tools.

.Net services Azure Services Platform. Introduction to Microsoft.Net Services.Net Service Bus.Net Access Control Service.Net WorkFlow Service Tools.
SIM205. (On-Premises) Storage Servers Networking O/S Middleware Virtualization Data Applications Runtime You manage Infrastructure (as a Service)

SIM205. (On-Premises) Storage Servers Networking O/S Middleware Virtualization Data Applications Runtime You manage Infrastructure (as a Service)
Mobile Agents for Integrating Cloud-Based Business Processes with On-Premises Systems and Devices Janis Grundspenkis Antons Mislēvičs Department of Systems.

Mobile Agents for Integrating Cloud-Based Business Processes with On-Premises Systems and Devices Janis Grundspenkis Antons Mislēvičs Department of Systems.
Windows Azure Pack Tomáš „Kanty“ Kantůrek

Windows Azure Pack Tomáš „Kanty“ Kantůrek
Windows Azure Networking & Active Directory Nasir (Muhammad Nasiruddin) Developer Evangelist - Azure Microsoft Corporation

Windows Azure Networking & Active Directory Nasir (Muhammad Nasiruddin) Developer Evangelist - Azure Microsoft Corporation
Wrestling with Windows Workflow Foundation Simon Thurman Jeremy Stimson.

Wrestling with Windows Workflow Foundation Simon Thurman Jeremy Stimson.

Similar presentations

Ads by Google