On Sat, Aug 3, 2013 at 9:04 PM, Sanjiva Weerawarana <[email protected]>wrote:
> Dilshan & Prabath, should the SCEP server code ship with IS by default? > > Prabath I remember a long discussion about certificate issuing and > distribution 3-4 years ago but don't think we ended up implementing yet .. > is this a lightweight solution? > Yes.. we didn't make any progress with the CA implementation.. SCEP server plays the middle-man role in enrolling and getting a certificate to a network device (which basically does not have any account with the CA). SCEP server will know how to talk to a CA (could be the existing cooperate CA) and gets the certificate.. My understanding is MDM needs not to be a SCEP server (please correct me if not).. It only has to know how to talk to a SCEP server.. (which may be IS, EJBCA or Microsoft CA). Mobile devices, when getting registered with the MDM, will get a profile with all the details to connect to the SCEP server... and these devices will connect to the SCEP server directly and do the enrollment.. The role of MDM is to embed the OTP and the server URL of the SCEP server in to the profile... Thanks & regards, -Prabath > > Dilshan have u guys already implemented it? > > Sanjiva. > > On Wed, Jul 31, 2013 at 9:01 PM, Dilshan Edirisuriya <[email protected]>wrote: > >> Hi, >> >> Attached is the architecture of mobile device management. The MDM build >> is compiled on top of carbon by using necessary features. Build consist of >> these layers modules/components. >> >> 1) MDM web console - MDM Jaggery app where you have the MDM core >> functionality. >> >> 2) MDM admin console - This is for creating tenants and admins. At >> present this is done via carbon admin console. >> >> 3) Public store - Public store Jaggery app. >> >> 4) Publisher - Publisher Jaggery app. >> >> 5) Store admin console - Admin console for store. >> >> 6) iPhone interface - This will run the SCEP server[1] which is needed >> for iPhone provisioning. >> >> 7) Android interface - GCM related functionality goes here. >> >> 8) User module - User authentication, register, roles etc. will be >> handled here. For this we will be using WSRequest in Jaggery or directly >> calling the OSGI bundle from Jaggery. >> >> 9) Tenant management module - Tenants will be handled in this module. >> >> 10) Configuration management module - MDM related configurations. >> >> 11) Security module - SAML based login etc. >> >> 12) Device module - Device related functions. >> >> 13) Policy module - XACML related functions to handle MDM policies. >> >> >> Main MDM app will be developed as a Jaggery app and it will use an >> external mysql database. Jaggery will handle all the database functions >> related to MDM. Data level isolation of the tenants will also be done using >> the Jaggery code. >> >> >> [1] - http://en.wikipedia.org/wiki/Simple_Certificate_Enrollment_Protocol >> >> >> Regards, >> >> Dilshan >> >> _______________________________________________ >> Architecture mailing list >> [email protected] >> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >> >> > > > -- > Sanjiva Weerawarana, Ph.D. > Founder, Chairman & CEO; WSO2, Inc.; http://wso2.com/ > email: [email protected]; phone: +94 11 763 9614; cell: +94 77 787 6880 | +1 > 650 265 8311 > blog: http://sanjiva.weerawarana.org/ > > Lean . Enterprise . Middleware > > _______________________________________________ > Architecture mailing list > [email protected] > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > > -- Thanks & Regards, Prabath Mobile : +94 71 809 6732 http://blog.facilelogin.com http://RampartFAQ.com
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
