Rohan Pinto

Architected a single sign on system whereby Air Canada and it's partners could access remote resources from each others infrastructures. The system wad deployed using the Liberty Standards and specifications for federation and also had the capability to inter operate with external authentication and authorization systems like Microsoft's ID-FF and WS-*.

Architected and deployed a Identity management Framework Using oblix identity Minder and a SSO environment using Netegrity Siteminder. Also architected a backend data consolidation repository using the SunONE directory server 5.11 and custom JNDI scripts for data scrubbing and data warehousing.

Built and deployed a secure remote access solution for Bombardier whereby all partner organizations could access resources from within Bombardiers infrastructure via a secure HTTP tunnel from any remote location without having the need to download and install specialized software client components or software. The solution was based on a web application gateway which accepted authentication tokens from the users own infrastructure and established a federated session which enabled the users to… Show more

Built and deployed a secure remote access solution for Bombardier whereby all partner organizations could access resources from within Bombardiers infrastructure via a secure HTTP tunnel from any remote location without having the need to download and install specialized software client components or software. The solution was based on a web application gateway which accepted authentication tokens from the users own infrastructure and established a federated session which enabled the users to access the predefined resources based on rules and policies that were provisioned from a SAP system. The sole purpose of this infrastructure was to serve the development needs of the CAD designers to remotely login to the systems and aid in developing and deploying aircraft schemantics in a secure manner. Show less

Designed a nis to ldap strategy with schema extensions to enable the deployment of a SSO environment with application level SSO and a web services platform. Also enabled deploy the active directory to ldap password synchronization engine. Helped develop a portal architecture with http tunnels using citrix for remote server access and usage.

Architected a RBAC and provisioning infrastructure that enabled CMH to migrate from their mainframe infrastructure. The core driver for this initiative was to enable CMH to rollout their .net based securities and trading application for brokers using a centralized user credential validation system and provide Single Sign On to applications.

Installation of a Windows NT Server (PDC/BDC) with MSExchange Server. Setting Up a RAS Session for Remote access and Creation of Roving Profiles for users. Connecting the Intranet to the Washington D.C. Wide Area Network, Setting up of a Training Center with Novell NetWare Portability and a Work-Flow Management Server.

Developed and deployed a EII system whereby multiple data sources could be queried using a query processor that used intelligent routing capabilities using ospf data algorithms and federated database technologies to consolidate query results from multiple segregated backend databases and provide the query processor with results with the least number of network hops.

Developed a plug-in in C by dissecting the Solaris 2.8 Source code and recompiling the Operating system to use LDAP as a backend data store for secure naming services. NIS+ front end services were modified to perform a handshake between the NIS+ protocol and LDAP. All naming services were migrated to LDAP for CISCO’s worldwide infrastructure. The recompiled version of Solaris also served Sun Microsystems with a new release of the Solaris Operating System. Developed a third part plug-in for Ber… Show more

Developed a plug-in in C by dissecting the Solaris 2.8 Source code and recompiling the Operating system to use LDAP as a backend data store for secure naming services. NIS+ front end services were modified to perform a handshake between the NIS+ protocol and LDAP. All naming services were migrated to LDAP for CISCO’s worldwide infrastructure. The recompiled version of Solaris also served Sun Microsystems with a new release of the Solaris Operating System. Developed a third part plug-in for Ber encoding and Ber decoding thus improving the performance of the gateway which translated all NIS+ queries to LDAP. Show less

Responsible for architecture of a broadBand Video portal for cogeco that enabled User Identity lifecycle management and provisioning system, single signon, federation and integration with their portal infrastructure deployed atop Microsoft IIS with tightly coupled integration hooks with their communication suite, instant messaging, VOIP, document management and kiosk systems. The system also allowed for usign Identity As a Service over REST and SOAP.

Designed and implemented a web based gateway to Access the organization’s Directory Server Running Netscape Directory Server 3.1. Performed a Complete Upgrade to Netscape Directory Server 4.12; Customized Schema's and modified Object Classes to Suit the custom components that needed to be included in the directory. The Web Gateway was customized to authenticate against users from the intranet. A pipeline was put in place to facilitate the synchronization of data between the Directory server and… Show more

Designed and implemented a web based gateway to Access the organization’s Directory Server Running Netscape Directory Server 3.1. Performed a Complete Upgrade to Netscape Directory Server 4.12; Customized Schema's and modified Object Classes to Suit the custom components that needed to be included in the directory. The Web Gateway was customized to authenticate against users from the intranet. A pipeline was put in place to facilitate the synchronization of data between the Directory server and the Intranet based in Palo Alto and the Intranet Based in Washington DC. Show less

Architected a smart single sign on security solutions using saml, soap and project liberty specifications that enabled the entire DoD community to authenticate and authorize users prior to enabling access to critical classified and sensitive information. The infrastructure also provided for migration of applications developed using aion knowledge base modules running on unikix environments to J2EE applications on solaris using LDAP as the core authentication and policy/access store. The… Show more

Architected a smart single sign on security solutions using saml, soap and project liberty specifications that enabled the entire DoD community to authenticate and authorize users prior to enabling access to critical classified and sensitive information. The infrastructure also provided for migration of applications developed using aion knowledge base modules running on unikix environments to J2EE applications on solaris using LDAP as the core authentication and policy/access store. The infrastructure enabled various secure authentication mechanisms like smart cards, PIN, tokens, account id and passwords and also randomly generated identifiers. Integration of other third party vendor products which used facial recognition, fingerprint match technologies were also incorporated. The Infrastructure also supported the reserve affairs portal, the common access validation architecture for identity federation and single signon adaptors for portal sso. Show less

Architected a Federated Single Signon and security framework for eHealth Ontario’s electronic health records (EHR) with ONEId. The role responsibilities also included overseeing integration of foundational and clinical systems with point of service applications. Was also responsible for ensuring secure transport layers for identity credentials using SAMLv2 protocols and conformance to webservices security standards (WS*). Was also responsible for network later infrastructure support and design… Show more

Architected a Federated Single Signon and security framework for eHealth Ontario’s electronic health records (EHR) with ONEId. The role responsibilities also included overseeing integration of foundational and clinical systems with point of service applications. Was also responsible for ensuring secure transport layers for identity credentials using SAMLv2 protocols and conformance to webservices security standards (WS*). Was also responsible for network later infrastructure support and design for scalability and performance. Show less

Installed Architected and configured a Corporate directory the comprised of EA’s worldwide data from legacy systems using meta directory and IDS5.0. developed custom connectors to combine data from peoplesoft, microsoft exchange and NEC-pbx systems into one common data storage format in LDAP. The connectors would also perform a bi-directional synch with the data sources when corporate data changed from any worldwide data source. Developed a web front end GUI to administer the LDAP server; and… Show more

Installed Architected and configured a Corporate directory the comprised of EA’s worldwide data from legacy systems using meta directory and IDS5.0. developed custom connectors to combine data from peoplesoft, microsoft exchange and NEC-pbx systems into one common data storage format in LDAP. The connectors would also perform a bi-directional synch with the data sources when corporate data changed from any worldwide data source. Developed a web front end GUI to administer the LDAP server; and streamline corporate workflow processes. Show less

Performed analysis and provided the client with a implementation methodology to use a LDAP server as a gateway to mainframe data. Also provided network and software architectural diagrams that enabled the organization to allow the end users (consumers & Agents) to file claims online via a web interface and store and retrieve information stored in the corporate mainframes. The process also included a survey of the network security systems and analysis of the encryption methodology in use. Also… Show more

Performed analysis and provided the client with a implementation methodology to use a LDAP server as a gateway to mainframe data. Also provided network and software architectural diagrams that enabled the organization to allow the end users (consumers & Agents) to file claims online via a web interface and store and retrieve information stored in the corporate mainframes. The process also included a survey of the network security systems and analysis of the encryption methodology in use. Also provided the client with reports on security loopholes in the network architecture and suggestions on optimizing their current security systems Show less

Installed a Intranet Server for In-house stock trading. Also had a Router configured for internet access via Firewalls and Proxy server. Created a web site for the company using NetObjects Fusion 3.0 and Installed and trained staff to work on Net It Central for online processing of databases. Also installed a online security system to monitor and update user lists. Installation of a RAS session on Windows NT for remote monitoring. Administration, maintenance and on-going development of the… Show more

Installed a Intranet Server for In-house stock trading. Also had a Router configured for internet access via Firewalls and Proxy server. Created a web site for the company using NetObjects Fusion 3.0 and Installed and trained staff to work on Net It Central for online processing of databases. Also installed a online security system to monitor and update user lists. Installation of a RAS session on Windows NT for remote monitoring. Administration, maintenance and on-going development of the computing environment for the daily production and publication of Goldman Sach’s Bond Index: three Unix machines (Sun and HP), and several (client) Windows NT machines; FAME and Sybase databases; ftp price feeds, perl scripts, c shell scripts, C/C++ code; automated client report generation and distribution, and distribution to news agencies (WSJ, Reuters, Bloomberg, Telerate, etc); monthly publication of a 50 page report summarizing the performance of global bond markets (PageMaker). Show less

Enabled rollout of the Go-PKI provisioning infrastructure using Sun Identity manager from their previous PKI infrastructure. The provisioning infrastructure was setup such that it handles issuance of user certificates using Entrust entilligence and associating Roles with the user profiles by mining the datastore for user attributes that enabled determine the access type for the various systems (various departments within the provincial government) that used the centralized authentication… Show more

Enabled rollout of the Go-PKI provisioning infrastructure using Sun Identity manager from their previous PKI infrastructure. The provisioning infrastructure was setup such that it handles issuance of user certificates using Entrust entilligence and associating Roles with the user profiles by mining the datastore for user attributes that enabled determine the access type for the various systems (various departments within the provincial government) that used the centralized authentication framework. Show less

Architected and deployed a Native LDAP infrastructure and extended the functionality of the Native LDAP server running SunONE Directory server 5.1SP2 to also incorporate web based authentication in addition to native LDAP client authentication for the entire intranet structure of the organizations infrastructure.

Design and architect a Enterprise Directory Server to serve as informatica’s central repository for user authentication and authorization for all native authentication clients like solaris, linux, hp-aix and solaris on intel bases boxes. Architected a roadmap for informatica’s infrastructure to not only enable native LDAP authentication but also transtion to a identity management infrastructure with embedded technologies like single sign on, federation, policy management, delegated… Show more

Design and architect a Enterprise Directory Server to serve as informatica’s central repository for user authentication and authorization for all native authentication clients like solaris, linux, hp-aix and solaris on intel bases boxes. Architected a roadmap for informatica’s infrastructure to not only enable native LDAP authentication but also transtion to a identity management infrastructure with embedded technologies like single sign on, federation, policy management, delegated administration and web services. The structure also provided authentication and authorization services for web based applications like the vendor portal, support center and a series on intranet applications. The infrastructure design was also to address web services (UDDI) and federation protocols using specifications from xml-rpc, saml, soap and project liberty. Show less

Deployed a portal servicer infrastructure with jsr 168 portlets and integrated the portal server architecture with a content management system for a public facing website.

Design and implement a migration strategy for migrating Netegrity SiteMinder to support an initial 400,000 user accounts, and expected to grow to three million in three years. Protect a wide variety of applications under a single sign-on environment. Implement Netegrity SiteMinder on Solaris and web agents on various Solaris and NT machines running iPlanet and IIS web servers as well as WebLogic and Net Dynamics application servers. Provide Java developers with assistance on integrating… Show more

Design and implement a migration strategy for migrating Netegrity SiteMinder to support an initial 400,000 user accounts, and expected to grow to three million in three years. Protect a wide variety of applications under a single sign-on environment. Implement Netegrity SiteMinder on Solaris and web agents on various Solaris and NT machines running iPlanet and IIS web servers as well as WebLogic and Net Dynamics application servers. Provide Java developers with assistance on integrating applications into SSO environment. Write detailed integration manual to be used by future developers needing to know how to integrate applications into this web access control environment. Architected and deployed a migration strategy for motorola’s internal and external infrastructure to move from Netscape directory server 4.16 platform to a heterogenious environment and further to a pure Sun Java Systems Directory Server 5.2 infrastructure with multi mastering and high availability features. Show less

Architected and deployed a RSA SecurID authentication module for the SunONE identity server which was used as the core identity management and SSO infrastructure for the organization.

Architected a Network Identity solution for Centralized Access Management and delegated administration for the entire organization. the Corporate LDAP structure for Identity Management and Web Based SSO.

Architected and deployed a fine grained authorization toolkit, using XAML for
network and credential based identification systems over Wi-Fi networks with GEO-Tagging to enable locate user identities based on the the 802.1 router that the device connects to. This system was prototyped and demonstrated at the OASIS XACML conference in London which received “applause” and was in fervor by the protocol and architects from the healthcare space.

Architected a security infrastructure with access manager as a core service that
enabled network layer security and single signon in addition to sso for applications and devices. The infrastructure was also a central management interface for all VOIP services.

Architected a upgrade methodology for Nortel to upgrade their OAM base
security management framework that used a OEM'd version of Sun Java Systems Access Manager 6.0SP1 to Access Manager 6.3 using package add methods and leveraging the use of Sun Live Upgrade to not only perform the upgrade of the underlying Operating System (Solaris), but also upgrade all dependent underlying components like the web application, the directory server, the web server, the SSL layer and it's dependencies. The… Show more

Architected a upgrade methodology for Nortel to upgrade their OAM base
security management framework that used a OEM'd version of Sun Java Systems Access Manager 6.0SP1 to Access Manager 6.3 using package add methods and leveraging the use of Sun Live Upgrade to not only perform the upgrade of the underlying Operating System (Solaris), but also upgrade all dependent underlying components like the web application, the directory server, the web server, the SSL layer and it's dependencies. The process and methodology used leveraged the ability to use Access Manager SDK and use the backup restore scripts for parsing and restructuring and formatting the data to comply with the requirements for the current version of Access Manager. Show less

Main Responsibilities included:
1. Provides overall technical direction leadership and oversight for technology aspects of the projects, including requirements gathering, development of technical architecture, vendor selection, development of technology implementation plans, threat risk assessment, and implementation of the plans.
2. Acts as the key technical liaison to the broader project team and to OTN technical operations.
3. Collaborate with the broader project team in identifying… Show more

Main Responsibilities included:
1. Provides overall technical direction leadership and oversight for technology aspects of the projects, including requirements gathering, development of technical architecture, vendor selection, development of technology implementation plans, threat risk assessment, and implementation of the plans.
2. Acts as the key technical liaison to the broader project team and to OTN technical operations.
3. Collaborate with the broader project team in identifying detailed technical project needs;
4. Collaborate with stakeholders to lead the technical user requirements definition process;
5. Develop the solution architecture (conceptual, logical, and physical) components of the project plans; Report against the plan
6. Setup, configure, and development IAM solution; Report against plan
7. Oversee the technical project staff and interface with OTN operations staff to ensure project related deliverables are met;
8. Liaise with IT personnel at OTN member sites to ensure the technical aspects of the project are addressed;
9. Manage technical problems end to end in IAM infrastructure;
10. Define or reengineer common procedures and processes to ensure IAM service stability, performance and availability;
11. Monitor technically related project quality and risk;
12. Participate in the closure phase of the projects assisting in the transition of technical products to OTN operations.
13. Manage the creation of technical administration documentation and support articles to meet client support requirements for the service;
14. Create guidelines for system health (all IAM components) and drp testing/procedures;
15. Lead the development of RFP’s for the procurement of IT equipment.
26. Perform work in accordance with the provisions of the Occupational Health and Safety Act and Regulations and all other corporate/departmental policies and procedures. Show less

Developed a Java Application the Forecasts ones Stock value a year+1 day from the current date; and also forecast the approximate dates and amount of stocks that need to be vested dependent on historical data of any particular company. The java Wrapper developed utilized the Crystal Ball developed by decisioneering.com which was a MS-Excel plugin. The Java interphase accepted values from a web based interphase; plugged in the values into a excel spreadsheet; ran thousands of Monte Carlo… Show more

Developed a Java Application the Forecasts ones Stock value a year+1 day from the current date; and also forecast the approximate dates and amount of stocks that need to be vested dependent on historical data of any particular company. The java Wrapper developed utilized the Crystal Ball developed by decisioneering.com which was a MS-Excel plugin. The Java interphase accepted values from a web based interphase; plugged in the values into a excel spreadsheet; ran thousands of Monte Carlo simulation on the said data set and then transferred the excel formatted data back on to the web while simultaneously storing the values in a SQL database. Show less

Architected the Identity And Access Management framework and systems for the Province's Electronic Health Records System (iEHR) that used SAMLv2 as the standardized authentication framework to allow federated authentication info the Health Information Access Layer (HIAL) and enforced access based on roles mined from the Extended Registry (XRS) to enable Role based Access Control (RBAC) and Fine Grained Attribute Based Access Control (ABAC) on applications that enable iEHR lookups (Spring… Show more

Architected the Identity And Access Management framework and systems for the Province's Electronic Health Records System (iEHR) that used SAMLv2 as the standardized authentication framework to allow federated authentication info the Health Information Access Layer (HIAL) and enforced access based on roles mined from the Extended Registry (XRS) to enable Role based Access Control (RBAC) and Fine Grained Attribute Based Access Control (ABAC) on applications that enable iEHR lookups (Spring Framework). The infrastructure was architected and deployed such that the core principle around with data access was made available to the various applications was security enforced at the application and business tier. Show less

Installation of a real audio server for live audio/video webcasting. Customizing the server to incorporate HTML server management tools for remote administration. Broadcasting live feed via SMIL & HTML content creators. Use Stored Archives. Use the Simulated Live Transfer Agent (G2SLTA) to broadcast a stored file as if it were live. Events broadcast with G2SLTA appear to be live; everyone sees the same part of the broadcast at the same time. Installation Of a secure server for administration… Show more

Installation of a real audio server for live audio/video webcasting. Customizing the server to incorporate HTML server management tools for remote administration. Broadcasting live feed via SMIL & HTML content creators. Use Stored Archives. Use the Simulated Live Transfer Agent (G2SLTA) to broadcast a stored file as if it were live. Events broadcast with G2SLTA appear to be live; everyone sees the same part of the broadcast at the same time. Installation Of a secure server for administration purposes. Inclusion Of a real-time Java monitor for displaying real-time information about the number of clients connected to Real Server, resources used, and which files are being streamed. Show less

Was responsible for delivering a multi tier architecture delivering a *nix based centralized authentication system with integration between LDAP and AD, with bi directional password synchronization and user lifecycle management modules for credential management and user self service.

* Evaluated and defined the Identity and Access Management architecture to align business requirements with information technology standards
*Researched and evaluated emerging technologies to facilitate the identification and introduction of new technologies for corporate Identity and Access Management solutions
*Provided coaching, mentoring and consulting to raise the overall technical competency and to disseminate an understanding of the Identity and Access Management solution… Show more

* Evaluated and defined the Identity and Access Management architecture to align business requirements with information technology standards
*Researched and evaluated emerging technologies to facilitate the identification and introduction of new technologies for corporate Identity and Access Management solutions
*Provided coaching, mentoring and consulting to raise the overall technical competency and to disseminate an understanding of the Identity and Access Management solution architecture
*Developed Identity and Access Management solution architecture for all major Rogers initiatives including one of the largest business transformation undertaking in Canada
*Developed a policies based SOA Security solution architecture for web services and provided guidance on the delivery and implementation of the SOA security solution using the Layer7 SecureSpan Gateway
* Provided guidance on the delivery and implementation of the Cloud SSO and identity federation solution based on CA Technologies Federation Manager product Show less

Responsibility entails architecting a security framework for a very large delivery program to create CGI’s new Integrated Wealth Management Platform, initially in support of CGI’s first IWSB client, a major Canadian bank. Responsibilities also include delivery scope for all aspects of system integration consulting services including requirement analysis, system architecture design, detail design and development, project estimation, scope planning, project strategy, and customer/vendor… Show more

Responsibility entails architecting a security framework for a very large delivery program to create CGI’s new Integrated Wealth Management Platform, initially in support of CGI’s first IWSB client, a major Canadian bank. Responsibilities also include delivery scope for all aspects of system integration consulting services including requirement analysis, system architecture design, detail design and development, project estimation, scope planning, project strategy, and customer/vendor negotiation. Show less

Conducted workshops that enabled services Alberta to establish a federated sso infrastructre with pki/smartcard based authentication system

Architected a single sign-on system whereby Shaw cable's internal and external customers could usetheir email and calendering systems in conjunction with Shaw's portal server offering to SSO into all applications using a secure token generated by Access Manager. The system was architected such that the AM controller also defined roles and policies for each individual user which were associated with the users profile at authentication time. Users also had the capability to delegate the… Show more

Architected a single sign-on system whereby Shaw cable's internal and external customers could usetheir email and calendering systems in conjunction with Shaw's portal server offering to SSO into all applications using a secure token generated by Access Manager. The system was architected such that the AM controller also defined roles and policies for each individual user which were associated with the users profile at authentication time. Users also had the capability to delegate the administration and management of their mailboxes and calendering systems and mail retrieval. capabilities to peers. Show less

Architected a supply chain management application for design and supply chain automation using i2 factory planner, LDAP, BEA application server (CORBA) and MS-SQL.

Performed a statistical analysis of the current network infrastructure and implemented a meta-directory server using the Global Directory Server (GDS) from Critical Path and the ISOCOR meta-connector product to provide a centralized authentication agent for the corporate affiliates and international organizations. The schema was designed such that the directory server was also used as a data repository providing all divisions of Sony Pictures, Columbia Pictures, and Tristar Pictures worldwide… Show more

Performed a statistical analysis of the current network infrastructure and implemented a meta-directory server using the Global Directory Server (GDS) from Critical Path and the ISOCOR meta-connector product to provide a centralized authentication agent for the corporate affiliates and international organizations. The schema was designed such that the directory server was also used as a data repository providing all divisions of Sony Pictures, Columbia Pictures, and Tristar Pictures worldwide to store and access payroll, security and all employee records from their custom applications. Defined connector views to applications like peoplesoft, HRC, Sony Interactive Kiosks, Lotus Domino, Exchange, Notes, oracle etc; thus enabling realtime synchronization of data in the LDAP server. Show less

Designed and implemented a Enterprise wide LDAP – Directory server. The project had 6 modules. Installation of a Windows NT PDC, BDC with a automated fail over procedure. Netscape Directory server for LDAP. Custom LDSU Scripting for filtering and importing raw data exports from MS-Exchange, Lotus Notes, ccmail clients directly into the directory server which stored data in DB2 format. The Scripting took would convert .csv, .adr, .txt file structures into DB2. Data transfers took place over the… Show more

Designed and implemented a Enterprise wide LDAP – Directory server. The project had 6 modules. Installation of a Windows NT PDC, BDC with a automated fail over procedure. Netscape Directory server for LDAP. Custom LDSU Scripting for filtering and importing raw data exports from MS-Exchange, Lotus Notes, ccmail clients directly into the directory server which stored data in DB2 format. The Scripting took would convert .csv, .adr, .txt file structures into DB2. Data transfers took place over the internet and hence Installation of a firewall was a must too. Implemented Microsoft Internet Security features to Block all incoming and outgoing TCP/IP and UDP ports on the server. The directory server also had replication processes which duplicated data using supplier/consumer agreements. The server needed to be secure and SSL was installed. The system was configured to adapt itself with Microsoft email clients like Microsoft exchange, outlook, and outlook express using the Bolton James plugin for windows systems. Show less

Developed an architecture for Sun’s internal usage catering to the crossorganization SSO using the project liberty Specifications. Built federation and SAML modules for the SunONE Identity Sever. Also deployed the SunONE portal server as a service to the federation framework with SSO capabilities into SAP applications. The SAP SSO structure was further secured with RSA SecureID and unix authentication to provide an additional security layer around SAP and comply with the SAP security model.

Lead team Architect of the Sun Customer Number #1 program that drives the SunONE initiative to be implemented within the organization; by using the iPlanet suite of products; thus enabling the company to move forward in a direction towards having a single suite of product’s with a range of services that could be packaged as a whitebox solution. The primary objective is to package the various components within the Sun infrastructure to a single product base that provides entitlements, delegated… Show more

Lead team Architect of the Sun Customer Number #1 program that drives the SunONE initiative to be implemented within the organization; by using the iPlanet suite of products; thus enabling the company to move forward in a direction towards having a single suite of product’s with a range of services that could be packaged as a whitebox solution. The primary objective is to package the various components within the Sun infrastructure to a single product base that provides entitlements, delegated administration, data serving and
web services as component level services to other applications and help seamlessly migrate data structures from legacy apps to a standardized data repository. Show less

Migration Of Existing Hotel Management System Software running on a Novell NetWare platform with a realtime satellite link to Choice Hotels for online hotel bookings and room management. Interconnectivity with a Windows NT network, Telephone interface and a cable TV Channel on demand network for automated billing purposes. Migration of D’Base database to Access For use in a Windows NT environment. Installation and setup of a Backup Server for periodical database backups. Also providing a… Show more

Migration Of Existing Hotel Management System Software running on a Novell NetWare platform with a realtime satellite link to Choice Hotels for online hotel bookings and room management. Interconnectivity with a Windows NT network, Telephone interface and a cable TV Channel on demand network for automated billing purposes. Migration of D’Base database to Access For use in a Windows NT environment. Installation and setup of a Backup Server for periodical database backups. Also providing a provision for ad-hoc backups and reports. Show less

Architected a Identity And Access Management infrastructure for TD Securities that enabled Trading and consolidation of application provisioning to various applications that serve critical securities applications using SPRING Security and federated authentication (SAMLv2)with all other TD business verticals.

Deployed a Smart Card and proximity based authentication system for Telus Corporate using Active Identity Client Authentication components and Integrated the system with Telus's corporate Single SignOn Infrastructure.

Architected and implemented Telus's internal and external authentication and role management infrastructures to enable employees, customers and partners subscribe to services and application hosted by Telus. The Architecture enabled Telus to maintain distinct differential between the various brands and self hosted applications thus enabling the organization to provide SSO restrictions based on the “brand” via which the users would authenticate to the infrastructure.

Was responsible for building a claims based access control model and a technical architecture for Tim Horton's portal relaunch with integrated access controls using ADFS and secure webservices. Was also responsible for developing co-relational attribute model between SAP and AD.
was also responsible for :
> Architecting Integration Solution for consolidating data from multiple legacy applications. Involved in System Analysis and Database Modeling
> Performed Information… Show more

Was responsible for building a claims based access control model and a technical architecture for Tim Horton's portal relaunch with integrated access controls using ADFS and secure webservices. Was also responsible for developing co-relational attribute model between SAP and AD.
was also responsible for :
> Architecting Integration Solution for consolidating data from multiple legacy applications. Involved in System Analysis and Database Modeling
> Performed Information Architecture, Design and Development of various SharePoint based applications
> Refactoring existing application architecture for performance gains for a major Work Flow Management Application.
> Business System Analysis, business modeling and Requirements Definition for UAG, ADFS, FIM. Show less

Setting up of a Java based web server / web site running a online application for course scheduling and schedule management. Conducted classes in web development and Installation of Web Servers for The D.C Government employees including members of the Mayors office, Department of Health, Office Of The Inspector general, Office Of D.C. Procurement, Department of Labor, Department of telecommunications. The course included development of interactive web pages using HTML 3.2, DHTML, Java… Show more

Setting up of a Java based web server / web site running a online application for course scheduling and schedule management. Conducted classes in web development and Installation of Web Servers for The D.C Government employees including members of the Mayors office, Department of Health, Office Of The Inspector general, Office Of D.C. Procurement, Department of Labor, Department of telecommunications. The course included development of interactive web pages using HTML 3.2, DHTML, Java, JavaScript, Active-X and also netObjects Fusion 3.0. Installation of web server software, SSI/SSL, CGI Programming and Pearl Script Debugging. Show less

Architected a Unified User Management framework using Oblix Identity Minder and Microsoft Active Directory with a farm of database backends. Also deployed a Microsoft meta-directory solution for data synchronization between the various instances of active directory servers and the oracle back end’s which contained the SOA records.

Designed and implemented a Single Signon System using the iPlanet Directory Server, iDAR, Siteminder and Meta-Directory. Assisted the organization in migrating XA system passwords and authentication agents from their legacy systems to the directory server. Also implemented the use of the directory services as a authentication agent for affiliate organizations using cookies; enabling a centralized data store to be shared by varied systems and networks over encrypted channels.