CV:Anders Revsgaard
I am a security consultant and offer my skills through my company ITfoxtec.
My tasks are related to security and therefore cannot always be published or only published to a limited extent. Likewise, all customers cannot be published either.
The secret tasks can e.g. be in relation to security gaps or in relation to the fact that a customer has been compromised (hacked).
Similarly, very short tasks of one to two hours are avoided.
Civil engineer & .NET architect with 24 years of experience
I am a senior .NET architect with 20 years experience within security standards and security solutions in .NET. For a number of years, I have been particularly involved in developing security solutions in .NET built on OAuth 2.0, OpenID Connect 1.0 and JWT as well as SAML 2.0, SAML 1.0/1.1 and WS-*. Using the standards, I have implemented integration for AD FS, Microsoft Entra ID (Azure AD), Azure AD B2C, Auth0, NemLog-in, Context Handler, Keycloak, Facebook, etc.
I am a specialist within my own FoxIDs, IdentityServer, AD FS, Microsoft Entra ID (Azure AD), Azure AD B2C and Auth0 where I perform customer-specific adaptation and further development on all platforms.
My security products
- FoxIDs is an open source cloud security server that handles user repositories and supports OAuth 2.0, OpenID Connect 1.0 and SAML 2.0. As well as converting between standards e.g. SAML 2.0 for OpenID Connect.
- ITfoxtec Identity, component for .NET that supports OAuth 2.0, OpenID Connect 1.0 for both Identity Provider/OpenID Provider, Relying Party/ Client and Resource.
- ITfoxtec Identity Blazor WebAssembly OpenidConnect, component for Blazor WebAssembly supporting OpenID Connect 1.0 with Proof Key for Code Exchange ( PKCE).
- ITfoxtec Identity SAML 2.0, component for .NET that supports SAML 2.0 for both Identity Provider and Relying Party. Supports OIOSAML3, NemLog-in (MitID) and Context Handler / Fælleskommunal Adgangsstyring.
- ITfoxtec AD FS Audit, component for AD FS that meets NemLog-in's logging requirements.
Competencies
OAuth 2.0, OpenID Connect 1.0, JWT, SAML 2.0, SAML 1.0/1.1, WS-Federation, WS-Trust, ActAs, Login, SSO (single sign-on), Two-factor / Multi-factor, logout, Single logout, integration, enterprise architecture, software architecture, security architecture, Digital Signature, MitID, OCES3, OIOXML3, NSIS, OIOSAML.NET, NemLog-in, Context Handler / Communal Access Management, IdentityServer / Duende, Auth0, Microsoft Entra ID (Azure AD), Azure AD B2C, AD FS, WAP, Active Directory (AD), Kerberos 5, Azure, Visual Studio, .NET, .NET Framework, .NET Core, .NET Standard, ASP.NET Core , ASP.NET Core MVC, ASP.NET MVC, OWIN, Blazor WebAssembly, C#, WinDbg, HTML, CSS, JavaScript, jQuery, AngularJS, Bootstrap, JSON, REST, OData, XML, webservice, WCF, Azure Key Vault, Hardware security module (HSM), NoSQL, Azure Cosmos DB, SQL, LINQ, Entity Framework (EF), Dapper, Regular Expression (Regex)
Contact
Anders Revsgaard
[email protected]
Mobile: +45 50595808ITfoxtecMarselis Boulevard 18000 AarhusDenmarkCVR: 30 59 65 01
Experience
Talk: OpenID Connect and NemLog-in – introduction and code (January 2024)
ANUG
Part 1 - OpenID Connect
Introduction to OpenID Connect and OAuth 2.0. What's the deal with all those flows and client types? Connect ASP.NET Core 8.0 web app to IdP with OpenID Connect and add OAuth 2.0 enabled API. I’ll create an IdP on FoxIDs where users can sign up and authenticate.
Introduction to token exchange especially in relation to zero trust and least privileges.
Part 2 - NemLog-in
Introduction to NemLog-in. What is OIOSAML3 and how is it related to SAML 2.0 and NSIS? OCES3 certificates. What is NemLog-in broker/not broker and Local STS? Connect ASP.NET Core 8.0 web app from part 1 to NemLog-in with OpenID Connect via FoxIDs as a bridge to SAML 2.0 and NemLog-in. Configure a new IT-System in NemLog-in and authenticate with a test MitID. Call the API from part 1 to see if access can be granted based on an access token.
Skills used: Security architecture, OAuth 2.0, OpenID Connect, Token Exchange, JWT, SAML 2.0, NemLog-in, OIOSAML3, OCES3, NSIS and FoxIDs
Context Handler (October 2023 – present)
IT34
Assisted with connection to Context Handler / Fælleskommunal Adgangsstyring in test and production environments. As well as setting up test IdP with test users based on AD FS. Test users are assigned roles with XML Privilege.
Competencies used: Security architecture, Context Handler, Fælleskommunal Adgangsstyring, SAML 2.0, OIOSAML3, OCES3, OIO Basic Privilege Profile and AD FS.
FoxIDs - OAuth 2.0 Token Exchange (October 2023 – present)
Verdo
Implement token exchange for multiple APIs to achieve least privileges and following the zero trust architecture mindset.
Skills used: Security architecture, OAuth 2.0, Token Exchange, JWT and FoxIDs.
SAML 2.0 for external (September 2023 – present)
Softtechhealth (New York, NY 10006)
Configure SAML 2.0 connections to clients with different IdPs that all support SAML 2.0.
Skills used: Security architecture, integration, SAML 2.0
FoxIDs - OAuth 2.0 Token Exchange (August 2023 – present)
Septima
Implement token exchange in FoxIDs and assist in implementing OAuth 2.0 token exchange in GeoDK. External SAML 2.0 tokens can thus be exchanged for JWT.
Skills used: Security architecture, OAuth 2.0, Token Exchange, JWT, SAML 2.0 and FoxIDs.
FoxIDs (November 2022 – June 2023)
Septima
Assisted in analysing the security architecture and implementing FoxIDs as the central IdP and phase out Azure AD B2C.
FoxIDs were connected to DMP with OpenID Connect and the GeoDK application connected to FoxIDs.
Skills used: Security architecture, integration, OpenID Connect and FoxIDs.
FoxIDs (September 2022 – September 2023)
Verdo
Assisted in analysis and design of future security structure.
Implement FoxIDs as the central IdP and linked applications and APIs on FoxIDs. Configured trust from FoxIDs to NETS eID Broker to be able to log in with MitID. As well as trust to Azure AD so that employees can achieve single sign-on.
Skills used: Security architecture, integration, OpenID Connect, NETS eID Broker, MitID, sign-on, Azure AD and FoxIDs.
FoxIDs (June 2022 – December 2022)
FlexDenmark
Implement FoxIDs as the central IdP for future flex traffic solution. Build trust to multiple regions and others to achieve single signon. Connected future flex traffic solution to FoxIDs.
Connect FoxIDs to NemLog-in.
Skills used: Security architecture, integration, AD FS, Azure AD, SAML 2.0, OpenID Connect, FoxIDs, OIOSAML3, OCES3 and NemLog-in.
FoxIDs (January 2022 – October 2022)
Energy Cool
Implement FoxIDs as the central IdP and phase out AD FS. Help with implementation of OIDC and securing API calls with OAuth 2.0 Bearer Token Usage.
The applications log in via FoxIDs which either let the user log in directly to FoxIDs or via a trust to Azure AD.
Skills used: Security architecture, .NET, SPA, Angular, bearer token, OAuth 2.0, OpenID Connect and FoxIDs.
NemLog-in (October 2021 – October 2021)
SpeedAdmin
Show code example of integration for NemLog-in with SAML 2.0 where ITfoxtec Identity SAML 2.0 is used and configured NemLog-in.
Skills used: Security architecture, SAML 2.0, NemLog-in and ASP.NET MVC.
Azure AD B2C and NemLog-in (September 2021 – October 2021)
Athea
Assisted in connecting Azure AD B2C to NemLog-in with SAML 2.0. Helped with login, logout and single logout.
Skills used: Security architecture, integration, Azure AD B2C, SAML 2.0, OIOSAML3 NemLog-in, OCES3, login, logout and single logout.
Azure AD B2C - NemLog-in (April 2021 – November 2022)
Odense Municipality
Assisted in connecting Azure AD B2C to NemLog-in with SAML 2.0. Helped with login, logout and single logout.
Skills used: Security architecture, integration, Azure AD B2C, SAML 2.0, OIOSAML3 NemLog-in, OCES3, login, logout and single logout.
FoxIDs as identity service (January 2021 – present)
JO Informatics
Implemented FoxIDs as the central IdP. Assisted in connecting applications and APIs as down-parties. Created many trusts for municipalities in Denmark with SAML 2.0 and OpenID Connect.
Configured FoxIDs so applications can let the user log in at any location without it having any effect on the application as the claims set is uniform.
Connect FoxIDs to NemLog-in and Context Handler / Fælleskommunal Adgangsstyring.
Applied skills: Enterprise architecture, software architecture, security architecture, federated security, integration, .NET, ASP.NET MVC Core, Blazor, Single Sign-On (SSO) OAuth 2.0, OpenID Connect 1.0, JWT, SAML 2.0, Login, Logout, Single Logout , AD FS, Azure AD B2C, FoxIDs, NemLog-in, Context Handler, Fælleskommunal Adgangsstyring, OIOSAML3, OCES3 and NSIS.
SAML 2.0 integration (February 2021 – March 2021)
ClearViewTrade
Assisted with SAML 2.0 integration and made code examples.
Skills used: Security architecture, integration, SAML 2.0, AD FS and ASP.NET.
NSIS (February 2021 – June 2022)
Unnamed company (Denmark)
Assisted in the process of being NSIS audited and approved.
Skills used: Enterprise architecture, security architecture, NemLog-in, OIOSAML3 and NSIS.
App login: Azure AD and MitID (January 2021 – November 2021)
MicroTech
Assisted in integrating web application to Azure AD with OpenID Connect. Created sample to show how multi-tenant is handled.
Assisted with integration with OIDC for Signaturgruppen's NETS eID Broker to be able to log in with MitID.
Skills used: Security architecture, integration, OpenID Connect, MitID, SSO, Azure AD and ASP.NET MVC Core.
Future Security Architecture (January 2021 – June 2023)
Kamstrup
Assisted in considering Azure AD B2C, future capabilities and security architecture.
Assisted with considerations and testing of Auth0.
Skills used: Security architecture, integration, SAML 2.0, OAuth 2.0, OpenID Connect, Azure AD B2C and Auth0.
AgroID (September 2020 – December 2020)
Assisted in the implementation of new AgroID with IdentityServer/Duende as platform. Assisted in relation to the security architecture and including claims and roles.
Mix other implemented integration for AD FS with OIDC and token exchange from SAML 2.0 to JWT.
Skills used: Security architecture, IdentityServer, Duende, SAML 2.0, OAuth 2.0, OpenID Connect, JWT, AD FS and ASP.NET core.
AD FS and Security (February 2020 – June 2021)
FlexDenmark
Assisted with AD FS setup, changes, certificate change, etc.
Skills used: Security architecture, integration, certificate, AD FS and SAML 2.0.
Signing and login (February 2020 – February 2020)
Educator
Assisted with knowledge of signing and helped with SAML 2.0 connection to UniLogin.
Skills used: Security architecture, integration, SAML 2.0 and UniLogin.
NemLog-in Active Registration (December 2019 – December 2019)
The Environmental Protection Agency
Assisted with knowledge of NemLog-in in VirkRegistration.
Skills used: Security architecture, SAML 2.0, NemLog-in and OIOSAML2.
AD FS and SPA (October 2019 – June 2020)
Energy Cool
Assisted in the development of OpenID Connect in SPA to be able to log in via AD FS. As well as securing API calls with OAuth 2.0.
Skills used: Security architecture, .NET, SPA, Angular, OAuth 2.0, OpenID Connect and AD FS.
GeoDK is moving (September 2019 – December 2019)
Septima
Assisted with knowledge of GeoDK implementation and helped with updating.
Applied skills: Enterprise architecture, software architecture, security architecture, federated security, integration, .NET, ASP.NET MVC Core, Single Sign-On (SSO) OAuth 2.0, OpenID Connect 1.0, JWT, WS-Trust, ActAs, WS-Federation, SAML 1.0, SAML 2.0, Login, Logout, Single Logout and Azure AD B2C.
AD FS and Security (May 2019 – June 2019)
TDC
Assisted with AD FS security knowledge and checked installation of AD FS and integrations.
Skills used: Enterprise architecture, security architecture, integration, OAuth 2.0, SAML 2.0, WS-Federation SAML 1.*, Single Sign-On (SSO), AD FS, WAP, Active Directory (AD) and Kerberos 5.
Password Self-Service (April 2019 – present)
Coop (Roskildevej 65, 2620 Albertslund)
Implement a web application where employees can change passwords securely using two-factor authentication. The other factor is either SMS or NemID, which was later updated to MitID.
MitID integration for Signicat with OpenID Connect.
Skills used: Enterprise architecture, security architecture, SAML 2.0, OpenID Connect 1.0, single-factor, two-factor, SMS, NemID, MitID, certificates, ASP.NET core.
Byggeweb and Azure AD (March 2019 – June 2020)
RIB (Ryesgade 19C, 2200 Copenhagen N)
Assisted in making Byggeweb a general app in the Azure App Gallery. As well as assistance with implementation at the first customer: Copenhagen municipality.
Assisted with mobile app integration with OAuth 2.0 and OIDC.
Skills used: Enterprise architecture, software architecture, security architecture, SAML 2.0, OAuth 2.0, OIDC, Azure, Azure AD.
AD FS and Azure AD (February 2019 – present)
Coop (Roskildevej 65, 2620 Albertslund)
Assisted with installation, update and configuration of AD FS and Azure AD. Single-factor and multi-factor login.
Skills used: Enterprise architecture, security architecture, AD FS, Azure AD, SAML 2.0, OpenID Connect 1.0, single-factor, multi-factor.
NemLog-in (February 2019 – present)
Charlie Tango
Assisted with configuration of NemLog-in in relation to different solutions. As well as perform continuous updates.
Teach developers SAML 2.0 and NemLog-in - including OIOSAML2/OIOSAML3 and OCES2/OCES3.
Skills used: Security architecture, SAML 2.0, NemLog-in, OIOSAML2, OIOSAML3, OCES2, OCES3 and .NET.
AD FS Setup and Security (January 2019 – January 2021)
JO Informatik (Trækbanen 16, 3000 Helsingør)
Assisted with knowledge of and help with AD FS installation, setup and configuration as well as relevant standards. As well as assisted with knowledge about building security architecture.
Skills used: Software architecture, security architecture, federated security, integration, AD FS, Digital Signature OCES2, OCES3, TLS/SSL, WS-Federation SAML 1.*, SAML 2.0, OAuth 2.0, OIDC, login, logout and single logout.
TimePlan (January 2019 – May 2019)
Create single sign-on to AD FS with SAML 2.0 and transfer the user's identity to non-SAML 2.0 enabled application.
Skills used: Security architecture, integration, SAML 2.0, LDAP and ADFS.
KOMBIT Context Handler, Relying Party (August 2018 – April 2019)
KMD (Niels Bohrs Alle 185, 5220 Odense SØ)
Assisted KMD in connection with connecting a number of applications (user-facing system) as Relying Party to KOMBIT Context Handler. The applications are integrated with SAML 2.0 and the ITfoxtec Identity SAML 2.0 component is used. Access control is configured via privileges.
Skills used: Security architecture, integration, .NET 4.6, Visual Studio 2017, OIOXML 2.0 profile, SAML 2.0, SP initiated, Login, SP initiated, Logout and Single Logout.
AD FS environments for CRM (August 2018 - September 2018)
The class lottery (Rådhuspladsen 2, 1550 Copenhagen V)
Installation and configured of AD FS and WAP in dev/test as well as production as well as configured federation for CRM. Configure separation of external login and internal Single Sign-On using AD and Kerberos 5.
Skills used: Enterprise architecture, security architecture, integration, WS-Federation SAML 1.*, Login, Single Sign-On (SSO), Logout, AD FS, WAP, Active Directory (AD) and Kerberos 5.
Cloud identity provider - FoxIDs (May 2018 – present)
ITfoxtec
I am working on developing a FoxIDs. Burger handles repositories with users and roles as well as user login. The standards OAuth 2.0, OpenID Connect 1.0 and SAML 2.0 are supported both in relation to applications that use FoxIDs and when integrating with other identity providers.
Skills used: Security architecture, integration, OAuth 2.0, OpenID Connect 1.0, SAML 2.0, ASP.NET Core 2.1, .NET 4.7.2, Azure and Cosmos DB.
Customized IdentityServer 4 (May 2018 – May 2021)
Unnamed company (Denmark)
Analyzed the need with the customer. Adapted to IdentityServer 4 and including added ASP.NET Identity. Implemented customer-specific functionality in relation to user, roles and administration API. Implemented example applications that show how OAuth 2.0 and OpenID Connect 1.0 are used in a web application, desktop application, system to system call and API.
Added SAML 2.0 support to IdentityServer 4 with the ITfoxtec Identity SAML 2.0 component and configured integration to internal AD FS, achieving Single Sign-On.
Skills used: Enterprise architecture, security architecture, IdentityServer 4, ASP.NET Core 2.0/2.1, .NET 4.6/4.7.2, OAuth 2.0, OpenID Connect 1.0, SAML 2.0, integration, Login, Single Sign-On (SSO), Logout and AD FS.
AD FS and Skype (April 2018 – May 2018)
TDC (Sletvej 30, 8310 Tranbjerg)
Assisted with installation and configuration of AD, AD FS and WAP for Skype for business. Where AD FS can be integrated with customers' AD FS. With this, Single Sign-On can be achieved from the customer's client PC on the customer's AD domain to the external Skype for business cloud installation.
Skills used: Enterprise architecture, security architecture, integration, OAuth 2.0, SAML 2.0, WS-Federation SAML 1.*, Single Sign-On (SSO), AD FS, WAP, Active Directory (AD) and Kerberos 5.
ITfoxtec Identity (February 2018 – present)
ITfoxtec
Implemented ITfoxtec Identity component for .NET that supports OAuth 2.0 and OpenID Connect 1.0. With the component, it is both possible to exchange Identity Provider/OpenID Provider, Relying Party/Client and Resource.
ITfoxtec Identity is open source and released as a NuGet package.
Skills used: Security architecture, integration, OAuth 2.0, OpenID Connect 1.0, .NET Standard, ASP.NET Core 2.1 and .NET 4.6.2.
IdentityServer 3 to 4 (January 2018 – November 2018)
Coop (Roskildevej 65, 2620 Albertslund)
Analyzed security issues in relation to IdentityServer 4 and described solutions as well as implemented examples.
Described how the conversion from IdentityServer 3 to IdentityServer 4. As well as implemented example code of what needs to be changed in order to convert without downtime.
Described in detail how the standards OAuth 2.0 and OpenID Connect 1.0 are used in different application types.
Skills used: Enterprise architecture, security architecture, IdentityServer 3/4, OAuth 2.0, OpenID Connect 1.0, ASP.NET Core 2.0 and .NET 4.5/4.6.
READy and global Identity Provider / OpenID Provider (December 2017 – January 2019)
Kamstrup (Industrievej 28, 8660 Skanderborg)
Analyze and describe the security of READy built on OAuth 2.0 and OpenID Connect 1.0. Implemented example applications for READy. Configured / implemented central Identity Provider / OpenID Provider in Kamstrup built on Azure AD B2C. As well as configured SAML 2.0 integration for on-premise ADFS.
Implemented extension to Azure AD B2C with the ITfoxtec Identity component which supports OAuth 2.0 Client Credentials Grant and delegation.
Skills used: Enterprise architecture, software architecture, security architecture, integration, Azure, Azure AD B2C, Identity Experience Framework (IEF / custom policies), ASP.NET Core 2.1, .NET 4.6/4.7.2, Visual Studio 2017, C#, ASP.NET MVC, Single Sign-On (SSO), SAML 2.0, AD FS, AD and LINQ.
NemAdgang2 settlement (January 2018 – April 2018)
KMD (Dusager 18, 8200 Aarhus N)
Implemented NemAdgang2 billing solution that counts consumption. The solution sends monthly and quarterly consumption statements and calls a SAP service with invoice information.
The solution is secured with role-based security and you log in with SAML 2.0 via AD FS.
Skills used: Software architecture, security architecture, integration, ASP.NET Core 2.0 .NET 4.6, Visual Studio 2017, C#, SQL, Dapper, MS SQL, login, logout, Single Sign-On (SSO) and AD FS.
NemAdgang1 interface against AD FS (October 2017 – March 2018)
KMD (Dusager 18, 8200 Aarhus N)
Implemented NemAdgang1 interface proxy for backward capability which uses the ITfoxtec Identity SAML 2.0 component. The proxy converts from an old custom interface to SAML 2.0 against AD FS.
Skills used: Software architecture, security architecture, integration, ASP.NET Core 2.0 .NET 4.6, Visual Studio 2017, C#, login, logout, Single Sign-On (SSO) and AD FS.
Amazon Cognito or Azure AD B2C (July 2017 – November 2017)
Agnitio (Dampfærgevej, 10 5., 2100 Copenhagen)
Analyzed Amazon Cognito and Azure AD B2C against Agnitio's needs. Azure AD B2C was chosen after which I described the security architecture in detail. Below is a detailed review of how the OAuth 2.0 and OpenID Connect 1.0 standards are used in specific application types. As well as describing how integration is done for external partners.
Skills used: Software architecture, security architecture, integration, Amazon Cognito, Azure AD B2C, OAuth 2.0, OpenID Connect 1.0 and SAML 2.0.
AD FS, Azure AD and multi-factor login (September 2017 – May 2022)
Unnamed company (Denmark)
Expanded the security environment in relation to AD FS, Azure AD and multi-factor login. Upgraded AD FS 2.0 and 3.0 to AD FS 4.0 (Windows Server 2016).
Expanded NemLog-in configuration with support for MOCES (employee certificates).
Assisted with the implementation of SAML 2.0 in ASP.NET MVC where the ITfoxtec Identity SAML 2.0 component is used. As well as when implementing OAuth 2.0 integration for Microsoft Teams.
Provided ongoing support and performed ongoing configuration changes as needed.
Skills used: Enterprise architecture, software architecture, security architecture, integration, .NET 4.5/4.6, Visual Studio 2015/2017, C#, ASP.NET MVC, C#, Single Sign-On (SSO), NemID, Digital Signature POCES/MOCES/FOCES, NemLog-in, OIOXML 2.0 profile, SAML 2.0, OAuth 2.0, OpenID Connect 1.0, AD FS 2.0/3.0/4.0, and AD.
AG+ (May 2017 – June 2017)
Seges (Agro Food Park 15, 8200 Aarhus N)
Described and assisted in the preparation of security architecture based on OpenID Connect Implicit Flow. Assisted with review in the implementation of a sample application that shows both the OpenID Provider (OP) and client (RP) parts of OpenID Connect. Sample application was based on IdentityServer4.
Skills used: Enterprise architecture, software architecture, security architecture, federated security, integration, .NET, Single Sign-On (SSO), OAuth 2.0, OpenID Connect 1.0, JWT, IdentityServer 4, Login, Logout.
ICAS (May 2017 – June 2016)
ICAS (1 King Street, London, UK)
Implemented sample SAML 2.0 identity provider (IdP) based on the ITfoxtec Identity SAML 2.0 component. The example also shows how Single Sign-On (SSO) is implemented with an existing authorization mechanism.
Implemented example and assistance in connection with the implementation of IdP initiated SSO.
Skills used: Enterprise architecture, software architecture, security architecture, federated security, integration, .NET, Single Sign-On (SSO), SAML 2.0, SP initiated SSO, IdP initiated SSO and Login.
GeoDK (January 2017 – December 2018)
KMD (Niels Bohrs Alle 185, 5220 Odense SØ)
Assisted in the implementation of a proof of concept based on WS-Federation, WS-Trust, ActAs and SAML 1.0/2.0 tokens.Tested and verified AD FS 2017 support for OAuth 2.0 and OpenID Connect 1.0 as well as created JavaScript, ASP.NET web and API example applications.
Implemented and configured Azure AD B2C against SAML 2.0 identity provider (IdP) and OpenID Connect client (RP) with which Azure AD B2C performs protocol conversion. Implemented a number of example applications that demonstrated OpenID Connect Implicit Flow and OpenID Connect Code Flow in different client (RP) types: native client, JavaScript, ASP.NET, ASP.NET Core. Also showed examples of the use of id token and access token and API calls with OAuth 2.0 as well as implementation of REST API in ASP.NET and ASP.NET Core.
Implemented Azure AD B2C extension component that uses the ITfoxtec Identity component, with the following functionality:
- SAML 2.0 conversion from external SAML 2.0 identity provider to Azure AD B2C, as Azure AD B2C only supports a small part of the SAML 2.0 protocol.
- Auth 2.0 Client Credentials Grant with X509 certificate instead of client secret.
- OAuth 2.0 delegation.
Applied skills: Enterprise architecture, software architecture, security architecture, federated security, integration, .NET, ASP.NET, ASP.NET Core, ASP.NET MVC, ASP.NET Web API, C#, OWIN, JavaScript, jQuery, HTML, CSS, JSON , REST, Single Sign-On (SSO) OAuth 2.0, OpenID Connect 1.0, JWT, WS-Trust, ActAs, WS-Federation, SAML 1.0, SAML 2.0, Login, Logout, Single Logout, AD FS 2017, Azure, AD, Azure AD B2C and the Identity Experience Framework (IEF).
Construction website (November 2016 – February 2017)
RIB (Ryesgade 19C, 2200 Copenhagen N)
Implemented SSO broker against Copenhagen Municipality's AD FS 3.0 with SAML 2.0 based on the ITfoxtec Identity SAML 2.0 component.
Agreed the federation configuration and claims types with Copenhagen Municipality and assisted in the implementation of the overall solution.
Skills used: Enterprise architecture, software architecture, security architecture, federated security, integration, .NET 4.6, Single Sign-On (SSO), Kerberos 5, SAML 2.0, SP initiated SSO, Login, Logout, Single Logout and AD FS 3.0.
Common consumption data portal - presentation (October 2016 – November 2016)
Aarhus Municipality (Bautavej 1, 8210 Aarhus V)
Updated the description of federated security architecture for shared consumption data portal with AD FS. Presented the security architecture at workshops.
Competencies used: Enterprise architecture, software architecture, security architecture, federated security, integration, Single Sign-On (SSO), NemID, Digital Signature, POCES/MOCES/FOCES, NemLog-in, SAML 2.0, SP initiated SSO, IdP initiated SSO, Login, Logout, Single Logout and AD FS.
CRM and AD FS integration (October 2016)
The class lottery (Rådhuspladsen 2, 1550 Copenhagen V)
Installation and configured of AD FS and WAP as well as configured federation for CRM.
Skills used: Enterprise architecture, security architecture, federated security, integration, Single Sign-On (SSO), WS-Federation SAML 1.*, Login, Logout, AD FS, WAP and Active Directory (AD).
eSignature (August 2016 – February 2017 and October 2018 - August 2019)
KMD (Dusager 18, 8200 Aarhus N)
Implemented digital signature solution for signing the PDF document with NemID and PAdES.
Skills used: Software architecture, security architecture, integration, .NET 4.6, Visual Studio 2017, ASP.NET Core, C#, JavaScript, HTML, CSS, JSON, REST, NemID JS, NemID CodeFile, Digital Signature POCES/MOCES/FOCES, iTextSharp, Pkcs11Interop.PDF, PAdES and hardware security module (HSM).
File Archive (May 2016 – May 2017)
JO Informatik (Trækbanen 16, 3000 Helsingør)
Implemented federated security with the standards WS-Federation SAML 1.*, SAML 2.0 and OAuth 2.0 in the same ASP.NET solution as well as login with local username+password. Also implemented coupling between users' federated and local identity.
Implemented and configured integration for NemLog-in based on the ITfoxtec Identity SAML 2.0 component. Implemented integration for Facebook, Twitter and LinkedIn as well as integration for AD FS and assisted in configuring AD FS.
Applied skills: Software architecture, security architecture, federated security, integration, .NET 4.5, ASP.NET, OWIN, NemID, NemLog-in, Digital Signature POCES/MOCES/FOCES, WS-Federation SAML 1.*, SAML 2.0, OAuth 2.0, Login, Logout and AD FS.
ITfoxtec Identity SAML 2.0 (May 2016 – present)
ITfoxtec (Marselis Boulevard 1, 8000 Aarhus)
Implemented new version of the ITfoxtec SAML 2.0 component, the new version is called ITfoxtec Identity SAML 2.0. With the new version, security is improved and the component supports both ASP.NET and ASP.NET Core.
ITfoxtec Identity SAML 2.0 component supports both the SAML-P standard as identity provider (IdP) and relying party (RP). Login, logout, single logout, metadata as well as SP initiated and IdP initiated SSO are supported. The SAML 2.0 component also supports the Danish OIOXML 2.0 profile and is tested against AD FS and NemLog-in.
Skills used: Federated security, integration, .NET 4.5, Visual Studio 2015, ASP.NET, ASP.NET Core, ASP.NET MVC, C#, JavaScript, HTML, XML, NemLog-in, OIOXML 2.0 profile, SAML 2.0, SP initiated and IdP initiated SSO, Logout, Single Logout and AD FS.
Web and REST service example (May 2016 – June 2016)
Kopenhagen Fur (Langagervej 60, 2600 Glostrup)
Implemented ASP.NET MVC web application and REST service API example that performed authentication against Azure AD. The example application was secured with roles received from Azure AD via OAuth 2.0.
Taught in setting up OAuth 2.0 applications in Azure AD as well as implementation of OAuth 2.0 in .NET.
Applied skills: Enterprise architecture, software architecture, security architecture, federated security, integration, .NET, ASP.NET, ASP.NET MVC, ASP.NET Web API, C#, OWIN, HTML, CSS, JSON, REST, Single Sign-On (SSO ) OAuth 2.0, JWT, Login, Logout and Azure, AD.
Sorting time (March 2016 - August 2018)
ITfoxtec (Marselis Boulevard 1, 8000 Aarhus)
Implemented the time registration system Sortingtime where users can register time, send PDF reports and PDF invoices. Sortingtime is an AngularJS and Bootstrap solution built on ASP.NET Core. The solution is operated in the Azure web site and uses Azure web jobs.
As a consultant, I use Sortingtime to register time and send time reports and invoices to customers.
Skills used: Azure Web Site, Azure Web Jobs, .NET 4.6, Visual Studio 2017, ASP.NET Core, C#, JavaScript, jQuery, AngularJS, Bootstrap, HTML, REST, PDF, SQL, LINQ and Entity Framework (EF).
Ditmer (March 2016 – April 2016)
Ditmer (Søren Frichs Vej 44D, DK-8230 Åbyhøj)
Implemented OWIN example application that shows login and logout with WS-Federation SAML 1.* and assisted in relation to AD FS configuration.
Skills used: Software architecture, security architecture, federated security, integration, .NET 4.6, Visual Studio 2015, ASP.NET, OWIN, C#, HTML, CSS, Single Sign-On (SSO), WS-Federation SAML 1.* and AD FS .
Mycare SSO implementation (February 2016 – November 2018)
Falck Healthcare (Sydhavnsgade18, DK-2450 Copenhagen SV)
Described and implemented federated security solution for Mycare based on a central AD FS 3.0 and AD. Implemented SAML 2.0 identity provider (IdP) wrapper of NemID based on the ITfoxtec Identity SAML 2.0 component. AD FS thus supports two-factor login with either username+password and SMS or NemID.
Configured support for WS-Federation with SAML 1.*, SAML 2.0 and WS-Trust relying parties as well as support for JWT. Configured IdP initiated SSO in relation to external IdPs.
Implemented examples showing all supported standards.
Applied competences: Enterprise architecture, software architecture, security architecture, federated security, integration, .NET, Single Sign-On (SSO), NemID, Digital Signature POCES/MOCES/FOCES, WS-Trust, WS-Federation SAML 1.*, SAML 2.0, SP initiated SSO, IdP initiated SSO, Login, Logout, Single Logout, OAuth 2.0, JWT, Active Directory Federation Services (AD FS 3.0), WAP and Active Directory (AD).
EConGrid (February 2016 – March 2017)
EConGrid (Navervej 10, DK-7000 Fredericia)
Prepared description of the threat picture for the solution.
Assisted in the implementation and configuration of a federated security solution based on AD FS 2016 and WS-Federation SAML 1.*. Implemented custom attribute store for AD FS, which can issue complex rights structure with grouped claims. As well as implemented example.
Skills used: Enterprise architecture, software architecture, security architecture, federated security, integration, .NET 4.6, .NET, ASP.NET, Single Sign-On (SSO), WS-Federation SAML 1.*, Active Directory Federation Services (AD FS Windows Server 2016), custom attribute store and Active Directory (AD).
NemAdgang2 (February 2016 – April 2021)
KMD (Dusager 18, 8200 Aarhus N)
Implemented new version of NemAdgang based on IdentityServer 4 and the ITfoxtec Identity SAML 2.0 component. Implement SAML 2.0 identity provider (IdP) wrapping of NemID that can act as claims provider on e.g. an AD FS.
Skills used: Software architecture, security architecture, federated security, integration, .NET 4.6, Visual Studio 2015/2017, ASP.NET Core, C#, JavaScript, HTML, CSS, Single Sign-On (SSO), NemID JS, NemID CodeFile, Digital Signature POCES/MOCES/VOCES/FOCES, SAML 2.0, IdentityServer 4 and AD FS.
IncomIT (January 2016 – July 2016)
IncomIT (Rolighedsvej 30, 7400 Herning)
Implemented sample application that showed login and logout with WS-Federation SAML 1.* in relation to AD FS as well as assist in implementing the solution.
Assisted in relation to the AD FS configuration at IncomIT's customers and helped IncomIT's customers with the installation and setup of AD FS and WAP.
Skills used: Enterprise architecture, software architecture, security architecture, federated security, integration, .NET, Single Sign-On (SSO), WS-Federation SAML 1.*, Login, Logout, AD FS, WAP and Active Directory (AD).
Joint consumption data portal (October 2015 – December 2015)
Insero Software (Sverigesvej 19, 8700 Horsens)
Described the federated security architecture for common consumption data portal with AD FS. AD FS handles the integration to NemLog-in and via federation the user's identity is transferred to related consumption data portals. SSO is obtained from the common consumption data portal to other consumption data portals as well as to state and municipal portals that use NemLog-in. The ITfoxtec AD FS Audit component is used on AD FS to support the NemLog-in logging requirements.
Applied competences: Enterprise architecture, software architecture, security architecture, federated security, integration, Single Sign-On (SSO), NemID, Digital Signature, POCES/MOCES/FOCES, NemLog-in, OIOXML 2.0 profile, SAML 2.0, SP initiated SSO, IdP initiated SSO, Login, Logout, Single Logout, Active Directory Federation Services (AD FS 3.0) and Active Directory (AD).
ITfoxtec AD FS Audit (July 2015 – December 2015)
ITfoxtec (Marselis Boulevard 1, 8000 Aarhus)
AD FS supports with SAML 2.0, integration for NemLog-in. However, the AD FS standard audit log does not log all the information that NemLog-in requires and there is a need for an extension of the audit log.
I have therefore developed ITfoxtec AD FS Audit, which extends AD FS to also log the request and response messages containing signature certificates. ITfoxtec AD FS Audit can be purchased here.
Skills used: Federated security, integration, .NET 4.5, Visual Studio 2015, NemID, Digital Signature POCES/MOCES /FOCES, NemLog-in, OIOXML 2.0 profile, SAML 2.0, SP initiated SSO and IdP initiated SSO, Logout, Single Logout, Active Directory Federation Services (AD FS 3.0).
Mycare SSO (July 2015 – January 2016)
Falck Healthcare (Polititorvet 1, 1780 Copenhagen V)
Analyzed and described the federated security architecture for Mycare in relation to future expansion of SSO and utilization of the federated AD FS platform internally and in relation to customers. Described possible future integration for NemLog-in and other identity providers (IdP).
Applied competences: Enterprise architecture, software architecture, security architecture, federated security, integration, .NET, Single Sign-On (SSO), NemID, Digital Signature POCES/MOCES/FOCES, NemLog-in, OIOXML 2.0 profile, WS-Trust, SAML 2.0, SP initiated SSO, IdP initiated SSO, Login, Logout, Single Logout, Active Directory Federation Services (AD FS 3.0) and Active Directory (AD).
Unnamed (March 2015 – October 2015)
Unnamed company (Denmark)
Described and assisted in the implementation of federated security with AD FS and integration for customers, Office365, and central ASP.NET application. The ITfoxtec SAML 2.0 component is used. Also created federation from UNI-C and NemLog-in to AD FS. The ITfoxtec AD FS Audit component is used on AD FS to support the NemLog-in logging requirements. Performed NemLog-in configuration and integration test. Upgraded from AD FS 2.0 to AD FS 3.0.
Applied skills: Enterprise architecture, software architecture, security architecture, federated security, integration, .NET 4.5, Visual Studio 2013/2015, C#, ASP.NET, C#, Single Sign-On (SSO), NemID, Digital Signature POCES/FOCES, NemLog- in, OIOXML 2.0 profile, WS-Federation, SAML 2.0, Active Directory Federation Services (AD FS 2.0/3.0), and Active Directory (AD).
OMNIA (January 2015 – November 2015)
OMNIA (Industrievej 28, 8660 Skanderborg)
Described the federated security architecture in relation to the installation of client applications and web services in customers' operating environment with AD FS, with which SSO is achieved. Created sample applications and assisted during the actual implementation. Made custom STS that supports WS-Trust and SAML 2.0. Made components for the configuration and test tool used during deployment.
Skills used: Enterprise architecture, software architecture, security architecture, federated security, integration, .NET 4.5/4.6, Visual Studio 2013/2015, C#, ASP.NET, Web API, C#, OWIN, REST, web service, WCF, Single Sign-On ( SSO), WS-Trust, SAML 1.1/2.0, Active Directory Federation Services (AD FS 2.0/2.1/3.0), WIF, Active Directory (AD), LINQ.
Customer self-service portal (October 2014 – June 2015)
KMD (Lauritzens Plads 1, 9000 Aalborg)
Described the federated security architecture for the self-service portal with AD FS, which handles integration to external customer STSs (eg AD FS). Described the handling of new users and rights as well as implemented user creation .NET application. The ITfoxtec SAML 2.0 component is used. Implemented application to generate IdP initiated SSO urls with encoded Relay State.
Installed and configured AD FS as well as configured SharePoint and user creation application as Relying Parties.
Applied skills: Enterprise architecture, software architecture, security architecture, federated security, integration, .NET 4.5, Visual Studio 2013, ASP.NET MVC, ASP.NET, C#, Single Sign-On (SSO), SAML 2.0, SP initiated SSO, IdP initiated SSO, Login, Logout, Single Logout, Active Directory Federation Services (AD FS 3.0) and Active Directory (AD).
UNI-C Student Plan (October 2014 – August 2015)
KMD (Dusager 18, 8200 Aarhus N)
Created example application that shows how NemLog-in and NemLog-in Signing are implemented in an ASP.NET MVC. The ITfoxtec SAML 2.0 component is used. Performed NemLog-in configuration and integration test for UNI-C Elevplan and assisted during the implementation of NemLog-in and NemLog-in Signing in UNI-C Elevplan.
Applied skills: Software architecture, security architecture, federated security, integration, .NET 4.5.1, Visual Studio 2013, ASP.NET MVC, C#, Single Sign-On (SSO), NemID, Digital Signature, POCES/MOCES/FOCES, NemLog- in, SAML 2.0, Login, Logout and Single Logout.
Analyzed BoviSoft (September 2014 – November 2014)
The Knowledge Center for Agriculture (Agro Food Park 15, 8200 Aarhus N)
Analyzed the BoviSoft architecture and described a plan for further development of the product in both the short and long term.
Skills used: Software architecture, security architecture, integration, .NET 4.0, Visual Studio 2013, ASP.NET, VB.NET, web service, WCF, Winform, WS-Trust, SAML 1.1, MS SQL, SQL, LINQ and Entity Framework (EF) .
Data distribution (August 2014 – December 2015)
KMD (Niels Bohrs Alle 185, 5220 Odense SØ)
Described the federated security architecture, rights structure system landscape together with an architect team. Described and configured the development environment and created example applications. Developed sub-elements in relation to the security system and continuously assisted the developers as a security architect. The ITfoxtec SAML 2.0 component is used.
Applied skills: Enterprise architecture, software architecture, security architecture, federated security, integration, .NET 4.5.1, Visual Studio 2013, ASP.NET MVC, ASP.NET, Web API, C#, OWIN, Katana, OData, web service, WCF, Single Sign -On (SSO), NemID, Digital Signature POCES/MOCES/VOCES/FOCES, NemLog-in, OIOXML 2.0 profile, WS-Trust, SAML 2.0, SP initiated SSO, Login, Logout, Single Logout, OAuth, JWT, Active Directory Federation Services (AD FS 3.0), WIF, Active Directory (AD), MS SQL, SQL, LINQ and Entity Framework (EF).
Optimize system (July 2014 – July 2014)
KMD (Lauritzens Plads 1, 9000 Aalborg)
Analyzed system architecture consisting of a WCF backend and two frontends implemented as a WPF application and a web application respectively. Described improvements and created example application. Analyzed running production system, based on memory dumps, with Windows debugging tool (WinDbg) and found challenges such as: runaways and memory leaks.
Skills used: Software architecture, integration, .NET 4.5, Visual Studio 2013, WinDbg, ASP.NET MVC, C#, HTML, XML, web service, WCF, WPF, WS-Trust, SAML 2.0, MS SQL, LINQ and Entity Framework (EF ).
Federation for Speedware (June 2014 – July 2014)
Speedware (Ellegårdvej 36, 6400 Sønderborg)
Speedware needed to expand its solution with support for SAML 2.0 and get started with integration for NemLog-in, ID-Porten (Norway), Feide (Norway).
I helped Speedware get started and made an example application that showed integration for Feide.
- Described integration requirements for NemLog-in, as well as investigated and described integration requirements for ID-Porten and Feide.
- Taught SAML 2.0 and told which parts of the standard are used.
- Created example application in .NET that shows SAML 2.0 integration, including the ITfoxtec SAML 2.0 component used.
Skills used: Security architecture, federated security, integration, .NET 4.5, ASP.NET, ASP.NET MVC, Single Sign-On (SSO), SAML 2.0, ITfoxtec SAML 2.0, NemID, NemLog-in, ID-Porten and Feide.
KOMBIT tender (June 2014 – June 2014)
KMD (Dusager 18, 8200 Aarhus N)
Analyzed AD FS 3.0 in relation to the KOMBIT tender for joint municipal support systems and described how the tender requirements could be implemented in AD FS 3.0.
Skills used: Federated security, .NET 4.5, Visual Studio 2013, NemLog-in, OIOXML 2.0 profile, WS-Trust, ActAs, SAML 2.0, SP initiated, Logout, Single Logout, Active Directory Federation Services (AD FS 3.0) and Security Token Service (STS).
Federation and AD FS at Metropol (May 2014 – June 2014)
Metropol (Hermodsgade 8, 2200 Copenhagen N)
Metropol wanted help with their AD FS security platform in connection with changes, further development and integration to 3rd parties.
I have familiarized myself with the security architecture and provided guidance as well as performed changes and configured integration.
- The contribution with expert knowledge about AD FS.
- Described possible future enhancements and simplifications by upgrading from AD FS 2.0 to AD FS 3.0.
- Created SAML 2.0 IdP initiated SSO integration from AD FS for E-recruitment.
Skills used: Security architecture, federated security, integration, WAYF, SAML 2.0 and Active Directory Federation Services (AD FS 2.0/3.0).
Easy Access (March 2014 – April 2021)
KMD (Dusager 18, 8200 Aarhus N)
KMD needed maintenance and further development of NemAdgang.
I was responsible for maintaining NemAdgang as well as upgrading the .NET version and implementing improvements.
- Upgraded to .NET 4.5.
- Made possible improvements and utilize new functionality available in new .NET version.
- Implemented NemID JS.
- Made various maintenance tasks, including support of NemAdgang consumer applications.
Applied skills: Enterprise architecture, software architecture, security architecture, federated security, integration, .NET 2.0/3.0/3.5/4.0/4.5, Visual Studio 2012/2013, ASP.NET, C#, JavaScript, jQuery, HTML, CSS, XML, web service, Single Sign-On (SSO), NemID, NemID JS, Digital Signature POCES/MOCES/VOCES/FOCES, NemLog-in, SAML 2.0 and MVS.
Teleregistration (March 2014 – March 2015)
National Police (Landlystvej 34, 2650 Hvidovre)
The National Police wanted to create a new version of the existing Teleregistration solution, which was to be integrated into NemLog-in. It should be possible for employees at telecommunications companies to gain access to Teleregistration via NemLog-in. The National Police wanted to be partly responsible for the development of the solution themselves.
I have described the system and security architecture and created the basic elements of the Teleregistration solution as well as integration for NemLog-in.
- Taught SAML 2.0 and NemLog-in integration.
- Made ASP.NET MVC application infrastructure and Teleregistrering solution's new database.
- Concluded federation agreement with NemLog-in on behalf of the National Police.
- Implemented SAML 2.0 integration for NemLog-in, including using the ITfoxtec SAML 2.0 component.
- Completed NemLog-in's required integration test.
- Supported the commissioning and production integration for NemLog-in.
Skills used: Software architecture, security architecture, federated security, integration, .NET 4.5, Visual Studio 2013, ASP.NET MVC, C#, JavaScript, jQuery, HTML, CSS, Single Sign-On (SSO), NemID, NemID JS, Digital Signature , NemLog-in, SAML 2.0, Login, Logout, Single Logout, MS SQL, LINQ and Entity Framework (EF).
Data distributor tender (February 2014 – February 2014)
KMD (Niels Bohrs Alle 185, 5220 Odense SØ)
Assisted with tender responses in relation to the security part of the Data distributor tender. Performed review and described the federated security solution based on AD FS.
Skills used: Federated security, NemLog-in, OIOXML 2.0 profile, WS-Trust, ActAs, SAML 2.0, SP initiated, Logout, Single Logout, Active Directory Federation Services (AD FS), Security Token Service (STS).
ITfoxtec SAML 2.0 (February 2013 – June 2014)
ITfoxtec (Marselis Boulevard 1, 8000 Aarhus)
.NET supports a reasonable part of the SAML 2.0 token standard, but lacks complete support for SAML-P.
I have developed a SAML 2.0 component which makes it possible to support SAML-P and SAML 2.0 tokens directly in an ASP.NET MVC application. The SAML 2.0 component supports the most important parts of the SAML-P standard as well as some optional features. Message signing and validation as well as decryption are supported. Login, logout, single logout, metadata as well as SP initiated and IdP initiated SSO are supported. The Danish OIOXML 2.0 profile is supported. The SAML 2.0 component is tested against and supports AD FS (AD FS 2.0/2.1/3.0) as well as NemLog-in.
The SAML 2.0 component is open source and released on NuGet as two packages. More information is available on the ITfoxtec SAML 2.0 component project page.
Skills used: Federated security, integration, .NET 4.5, Visual Studio 2013, ASP.NET, ASP.NET MVC, C#, JavaScript, HTML, XML, NemLog-in, OIOXML 2.0 profile, SAML 2.0, SP initiated and IdP initiated SSO , Logout, Single Logout, Active Directory Federation Services (AD FS 2.0/2.1/3.0).
Central AD FS with external integration and developed components (November 2013 – February 2015)
KMD (Lauritzens Plads 1, 9000 Aalborg)
The contribution of federation and AD FS knowledge in connection with KMD's AD FS security infrastructure, both in relation to deployment, development of RP applications and federation with 3rd parties. Developed Home Realm Discovery (HRD) component for AD FS and common components for use in developing RP web applications, web services and rich clients.
KMD uses SAML-P and SAML 2.0 both externally and internally in .NET web applications. KMD uses the ITfoxtec SAML 2.0 component.
Skills used: Federated security, .NET 4.5, Visual Studio 2013, ASP.NET MVC, C#, JavaScript, HTML, NemLog-in, OIOXML 2.0 profile, WS-Trust, ActAs, SAML 2.0, SP initiated and IdP initiated SSO, Logout , Single Logout, Active Directory Federation Services (AD FS 2.1), Security Token Service (STS), Active Directory (AD), MS SQL, SQL, LINQ and Entity Framework (EF).
Expand Falck's security solution with Facebook login and web-based administration system (October 2013 – December 2013)
Falck Denmark (Polititorvet 1, 1780 Copenhagen V)
Extended Falck's AD FS security solution to undersize Facebook login via federated integration through Microsoft Access Control Service (ACS). Upgraded the components from .NET 3.5 to .NET 4.5. Implemented administration system where Falck's supporters can manage user and subscription access.
Skills used: .NET 4.5, Visual Studio 2013, ASP.NET, WCF, C#, JavaScript, HTML, WS-Federation, WS-Trust, SAML 1.1, SP initiated SSO, Logout, Single Logout, Active Directory Federation Services (AD FS 2.0), Access Control Service (ACS), Security Token Service (STS), Active Directory (AD), MS SQL, SQL, LINQ and Entity Framework (EF).
Fox[time|track] (June 2013 – October 2014)
ITfoxtec (Marselis Boulevard 1, 8000 Aarhus)
Implemented time recording system Foxtt where a consultant can record time and send hourly usage reports and invoices to his clients. Foxtt supports via OWIN and Katana external login via: Google, Microsoft, LinkedIn and Facebook.
Skills used: .NET 4.5, Visual Studio 2013, ASP.NET MVC, C#, OWIN, Katana, JavaScript, jQuery, HTML, OData, MS SQL, SQL, LINQ and Entity Framework (EF).
Architecture project at Falck (March 2013 – July 2013)
Falck Denmark (Polititorvet 1, 1780 Copenhagen V)
Analyzed selected elements in Falck's future IT infrastructure to support current and future business processes. Especially with a focus on integration between current and future systems as well as the transaction process itself.
Applied skills: Enterprise architecture, software architecture, security architecture, federated security, integration and .NET.
Cattle OData backend (February 2013 – June 2013)
The Knowledge Center for Agriculture (Agro Food Park 15, 8200 Aarhus N)
Described the architecture and implemented the basic elements of new OData backend, together with a development team. The OData service had to display data from an Oracle database as JSON and the calls had to be secured by SAML tokens. Different ways of implementing the OData backend were analyzed and the analysis resulted in the backend being implemented in ASP.NET Web API.
Applied skills: Enterprise architecture, software architecture, security architecture, federated security, integration, .NET 4.5, Visual Studio 2013, ASP.NET Web API, C#, JSON, web service, OData, SAML 1.1, LINQ and Oracle.
Improved web solution and made system integration (November 2012 – February 2014)
Unnamed customer (Jutland)
Improved a web application that was developed with a poor architecture and could not handle an increasing user load. The web application also had very poor security and the system was hacked in various ways. I secured the web application and closed all known holes. There was also a need for integration to a number of external systems, where I implemented integration on different protocols.
Skills used: Enterprise architecture, software architecture, security, integration, .NET 3.5/4.0, Visual Studio 2012/2013, ASP.NET, C#, JavaScript, HTML, XML, MS SQL, SQL, LINQ, Entity Framework (EF), TCP/ IP and UDP.
Implement federated security in MyLogBuy and provided support for customer connection (August 2012 – October 2012)
D4R (Nupark 51, 7500 Holstebro)
MyLogBuy wanted to expand the security functionality to also support federated security and thus Identity Federation from the customers' identity system to the MyLogBuy web application. This means that a user can log in at one of MyLogBuy's customers, after which the user's identity is transferred to the MyLogBuy web application. The task consisted of implementing SAML 2.0 support and being able to handle integration for many customers.
I taught SAML 2.0 and other relevant security standards. I described the security architecture and implemented AD FS as well as assisted in the implementation of security in the MyLogBuy web application.
- Described the security architecture between MyLogBuy's customers and the MyLogBuy web application with AD FS as central STS at MyLogBuy.
- Implemented AD FS to handle integration with many customers based on SAML 2.0.
- Implemented example application on how to create federated security for AD FS using .NET standard components.
- Assisted with the implementation of federated security in the MyLogBuy web application and setting up test and production environments.
- Assisted with integration for the first customers with STSs based on different technologies and platforms.
Skills used: Enterprise architecture, software architecture, .NET 4.0, Visual Studio 2010, ASP.NET, C#, HTML, XML, Single Sign-On (SSO), Identity Federation, Claims-based identity, WS-*, SAML 1.1, SAML 2.0 , AD FS 2.0, WIF, STS and Active Directory (AD).
NemLog-in integration in Sofia (June 2012 – December 2012)
State Archives (Rigsdagsgården 9, 1218 Copenhagen K)
The State Archives is developing a web application called Sofia which exposes personal data to authorized users with specific rights. Users must be identified on NemLog-in with a NemID or a Digital Signature. The task consisted of implementing federated security in Sofia and thus being able to receive the user's identity from NemLog-in, which supports the SAML 2.0 standard. In order to give the user access to personal data in Sofia, the private user's CPR and business users' CPR and CVR must be known. Part of the task was also to implement web service calls to DanID to retrieve this information after logging in.
I have implemented SAML 2.0 support in Sofia and connected the State Archives to NemLog-in. I have assisted with system architecture in Sofia frontend and backend as well as implemented parts of the system.
- Described the security architecture and the link between the internal and external user representation.
- Described system architecture with support for federated security with Identity Federation from NemLog-in and calls to DanID.
- Implemented SAML 2.0 support in Sofia using the OIOSAML.NET component.
- Implemented sample application showing web service calls to DanID PID/CPR service and RID/CPR service, as well as assistance during the final implementation.
- Implemented logging that complies with the logging requirements.
- Handled the Statens Archives connection to NemLog-in.
- Performed integration test to get approval to go into production on NemLog-in.
Applied skills: Enterprise architecture, software architecture, SOA, .NET 3.5/4.0, Visual Studio 2010, ASP.NET, C#, JavaScript, jQuery, HTML, XML, web service, WCF, Single Sign-On (SSO), Identity Federation, Claims- based identity, SAML 2.0, STS, NemID, Digital Signature, NemLog-in, OIOSAML.NET, DanID PID/CPR service and DanID RID/CPR service.
Implement AD FS at VFL (May 2012 – December 2012)
The Knowledge Center for Agriculture (Agro Food Park 15, 8200 Aarhus N)
The Knowledge Center for Agriculture (VFL) had an enterprise architecture where the applications were secured by federated security and the central STS and other security components were developed in-house. The components were developed before Microsoft launched AD FS 2.0 and WIF. VFL had installed AD FS in a parallel security setup and wanted this AD FS to replace the central in-house developed STS, and that WIF should be used as much as possible and thus minimize the share of in-house development. There were few people at VFL with in-depth knowledge of federated security and therefore one of the important success criteria in the process was to spread knowledge to more people. The task was to assist VFL in this process.
I have assisted with knowledge about federated security, the security standards and AD FS as well as how the federated security is implemented in .NET and used in different types of applications.
- Assisted in choosing the security level and which security standards should be used in the different scenarios and application types.
- Implemented example applications for the different application types: Windows client, ClickOnce client, web application and web service.
- Assisted in the implementation of security components.
- I have worked in a project group to pass on my knowledge of federated security and achieve knowledge sharing in general.
- Created documentation for internal and external use.
- Assisted in converting applications from the old to the new security concept.
Skills used: Enterprise architecture, software architecture, SOA, .NET 3.5/4.0, Visual Studio 2010, ASP.NET, C#, HTML, XML, web service, WCF, Single Sign-On (SSO), Identity Federation, Claims-based identity, WS -*, SAML 1.1, SAML 2.0, AD FS 2.0, WIF, STS, and Active Directory (AD).
Taught and provided support for installation of AD FS and implementation of security in rich client (March 2012 – March 2012)
Leman (Industrievej 12, 6330 Padborg)
Leman was developing a new WPF client with a web service backend, where security was desired based on security standards. The task consisted of assisting with the implementation of security and setting up AD FS.
I have taught federated security and which standards are used to secure web services, as well as assisted with support when installing AD FS.
- Taught federated security in general and about the standards: WS-Federation, WS-Trust and SAML 1.1.
- Taught AD FS and provided support during installation.
- Taught how federated security is implemented in a client and how security in web service calls is implemented using WIF.
Skills used: Enterprise architecture, software architecture, SOA, .NET 4.0, Visual Studio 2010, WPF Client, C#, XML, web service, WCF, Claims-based identity, WS-*, SAML 1.1, AD FS 2.0, WIF and STS.
Implement federated security at FlexDanmark and provided support for the first customer connection (February 2012 – April 2012)
FlexDanmark (Hjulmagervej 55, 9000 Aalborg)
FlexDanmark needed to be able to create Identity Federation with its customers. This means that the user logs in at one of FlexDanmark's customers and the user's identity is transferred to FlexDanmark's application. The task was to describe how Identity Federation could be created with federated security based on standards and implemented with AD FS.
I have described the federated security architecture, implemented AD FS and created integration for FlexDanmark web applications as well as provided support when connecting the first customer.
- Designed, described and implemented federated security based on AD FS.
- Implemented an integration web application (which supports federated security) for FlexDanmark web applications that previously did not support federated security.
- Assisted in setting up test and production environments.
- Designed and implemented log in sequence, so that the user is either automatically logged in with a Kerberos 5 ticket on an NT domain at one of FlexDanmark's customers or is offered to log in with username and password.
- Provided onsite support when connecting the first customer (Region Southern Denmark).
Skills used: Enterprise architecture, software architecture, SOA, .NET 3.5/4.0, Visual Studio 2010, ASP.NET, C#, HTML, CSS, XML, HTTP/HTTPS, Single Sign-On (SSO), Identity Federation, Claims-based identity , WS-*, SAML 1.1, SAML 2.0, AD FS 2.0, WIF, STS, and Active Directory (AD).
Implement federated security in Falck's customer portal (February 2012 – July 2012)
Falck Danmark A/S (Polititorvet 1, 1780 Copenhagen V)
Falck wanted a new customer portal made in SharePoint, where security was to be handled by a federated security system based on AD FS 2.0 (I have further described the security architecture, see the task: Designing Falck's future federated security concept). The task consisted of implementing the federated security and supports the supplier of the customer portal (Magnetix) in implementing security in SharePoint.
I have implemented the federated security based on AD FS with the user management in AD, as well as expanded the security functionality that AD FS supports by default.
- Designed, described and implemented federated security based on AD FS.
- Converted the data of Falck's private and business customers from being represented by cases to being linked together with people who could thus log in.
- Designed the log in flow and the security level.
- Provided support and created an example application for the developers who had to implement the federated security in the customer portal.
- Implemented frontend and backend security functionality.
- Implemented web service backend with functionality to change passwords, send temporary passwords and other user-expected security functions.
- Extended on the AD FS standard functionality to support Falck's needs.
Applied skills: Enterprise architecture, software architecture, SOA, .NET 3.5/4.0, Visual Studio 2010, ASP.NET, C#, JavaScript, jQuery, HTML, CSS, XML, web service, WCF, Single Sign-On (SSO), Identity Federation, Claims-based identity, WS-*, SAML 1.1, SAML 2.0, AD FS 2.0, WIF, STS, Active Directory (AD), SharePoint, MS SQL, Entity Framework (EF) and LINQ.
Enterprise architect, mainly for Cattle systems (August 2011 – December 2012)
The Knowledge Center for Agriculture (Agro Food Park 15, 8200 Aarhus N)
The Knowledge Center for Agriculture continuously develops new applications and functionality for agriculture. The existing systems are complex and integrated as elements in a SOA enterprise architecture. The task was to fulfill the role of enterprise architect and in several cases application architect.
I have done enterprise architect, system architect and application architect as well as passed on architectural ideas.
- Made enterprise architect in the Knowledge Center for Agriculture on an overall level.
- Described system architect and application architect in several cattle applications as well as in applications for other purposes.
- For example described system architect and application architect in a common storage system, which must be used by several large application areas, such as: Economics, Cattle, Plant.
Skills used: Enterprise architecture, software architecture, .NET 3.5/4.0, Visual Studio 2008/2010, ASP.NET, C#, XML, web service, WCF and MS SQL.
Designed and implemented mobile cattle web application called "KvikKoen" (August 2011 – September 2011)
The Knowledge Center for Agriculture (Agro Food Park 15, 8200 Aarhus N)
The Knowledge Center for Agriculture wanted to test whether mobile web applications could be used as the future mobile application platform. The goal was to determine a general architecture for mobile web applications and achieve a mobile web application that could be tested by the end user.
I have uncovered the best possible architectural choices. Data communication: JSON or Atom. Architecture with jQuery client and oData backend or to a greater extent using ASP.NET MVC 3. I made example implantations that tested the different application architectures and chose the future architecture for mobile web applications.
- Made example applications for testing architecture.
- Described the architecture of mobile web applications.
- Implemented a mobile cattle web application.
Skills used: Enterprise architecture, software architecture, .NET 4.0, Visual Studio 2010, ASP.NET MVC 3, C#, JavaScript, jQuery, jQuery Mobile, HTML, CSS, JSON, Atom, XML, web service, WCF, oData, MS SQL and LINQ .
Designed Falck's future federated security concept (April 2011 – June 2011)
Falck Danmark A/S (Polititorvet 1, 1780 Copenhagen V)
Falck had many web applications, each of which used separate logon systems and custom SSO solutions were made between some of the web applications. Falck also planned to develop a new customer portal, which also required a login. The wish was to achieve a common standard-based logon system and SSO between the web applications. It was also wanted to investigate which authentication options exist in the Nordic region.
I have uncovered Falck's security needs and, based on this, described Falck's future security concept based on federated security standards. The existing web applications have been analyzed and it is described what is needed to move the individual applications over to the new security platform. It has been analyzed which logon systems are useful for Falck in the Nordics and whether a username + password logon system can be used.
- Described a security concept based on AD FS.
- Described how to create SSO using federated security standards.
- Described the Nordic logon systems: NemID, e-identification, BankID etc. in relation to Falck.
- Described the use of the identity platforms TrustIdent and Signicat.
Applied competences: Enterprise architecture, software architecture, SOA, .NET, XML, web service, Single Sign-On (SSO), NemID, TrustIdent, Signicat, Identity Federation, Claims-based identity, WS-*, SAML 1.1, SAML 2.0, AD FS 2.0, WIF, STS, Active Directory (AD) and MS SQL.
Designing Claims-based identity security for cattle application complex (December 2010 - May 2011)
The Knowledge Center for Agriculture (Agro Food Park 15, 8200 Aarhus N)
The knowledge center had a cattle SOA system with an Oracel database, where data security is handled via database views. Over the years, the structure has proven to be too performance-heavy due to the growing amount of data and work load as well as the view-on-view structure of selections. A new security system is desired where the handling of data security is moved up into the web service layer above the database.
I have designed and implemented a Claims-based identity security architecture, which can handle security in the web service layer. The challenge is that some users have access to many crews and thus have a lot of claims (50,000-150,000 claims). Since it is neither possible nor desirable to generate SAML tokens with so many claims, an STS has been created which supports the publication of claims based on a selected user section. The WS-trust standard prescribes that you can specify a context, but this is not supported by AD FS, which is the reason why I have made a custom STS.
- I have created a Claims-based identity security architecture for the cattle application complex, which has a trust for the Knowledge Center for Agriculture and other federated security architecture.
- Implemented a custom STS which supports data sections, as prescribed in the standard.
- Implemented Claims-based identity in cattle web service and clients.
Load test of field planning SOA application (December 2010 – February 2011)
The Knowledge Center for Agriculture (Agro Food Park 15, 8200 Aarhus N)
The task was to install and configure a load test environment, as well as design and make a load test of a field planning SOA application. The application consisted of a ClickOnce frontend and WCF webservice backend as well as an MS SQL database.
I have done the load test and fixed the memory leek error.
- Installed a Test Controller and five Test Agents, as well as installed a database and configured the load test environment.
- Designed a load test that emulates the usage scenario with the highest work load as well as a scenario with normal work load.
- Performed the load test via Visual Studio, analyzed the results and optimized the system through several test iterations.
- Fixed memory leek error in zip compression routine.
- Given calculation lines for how WCF is best configured in relation to the expected work load.
Skills used: Loadtest, Visual Studio 2010, VS 2010 Test Controller and Test Agent, Microsoft SQL Server 2008 R2, MS SQL, Windows Server 2008 R2, Windows 7, .NET 3.5, C#, WCF, web service, VMware Lab Manager and WinDbg.
Finance applications (August 2010 - November 2010)
The Knowledge Center for Agriculture (Agro Food Park 15, 8200 Aarhus N)
The task was to participate as a developer resource in a team that made two financial applications: a SOA XML broker that exhibits a web service interface, the broker is used to transfer budgets, and a benchmark Silverlight application with web service communication to the backend.
- I have acted as a developer and have coded parts of the two applications.
Skills used: SOA, .NET 4.0, Visual Studio 2010, C#, Silverlight, XML, web service, WCF, MS SQL, SQL, LINQ.
Finance management system (June 2010 - August 2010)
The Knowledge Center for Agriculture (Agro Food Park 15, 8200 Aarhus N)
The knowledge center has developed a number of applications which make it possible to calculate and view key figures and compare the individual holding with other holdings. There is a large data base for these applications and calculations based on control data.
I have developed a financial administration system that can create an overview of management data, update management data and calculate what planned changes to management data will entail.
I have designed and implemented a ClickOnce application, databases and batch flow.
- Described the system architecture.
- Created .NET ClickOnce application.
- Created databases that can handle change flows of control data changes, as well as calculate the consequences of changed control data before they are sent into production.
- Created a Windows service that hosts the batch flow that moves changes to control data in production.
Skills used: Software architecture, .NET 3.5, Visual Studio 2008, C#, ClickOnce, Windows Service, MS SQL, SQL and LINQ.
Re-designed the system architecture of web application system (May 2010 - February 2011)
Unnamed customer (Aarhus)
The company had a web application system with a nice user interface design, which was made by an external company with designers who had little IT experience. This meant that the system suffered from many diseases such as: no error handling, no data validation resulting in invalid data, could neither scale in relation to data volume nor user load and poor software architecture.
The task was to find out what could be used of the system and describe the short-term and long-term strategy to improve the system architecture and code quality. In addition, I have re-designed the database and solved the data invalidation problems, as well as implemented a new basic architecture and new functionality.
- I have done system architecture on the whole system.
- Redesigned the database and corrected the data quality.
- Implemented the new system architecture in the web applications and database.
- Implemented a new web service layer.
- Implemented new functionality.
- Taught the company's internal IT team.
Skills used: Enterprise architecture, software architecture, .NET 3.5/4.0, Visual Studio 2008/2010, ASP.NET, C#, Silverlight, JavaScript, HTML, DHTML, CSS, XML, web service, WCF, MS SQL, SQL, LINQ.
Federated security architecture (May 2010 - May 2010)
NotaPlan (Borgergade 20, 9000 Aalborg)
NotaPlan worked on a major migration project, where client-server applications on an old platform had to be moved over to the .NET platform. The task consisted of designing the Federated security for the solution. As well as reviewing the architecture proposal and designing the enterprise architecture together with the customer.
I have designed the federated security for NotaPlans:
- Described and taught in the Federated security architecture.
- Assisted with installed and configured AD FS in the development environment.
- Created example code for how a Windows Click Once application logs on to an STS and caches SAML tokens in memory.
- Verified that NotaPlan's new SOA based application platforms have an appropriately high level of security.
- Reviewed the enterprise architecture.
Skills used: Enterprise architecture, software architecture, SOA, .NET 3.5/4.0, Visual Studio 2008/2010, C#, .NET Windows client, XML, web service, WCF, Single Sign-On (SSO), Identity Federation, Claims-based identity, WS-*, SAML 1.1, SAML 2.0, AD FS 2.0, WIF, STS, Active Directory (AD), MS SQL.
Subscription directory (April 2010 - May 2010)
The Knowledge Center for Agriculture (Agro Food Park 15, 8200 Aarhus N)
The task was to design a subscription directory that can handle all the customers' subscriptions to the various applications the Knowledge Center develops and sells access to.
The knowledge center has many applications with diverse subscription types and price calculation algorithms. In some cases, the invoices are generated automatically in different systems, while other invoices are handled manually, which requires a lot of working hours.
I have designed a common subscription index which can handle all the Knowledge Centre's subscriptions and automate the invoice generation.
- Described the architecture for how the subscription directory can fit into the knowledge center's overall enterprise SOA.
- Described the system architect of the subscription directory and described which workflows the subscription directory must be able to handle.
- Described how subscription folder workflows are implemented.
- Described the data relationships of the subscription directory and designed the database.
Skills used: Enterprise architecture, software architecture, SOA, .NET 3.5/4.0, Visual Studio 2008/2010, C#, ASP.NET, WF, web service, XML, WCF, MS SQL.
SOA, SSO and Software Architect (September 2007 – December 2009)
The Knowledge Center for Agriculture (Agro Food Park 15, 8200 Aarhus N)
The knowledge center worked on a large migration and development project where many applications are moved to .NET and built as SOA applications. The applications also had to have SSO using federated security. The application types are SOA web services that expose existing or newly developed databases. Web applications that call web services on the backend. Rich client applications that are either opened from a web application or function as stand alone applications and call web services on the backend. As well as handheld mobile clients that call web services on the backend.
I have described the overall architecture together with the customer and am building an enterprise SOA with federated security, which makes it possible to exchange data across the application silos in a standardized and uniform way.
- Described the overall SOA enterprise architecture and taught the architecture and thinking in order to raise the level of knowledge.
- Described the system architecture together with the developers on the individual development tasks.
- Created code examples and general components in the language C# in the development environment VS.NET 2008.
- Worked as a developer on a number of development tasks in the language C# in the development environment VS.NET 2008 and with MS SQL as database.
Skills used: Enterprise architecture, software architecture, SOA, .NET 1.1/2.0/3.5, C#, ASP.NET, ASP, JavaScript, HTML, CSS, AJAX, web service, XML, WCF, Single Sign-On (SSO), MS SQL, SQL and LINQ.
Developed security system (September 2007 – December 2009)
The Knowledge Center for Agriculture (Agro Food Park 15, 8200 Aarhus N)
The task was to develop an SSO that supports the Knowledge Centre's old and new applications. A SOA enterprise architecture was used and SSO was made using Federated security.
The users are identified with different user names (attributes / claims) in the different application silos. The users' data is tied together across the application silos, via a Security Token Service (STS), which maps the usernames and issues SAML tokens with the desired claims. This achieves both SSO for internal SOA services across application silos and for SOA services at 3rd parties. I have also created SSO on the front end between Rige clients, web applications, MOSS as well as Sharepoint portals and "old" ASP applications.
I have developed an STS based on the WS-* and SAML standards that supports the needs of the Knowledge Center (20,000 logons per day). As well as general components that make it possible to configure security and logging into the individual application largely without having to write code in the application.
- Designed and described the SSO architecture and security.
- Designed and developed an STS based on the WS-* and SAML standards in the language C# in the development environment VS.NET 2008 with an MS SQL database.
- Designed the structure of Active Directory (AD) so that it supports the current and future needs of the Knowledge Centre.
- Developed general security and logging components in the C# language in the VS.NET 2008 development environment.
- Created example applications and code examples in the C# language in the VS.NET 2008 development environment.
Skills used: Enterprise architecture, software architecture, SOA, .NET 1.1/2.0/3.5, Visual Studio 2003/2005/2008, ASP.NET, ASP, JavaScript, HTML, CSS, AJAX, web service, XML, WCF, Winform, Single Sign- On (SSO), Identity Federation, Claims-based identity, WS-*, SAML 1.1, STS, Active Directory (AD), Claims-based identity on MOSS, MS SQL, SQL and LINQ.
Held SOA course (June 2008)
Celenia Software (Vestre Havnepromenade 5, 9000 Aalborg)
The task was to hold a SOA course day, which aimed to provide an overview of SOA. The idea behind SOA and the benefits of using SOA, as well as an in-depth explanation of the architectural thinking behind SOA and important technical issues.
- Taught on SOA course.
Skills used: Enterprise architecture, SOA, .NET, web service, XML, and WCF.
CEO and owner of UptoLog (May 2007 - September 2013)
UptoLog (Emilihøj 32, 8270 Højbjerg)
UptoLog is an advanced logging system that can be easily integrated into most .NET applications, from very small standalone applications to large enterprise systems with many servers and clients.
UptoLog optimizes the error-finding process with standardized logs, which are easily searched and trace where an error has occurred in a .NET application. UptoLog uses .NET's activity ID, which makes it possible to show correlations between errors that occur on different servers / clients in an SOA application. The result is that errors that were previously difficult to see and thus find can be seen immediately and the cause of the error can be located.
UptoLog is used as a logging system in the Knowledge Center for Agriculture's SOA enterprise applications.
Through my work as a SOA architect, I have often needed an effective standard logging system that supports SOA and can be plugged into a SOA enterprise application. This is where the idea for UptoLog comes from. I have developed UptoLog from idea to finished product.
- Designed and developed UptoLog consisting of a web application, a web service and a client in the language C# in the development environment VS.NET 2005.
- Designed the UptoLog web application to be able to visualize errors, traces and time measurements graphically using ASP.NET, HTML and CSS.
- Designed and developed the database (SQL server 2005) to be able to handle large amounts of logging data and has optimized the searches in the database.
- Developed the UptoLog website for the presentation and sale of UptoLog.
Skills used: Enterprise architecture, software architecture, SOA, .NET 1.0/1.1/2.0, C#, ASP.NET, ASP, JavaScript, HTML, CSS, web service, XML, Single Sign-On (SSO), MS SQL and SQL.
Technical project manager (October 2005 – August 2007)
KMD (Lauritzens Plads 1, 9000 Aalborg)
I was project manager on several .NET development projects, which aimed to further develop and expand the general functionality of KMD's SOA enterprise architecture. As well as expanding and improving the method descriptions.
As well as project manager on a stabilization project, which aimed to stabilize KMD's enterprise SOA environment. As the amount of users increased and the number of transactions thus also increased significantly, the system could not handle the load. This resulted in an increased number of errors and more downtime. The project aimed to upgrade and further develop the environment to be able to handle the then and future load.
- Project manager on several .NET development projects. As well as architect and developer on the projects.
- Project manager on a stabilization project which included .NET development, improvement and stabilization of the .NET infrastructure, improvement of operation setup, improvement of support and maturation of the enterprise SOA operation.
Applied skills: Project management, enterprise architecture, software architecture, SOA, .NET 1.0/1.1/2.0, C#, ASP.NET, ASP, JavaScript, HTML, CSS, web service, XML, Single Sign-On (SSO), MS SQL and SQL.
Product responsibility for KMD's logon system (July 2005 – August 2007)
KMD (Lauritzens Plads 1, 9000 Aalborg)
The aim of the work was to stabilise, consolidate and further develop KMD's logon system, which handled over 50,000 logons per year. day. The logon system provided SSO between .NET web applications, "legacy" ASP web applications, and Rige (.NET) clients.
I consolidated and further developed KMD's logon system and had product responsibility.
- Developed new functionality in the language C# in the development tools VS.NET 2003 and VS.NET 2005.
- Removed unnecessary functionality and complexity to stabilize the Logon system. Also made the logon system uniform and simpler to use for the developers.
- Dressed the support organization to resolve first and second level support and bugs.
Skills used: Software architecture, SOA, .NET 1.0/1.1/2.0, C#, ASP.NET, ASP, JavaScript, HTML, CSS, Single Sign-On (SSO), Digital Signature, MS SQL and SQL.
System and method consultant (May 2002 – August 2007)
KMD (Lauritzens Plads 1, 9000 Aalborg)
The work involved designing and developing KMD's SOA enterprise architecture, including security, error handling over several tiers, data transport, common components, etc. As well as designing templates for how the client and server architecture should look in KMD. The templates are used for new development of enterprise applications.
In addition, my task consisted of spreading KMD's SOA enterprise architecture and involving developers in the architecture work. As well as supporting and teaching developers to use the .NET platform, understand and use KMD's enterprise architecture and KMD's common components.
- Designed and described KMD's SOA enterprise architecture.
- Designed and developed common components and created code examples in the language C# in the development environments VS.NET 2003 and VS.NET 2005.
- Described the system architecture for new applications and assisted the developers.
- Worked as a developer on a number of development tasks in the language C# in the development environments VS.NET 2003 and VS.NET 2005.
Skills used: Enterprise architecture, software architecture, SOA, .NET 1.0/1.1/2.0, C#, ASP.NET, ASP, JavaScript, HTML, DHTML, CSS, web service, XML, OIOXML, Single Sign-On (SSO), MS SQL and SQL.
Software developer (August 2000 – May 2002)
KMD (Lauritzens Plads 1, 9000 Aalborg)
The task was to renovate KMD's accounts receivable system by developing a new front end in ASP. The debtor system is an application complex with several large applications which integrate with each other both on the front end in the user interface made in ASP and on the back end in business logic and databases based on a Mainframe and DB2.
I was a co-designer of the user interface, the system architecture and a developer on the renovation task.
- Designed and described the user dialog.
- Designed and described the system architecture for debtor system.
- Developed the front end in ASP, JavaScript, HTML, DHTML and XSLT.
Skills used: Software architecture, ASP, JavaScript, HTML, DHTML, XSLT, XML and SQL.
Education
Civil engineer in process control with an international master in Intelligent Multi-Media (September 1995 – July 2000)
Aalborg University
I studied at the E sector, where I first studied electronic circuits. I then chose the process control line, where the management and regulation of mechanical processes and various types of networks are taught.
During my thesis in Intelligent Multi-Media, I have worked with the interface between man and machine. Both the traditional interface on the glass plate and the more advanced version, where speech, image processing, decision-making systems etc. are used to make a system more user-friendly.
The graduation project dealt with a Multi Agent System with a virtual agent and two robot agents. In the project, it was discussed what humans can use robots for and based on this, a system was built to demonstrate different scenarios. Speech was included to be able to communicate with the system and image processing for the robots to see. The demo station system was built as a distributed system in C++, where the three agents were executed on three connected Windows based computers.