APS (Keystone) Security “dial tone” Doron Grinstein Chief Architect October 2012 | Version 0.2 | Confidential.

Slides:

Advertisements

Similar presentations

© 2006 IBM Corporation Tivoli Identity Manager Express Tivoli Access Manager for Enterprise Single Sign-On (Product Demonstrations) Tivoli Live! – 15 June.

Advertisements

Click to edit Master title style HEALTH INFORMATION 1 Identity & Access Management Presenter: Mike Davis (760) January 09, 2007.

Identity Network Ideals – Heterogeneity & Co-existence

Pennsylvania Banner Users Group 2008 Fall Conference Campus Identity Management in a Banner World.

Paul Roberts – Enterprise Mobility Specialist

Office 365 Identity June 2013 Microsoft Office365 4/2/2017

Møte ”Identitets baserte tjenester”. SSO Authn Authz Identity Role Policy IdM Role Mgmt Service Info resource Trust Policy mgmt + enforcement Compliance.

Agenda AD to Windows Azure AD Sync Options Federation Architecture

Core identity scenarios Federation and synchronization 2 3 Identity management overview 1 Additional features 4.

A Practical Approach To Secure Access To On Premise And Off Premise Applications & Solving The Problem Of Cloud Security: Top 3 Ways To Secure A Cloud.

Xavier Verhaeghe Vice President Oracle Security Solutions

Autenticazione e Gestione delle Identità Giacomo Aimasso – CISM – CISA.

Privileged Account Management Jason Fehrenbach, Product Manager.

FIspace Security Components FIspace Security Components NetFutures 2015 FIspace project Javier Romero Negrín Javier Hitado Simarro ATOS Serdar Arslan KoçSistem.

WSO2 Identity Server Road Map

Federated Identity Management for the context of storage Bart Kerver - TERENA Storage-meeting, Amsterdam,

4/17/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.

Identity Management, what does it solve By Gautham Mudra.

User Authentication for Enterprise Applications - The Future in Transitions.

Widely Distributed Access Management Tom Barton University of Chicago.

Cloud app Cloud app Cloud app Separate username/password sign-in Manual or semi-automated provisioning Active Directory App Separate username/password.

SIM205. (On-Premises) Storage Servers Networking O/S Middleware Virtualization Data Applications Runtime You manage Infrastructure (as a Service)

Prabath Siriwardena Senior Software Architect. An open source Identity & Entitlement management server.

Empower Enterprise Mobility Jasbir Gill Azure Mobility.

SharePoint Design Tools Office Applications.

Aegis Identity Software, Inc. presents Trends in Identity and Access Management in Higher Education to US Federations June 20, 2012 Janet Yarbrough – Director.

Cloud Computing Cloud Security– an overview Keke Chen.

Energy Ecosystem Overview David Miller Chief Security Officer.

Authorization Scenarios with Signet RL “Bob” Morgan University of Washington Internet2 Member Meeting, September 2004.

OUC204. Recently Announced… Identity Integration Options 2 3 Identity Management Overview 1.

Unify and Simplify: Security Management

©2011 Quest Software, Inc. All rights reserved. Patrick Hunter EMEA IDAM Team Lead 7 th February 2012 Creating simple, effective and lasting IDAM solutions.

Copyright ©2012 Ping Identity Corporation. All rights reserved.1.

Identity Solution in Baltic Theory and Practice Viktors Kozlovs Infrastructure Consultant Microsoft Latvia.

A Lap Around Windows Azure Active Directory Stuart Kwan Lead Principal Program Manager Microsoft Corporation SIA209.

Paul Andrew. Recently Announced… Identity Integration Options 2 3 Identity Management Overview 1.

Access Control and Markup Languages Pages 183 – 187 in the CISSP 1.

Windows Server Active Directory Intranet Managed Access Managed Identities Integrated Business Apps.

SSO Case Study Suchin Rengan Principal Technical Architect Salesforce.com.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Prabath Siriwardena – Software Architect, WSO2. Patterns Standards Implementations Plan for the session.

Claims-Based Identity Solution Architect Briefing zoli.herczeg.ro Taken from David Chappel’s work at TechEd Berlin 2009.

- NCSU project goals and requirements - Adoption Drivers - Current challenges and pain points - Identacor at NCSU - Identacor Features - NCSU Key Benefits.

Identity Management and Enterprise Single Sign-On (ESSO)

Best Practices in Enterprise IAM Liza Lowery Massey Montana Government IT Conference December 6, 2007.

University of Washington Collaboration: Identity and Access Management Lori Stevens University of Washington October 2007.

Security and Privacy for the Smart Grid James Bryce Clark, OASIS Robert Griffin, RSA Hal Lockhart, Oracle.

Chris Louloudakis Solution Specialist Identity & Access Management Microsoft Corporation SVR302.

WSO2 Identity Server 4.0 Fall WSO2 Carbon Enterprise Middleware Platform 2.

Prabath Siriwardena, Director of Security, WSO2 Twitter

ADFS - Does it Still have a Place? Fitting into the EMS puzzle Frank C. Drewes III 2016 Redmond Summit | Identity.

WSO2 Identity Server. Small company (called company A) had few services deployed on one app server.

Protect your data Enable your users Desktop Virtualization Information protection Mobile device & application management Identity and Access Management.

Identity and Access Management

Using Your Own Authentication System with ArcGIS Online

Azure Active Directory - Business 2 Consumer

Identity Management (IdM)

Cloud Security– an overview Keke Chen

Wait, Microsoft is in the Security Game?

SharePoint Online Management and Control

ESA Single Sign On (SSO) and Federated Identity Management

Identity and Access Management

Open Source Web Initial Sign-On Packages

Brian Arkills Microsoft Solutions Architect

What are IAM Key Processes.

Presentation transcript:

APS (Keystone) Security “dial tone” Doron Grinstein Chief Architect October 2012 | Version 0.2 | Confidential

2 Dell Software Confidential Security? Authentication Single Sign On (SSO) Federation Session Management Delegated Administration Fine-Grained Authorization Audit Trail (e.g. who granted access to the user?) Reporting (e.g. what can Mike Smith do?) Segregation of Duties Enforcement (SOD)

3 Dell Software Confidential Elements in enterprise settings COTS (commercial off the shelf) Applications – ERP, CRM, Collaboration (SharePoint, etc.) – Web Applications – Mobile Applications – Mainframe Application – Web Services – Rich Client Custom Applications – Web, Rich Client, Mobile, Web Services – Java,.NET,RUBY, PHP, Delphi, COM, C, C++, F#, Power Builder, Cold Fusion, etc.

4 Dell Software Confidential Application Security Today

5 Dell Software Confidential Security should be as simple as this:

6 Dell Software Confidential But in reality you’re faced with this SAML 1.1 XACML 2.0 Kerberos OpenID WS-Trust CAS SAMLP SAML 2.0 Card Spaces OpenAuth OAuth Shibboleth LiveID WIF ADFS WRAP XACML 3.0 DSML SPML WS-Federation RADIUS Siteminder

7 Dell Software Confidential What is needed is a Universal Adapter of IdM!

8 Dell Software Confidential How does it work?

Thank you

10 Dell Software Confidential APS becomes the Dell Identity Glue™

11 Dell Software Confidential Entitlement Mgmt Role Mgmt Policy Mgmt Self Service IT Shop Delegation Identity Admin APS and Q1IM provide core services Workflow Assessment SoD Attestation Recertification Orchestration Compliance Governance APS Q1IM Log Service Log Analysis Heuristics Fraud Detection Reporting Real Time Alerts Monitoring Data Access Context PIP Unified Namespace Provisioning / Sync Data Connectors Virtual Directory Authorization Policy Decision Policy Enforcement File SharePoint Web Data Code Authentication User Authentication Two Factor Authn IDP/STS SSO Quest One Core Services