Identity and Access Management

Slides:



Advertisements
Similar presentations
RBAC and HIPAA Security Uday O. Ali Pabrai, CHSS, SCNA Chief Executive, HIPAA Academy.
Advertisements

Agenda 2 factor authentication Smart cards Virtual smart cards FIM CM
Autenticazione e Gestione delle Identità Giacomo Aimasso – CISM – CISA.
FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.
Extending ForeFront beyond the limit TMGUAG ISAIAG AG Security Suite.
Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.
Access Control Methodologies
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
Identity & Access Management DCS 861 Team2 Kirk M. Anne Carolyn Sher-Decaustis Kevin Kidder Joe Massi John Stewart.
Identity and Access Management IAM. 2 Definition Identity and Access Management provide the following: – Mechanisms for identifying, creating, updating.
Access Control Dr.Talal Alkharobi.
Identity and Access Management IAM A Preview. 2 Goal To design and implement an identity and access management (IAM) middleware infrastructure that –
Identity and Access Management
2  A system can protect itself in two ways: It can limit who can access the system. This requires the system to implement a two-step process of identification.
7-Access Control Fundamentals Dr. John P. Abraham Professor UTPA.
I DENTITY M ANAGEMENT Joe Braceland Mount Airey Group, Inc.
© 2008 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. HP Automates Infrastructure Outsourcing.
Identity Lifecycle Management Jonny Chambers Senior Technical Specialist Microsoft Ireland
Identity and Access Management Dustin Puryear Sr. Consultant, Puryear IT, LLC
May 30 th – 31 st, 2006 Sheraton Ottawa. Microsoft Certificate Lifecycle Manager Saleem Kanji Technology Solutions Professional - Windows Server Microsoft.
RSA Security Validating Users and Devices to Protect Network Assets Endpoint Solutions for Cisco Environments.
Access and Identity Management System (AIMS) Federal Student Aid PESC Fall 2009 Data Summit October 20, 2009 Balu Balasubramanyam.
Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
Overview of Access and Information Protection
Best Practices in Deploying a PKI Solution BIEN Nguyen Thanh Product Consultant – M.Tech Vietnam
Unify and Simplify: Security Management
CN1260 Client Operating System Kemtis Kunanuraksapong MSIS with Distinction MCT, MCITP, MCTS, MCDST, MCP, A+
Christopher Chapman | MCT Content PM, Microsoft Learning, PDG Planning, Microsoft.
Lecture slides prepared for “Computer Security: Principles and Practice”, 3/e, by William Stallings and Lawrie Brown, Chapter 4 “Access Control”.
SSL, Single Sign On, and External Authentication Presented By Jeff Kelley April 12, 2005.
SharePoint Security Fundamentals Introduction to Claims-based Security Configuring Claims-based Security Development Opportunities.
1 7 th CACR Information Workshop Vulnerabilities of Multi- Application Systems April 25, 2001 MAXIMUS.
Identity Solution in Baltic Theory and Practice Viktors Kozlovs Infrastructure Consultant Microsoft Latvia.
Networking and Health Information Exchange Unit 9b Privacy, Confidentiality, and Security Issues and Standards.
Cellular Device – Versatile personal identification Joint workshop on mobile web privacy W3C presentation, Dec
Identity Management and Enterprise Single Sign-On (ESSO)
© ITT Educational Services, Inc. All rights reserved. IS3230 Access Security Unit 7 Authentication Methods and Requirements.
INTRODUCTION TO BIOMATRICS ACCESS CONTROL SYSTEM Prepared by: Jagruti Shrimali Guided by : Prof. Chirag Patel.
Access Control / Authenticity Michael Sheppard 11/10/10.
Privilege Management Chapter 22.
University of Washington Collaboration: Identity and Access Management Lori Stevens University of Washington October 2007.
XACML Showcase RSA Conference What is XACML? n XML language for access control n Coarse or fine-grained n Extremely powerful evaluation logic n.
Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
SEC835 Identity and Access Management Overview. Tasks of IAM Specify the rules of electronic identity Maintain identity Validate identity Define access.
TechNet Architectural Design Series Part 5: Identity and Access Management Gary Williams & Colin Brown Microsoft Consulting Services.
LEARNING AREA 1 : INFORMATION AND COMMUNICATION TECHNOLOGY PRIVACY AUTHENTICATION VERIFICATION.
CERN IT Department CH-1211 Genève 23 Switzerland t Single Sign On, Identity and Access management at CERN Alex Lossent Emmanuel Ormancey,
Access Controls Mandatory Access Control by Sean Dalton December 5 th 2008.
Chapter 4 Access Control. Access Control Principles RFC 4949 defines computer security as: “Measures that implement and assure security services in a.
The Four Pillars of Identity: A Solution for Online Success Tom Shinder Principle Writer and Knowledge Engineer, SCD iX Solutions Group Microsoft Corporation.
Windows Active Directory – What is it? Definition - Active Directory is a centralized and standardized system that automates network management of user.
The Federal E-Authentication Initiative David Temoshok Director, Identity Policy GSA Office of Governmentwide Policy February 12, 2004 The E-Authentication.
SECURITY Prepared By: Dr. Vipul Vekariya.. 2 S ECURITY Secure system will control, through use of specific futures, access to information that only properly.
L’Oreal USA RSA Access Manager and Federated Identity Manager Kick-Off Meeting March 21 st, 2011.
ISSAP Session 1 29 August 2011.
Secure Connected Infrastructure
Access Control CSE 465 – Information Assurance Fall 2017 Adam Doupé
Identity Management (IdM)
Access control techniques
Data and Applications Security Developments and Directions
Identity and Access Management
CompTIA Security+ Study Guide (SY0-401)
NAAS 2.0 Features and Enhancements
Identity & Access Management
What are IAM Key Processes.
AAA: A Survey and a Policy- Based Architecture and Framework
PLANNING A SECURE BASELINE INSTALLATION
OU BATTLECARD: Oracle Identity Management Training
Presentation transcript:

Identity and Access Management

Objectives Find a common background for discussing IAM Discuss problems and opportunities in the field Introduce terminology Highlight a possible future direction

Explosion of IDs Business Automation # of Digital IDs Applications Company (B2E) Partners (B2B) Customers (B2C) Mobility # of Digital IDs Internet Client Server Applications Mainframe Time Pre 1980’s 1980’s 1990’s 2000’s

Today’s Problems

Who am I? Who are you? Networks use multiple identity systems The Internet is no better Users get confused with all of these IDs Management and audit has difficulty keeping track of all these IDs The bad guys are quite happy

So many IDs!

Multiple Contexts

Making It All Better

Identity and Access Management

Roles Within Identity Metasystem Identity Providers Organisations, governments, even end-users They provide Identity Claims about a Subject Name, vehicles allowed to drive, age, etc. Relying Parties Online services or sites, doors, etc. Subjects Individuals and other bodies that need its identity established

Components and Terminology

What is Identity Management? Single Sign On Password Management Secure Remote Access Federation Role Management Web Services Security Provisioning Auditing & Reporting Directories Authorization Digital Rights Management Strong Authentication PKI

Identity and Access Management A system of procedures, policies and technologies to manage the lifecycle and entitlements of electronic credentials Directory Services Repositories for storing and managing accounts, identity information, and security credentials Access Management The process of authenticating credentials and controlling access to networked resources based on trust and identity Identity Lifecycle Management The processes used to create and delete accounts, manage account and entitlement changes, and track policy compliance

Benefits to take you forward IAM Benefits Benefits today (Tactical) Benefits to take you forward (Strategic) Save money and improve operational efficiency New ways of working Improved time to deliver applications and service Improved time to market Enhance Security Closer Supplier, Customer, Partner and Employee relationships Regulatory Compliance and Audit

Some Basic Definitions Authentication (AuthN) Verification of a subject’s identity by means of relying on a provided claim Identification is sometimes seen as a preliminary step of authentication Collection of untrusted (as yet) information about a subject, such as an identity claim Authorization (AuthZ) Deciding what actions, rights or privileges can the subject be allowed Trend towards separation of those two Or even of all three, if biometrics are used

The Benefits of IAM Save money Improve operational efficiency Reduce time to deliver applications and services Enhance security Enhance regulatory compliance Give more power to audit

Let’s Define IAM Terms Authentication (AuthN) Authorization (AuthZ) Verify that a person is who they claim to be This is where multi-factor authentication comes into play Identification and authentication are related but not the same Authorization (AuthZ) Deciding what resources can be accessed/used by a user Accounting Charges you for what you do

IAM is a Foundation Audit and Reporting Identity Management Account Provisioning & Deprovisioning Synchronisation Administration User Management Password Management Workflow Delegation Audit and Reporting Access Management AuthN AuthZ

Identity Management Tasks: create ,delete and manage user identity in computing environment .

Identity Management can be viewed as the following models The pure Identity Model : creation ,management and deletion of identity. User Access (log on ) model: allow user to register ,log in and log out . Smart card. The service model : system that deliver online ,on demand and role based service to users and their devices.

Access Control System Collection of mechanism that work together to create a security architecture to protect the assets of an information system.

Principle of access control management Mandatory Access control (MAC) Discretionary Access control (DAC) Access control list ( ACL) Rule Based Access control (RBAC) Role based Access control (ROBAC)

Principle of access control management Mandatory Access control (MAC):Who gains access to information Discretionary Access control (DAC): Access control mechanism for most desktop operating systems : UNIX. Restricted access Access control list ( ACL): list of file of users who are given the privilege of access to system or network resources. Like database and device. Rule Based Access control (RBAC): all rules and access permissions are defined by system administrator. Role based Access control (ROBAC): not only who or what process may have access to specific system resources but also type of access that is permitted .(development or testing group)

Access control techniques 1.User possessions : Tokens Memory Tokens : Storing information ATM Protection of pin code Smart Tokens : more powerful than memory tokens. Extension of Memory Tokens. More Integrated circuits into Memory Tokens

Access control techniques cont.. 2. Biometric Techniques Possession based Knowledge based Physiological based Behavioral biometric Multi biometric

Biometrics Applications Authentication system Network security Combating cybercrimes Biometrics enabled smart cards E-commerce and internet

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.