Jericho Forum ® – Report Back What's been achieved through 2009, and how we will continue to make a difference in 2010. Paul Simmonds & Adrian Seccombe.

Slides:



Advertisements
Similar presentations
COUNTER Update Peter Shepherd Project Director COUNTER STM Innovations Seminar, 2 December 2005.
Advertisements

Stevens Institute of Technology Security Systems Engineering
High Validation SSL Certificates Mike Davies Marketing Director VeriSign Security Services EMEA.
Northside’s College Application Process
Tackling the Environmental Impact of Transport Presentation by David Jamieson MP to the Institute for Public Policy Research Wednesday 15th October 2003.
Conformity Assessment and Interoperability Developing Country point of view.
Interoperable EHRs Proposed Vision for HIE in Southern Illinois Stakeholder Meeting April 23, 2009 Nick Bonvino Executive Consultant Connect SI *NB Consulting,
Wisconsin Department of Revenue Integrated Property Assessment System (IPAS) March 3, 2006.
CS898T Mobile and Wireless Network Handheld Device Security By Yuan Chen July 25 th, 2005.
Web Services In M-Commerce
Real world application Corporate Wireless Networking Andrew Yeomans DrKW & Jericho Forum Board.
IEEE/FIPA WG Mobile Agents Ulrich Pinsdorf Fraunhofer-Institute IGD, Germany Dept. Security Technology
Oracle Application Express Rapid Application Development Tool
Security Education and Awareness Workshop January 15-16, 2004 Baltimore, MD.
World Wide Web: Empowering All People Steve Bratt Chief Executive Officer World Wide Web Consortium (
Fiesole Collection Development Retreats A celebration of our 10 th anniversary.
Navigating the New SAQs (Helping the 99% validate PCI compliance)
The Internet2 NET+ Services Program Jerry Grochow Interim Vice President CSG January, 2012.
IETF – March 2012 OMA OpenCMAPI presentation IETF – March 2012 Thierry Berisot Chairman OMA CD-OpenCMAPI SWG Deutsche Telekom.
IP EDGE DEVICES A solution for the Internet Migration Patrick Cocquet, 6WIND CEO, IPv6 Forum VP Dubai IPv6 Forum Summit – February 2001.
1 Copyright © 2010 AQA and its licensors. All rights reserved. Introduction to the new specification GCSE Computer Science Paul Varey.
Identity the New Perimeter Adrian Seccombe Surrey University 25 th March 2010.
Real world application  Protocols  Paul Simmonds ICI Plc. & Jericho Forum Board.
Collaboration Oriented Architecture COA Position Paper An Overview Adrian Seccombe Board of Management, Jericho Forum ® CISO & Snr Enterprise Information.
Password?. Project CLASP: Common Login and Access rights across Services Plan
All rights reserved © 2005, Alcatel Risk Awareness in Enterprise IT Processes and Networks  Dr. Stephan Rupp.
Prepare for the future  The de-perimeterised “road-warrior”  Paul Simmonds ICI Plc. & Jericho Forum Board.
Supervisor : Mr. Hadi Salimi Advanced Topics in Information Systems Mazandaran University of Science and Technology February 4, 2011 Survey on Cloud Computing.
Class on Security Raghu. Current state of Security Cracks appear all the time Band Aid solutions Applications are not designed properly OS designs are.
How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.
The business case for removing your perimeter Paul Simmonds Board of Management, Jericho Forum ® CISO, ICI Plc.
Real world application  Voice over IP  John Meakin Standard Chartered Bank & Jericho Forum Board.
2009 Indiana Election Administrator’s Conference Statewide Voter Registration System (SVRS) Project Update December 2,
MIGRATING INTO A CLOUD P. Sai Kiran. 2 Cloud Computing Definition “It is a techno-business disruptive model of using distributed large-scale data centers.
The disappearing perimeter and The need for secure collaboration Bob West Founder and CEO, Echelon One, & Jericho Forum ® Board Member Jericho Forum at.
Internet 2 Corporate Value Proposition Stuart Kippelman (J&J) Jeff Lemmer (Ford) December 12, 2005.
Surviving in a hostile world  The myth of fortress applications  Tomas Olovsson CTO, Appgate Professor at Goteborg University, Sweden.
Computer Networks Unit 1 – BTA 3O Ms. Chytra. Introduction to Networks Most people working in an office with more than a few computers will be using some.
TCP/IP Yang Wang Professor: M.ANVARI.
How to Gain Comfort in Losing Control to the Cloud Randolph Barr CSO - Qualys, Inc SourceBoston, 23. April 2010.
44 Montgomery Street Suite 960 San Francisco, CA USA Tel Cell
Federated Identity Management for HEP David Kelsey WLCG GDB 9 May 2012.
Supercomputing Communications Data NCAR Scientific Computing Division NETS 12/10/ Network Engineering & Telecommunications Section Update Jim Van.
The Jericho Forum’s Architecture for De-Perimeterised Security Presentation at CACS 2007 Auckland Prof. Clark Thomborson 10 th September 2007.
Jericho’s Architecture for De-Perimeterised Security Presentation at ISACA/IIA Wellington Prof. Clark Thomborson 27 th July 2007.
Improving Integration of Learning and Management Systems Paul Shoesmith Director of Technical Strategy Becta.
September 12, 2004 Simplifying the Administration of HIPAA Security Angel Hoffman, RN, MSN Director, Corporate Compliance University of Pittsburgh Medical.
Name Position Organisation Date. What is data integration? Dataset A Dataset B Integrated dataset Education data + EMPLOYMENT data = understanding education.
1 Implementing Communications-Driven and Group Decision Support Systems Collaborating with peers at other locations is needed in many companies.
Ian Bailey Director Application Architecture Office of CIO, Province of BC A User Centric and Claims Based Architecture for British Columbia.
The Real Time Initiative Laying the foundation for a Real Time Enterprise Internet Telephony Conference & EXPO October 14, 2003.
Jericho Commandments, Future Trends, & Positioning.
Understand Network Isolation Part 2 LESSON 3.3_B Security Fundamentals.
COA Masterclass The introduction! Paul Simmonds Board of Management, Jericho Forum ® ex.CISO, ICI Plc.
SMC and the role of Public Involvement Action Duchenne Scottish Mini Conference 4 December 2015 Lindsay Lockhart Public Involvement Officer.
3/5/2016Faculty : Trần Thị Ngọc Hoa1 From Proxy Server To ISA 2006  Overview  History  Functions  Caching Process  Caching Types  How does it work.
IS3220 Information Technology Infrastructure Security
Telecare regional support Working with local authorities to focus on delivering an enhanced telecare offering to service users and executing targeted pilots.
Cloud Industry Forum Code of Practice: Differentiate yourself in a crowded market 27 April 2016, 13:00 GMT Presented by Jason Wyatt (Cloud Industry Forum)
WHERE DID IT ALL BEGIN?. Autumn 2010 Changing role of the local authority Restructure within the local authority Budget restrictions for local authority.
IoT R&I on IoT integration and platforms INTERNET OF THINGS
WS ►I Promoting Web services interoperability across platforms, applications and programming languages October, 2002.
A Shift in the Data Security Paradigm
IPads 7th yr Wednesday 31st August 2016.
Using SSL – Secure Socket Layer
The disappearing perimeter and The need for secure collaboration
Decisions, Decisions… Hosted vs. Premises-based VoIP Deployment
Collaboration Oriented Architecture COA Position Paper An Overview
Presentation transcript:

Jericho Forum ® – Report Back What's been achieved through 2009, and how we will continue to make a difference in Paul Simmonds & Adrian Seccombe Board of Management, Jericho Forum

How we got to here – a brief review of the decade  2001 – The “de-perimeterisation” word coined [Royal Mail’s Jon Measham]  2002 – Discussion started among like minded CISO’s who saw the upcoming problem  2003 – Paul Simmonds & David Lacey present at RSA Europe, caused front page headlines  2004 – January: Jericho Forum founded at The Open Group Office in Reading interim board formed, and agree to Open Group taking over day-to-day running  2004 – December: Interim board form as a Jericho Forum membership group, with an elected Board of Managers  2005 – February: White paper published  2005 – April: First Jericho Conference held alongside Info Security & SC Awards  2005 – Interim board agree to Open Group to take over day-to-day running  Trade mark issued  2006 – April: First position paper published  2006 – April: Commandments published  2008 – April: COA Published  2009 – April: Cloud Paper Published  2009 – De-perimeterisation an established concept, now accepted as relevant to the cloud  2009 – Commandments seen to “Stand up to the rigours of the Clouds In computing terms the Noughties was the decade of de-perimeterisation

Key Publications Business rationale for de-perimeterisation Jericho Forum Commandments White Paper Freely available at

Key Publications The need for Inherently Secure Protocols Cloud Cube Freely available at Collaboration Oriented Architectures

And it’s not just us! Forrester – Paul Stamp July 2005 ISSA Journal De-perimeterized Architecture The end to the edge August 2009 ISF – Architectural Responses to the Disappearing Network Boundary February 2009

2009 & Up-coming work  Self Assessment Scheme  Cloud current work  CSA memorandum of understanding  Commandments still valid for cloud  Identity & Access Management  The cloud identity crisis - why cloud won't take off without Id & AM  Risk based access

Self Assessment Scheme  Rationale –Based on the “Commandments” –“the set of nasty questions to ask your security vendors” –Check if they provide the security solutions you need and, –Expose shortcomings in the features they may be claiming their offerings provide –Can be used stand-alone, or relevant parts simply incorporated into an RFQ  Release Timeline –Beta Testing with vendors - Jan 2010 –US Release, 1st RSA –Europe, 27 th Info Security

From Connectivity to Collaboration Full de-perimeterised working Full Internet-based Collaboration Consumerisation [Cheap IP based devices] Limited Internet-based Collaboration External Working VPN based External collaboration [Private connections] Internet Connectivity Web, , Telnet, FTP Connectivity for Internet Connected LANs interoperating protocols Local Area Networks Islands by technology Stand-alone Computing [Mainframe, Mini, PC’s] Time Connectivity Business Value Risk Today Effective Perimeter Breakdown

Externalisation of Data InternalDe-perimeterisedCOASecured Cloud OldData ThenData NowData Near Future Data Future?Data The security of the network becomes increasingly irrelevant, and the security and integrity of the data becomes everything.

Jericho Forum Cloud Cube Model ProprietaryOpen External Internal Perimeterised De-perimeterised Location Architecture “The Cloud” Ownership - technology/services/code Dimension Four: Insourced / Outsourced

Cloud & the Cloud Cube model  CSA memorandum of understanding  Commandments still valid for the cloud  Hybrid Computing will be the norm (A mix of traditional and various cloud computing) Private Clouds are Perimeterised Collaborative Clouds are best de-perimeterised  Select the four types of either with care!

Identity & Access Management  Key is to separate Identity Management from Access Management, and Audit the activities  Identify: ”I am he/she!”  Authenticate: “You are indeed!” …or not  Access: I’d like to… do that  Authorisation: Yes you are allowed …or not  Monitor: What did you do  Audit: You did the right things, right! …or not

The Cloud Identity Crisis  The Cloud won't take off fully without appropriate Identity and Access Management  Private Clouds will be able to take advantage of the old Perimeterised Identity and Access Management models  Collaborative Clouds will need a significant shift from Enterprise Centric security to User Centric Security  Clouds also will benefit greatly from the shift from Access by Lists to Access by Claims

Risk Based Access  Current access methods –Do not support business needs / granularity –Do not support “real” cloud working –Do not support the move the securing the data  Trust but verify –Basic trust models for devices & users exist But; –How do you verify environments you do not own? –How do you verify that environments you do not own are cleaned up after use?

2010 Planned / Proposed Work  Publish Self Assessment Scheme for RSA  Represent Jericho Forum thinking in 2010 RSA Conference  Refine linkages to CSA and ENISA, and develop new linkages to other bodies (like ISSA)  Identity and Access Management  De-perimeterised wireless network implications

A reminder of how we work Thought Leadership Blue-sky thinking Define Problem Solutions Tools Few people 100% occupied More people, some vendors 60/40 split Many people, users & vendors Widest Jericho forum community and non-members De-perimeterisation COA Cloud Thought Leaders User Members Vendor Members IT / Business Leaders

Conclusions  De-perimeterisation still a relevant topic with plenty to be highlighted and addressed  Commandments are both relevant and still relevant as we move to cloud issues  There is a shift from Enterprise Centric to User Centric IAM  There needs to be a shift from ACL’s to Claims based access

Questions & Comments ions & Comments Questions & Comments Questions & Com omments Questions & Comments

Shaping security for tomorrow’s world