Autenticazione e Gestione delle Identità Giacomo Aimasso – CISM – CISA.

Slides:

Advertisements

Similar presentations

Click to edit Master title style HEALTH INFORMATION 1 Identity & Access Management Presenter: Mike Davis (760) January 09, 2007.

Advertisements

Agenda 2 factor authentication Smart cards Virtual smart cards FIM CM

Quality in Identity and Access Management Systems IDM: Overview Michele Brass, PMP PMI Westchester Chapter Program Manager – Collaboration Tools.

Beyond Brute Force Strategies for Securely leveraging Mobile Devices Rajesh Pakkath, Sr. Product Manager, Oracle Bob Beach, CIO, Chevron October, 2014.

Microsoft Identity Solutions

Prepared by Dept. of Information Technology & Telecommunication, October 24, 2005 Enterprise Directory Services and Identity Management.

The State of Security Management By Jim Reavis January 2003.

Copyright © 2005 Imanami Corporation. All Rights Reserved.1 IdM & Security Robert Haaverson Imanami Corporation.

Insight Consulting Siemens Identity Management Survey Conducted April – June 2007 Info

Enterprise security How to bring security transparency into your organization ISSA EDUCATIONAL SESSION Nicklaus Schleicher, VP Support & Customer Service.

Federated sign-in WS-Federation WS-Trust SAML 2.0 Metadata Shibboleth Graph API Synchronize accounts Authentication.

Identity and Access Management: Strategy and Solution Sandeep Sinha Lead Product Manager Windows Server Product Management Redmond,

Identity and Access Management IAM. 2 Definition Identity and Access Management provide the following: – Mechanisms for identifying, creating, updating.

Identity Management, what does it solve By Gautham Mudra.

Identity and Access Management

Access and Identity Management for Enterprise Portals Rohit Gupta Director, Identity Management Product Management Oracle Corporation.

Identity and Access Management — at the Core of Business Andrew A. Afifi, M.Sc. Network Security, CISSP Technology Strategist.

© 2008 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. HP Automates Infrastructure Outsourcing.

Microsoft Identity and Access Solutions Market Trends and Futures

Cloud Attributes Business Challenges Influence Your IT Solutions Business to IT Conversation Microsoft is Changing too Supporting System Center In House.

Identity Lifecycle Management Jonny Chambers Senior Technical Specialist Microsoft Ireland

Cognizance Identity and Access Management Identity Management ● Authentication ● Authorization ● Administration The next generation security solution

Identity and Access Management Dustin Puryear Sr. Consultant, Puryear IT, LLC

May 30 th – 31 st, 2006 Sheraton Ottawa. Microsoft Certificate Lifecycle Manager Saleem Kanji Technology Solutions Professional - Windows Server Microsoft.

RSA Security Validating Users and Devices to Protect Network Assets Endpoint Solutions for Cisco Environments.

Rev Jul-o6 Oracle Identity Management Automate Provisioning to Oracle Applications and Beyond Kenny Gilbert Director of Technology Services.

A Balancing Act Between Risk Appetite and Risk Tolerance Federal Information Systems Security Educators’ Association Conference March 2005 Ezra Cornell.

Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.

Unify and Simplify: Security Management

Single Sign-On Multiple Benefits via Alaska K20 Identity Federation 20 May 2011 BTOP Partner Meeting Anchorage, Alaska 20 May 2011 BTOP Partner Meeting.

©2011 Quest Software, Inc. All rights reserved. Patrick Hunter EMEA IDAM Team Lead 7 th February 2012 Creating simple, effective and lasting IDAM solutions.

Copyright 2006 IDC Reproduction is forbidden unless authorized. All rights reserved. Information Security Trends.

Delivering Security for Mobile Device and Mobile Application Management INSERT MSP LOGO HERE.

Case Study: DirXML Implementation at Waste Management Rick Wagner Systems Engineer Novell, Inc.

USERS Implementers Target Communities NMI Integration Testbed The NMI Integration Testbed NMI Participation Developed and managed by SURA Evaluate NMI.

Sudha Iyer Principal Product Manager Oracle Corporation.

Tech Ed North America /24/2017 1:59 AM SESSION CODE: SIA327

Identity Solution in Baltic Theory and Practice Viktors Kozlovs Infrastructure Consultant Microsoft Latvia.

Empowering people-centric IT Unified device management Access and information protection Desktop Virtualization Hybrid Identity.

Erie 1 BOCES / WNYRIC eBOCES applications Visit us at:

ARC203 Planning an IAM Strategy for your Organisation Gary Williams Principal Consultant – Microsoft UK.

© 2005 IBM Corporation IBM Business-Centric SOA Event SOA on your terms and our expertise Operational Efficiency Achieved through People and SOA Martin.

INFORMATION SECURITY FOR ACCESS PROVISIONING: THE BOEING COMPANY T-BONE & TONIC: ALY BOGHANI JOAN OLIVER MIKE PATRICK AMOL POTDAR April 26, 2009.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

- NCSU project goals and requirements - Adoption Drivers - Current challenges and pain points - Identacor at NCSU - Identacor Features - NCSU Key Benefits.

Federico Guerrini IDA TSP, EMEA Incubation Team From Identity Synchronization to Identity Management.

Identity Management and Enterprise Single Sign-On (ESSO)

Leon Tu Applications Technology Group Oracle Corporation

University of Washington Collaboration: Identity and Access Management Lori Stevens University of Washington October 2007.

Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.

Information Resource Stewardship A suggested approach for managing the critical information assets of the organization.

Security Insights: Identity Theft & Management. The Identity Theft Problem What is Identity Theft? Dumpster diving Low tech Phishing/Pharming Targets.

Introducing Novell ® Identity Manager 4 Insert Presenter's Name (16pt) Insert Presenter's Title (14pt) Insert Company/ (14pt)

Chris Louloudakis Solution Specialist Identity & Access Management Microsoft Corporation SVR302.

Enterprise Mobility Suite: Simplify security, stay productive Protect data and empower workers Unsecured company data can cost millions in lost research,

Business Objects XIr2 Windows NT Authentication Single Sign-on 18 August 2006.

The Four Pillars of Identity: A Solution for Online Success Tom Shinder Principle Writer and Knowledge Engineer, SCD iX Solutions Group Microsoft Corporation.

Azure Active Directory Uday Hegde 2016 Redmond Summit | Identity Without Boundaries May 26, 2016 Group Program Manager, Azure AD

Protect your data Enable your users Desktop Virtualization Information protection Mobile device & application management Identity and Access Management.

Identity and Access Management

Secure Connected Infrastructure

Chapter 17 Using Technology in a Competitive Environment.

Current Campus Issues – From My Horizon

Identity and Access Management: Overview

Identity and Access Management

9/13/2018 4:54 PM BRK How to get Office 365 to the next level with Azure Active Directory Premium Brjann Brekkan Program Manager Lead – Customer.

Robert Haaverson Imanami Corporation

What are IAM Key Processes.

OU BATTLECARD: Oracle Identity Management Training

Presentation transcript:

Autenticazione e Gestione delle Identità Giacomo Aimasso – CISM – CISA

Identity & Access Management The explosion of Digital IDs

Identity & Access Management Internet was built so that communications are anonymous: In-house networks use multiple, often mutually-incompatible, proprietary identity systems. Users are incapable of handling multiple identities. Criminals love to exploit this mess! Regulation and Compliance: SOX, HIPAA, GLB, Basel II, 21 CFR Part 1 - $15.5 billion spent in 2005 on compliance Business Automation and Integration: One half of all enterprises have SOA under development, Web services spending growing 45% Increasing Threat Landscape: Identity theft costs banks and credit card issuers $1.2 billion in 1 yr $250 billion lost in 2004 from exposure of confidential info Maintenance Costs Dominate IT Budget: On average employees access 16 apps and systems, Companies spend $20-30 per user/yr for PW resets Trends impacting identity AMR Research 2006

Identity & Access Management Multiple contexts

Identity & Access Management Lots of users and systems required to do business: – Multiple repositories of identity information; Multiple user IDs, multiple passwords – Decentralized management, ad hoc data sharing Environment Complexity

Identity & Access Management Pain points

Identity & Access Management Management of identity: Provisioning/De-provisioning of accounts Workflow automation Delegated administration Password Synchronization Self-Service Password Reset Directory Service: Identity Repository (directory services for administration of user account attributes) Meta-data Replication/Synchronization Can include Access Control (I&AM): Policy based access control Enterprise/Legacy Single Sign On (SSO) Web Single Sign On (SSO) Reduced Sign On What is an Identity System? A system (processes, rules, applications, and services) that coordinates identity information held in disparate and scattered data sources. The concept of Identity Management

Employee info entered in HR Accounts provisioned to enterprise systems & applications Non-digital resources assigned and/or initiated New Users Join Company Change Events & User Support Users Depart Company Job/role/status changes Password changes and resets Personal profile information changes Additional requests for account access or non-digital resources Employee status updated in HR Account disabled & removed Non-digital resources retrieved and/or cancelled Delegation Workflow Role management Rule & Policy Enforcement Reports Audit Identity & Access Management What is Identity Management ? IDM CORE

USEROU ROLEACCOUNT RESOURCE PROFILES - GROUPS GROUPS of RESOURCES SW Inventory HRMS VISION Identity & Access Management What is Identity Management ?

IAM components 10 AdministerAuthenticateAuthorize Identity Management (Administration) Access Management (Real-Time Enforcement) Physical Resources ApplicationsDatabases Security Systems Directories Operating Systems Identity Admin Accounting (ITSM) NAC Alarm/ Alerting Authentication Infrastructure Enterprise Reduced Sign-On User Management Account Provisioning Metadirectory Role Matrix Management Enterprise Access Management Federated Identity Management AUDITAUDIT COMPLIANCECOMPLIANCE

Il nostro approccio Metodologico Organizzativo Tecnologico

Identity & Access Management Short termLong term Benefits of IAM Save money and improve operational efficiency Improved time to deliver applications and service Enhance Security Regulatory Compliance and Audit New ways of working Improved time to market Closer Supplier, Customer, Partner and Employee relationships

Grazie Giacomo Aimasso