Presentation is loading. Please wait.

Presentation is loading. Please wait.

Identity and Access Management

Published byMaude Merritt Modified over 7 years ago

Similar presentations

Presentation on theme: "Identity and Access Management"— Presentation transcript:

1 Identity and Access Management

2 Objectives Find a common background for discussing IAM
Discuss problems and opportunities in the field Introduce terminology Highlight a possible future direction

3 Explosion of IDs Business Automation # of Digital IDs Applications
Company (B2E) Partners (B2B) Customers (B2C) Mobility # of Digital IDs Internet Client Server Applications Mainframe Time Pre 1980’s 1980’s 1990’s 2000’s

4 Today’s Problems

5 Who am I? Who are you? Networks use multiple identity systems
The Internet is no better Users get confused with all of these IDs Management and audit has difficulty keeping track of all these IDs The bad guys are quite happy

6 So many IDs!

7 Multiple Contexts

8 Making It All Better

9 Identity and Access Management

10 Roles Within Identity Metasystem
Identity Providers Organisations, governments, even end-users They provide Identity Claims about a Subject Name, vehicles allowed to drive, age, etc. Relying Parties Online services or sites, doors, etc. Subjects Individuals and other bodies that need its identity established

11 Components and Terminology

12 What is Identity Management?
Single Sign On Password Management Secure Remote Access Federation Role Management Web Services Security Provisioning Auditing & Reporting Directories Authorization Digital Rights Management Strong Authentication PKI

13 Identity and Access Management
A system of procedures, policies and technologies to manage the lifecycle and entitlements of electronic credentials Directory Services Repositories for storing and managing accounts, identity information, and security credentials Access Management The process of authenticating credentials and controlling access to networked resources based on trust and identity Identity Lifecycle Management The processes used to create and delete accounts, manage account and entitlement changes, and track policy compliance

14 Benefits to take you forward
IAM Benefits Benefits today (Tactical) Benefits to take you forward (Strategic) Save money and improve operational efficiency New ways of working Improved time to deliver applications and service Improved time to market Enhance Security Closer Supplier, Customer, Partner and Employee relationships Regulatory Compliance and Audit

15 Some Basic Definitions
Authentication (AuthN) Verification of a subject’s identity by means of relying on a provided claim Identification is sometimes seen as a preliminary step of authentication Collection of untrusted (as yet) information about a subject, such as an identity claim Authorization (AuthZ) Deciding what actions, rights or privileges can the subject be allowed Trend towards separation of those two Or even of all three, if biometrics are used

16 The Benefits of IAM Save money Improve operational efficiency
Reduce time to deliver applications and services Enhance security Enhance regulatory compliance Give more power to audit

17 Let’s Define IAM Terms Authentication (AuthN) Authorization (AuthZ)
Verify that a person is who they claim to be This is where multi-factor authentication comes into play Identification and authentication are related but not the same Authorization (AuthZ) Deciding what resources can be accessed/used by a user Accounting Charges you for what you do

18 IAM is a Foundation Audit and Reporting
Identity Management Account Provisioning & Deprovisioning Synchronisation Administration User Management Password Management Workflow Delegation Audit and Reporting Access Management AuthN AuthZ

19 Identity Management Tasks: create ,delete and manage user identity in computing environment .

20 Identity Management can be viewed as the following models
The pure Identity Model : creation ,management and deletion of identity. User Access (log on ) model: allow user to register ,log in and log out . Smart card. The service model : system that deliver online ,on demand and role based service to users and their devices.

21 Access Control System Collection of mechanism that work together to create a security architecture to protect the assets of an information system.

22 Principle of access control management
Mandatory Access control (MAC) Discretionary Access control (DAC) Access control list ( ACL) Rule Based Access control (RBAC) Role based Access control (ROBAC)

23 Principle of access control management
Mandatory Access control (MAC):Who gains access to information Discretionary Access control (DAC): Access control mechanism for most desktop operating systems : UNIX. Restricted access Access control list ( ACL): list of file of users who are given the privilege of access to system or network resources. Like database and device. Rule Based Access control (RBAC): all rules and access permissions are defined by system administrator. Role based Access control (ROBAC): not only who or what process may have access to specific system resources but also type of access that is permitted .(development or testing group)

24 Access control techniques
1.User possessions : Tokens Memory Tokens : Storing information ATM Protection of pin code Smart Tokens : more powerful than memory tokens. Extension of Memory Tokens. More Integrated circuits into Memory Tokens

25 Access control techniques cont..
2. Biometric Techniques Possession based Knowledge based Physiological based Behavioral biometric Multi biometric

26 Biometrics Applications
Authentication system Network security Combating cybercrimes Biometrics enabled smart cards E-commerce and internet

27

Download ppt "Identity and Access Management"

Similar presentations

RBAC and HIPAA Security Uday O. Ali Pabrai, CHSS, SCNA Chief Executive, HIPAA Academy.

RBAC and HIPAA Security Uday O. Ali Pabrai, CHSS, SCNA Chief Executive, HIPAA Academy.
Agenda 2 factor authentication Smart cards Virtual smart cards FIM CM

Agenda 2 factor authentication Smart cards Virtual smart cards FIM CM
Autenticazione e Gestione delle Identità Giacomo Aimasso – CISM – CISA.

Autenticazione e Gestione delle Identità Giacomo Aimasso – CISM – CISA.
FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.

FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.
Extending ForeFront beyond the limit www.AGATSolutions.com TMGUAG ISAIAG AG Security Suite.

Extending ForeFront beyond the limit TMGUAG ISAIAG AG Security Suite.
Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.

Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.
Access Control Methodologies

Access Control Methodologies
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.

Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
Identity & Access Management DCS 861 Team2 Kirk M. Anne Carolyn Sher-Decaustis Kevin Kidder Joe Massi John Stewart.

Identity & Access Management DCS 861 Team2 Kirk M. Anne Carolyn Sher-Decaustis Kevin Kidder Joe Massi John Stewart.
Identity and Access Management IAM. 2 Definition Identity and Access Management provide the following: – Mechanisms for identifying, creating, updating.

Identity and Access Management IAM. 2 Definition Identity and Access Management provide the following: – Mechanisms for identifying, creating, updating.
Access Control Dr.Talal Alkharobi.

Access Control Dr.Talal Alkharobi.
Identity and Access Management IAM A Preview. 2 Goal To design and implement an identity and access management (IAM) middleware infrastructure that –

Identity and Access Management IAM A Preview. 2 Goal To design and implement an identity and access management (IAM) middleware infrastructure that –
Identity and Access Management

Identity and Access Management
2  A system can protect itself in two ways: It can limit who can access the system. This requires the system to implement a two-step process of identification.

2  A system can protect itself in two ways: It can limit who can access the system. This requires the system to implement a two-step process of identification.
7-Access Control Fundamentals Dr. John P. Abraham Professor UTPA.

7-Access Control Fundamentals Dr. John P. Abraham Professor UTPA.
I DENTITY M ANAGEMENT Joe Braceland Mount Airey Group, Inc.

I DENTITY M ANAGEMENT Joe Braceland Mount Airey Group, Inc.
© 2008 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. HP Automates Infrastructure Outsourcing.

© 2008 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. HP Automates Infrastructure Outsourcing.
Identity Lifecycle Management Jonny Chambers Senior Technical Specialist Microsoft Ireland

Identity Lifecycle Management Jonny Chambers Senior Technical Specialist Microsoft Ireland
Identity and Access Management Dustin Puryear Sr. Consultant, Puryear IT, LLC

Identity and Access Management Dustin Puryear Sr. Consultant, Puryear IT, LLC
May 30 th – 31 st, 2006 Sheraton Ottawa. Microsoft Certificate Lifecycle Manager Saleem Kanji Technology Solutions Professional - Windows Server Microsoft.

May 30 th – 31 st, 2006 Sheraton Ottawa. Microsoft Certificate Lifecycle Manager Saleem Kanji Technology Solutions Professional - Windows Server Microsoft.

Similar presentations

Ads by Google