Presentation is loading. Please wait.

Presentation is loading. Please wait.

Identity and Access Management: Strategy and Solution Sandeep Sinha Lead Product Manager Windows Server Product Management Redmond,

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Identity and Access Management: Strategy and Solution Sandeep Sinha Lead Product Manager Windows Server Product Management Redmond,"— Presentation transcript:

1 Identity and Access Management: Strategy and Solution Sandeep Sinha sansinha@microsoft.com Lead Product Manager Windows Server Product Management Redmond, USA

2 Agenda   Business Drivers   The Challenge   Identity and Access Management Framework   Identity and Access Management Solutions

3 The Issues  Password Management  Provisioning and De-provisioning  Customer Portal  Partner Integration  Security  Regulatory Compliance

4 Business Drivers Strategic Initiative Connecting with customers and partners Connecting with customers and partners Employee Portal/Personalization Employee Portal/Personalization Externalization of business processes Externalization of business processes Improve Security Secure data and network access Secure data and network access Assure authentication across platforms Assure authentication across platforms Manage cross-platform environment centrally Manage cross-platform environment centrally Regulatory Compliance HIPAA HIPAA Gramm-Leach-Blailey Gramm-Leach-Blailey FDIC FDIC Lower Operations Cost Decrease administrative/help desk overhead Decrease administrative/help desk overhead Reduce number of logins/passwords Reduce number of logins/passwords Lower cost for high-turnover environments Lower cost for high-turnover environments

5 The Challenge Provisioning Single Sign On Interoperability Authentication Authorization Passwords Directories

6 Microsoft’s Framework Directory Services Federation AuthenticationAuthorization Applications Provisioning

7 The Solution  Active Directory – The foundation  Windows Integrated Applications  Network Single Sign-on with Windows Server  Extending to non-integrated applications  Using Active Directory for LDAP authentication  The role of Microsoft Metadirectory Server (MMS) WindowsSingleSign-on  B2E using Active Directory and IIS  B2C using Active Directory and Passport  Extranet Access Management using Active Directory Web Single Sign-on Reduced Enterprise Sign-on

8 Windows Single Sign-on Integrated Windows Sign-on ActiveDirectory Logon to Windows Flexible Authentication Kerberos X509 v3/Smartcard Biometrics Passport (Web) Basic (Web) Digest (Web) Single Sign-on to: Windows File servers Windows Web applications Exchange email SQL Server BizTalk Server Other Microsoft applications 3 rd Party Integrated Apps Exchange Web Service File Share Windows Integrated Applications

9 Reduced Enterprise Sign-On Extending Windows SSO ActiveDirectory Logon to AD Services for UNIX  NIS Server for AD  NIS-AD directory sync  Password synchronization  User name mapping UNIX Host Integration Server  Windows to RACF accounts  Windows to AS/400 Security System  Bi-Directional Password Synchronization 390/AS400 KerberosApplication Kerberos  Native AuthN protocol  MIT v5 Compliant  Carries group info in PAC  Windows PAC is open

10 Reduced Enterprise Sign-on LDAP Authentication & Directory Integration Account Directory LDAP SQL Enterprise App Integrate LDAP with AD  LDAP v3 compliant  Single AD and LDAP user account  AD/AM for personalization data Microsoft Metadirectory Server  Directory synchronization  LDAP (eg iPlanet & others)  Relational databases  Application specific  Account Provisioning  Automate account creation  Automate account de- provisioning  Password Management (MMS 2003)  Self-service password reset Exchange Web Service File Share Application Application ActiveDirectory

11 Web Single Sign-on B2C Using Active Directory and Passport Windows Server 2003 IIS Web Server (Step 1) Customer accesses a Web site using any standards-based browser (Step 4) User is authorized based AD account. (Step 2) Passport verifies the user’s credentials and sends a PUID back to the Web site (Step 3) Web app verifies activation code & maps PUID to AD account. ActiveDirectory Applications Passport manages user credentials Passport manages user authentication You manage user access controls

12 Web Single Sign-on Extranet Access Management using AD Web App 1 SSO Agent Web App 2 Delegated Admin ActiveDirectory EAM Web SSO Authentication LDAP Bind SSL Session Cookie Corporate Identities Authorization Check Partner Identities Enterprise Extranet“Trusted” Business Partner ActiveDirectory

13 Microsoft Products  Windows Server 2003  Active Directory, PKI, IAS  Microsoft Metadirectory Server 2003  Host Integration Server  Services for UNIX

14 Identity and Access Management Solution  Prescriptive Guidance  Proven  Actionable  Relevant  Benefits  Faster Time to Market  Lower Implementation Cost  Lower implementation Risks

15 Identity and Access Management Solution  Availability  Partners ready to deliver today.  Early July – Customer documents  Cost  Free  Development Partners  PricewaterhouseCoopers LLP  Oblix  OpenNetworks  Global Service Partners  PricewaterhouseCoopers LLP  Unisys  Hewlett Packard  Cap Gemini Ernst and Young  Demo  Available at Microsoft Booth

16 Call to Action  Call Microsoft or Partner Sales Reps  Create Vision and Strategy  Start small and focus on ROI  Leverage Microsoft’s Solution  Engage Partners and MCS

17 © 2003 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS SUMMARY. Questions!!!!sansinha@microsoft.com

Download ppt "Identity and Access Management: Strategy and Solution Sandeep Sinha Lead Product Manager Windows Server Product Management Redmond,"

Similar presentations

Bruce Cowper IT Pro Advisor Microsoft Canada. Agenda Windows Server™ 2003 R2 –Principal Scenarios Identity and Access Management Efficient Storage Management.

Bruce Cowper IT Pro Advisor Microsoft Canada. Agenda Windows Server™ 2003 R2 –Principal Scenarios Identity and Access Management Efficient Storage Management.
Microsoft Forefront Identity Manager 2010

Microsoft Forefront Identity Manager 2010
Identity and Access Management Strategy and Solution.

Identity and Access Management Strategy and Solution.
Prepared by Dept. of Information Technology & Telecommunication, October 24, 2005 Enterprise Directory Services and Identity Management.

Prepared by Dept. of Information Technology & Telecommunication, October 24, 2005 Enterprise Directory Services and Identity Management.
Virtual techdays INDIA │ 18-20 august 2010 Managing Active Directory Using Microsoft Forefront Identity Manager: Amol R Bhandarkar │ Tech Specialist –

Virtual techdays INDIA │ august 2010 Managing Active Directory Using Microsoft Forefront Identity Manager: Amol R Bhandarkar │ Tech Specialist –
Understanding Active Directory

Understanding Active Directory
Identity Management with Microsoft Identity Integration Server.

Identity Management with Microsoft Identity Integration Server.
Identity and Access Management

Identity and Access Management
Access and Identity Management for Enterprise Portals Rohit Gupta Director, Identity Management Product Management Oracle Corporation.

Access and Identity Management for Enterprise Portals Rohit Gupta Director, Identity Management Product Management Oracle Corporation.
Microsoft Office Sharepoint Server 2007 (MOSS) Overview Momentum Microsoft November 15, 2007.

Microsoft Office Sharepoint Server 2007 (MOSS) Overview Momentum Microsoft November 15, 2007.
SIM205. (On-Premises) Storage Servers Networking O/S Middleware Virtualization Data Applications Runtime You manage Infrastructure (as a Service)

SIM205. (On-Premises) Storage Servers Networking O/S Middleware Virtualization Data Applications Runtime You manage Infrastructure (as a Service)
Guidance 15-Day (Proof-of-Concept) 10-Day (Proof-of-Concept) 5-Day (Deployment Documents) 3-Day (Architectural Design Session) 1-Day (Strategic.

Guidance 15-Day (Proof-of-Concept) 10-Day (Proof-of-Concept) 5-Day (Deployment Documents) 3-Day (Architectural Design Session) 1-Day (Strategic.
Ing. Ondřej Ševeček | GOPAS a.s. | MCM: Directory Services | MVP: Enterprise Security | | |

Ing. Ondřej Ševeček | GOPAS a.s. | MCM: Directory Services | MVP: Enterprise Security | | |
Identity Management David Hoyle Consultant

Identity Management David Hoyle Consultant
© 2008 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. HP Automates Infrastructure Outsourcing.

© 2008 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. HP Automates Infrastructure Outsourcing.
Microsoft Identity and Access Solutions Market Trends and Futures

Microsoft Identity and Access Solutions Market Trends and Futures
Identity Lifecycle Management Jonny Chambers Senior Technical Specialist Microsoft Ireland

Identity Lifecycle Management Jonny Chambers Senior Technical Specialist Microsoft Ireland
Windows Azure Networking & Active Directory Nasir (Muhammad Nasiruddin) Developer Evangelist - Azure Microsoft Corporation

Windows Azure Networking & Active Directory Nasir (Muhammad Nasiruddin) Developer Evangelist - Azure Microsoft Corporation
Matt Steele Senior Program Manager Microsoft Corporation SESSION CODE: SIA326.

Matt Steele Senior Program Manager Microsoft Corporation SESSION CODE: SIA326.
Identity and Access Management Business Ready Security Solutions.

Identity and Access Management Business Ready Security Solutions.

Similar presentations

Ads by Google