Presentation is loading. Please wait.

Presentation is loading. Please wait.

INFORMATION SECURITY FOR ACCESS PROVISIONING: THE BOEING COMPANY T-BONE & TONIC: ALY BOGHANI JOAN OLIVER MIKE PATRICK AMOL POTDAR April 26, 2009.

Published byClement Jenkins Modified over 9 years ago

Similar presentations

Presentation on theme: "INFORMATION SECURITY FOR ACCESS PROVISIONING: THE BOEING COMPANY T-BONE & TONIC: ALY BOGHANI JOAN OLIVER MIKE PATRICK AMOL POTDAR April 26, 2009."— Presentation transcript:

1 INFORMATION SECURITY FOR ACCESS PROVISIONING: THE BOEING COMPANY T-BONE & TONIC: ALY BOGHANI JOAN OLIVER MIKE PATRICK AMOL POTDAR April 26, 2009

2 T-Bone & Tonic What is Access Provisioning? Provisioning To create and maintain a subject's digital identity, accounts, credentials, and entitlements in response to automated or interactive business processes. 11/13/2015 2 Identity A BEMSID (employee ID) and all related employee information Account A windows account for Jane Smith, Web Single Sign On (WSSO) Credentials Biometric identifier(s), Windows Password, Z-Token Entitlement Access to REDARS, A Boeing Badge, Access to newScale

3 T-Bone & Tonic Current Problem Boeing’s developed 40+ homegrown identity management and provisioning tools over the past 10 years The Problem  Provisioning processes are redundant, inefficient, costly, and frustrating  Data requirements and dependencies are unclear and confusing 11/13/2015 3

4 T-Bone & Tonic Current Problem The Risks  Users access to resources is difficult to manage  Unauthorized disclosure of information requiring enhanced controls  People leaking information requiring enhanced controls  Exploitation of people vulnerabilities resulting in information disclosure 11/13/2015 4

5 T-Bone & Tonic Current Problem The Result  Multiple compliance controls  Long cycle times  Processing errors due to human mistakes  Millions of dollars and hours lost in productivity for airline programs, finance, et al. 11/13/2015 5

6 T-Bone & Tonic End-User Perspective 11/13/2015 6 End Users Technologists End users focus on access to target systems like Windows, REDARS, etc. They don’t focus on what accounts they need to access Windows. Technologists focus the accounts and permissions end users need to access Windows, etc. Common Ground Is A With Access To The goal of provisioning is to help Sally obtain access to REDARS, etc. Using the Following Account(s) Using the Following Account(s) newScale

7 T-Bone & Tonic 11/13/2015 7 Enterprise Perspective

8 T-Bone & Tonic Solution: Enterprise Access Provisioning  Must incorporate the four cornerstones of information security:  Confidentiality, Authenticity, Integrity, Availability A successful provisioning solution ensures individuals get access to necessary resources easily and quickly while ensuring the proper security protocols are completed. 11/13/2015 8

9 T-Bone & Tonic Identity Management Systems - Concerns  A “metaverse” must exist that processes the rules and requests for password changes and synchronizations  The rules must be established by the business  There must be a directory of record that pushes identity changes to the other directories  Typically the HR system creates and deprovisions user accounts  Typically the Active Directory system pushes password changes to the other directories  A lot of custom scripting usually occurs to make the separate systems talk each other 11/13/2015 9

Download ppt "INFORMATION SECURITY FOR ACCESS PROVISIONING: THE BOEING COMPANY T-BONE & TONIC: ALY BOGHANI JOAN OLIVER MIKE PATRICK AMOL POTDAR April 26, 2009."

Similar presentations

© 2006 IBM Corporation Tivoli Identity Manager Express Tivoli Access Manager for Enterprise Single Sign-On (Product Demonstrations) Tivoli Live! – 15 June.

© 2006 IBM Corporation Tivoli Identity Manager Express Tivoli Access Manager for Enterprise Single Sign-On (Product Demonstrations) Tivoli Live! – 15 June.
ControlSphere is a computer security and automation solution designed to protect user data and automate most of authentication tasks for the user at work.

ControlSphere is a computer security and automation solution designed to protect user data and automate most of authentication tasks for the user at work.
Security by Design A Prequel for COMPSCI 702. Perspective “Any fool can know. The point is to understand.” - Albert Einstein “Sometimes it's not enough.

Security by Design A Prequel for COMPSCI 702. Perspective “Any fool can know. The point is to understand.” - Albert Einstein “Sometimes it's not enough.
1 ILANTUS Proprietary Jaunary 20, 2014 Enabling complete AGS features on ISIM Compliance Express – ISIM Integration.

1 ILANTUS Proprietary Jaunary 20, 2014 Enabling complete AGS features on ISIM Compliance Express – ISIM Integration.
Team: SuperBad Cats MSIT 458 – Dr. Chen Authentication through Password Protection.

Team: SuperBad Cats MSIT 458 – Dr. Chen Authentication through Password Protection.
1 Jan 2013 © 2002-2013 Health Level Seven International ®, Inc. All Rights Reserved. HL7 International and Health Level Seven International are registered.

1 Jan 2013 © Health Level Seven International ®, Inc. All Rights Reserved. HL7 International and Health Level Seven International are registered.
Autenticazione e Gestione delle Identità Giacomo Aimasso – CISM – CISA.

Autenticazione e Gestione delle Identità Giacomo Aimasso – CISM – CISA.
© 2013 IBM Corporation IBM Security Systems 1 © 2013 IBM Corporation Identity Management And Session Recording A Partnership with IBM and ObserveIT.

© 2013 IBM Corporation IBM Security Systems 1 © 2013 IBM Corporation Identity Management And Session Recording A Partnership with IBM and ObserveIT.
Information Security Confidential Two-Factor Authentication Solution Overview Shawn Fulton January 15th, 2015.

Information Security Confidential Two-Factor Authentication Solution Overview Shawn Fulton January 15th, 2015.
Storing Organizational Information—Databases

Storing Organizational Information—Databases
Iron Mountain’s Email Continuity Service ©2006 Iron Mountain Incorporated. All rights reserved. Iron Mountain and the design of the mountain are registered.

Iron Mountain’s Continuity Service ©2006 Iron Mountain Incorporated. All rights reserved. Iron Mountain and the design of the mountain are registered.
Prepared by Dept. of Information Technology & Telecommunication, October 24, 2005 Enterprise Directory Services and Identity Management.

Prepared by Dept. of Information Technology & Telecommunication, October 24, 2005 Enterprise Directory Services and Identity Management.
Virtual techdays INDIA │ 18-20 august 2010 Managing Active Directory Using Microsoft Forefront Identity Manager: Amol R Bhandarkar │ Tech Specialist –

Virtual techdays INDIA │ august 2010 Managing Active Directory Using Microsoft Forefront Identity Manager: Amol R Bhandarkar │ Tech Specialist –
WIRELESS SECURITY DEFENSE T-BONE & TONIC: ALY BOGHANI JOAN OLIVER MIKE PATRICK AMOL POTDAR May 30, 2009 05/30/2009.

WIRELESS SECURITY DEFENSE T-BONE & TONIC: ALY BOGHANI JOAN OLIVER MIKE PATRICK AMOL POTDAR May 30, /30/2009.
INFORMATION SECURITY FOR ACCESS PROVISIONING: THE BOEING COMPANY T-BONE & TONIC: ALY BOGHANI JOAN OLIVER MIKE PATRICK AMOL POTDAR June 6, 2009 06/06/2009.

INFORMATION SECURITY FOR ACCESS PROVISIONING: THE BOEING COMPANY T-BONE & TONIC: ALY BOGHANI JOAN OLIVER MIKE PATRICK AMOL POTDAR June 6, /06/2009.
McGraw-Hill/Irwin © 2008 The McGraw-Hill Companies, All Rights Reserved Chapter 7 Storing Organizational Information - Databases.

McGraw-Hill/Irwin © 2008 The McGraw-Hill Companies, All Rights Reserved Chapter 7 Storing Organizational Information - Databases.
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
Identity Management, what does it solve By Gautham Mudra.

Identity Management, what does it solve By Gautham Mudra.
Identity and Access Management

Identity and Access Management
EDUCAUSE April 25, 2006Enforcing Compliance with Security Policies … Enforcing Compliance of Campus Security Policies Through a Secure Identity Management.

EDUCAUSE April 25, 2006Enforcing Compliance with Security Policies … Enforcing Compliance of Campus Security Policies Through a Secure Identity Management.

Similar presentations

Ads by Google