Скачать презентацию ICT Strategy Identity Management and Enterprise Single Sign-On Скачать презентацию ICT Strategy Identity Management and Enterprise Single Sign-On

967ac796ee8d09a43ee23a5713963188.ppt

  • Количество слайдов: 10

ICT Strategy Identity Management and Enterprise Single Sign-On (ESSO) ICT Strategy Identity Management and Enterprise Single Sign-On (ESSO)

Introduction • Follows on from other related themes: • • Unified Operator Interface (UOI) Introduction • Follows on from other related themes: • • Unified Operator Interface (UOI) Network Convergence Network Security and Domains Circles of Trust Federated Identities Security as a Service Location transparency Virtualisation

Identity Management Business Value “Identity management projects are much more than technology implementations — Identity Management Business Value “Identity management projects are much more than technology implementations — they drive real business value by reducing direct costs, improving operational efficiency and enabling regulatory compliance. ”

Explosion of ID’s Business Partners Automation (B 2 B) # of Digital IDs Intra-Agency Explosion of ID’s Business Partners Automation (B 2 B) # of Digital IDs Intra-Agency (B 2 E) Customers (B 2 C) Mobility Internet ns o i at c i pl p A Client Server Mainframe Time Pre 1980’s 1990’s 2000’s

The Disconnected Reality • Authentication • Authorisation • Identity Data NOS • Authentication • The Disconnected Reality • Authentication • Authorisation • Identity Data NOS • Authentication • Authorisation • Identity Data Web Apps • Authentication • Authorisation • Identity Data Infrastructure Application • Authentication • Authorisation • Identity Data COTS Application • Authentication • Authorisation • Identity Data In-House Application • Authentication • Authorisation • Identity Data Enterprise Directory HR System In-House Application • “Identity Chaos” • Lots of users and systems required to do business • Multiple repositories of identity information; Multiple user IDs, multiple passwords • Decentralised management, ad hoc data sharing

Multiple Contexts Customer satisfaction & customer intimacy Cost competitiveness Reach, personalisation Our SUPPLIERS Our Multiple Contexts Customer satisfaction & customer intimacy Cost competitiveness Reach, personalisation Our SUPPLIERS Our CUSTOMERS Collaboration Outsourcing Faster business cycles; process automation Value chain Our AGENCY and EMPLOYEES Mobile workforce Flexible/temp workforce Our REMOTE and VIRTUAL EMPLOYEES Our PARTNERS

Pain Points IT Admin Too many user stores and account admin requests Unsafe sync Pain Points IT Admin Too many user stores and account admin requests Unsafe sync scripts Developer Redundant code in each app Rework code too often End User Too many passwords Long waits for access to apps, resources Security/ Compliance Too many orphaned accounts Limited auditing ability Business Owner Too expensive to reach new partners, channels Need for control

To-Be Authentication • Should only have to • • • login once Identity is To-Be Authentication • Should only have to • • • login once Identity is federated across domains Access permissions determined by Role(s), Groups and Policies Automated provisioning linked to ERP Systems • Employees • joining/leaving (HR) Contractors (Procurement)

Federated Identities • Cross domain trust using: • Security Access Markup Language (SAML) • Federated Identities • Cross domain trust using: • Security Access Markup Language (SAML) • Liberty Alliance (ID-FF)/WS-Federation protocols • Digital Certificates

IAM Architecture IAM Architecture