- Количество слайдов: 13
Security Insights: Identity Theft & Management
The Identity Theft Problem What is Identity Theft? Dumpster diving Low tech Phishing/Pharming Targets individual users (albeit in mass) Theft of PII data from companies Accounts for 70% of Identity Theft 60% of Identity Thieves do not work alone We are engaging in business practices which make things worse Outsourcing millions of jobs to other countries Increasingly mobile more business conducted electronically
What can you do? If you are a consumer Evaluate IE 7, XP SP 2, Defender, MSN Anti. Phishing Filter If you are a organization Get your Identity and Access Management House in order More on that shortly…
The Unifying Identity Metasystem At the RSA Conference 2006 Bill Gates outlined Microsoft’s vision for the Unifying Identity Metasystem Built upon industry agreed Rules of Identity Allows for user centric control of identity information Standards based on WS-* protocols Allows for federated use of Identities from various sources: Personal, Credit Card, Citizen, Professional Industry co-operation is making this happen
Infrastructure for Identity & Access Identity and Access Capabilities Information Protection Access Control Auditing Process Automation Directory Service Single Sign-on Federated Identity Strong Credentials Windows Server Identity and Access Services Domain and Directory Services Certificate Services Rights Mgmt Services Federation Services Metadirectory Services Unified Architecture, Policy Model, and Management Security Token Service*
Microsoft Identity Integration Services Strategy Get to critical mass of provisioning features Sun One Fully integrated workflow and audit Make MIIS the engine of identity and access management and compliance Workflow, audit to model compliance controls Build on Metadirectory technical strength in convergence and enforcement Integrate these capabilities with our broader connected systems platform Notes MIIS Oracle SQL
New User l l l User ID Creation Credential Issuance Entitlements Change User l l l Promotions Transfers Entitlement Changes Reporting l l l Compliance Audit Security tity en Id Retire User l l Delete Accounts Remove Entitlements cle ecy Lif Help Desk l l l “Lost” Credentials Password Reset New Entitlements Self-Service l l Password Kiosk New Entitlements
Active Directory Services Certificate Services Domain Services Rights Federation Metadirectory Services Management Services Connected • Integrated • Refined • Unified
Get Your Identity and Access Management House in Order Talk to us on the stand Vista IE 7, Defender, Anti-Phishing demos Read the Microsoft Identity and Access Management Series http: //www. microsoft. com/technet/security Download MIIS 2003 Eval. : www. microsoft. com/miis
More Security Insights – Coming Up 11: 15 Secure Messaging 11: 45 Identity Theft 12: 15 How Microsoft Secures IT 12: 45 User Security 13: 15 Secure Messaging 13: 45 Spyware 14: 15 Identity Theft 14: 45 How Microsoft Secures IT 15: 15 User Security 15: 45 Spyware
www. microsoft. com/uk/security www. microsoft. com/uk/technet © 2006 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS SUMMARY.
Identity & Access Platform User Experience Logon & credentials Self-service Developer Experience Directory APIs Access APIs Integration APIs IT Pro Experience Management Delegated admin Identity and Access Platform Integration Services Process automation Process control Directory Services Distributed publication Access Services Authentication Authorization Audit Credential Management Connectors Integration with non-Windows integrated applications and systems
What is Identity? A set of claims that characterize a person or thing in the digital world. A Claim is a statement made about someone/something by someone/something. Claims are packaged in Security Tokens.