SlideShare una empresa de Scribd logo

CIS14: Identity at Scale: Building from the Ground Up

CloudIDSummit
CloudIDSummit

Anthony Randall, Monsanto A discussion of the concept of large-scale engineering of millions of customer identities combined with many applications and partners, identity information engineering, and thoughts about how to better to mesh the internal IT landscape to improve identity services, user support and user experience.

Tecnología
1 de 25
Descargar para leer sin conexión
Iden%ty@Scale   Angle  on  Iden%ty  Data  for  scaling  
Growth   •  Organiza%ons  offering  more  consumer  Web-­‐  and   mobile-­‐based  services   •  2.4  billion  internet  users  on  the  planet   •  1.75  billion  smart  phones   •  Six  fold-­‐growth  in  Mobile  e-­‐commerce  thru  2017   •  IoT  50  billion  devices  in  2020  
IAM  industry  is  catching  up   •  IAM  technologies  con%nue  to  enable   •  Tools  and  technologies  are  improving   •  New  standards  for  mobile,  cloud  +  API  economy   •  And  new  ways  of  doing  things  
Directories  for  Authen/ca/on   -­‐  Stores  iden/ty   (And  some  authoriza%on)   Databases  for  authoriza/on   -­‐  Also  stores  iden/ty     =  Hundreds  =  Few   Security   Business  IT   Iden%ty  Data  Management  is  lagging  behind  
Current  state  applica%on/Service  Silos   Disconnected  IT  Roles  created  for  each   individual  applica/on/service   New  database  for  each  applica/on   containing  iden/ty  and  applica/on  roles  
And  we  keep  hearing  about  context   •  XACML   •  OpenID  Connect   •  UMA  
Name   Brand  Informa%on   Market  Segment   Billing  Status   Licensing  &   Cer%fica%on   Role   Contact  informa%on   Account  Status   Devices       Consent   Loca%on   Organiza%on   Iden%fiers   Interac%ons   Agreements   Product  subscrip/ons   Authorized  Acct   Rela%onships   But  we  have  a  lot  of  informa%on  about  our   customers     We  don’t  use  it!  
Business  context  o]en  remains  in  back-­‐office    systems   Front  of  house   Back  Office   Directory   Services   -­‐  Iden%ty   -­‐  Email  Address   -­‐  Group   OIen  no  user   context   -­‐  Iden%ty   -­‐  authoriza%on   -­‐  Iden%ty   -­‐  User  context   Customer   CRM   Integra/on    Services   Spend  lots  $$$  doing  the  same  things  over  -­‐  Iden%ty   -­‐  authoriza%on   Targets  
“Killing  IAM  in  order  to  save  it”   •  Need  to  beder  define  and  describe  business  rela%onships  and   context  for  online  ac%vity   •  Create  single  user  views  for  mul%ple  services   Parental   Controls  
Back  to  the  Future   •  Directories  store  informa%on  once  for  many   applica%ons  and  services  to  use   •  Business-­‐oriented  object  based  systems  with  security   and  distribu%on   X  User  Iden%ty  /  Authoriza%on  
Build  Namespace  according  to  objects  and   func%ons  –  Not  hierarchies   OU=   En/tlements   OU=   Devices   OU=   Profiles   OU=   Names   OU=   Roles   OU=   Users   OU=   Products   OU=   Configura/on   Mgt   OU=   Preferences   OU=   Apps   OU=   Addr  Books   Tie  users  to  objects  using  GUIDs  to  create  rela%onships  
Adding  it  all  up   =   +   Business  Context   Rela/onships   Scalable  +  contextual   Iden/ty  Data  Model  
Well  designed  informa%on  sets  provide  business   efficiency  and  scale   System  Scale   Self-­‐Managed   CRM  /  Billing   Directory  NameSpace(s)   Updates  /  Reads   Reflected  in   informa%on   objects   Single  user  view   VMs   VMs   VMs   VMs  
Provides  a  ready-­‐made  recipe  for  cloud   Single  user  view   -­‐  with  context   Iden%ty   Bridge   Portable  context  
Beder  prepared  for  paradigm  shi]   •  An  API-­‐centric  methodology  relies  on  well  managed  and   described  informa%on  about  users   •  Requires  closer  integra%on  with  data  architecture   Services   Services   Services   Services   Services   Web  Services   Updates  Self-­‐service   Self-­‐subscribing   Names   Users   Devices   Products   Profiles   Roles   Addr.   Books   Apps   Prefs   Config.   Web  
Making  progress   =  Hundreds   of  iden//es   We  s%ll  need  to  move   away  from  this   DBs   Single  Iden/ty   Towards  this   CRM  /  Billing   $$  
Next  Steps   •   Get  a  handle  on  the  number  of  iden%%es  out  there   •   Use  tools  to  discover,  map  and  clean  up  duplicate   iden%%es   •   Use  Tools  to  understand  which  applica%ons  are  using   which  iden%ty  stores   VDS   •   Create  a  taxonomy  of  applica%ons  that  require   authen%ca%on/authoriza%on  and  the  condi%ons  for   access  (e.g.,  Gold  subscriber,  all  users,  certain  users)   VDS  
Next  Steps   $$   •   Use  the  context  in  the  systems  you  own  and  build  a   richer  set  of  user  context   •   CRM/Billing  systems  don’t  sign-­‐in  users   •   Build  systems  that  represents  the  business  context  of   users  and  what  they  do   •   Needs  to  be  scalable,  distributed  and  secure   •   Transi%on  authen%ca%on  to  new  tools   •   Work  with  app  owners  to  lifecycle  current  apps   •   Use  new  tools  to  build  new  apps   VDS  
When  you  get  back  to  the  office   •  Understand  vision  for  customer  centricity   •  Start  cleaning  up  the  iden%ty  silos  that  cause  a   disconnected  view  of  the  customer   •  Change  legacy  mindsets  and  look  to  beder  combine   iden%ty  with  data  architecture   •  Correlate  insufficient  technology  investments  to   current  problem  sets   •  Build  the  business  case  and  understand  dimensions    
Ques%ons?   Anthony  Randall   Security  Architect  –  IAM   anthony.randall@monsanto.com  
Back-­‐Up  Stuff  
There  is  a  lot  of  valuable  context  informa%on  in  billing   systems  and  CRMs  that  can  replace  IT  security  groups   Name   Brand  Informa%on   Market  Segment   Billing  Status   Licensing  &   Cer%fica%on   Role   Contact  informa%on   Account  Status   Devices       Consent   Loca%on   Organiza%on   Iden%fiers   Interac%ons   Agreements   Product  subscrip%ons   Authorized  Acct   Rela%onships   CRM  /  Billing   $$   Applica/on   iden/ty  silos  
Graph  databases  offer  another  way  to   depict  the  same  core  problem   Is  it  a  storage  and  scale  problem…   Or  the  method  we  use  to  represent  informa/on?     VS  
Requirements  and  Processes   Business   User   Solu%on   Vision   Goals  and  drivers   Legal  and  Regulatory   Use-­‐cases   Product  Defini/on   Simple  to  use   Fast   Self-­‐service   Self-­‐controlled   Online  trust   Customer  support   Parental  controls   Privacy  control   Personaliza%on   Massive  scale   Millions  of  users   Mobile  Op/mized   Cloud-­‐based   Ensure  data  privacy   Secure   Support  social  IDs   Integrated   Federated   Account  crea%on/registra%on   Product  Management   Provisioning     Processes   Context-­‐driven  access   Account  Management     User  lifecycle  Mgt     Configura%on  Mgt   Business/Decision  Support   Customer  care    
Model  for  Scale   Namespace,  business  objects  that  provide  specific  func%on  and   context;  Can  be  scaled  independently  according  to  need   SaaS CRM 3Rd Party Billing Administration Tools Self-Service Tools Identity Information Service Provisioning SelfService Administration Product Mgt Tool Data Tools Provisioning Synchronization Service Access/ Policy Information Point Audit Authoritative Sources People Products Name Mgt Devices Servers SaaS Satellite Information SaaS Profiles Role Def. eMail SF.com Name Mgt Config. Mgt. <new>@service.com Single User View Addr Books Policies Registration/ Account Creation Prefs Registration/ Account Creation MDM Business Context

Recomendados

Intel IT's Identity and Access Management Journey
Intel IT's Identity and Access Management JourneyIntel IT's Identity and Access Management Journey
Intel IT's Identity and Access Management JourneyIntel IT Center
 
Identity and Access Management
Identity and Access ManagementIdentity and Access Management
Identity and Access ManagementPrashanth BS
 
26_R2WSolution_Sheet_1 (3) (1)
26_R2WSolution_Sheet_1 (3) (1)26_R2WSolution_Sheet_1 (3) (1)
26_R2WSolution_Sheet_1 (3) (1)Diego Portilla
 
CIS13: Cloud, Identity Bridges, and ITSM: Three is Not a Crowd
CIS13: Cloud, Identity Bridges, and ITSM: Three is Not a CrowdCIS13: Cloud, Identity Bridges, and ITSM: Three is Not a Crowd
CIS13: Cloud, Identity Bridges, and ITSM: Three is Not a CrowdCloudIDSummit
 
Active Directory Self-Service Suite Overview
Active Directory Self-Service Suite OverviewActive Directory Self-Service Suite Overview
Active Directory Self-Service Suite OverviewEmpowerID
 
The Future of Identity in the Cloud: Requirements, Risks and Opportunities - ...
The Future of Identity in the Cloud: Requirements, Risks and Opportunities - ...The Future of Identity in the Cloud: Requirements, Risks and Opportunities - ...
The Future of Identity in the Cloud: Requirements, Risks and Opportunities - ...gueste4e93e3
 
Short Sales Overview of EmpowerID
Short Sales Overview of EmpowerIDShort Sales Overview of EmpowerID
Short Sales Overview of EmpowerIDEmpowerID
 
Identity as a Service: a missing gap for moving enterprise applications in In...
Identity as a Service: a missing gap for moving enterprise applications in In...Identity as a Service: a missing gap for moving enterprise applications in In...
Identity as a Service: a missing gap for moving enterprise applications in In...Hoang Tri Vo
 

Más contenido relacionado

La actualidad más candente

okta | Top 8 Identity and Access Management Challenges with Your SaaS Applica...
okta | Top 8 Identity and Access Management Challenges with Your SaaS Applica...okta | Top 8 Identity and Access Management Challenges with Your SaaS Applica...
okta | Top 8 Identity and Access Management Challenges with Your SaaS Applica...Abhishek Sood
 
Federation Services
Federation ServicesFederation Services
Federation ServicesEmpowerID
 
Identiverse 2021 enterprise identity: What foundations
Identiverse 2021 enterprise identity: What foundationsIdentiverse 2021 enterprise identity: What foundations
Identiverse 2021 enterprise identity: What foundationsBertrand Carlier
 
Overview of Identity and Access Management Product Line
Overview of Identity and Access Management Product LineOverview of Identity and Access Management Product Line
Overview of Identity and Access Management Product LineNovell
 
IDENTITY IS THE FIRST STEP TO TRUE NETWORK SECURITY
IDENTITY IS THE FIRST STEP TO TRUE NETWORK SECURITYIDENTITY IS THE FIRST STEP TO TRUE NETWORK SECURITY
IDENTITY IS THE FIRST STEP TO TRUE NETWORK SECURITYForgeRock
 
Identity Management: Tools, processes & services
Identity Management: Tools, processes & servicesIdentity Management: Tools, processes & services
Identity Management: Tools, processes & servicesJISC Netskills
 
Overview of Oracle Identity Management - Customer Presentation
Overview of Oracle Identity Management - Customer PresentationOverview of Oracle Identity Management - Customer Presentation
Overview of Oracle Identity Management - Customer PresentationDelivery Centric
 
Identity and Access Management from Microsoft and Razor Technology
Identity and Access Management from Microsoft and Razor TechnologyIdentity and Access Management from Microsoft and Razor Technology
Identity and Access Management from Microsoft and Razor TechnologyDavid J Rosenthal
 
5 Top Enterprises Making IAM a Priority
5 Top Enterprises Making IAM a Priority5 Top Enterprises Making IAM a Priority
5 Top Enterprises Making IAM a PriorityOkta-Inc
 
Virtualization and Automation: How Dynamic is Your Data Center
Virtualization and Automation: How Dynamic is Your Data CenterVirtualization and Automation: How Dynamic is Your Data Center
Virtualization and Automation: How Dynamic is Your Data CenterDavid Resnic
 
Partner Transformation for Hybrid Cloud Management
Partner Transformation for Hybrid Cloud ManagementPartner Transformation for Hybrid Cloud Management
Partner Transformation for Hybrid Cloud ManagementVistara
 
Measuring the Success of Cloud-Based Services
Measuring the Success of Cloud-Based ServicesMeasuring the Success of Cloud-Based Services
Measuring the Success of Cloud-Based ServicesVistara
 
CIS13: Avoiding the Pitfalls of Managing IAM for a Hybrid Environment
CIS13: Avoiding the Pitfalls of Managing IAM for a Hybrid EnvironmentCIS13: Avoiding the Pitfalls of Managing IAM for a Hybrid Environment
CIS13: Avoiding the Pitfalls of Managing IAM for a Hybrid EnvironmentCloudIDSummit
 
Identity Access Management
Identity Access ManagementIdentity Access Management
Identity Access Managementson09remotely
 

La actualidad más candente (19)

okta | Top 8 Identity and Access Management Challenges with Your SaaS Applica...
okta | Top 8 Identity and Access Management Challenges with Your SaaS Applica...okta | Top 8 Identity and Access Management Challenges with Your SaaS Applica...
okta | Top 8 Identity and Access Management Challenges with Your SaaS Applica...
 
Federation Services
Federation ServicesFederation Services
Federation Services
 
Identiverse 2021 enterprise identity: What foundations
Identiverse 2021 enterprise identity: What foundationsIdentiverse 2021 enterprise identity: What foundations
Identiverse 2021 enterprise identity: What foundations
 
IdM vs. IDaaS
IdM vs. IDaaSIdM vs. IDaaS
IdM vs. IDaaS
 
Overview of Identity and Access Management Product Line
Overview of Identity and Access Management Product LineOverview of Identity and Access Management Product Line
Overview of Identity and Access Management Product Line
 
Building Your Roadmap Sucessful Identity And Access Management
Building Your Roadmap Sucessful Identity And Access ManagementBuilding Your Roadmap Sucessful Identity And Access Management
Building Your Roadmap Sucessful Identity And Access Management
 
IDENTITY IS THE FIRST STEP TO TRUE NETWORK SECURITY
IDENTITY IS THE FIRST STEP TO TRUE NETWORK SECURITYIDENTITY IS THE FIRST STEP TO TRUE NETWORK SECURITY
IDENTITY IS THE FIRST STEP TO TRUE NETWORK SECURITY
 
Cloudy with SaaS shine
Cloudy with SaaS shineCloudy with SaaS shine
Cloudy with SaaS shine
 
Identity Management: Tools, processes & services
Identity Management: Tools, processes & servicesIdentity Management: Tools, processes & services
Identity Management: Tools, processes & services
 
Overview of Oracle Identity Management - Customer Presentation
Overview of Oracle Identity Management - Customer PresentationOverview of Oracle Identity Management - Customer Presentation
Overview of Oracle Identity Management - Customer Presentation
 
Identity and Access Management from Microsoft and Razor Technology
Identity and Access Management from Microsoft and Razor TechnologyIdentity and Access Management from Microsoft and Razor Technology
Identity and Access Management from Microsoft and Razor Technology
 
Prashant Saxena Business briefing Okta
Prashant Saxena Business briefing OktaPrashant Saxena Business briefing Okta
Prashant Saxena Business briefing Okta
 
5 Top Enterprises Making IAM a Priority
5 Top Enterprises Making IAM a Priority5 Top Enterprises Making IAM a Priority
5 Top Enterprises Making IAM a Priority
 
Virtualization and Automation: How Dynamic is Your Data Center
Virtualization and Automation: How Dynamic is Your Data CenterVirtualization and Automation: How Dynamic is Your Data Center
Virtualization and Automation: How Dynamic is Your Data Center
 
Partner Transformation for Hybrid Cloud Management
Partner Transformation for Hybrid Cloud ManagementPartner Transformation for Hybrid Cloud Management
Partner Transformation for Hybrid Cloud Management
 
Measuring the Success of Cloud-Based Services
Measuring the Success of Cloud-Based ServicesMeasuring the Success of Cloud-Based Services
Measuring the Success of Cloud-Based Services
 
CIS13: Avoiding the Pitfalls of Managing IAM for a Hybrid Environment
CIS13: Avoiding the Pitfalls of Managing IAM for a Hybrid EnvironmentCIS13: Avoiding the Pitfalls of Managing IAM for a Hybrid Environment
CIS13: Avoiding the Pitfalls of Managing IAM for a Hybrid Environment
 
Identity Access Management
Identity Access ManagementIdentity Access Management
Identity Access Management
 
An Intro to Cloud Computing
An Intro to Cloud ComputingAn Intro to Cloud Computing
An Intro to Cloud Computing
 

Destacado

CIS14: PingOne IDaaS: What You Need to Know
CIS14: PingOne IDaaS: What You Need to KnowCIS14: PingOne IDaaS: What You Need to Know
CIS14: PingOne IDaaS: What You Need to KnowCloudIDSummit
 
CIS13: Identity Tech Overview: Less Pain, More Gain
CIS13: Identity Tech Overview: Less Pain, More GainCIS13: Identity Tech Overview: Less Pain, More Gain
CIS13: Identity Tech Overview: Less Pain, More GainCloudIDSummit
 
CIS14: Authorization: It's What's for Dessert
CIS14: Authorization: It's What's for DessertCIS14: Authorization: It's What's for Dessert
CIS14: Authorization: It's What's for DessertCloudIDSummit
 
CIS13: The Good, The Bad, and the Government: Wrangling Attributes in the Sta...
CIS13: The Good, The Bad, and the Government: Wrangling Attributes in the Sta...CIS13: The Good, The Bad, and the Government: Wrangling Attributes in the Sta...
CIS13: The Good, The Bad, and the Government: Wrangling Attributes in the Sta...CloudIDSummit
 
CIS14: Spinning New Threads with Existing Identity Systems
CIS14: Spinning New Threads with Existing Identity SystemsCIS14: Spinning New Threads with Existing Identity Systems
CIS14: Spinning New Threads with Existing Identity SystemsCloudIDSummit
 
2014 07-19 id cloud summit
2014 07-19 id cloud summit2014 07-19 id cloud summit
2014 07-19 id cloud summitCloudIDSummit
 
CIS14: Handling Identity in AllJoyn 14.06
CIS14: Handling Identity in AllJoyn 14.06CIS14: Handling Identity in AllJoyn 14.06
CIS14: Handling Identity in AllJoyn 14.06CloudIDSummit
 
CIS14: NSTIC: Identity Enables a New Digital Relationship
CIS14: NSTIC: Identity Enables a New Digital RelationshipCIS14: NSTIC: Identity Enables a New Digital Relationship
CIS14: NSTIC: Identity Enables a New Digital RelationshipCloudIDSummit
 
CIS14: Authentication Family Tree (1.1.1 annotated) - Steve Wilson
CIS14: Authentication Family Tree (1.1.1 annotated) - Steve WilsonCIS14: Authentication Family Tree (1.1.1 annotated) - Steve Wilson
CIS14: Authentication Family Tree (1.1.1 annotated) - Steve WilsonCloudIDSummit
 
CIS14: Bringing Crypto Back: Web Authentication without Bearer Tokens
CIS14: Bringing Crypto Back: Web Authentication without Bearer TokensCIS14: Bringing Crypto Back: Web Authentication without Bearer Tokens
CIS14: Bringing Crypto Back: Web Authentication without Bearer TokensCloudIDSummit
 
CIS14: Authentication: Who are You? You are What You Eat
CIS14: Authentication: Who are You? You are What You EatCIS14: Authentication: Who are You? You are What You Eat
CIS14: Authentication: Who are You? You are What You EatCloudIDSummit
 
CIS14: Case Study: Using a Federated Identity Service for Faster Application ...
CIS14: Case Study: Using a Federated Identity Service for Faster Application ...CIS14: Case Study: Using a Federated Identity Service for Faster Application ...
CIS14: Case Study: Using a Federated Identity Service for Faster Application ...CloudIDSummit
 
CIS14: Best Practices You Must Apply to Secure Your APIs
CIS14: Best Practices You Must Apply to Secure Your APIsCIS14: Best Practices You Must Apply to Secure Your APIs
CIS14: Best Practices You Must Apply to Secure Your APIsCloudIDSummit
 
CIS14: NSTIC - Identity and Access Management Collaborative Approaches to Nov...
CIS14: NSTIC - Identity and Access Management Collaborative Approaches to Nov...CIS14: NSTIC - Identity and Access Management Collaborative Approaches to Nov...
CIS14: NSTIC - Identity and Access Management Collaborative Approaches to Nov...CloudIDSummit
 
CIS14: Early Peek at PingFederate Administrative REST API
CIS14: Early Peek at PingFederate Administrative REST APICIS14: Early Peek at PingFederate Administrative REST API
CIS14: Early Peek at PingFederate Administrative REST APICloudIDSummit
 
CIS13: APIs, Identity, and Securing the Enterprise
CIS13: APIs, Identity, and Securing the EnterpriseCIS13: APIs, Identity, and Securing the Enterprise
CIS13: APIs, Identity, and Securing the EnterpriseCloudIDSummit
 
CIS14: FIDO 101 (What, Why and Wherefore of FIDO)
CIS14: FIDO 101 (What, Why and Wherefore of FIDO)CIS14: FIDO 101 (What, Why and Wherefore of FIDO)
CIS14: FIDO 101 (What, Why and Wherefore of FIDO)CloudIDSummit
 
CIS14: Physical and Logical Access Control Convergence
CIS14: Physical and Logical Access Control ConvergenceCIS14: Physical and Logical Access Control Convergence
CIS14: Physical and Logical Access Control ConvergenceCloudIDSummit
 
CIS13: Is Identity the Answer to the Great Question of Life, the Universe, an...
CIS13: Is Identity the Answer to the Great Question of Life, the Universe, an...CIS13: Is Identity the Answer to the Great Question of Life, the Universe, an...
CIS13: Is Identity the Answer to the Great Question of Life, the Universe, an...CloudIDSummit
 

Destacado (19)

CIS14: PingOne IDaaS: What You Need to Know
CIS14: PingOne IDaaS: What You Need to KnowCIS14: PingOne IDaaS: What You Need to Know
CIS14: PingOne IDaaS: What You Need to Know
 
CIS13: Identity Tech Overview: Less Pain, More Gain
CIS13: Identity Tech Overview: Less Pain, More GainCIS13: Identity Tech Overview: Less Pain, More Gain
CIS13: Identity Tech Overview: Less Pain, More Gain
 
CIS14: Authorization: It's What's for Dessert
CIS14: Authorization: It's What's for DessertCIS14: Authorization: It's What's for Dessert
CIS14: Authorization: It's What's for Dessert
 
CIS13: The Good, The Bad, and the Government: Wrangling Attributes in the Sta...
CIS13: The Good, The Bad, and the Government: Wrangling Attributes in the Sta...CIS13: The Good, The Bad, and the Government: Wrangling Attributes in the Sta...
CIS13: The Good, The Bad, and the Government: Wrangling Attributes in the Sta...
 
CIS14: Spinning New Threads with Existing Identity Systems
CIS14: Spinning New Threads with Existing Identity SystemsCIS14: Spinning New Threads with Existing Identity Systems
CIS14: Spinning New Threads with Existing Identity Systems
 
2014 07-19 id cloud summit
2014 07-19 id cloud summit2014 07-19 id cloud summit
2014 07-19 id cloud summit
 
CIS14: Handling Identity in AllJoyn 14.06
CIS14: Handling Identity in AllJoyn 14.06CIS14: Handling Identity in AllJoyn 14.06
CIS14: Handling Identity in AllJoyn 14.06
 
CIS14: NSTIC: Identity Enables a New Digital Relationship
CIS14: NSTIC: Identity Enables a New Digital RelationshipCIS14: NSTIC: Identity Enables a New Digital Relationship
CIS14: NSTIC: Identity Enables a New Digital Relationship
 
CIS14: Authentication Family Tree (1.1.1 annotated) - Steve Wilson
CIS14: Authentication Family Tree (1.1.1 annotated) - Steve WilsonCIS14: Authentication Family Tree (1.1.1 annotated) - Steve Wilson
CIS14: Authentication Family Tree (1.1.1 annotated) - Steve Wilson
 
CIS14: Bringing Crypto Back: Web Authentication without Bearer Tokens
CIS14: Bringing Crypto Back: Web Authentication without Bearer TokensCIS14: Bringing Crypto Back: Web Authentication without Bearer Tokens
CIS14: Bringing Crypto Back: Web Authentication without Bearer Tokens
 
CIS14: Authentication: Who are You? You are What You Eat
CIS14: Authentication: Who are You? You are What You EatCIS14: Authentication: Who are You? You are What You Eat
CIS14: Authentication: Who are You? You are What You Eat
 
CIS14: Case Study: Using a Federated Identity Service for Faster Application ...
CIS14: Case Study: Using a Federated Identity Service for Faster Application ...CIS14: Case Study: Using a Federated Identity Service for Faster Application ...
CIS14: Case Study: Using a Federated Identity Service for Faster Application ...
 
CIS14: Best Practices You Must Apply to Secure Your APIs
CIS14: Best Practices You Must Apply to Secure Your APIsCIS14: Best Practices You Must Apply to Secure Your APIs
CIS14: Best Practices You Must Apply to Secure Your APIs
 
CIS14: NSTIC - Identity and Access Management Collaborative Approaches to Nov...
CIS14: NSTIC - Identity and Access Management Collaborative Approaches to Nov...CIS14: NSTIC - Identity and Access Management Collaborative Approaches to Nov...
CIS14: NSTIC - Identity and Access Management Collaborative Approaches to Nov...
 
CIS14: Early Peek at PingFederate Administrative REST API
CIS14: Early Peek at PingFederate Administrative REST APICIS14: Early Peek at PingFederate Administrative REST API
CIS14: Early Peek at PingFederate Administrative REST API
 
CIS13: APIs, Identity, and Securing the Enterprise
CIS13: APIs, Identity, and Securing the EnterpriseCIS13: APIs, Identity, and Securing the Enterprise
CIS13: APIs, Identity, and Securing the Enterprise
 
CIS14: FIDO 101 (What, Why and Wherefore of FIDO)
CIS14: FIDO 101 (What, Why and Wherefore of FIDO)CIS14: FIDO 101 (What, Why and Wherefore of FIDO)
CIS14: FIDO 101 (What, Why and Wherefore of FIDO)
 
CIS14: Physical and Logical Access Control Convergence
CIS14: Physical and Logical Access Control ConvergenceCIS14: Physical and Logical Access Control Convergence
CIS14: Physical and Logical Access Control Convergence
 
CIS13: Is Identity the Answer to the Great Question of Life, the Universe, an...
CIS13: Is Identity the Answer to the Great Question of Life, the Universe, an...CIS13: Is Identity the Answer to the Great Question of Life, the Universe, an...
CIS13: Is Identity the Answer to the Great Question of Life, the Universe, an...
 

Similar a CIS14: Identity at Scale: Building from the Ground Up

[WSO2Con EU 2017] IAM: Catalyst for Digital Transformation
[WSO2Con EU 2017] IAM: Catalyst for Digital Transformation[WSO2Con EU 2017] IAM: Catalyst for Digital Transformation
[WSO2Con EU 2017] IAM: Catalyst for Digital TransformationWSO2
 
Cloud Computing 4 Accounting Firms
Cloud Computing 4 Accounting FirmsCloud Computing 4 Accounting Firms
Cloud Computing 4 Accounting FirmsDavid Blumentals
 
Cloud Data Integration Best Practices
Cloud Data Integration Best PracticesCloud Data Integration Best Practices
Cloud Data Integration Best PracticesDarren Cunningham
 
Enterprise Cloud Adoption
Enterprise Cloud Adoption Enterprise Cloud Adoption
Enterprise Cloud Adoption Tom Laszewski
 
The Big Picture: Real-time Data is Defining Intelligent Offers
The Big Picture: Real-time Data is Defining Intelligent OffersThe Big Picture: Real-time Data is Defining Intelligent Offers
The Big Picture: Real-time Data is Defining Intelligent OffersCloudera, Inc.
 
3 Building Blocks For Managing Cloud Applications Webinar
3 Building Blocks For Managing Cloud Applications Webinar3 Building Blocks For Managing Cloud Applications Webinar
3 Building Blocks For Managing Cloud Applications WebinarTodd Clayton
 
Indonesian e-Commerce requires Scalability, Reliability and Security to Achi...
Indonesian e-Commerce requires Scalability, Reliability and Security to Achi...Indonesian e-Commerce requires Scalability, Reliability and Security to Achi...
Indonesian e-Commerce requires Scalability, Reliability and Security to Achi...Sutedjo Tjahjadi
 
Using Big Data to Drive Customer 360
Using Big Data to Drive Customer 360Using Big Data to Drive Customer 360
Using Big Data to Drive Customer 360Cloudera, Inc.
 
How to Get Cloud Architecture and Design Right the First Time
How to Get Cloud Architecture and Design Right the First TimeHow to Get Cloud Architecture and Design Right the First Time
How to Get Cloud Architecture and Design Right the First TimeDavid Linthicum
 
Big Data Paris - A Modern Enterprise Architecture
Big Data Paris - A Modern Enterprise ArchitectureBig Data Paris - A Modern Enterprise Architecture
Big Data Paris - A Modern Enterprise ArchitectureMongoDB
 
Risk Aware IAM for an Insecure World
Risk Aware IAM for an Insecure WorldRisk Aware IAM for an Insecure World
Risk Aware IAM for an Insecure WorldForte Advisory, Inc.
 
Data Management & Warehousing (David Walker, ex-World Pay) 2019 Confluent Str...
Data Management & Warehousing (David Walker, ex-World Pay) 2019 Confluent Str...Data Management & Warehousing (David Walker, ex-World Pay) 2019 Confluent Str...
Data Management & Warehousing (David Walker, ex-World Pay) 2019 Confluent Str...confluent
 
A Study in Borderless Over Perimeter
A Study in Borderless Over PerimeterA Study in Borderless Over Perimeter
A Study in Borderless Over PerimeterForgeRock
 
CRM-UG Summit Phoenix 2018 - What is Common Data Model and how to use it?
CRM-UG Summit Phoenix 2018 - What is Common Data Model and how to use it?CRM-UG Summit Phoenix 2018 - What is Common Data Model and how to use it?
CRM-UG Summit Phoenix 2018 - What is Common Data Model and how to use it?Nicolas Georgeault
 
8 Tools For Digital Transformation For Every Leader.pdf
8 Tools For Digital Transformation For Every Leader.pdf8 Tools For Digital Transformation For Every Leader.pdf
8 Tools For Digital Transformation For Every Leader.pdflearntransformation0
 
Making Sense Of Cloud Computing - by Mark Rivington
Making Sense Of Cloud Computing - by Mark RivingtonMaking Sense Of Cloud Computing - by Mark Rivington
Making Sense Of Cloud Computing - by Mark RivingtonCA Nimsoft
 
ENT207-The Future of Enterprise IT.pdf
ENT207-The Future of Enterprise IT.pdfENT207-The Future of Enterprise IT.pdf
ENT207-The Future of Enterprise IT.pdfAmazon Web Services
 

Similar a CIS14: Identity at Scale: Building from the Ground Up (20)

[WSO2Con EU 2017] IAM: Catalyst for Digital Transformation
[WSO2Con EU 2017] IAM: Catalyst for Digital Transformation[WSO2Con EU 2017] IAM: Catalyst for Digital Transformation
[WSO2Con EU 2017] IAM: Catalyst for Digital Transformation
 
Cloud Computing 4 Accounting Firms
Cloud Computing 4 Accounting FirmsCloud Computing 4 Accounting Firms
Cloud Computing 4 Accounting Firms
 
Cloud Data Integration Best Practices
Cloud Data Integration Best PracticesCloud Data Integration Best Practices
Cloud Data Integration Best Practices
 
Enterprise Cloud Adoption
Enterprise Cloud Adoption Enterprise Cloud Adoption
Enterprise Cloud Adoption
 
The Big Picture: Real-time Data is Defining Intelligent Offers
The Big Picture: Real-time Data is Defining Intelligent OffersThe Big Picture: Real-time Data is Defining Intelligent Offers
The Big Picture: Real-time Data is Defining Intelligent Offers
 
3 Building Blocks For Managing Cloud Applications Webinar
3 Building Blocks For Managing Cloud Applications Webinar3 Building Blocks For Managing Cloud Applications Webinar
3 Building Blocks For Managing Cloud Applications Webinar
 
Indonesian e-Commerce requires Scalability, Reliability and Security to Achi...
Indonesian e-Commerce requires Scalability, Reliability and Security to Achi...Indonesian e-Commerce requires Scalability, Reliability and Security to Achi...
Indonesian e-Commerce requires Scalability, Reliability and Security to Achi...
 
Using Big Data to Drive Customer 360
Using Big Data to Drive Customer 360Using Big Data to Drive Customer 360
Using Big Data to Drive Customer 360
 
Cloud Computing for CPAs: What Your Client Will Ask You
Cloud Computing for CPAs: What Your Client Will Ask YouCloud Computing for CPAs: What Your Client Will Ask You
Cloud Computing for CPAs: What Your Client Will Ask You
 
Boot camp - Migration to AWS
Boot camp - Migration to AWSBoot camp - Migration to AWS
Boot camp - Migration to AWS
 
How to Get Cloud Architecture and Design Right the First Time
How to Get Cloud Architecture and Design Right the First TimeHow to Get Cloud Architecture and Design Right the First Time
How to Get Cloud Architecture and Design Right the First Time
 
Big Data Paris - A Modern Enterprise Architecture
Big Data Paris - A Modern Enterprise ArchitectureBig Data Paris - A Modern Enterprise Architecture
Big Data Paris - A Modern Enterprise Architecture
 
Risk Aware IAM for an Insecure World
Risk Aware IAM for an Insecure WorldRisk Aware IAM for an Insecure World
Risk Aware IAM for an Insecure World
 
Data Management & Warehousing (David Walker, ex-World Pay) 2019 Confluent Str...
Data Management & Warehousing (David Walker, ex-World Pay) 2019 Confluent Str...Data Management & Warehousing (David Walker, ex-World Pay) 2019 Confluent Str...
Data Management & Warehousing (David Walker, ex-World Pay) 2019 Confluent Str...
 
A Study in Borderless Over Perimeter
A Study in Borderless Over PerimeterA Study in Borderless Over Perimeter
A Study in Borderless Over Perimeter
 
CRM-UG Summit Phoenix 2018 - What is Common Data Model and how to use it?
CRM-UG Summit Phoenix 2018 - What is Common Data Model and how to use it?CRM-UG Summit Phoenix 2018 - What is Common Data Model and how to use it?
CRM-UG Summit Phoenix 2018 - What is Common Data Model and how to use it?
 
8 Tools For Digital Transformation For Every Leader.pdf
8 Tools For Digital Transformation For Every Leader.pdf8 Tools For Digital Transformation For Every Leader.pdf
8 Tools For Digital Transformation For Every Leader.pdf
 
Making Sense Of Cloud Computing - by Mark Rivington
Making Sense Of Cloud Computing - by Mark RivingtonMaking Sense Of Cloud Computing - by Mark Rivington
Making Sense Of Cloud Computing - by Mark Rivington
 
Business Intelligenze Corporate
Business Intelligenze CorporateBusiness Intelligenze Corporate
Business Intelligenze Corporate
 
ENT207-The Future of Enterprise IT.pdf
ENT207-The Future of Enterprise IT.pdfENT207-The Future of Enterprise IT.pdf
ENT207-The Future of Enterprise IT.pdf
 

Más de CloudIDSummit

CIS 2016 Content Highlights
CIS 2016 Content HighlightsCIS 2016 Content Highlights
CIS 2016 Content HighlightsCloudIDSummit
 
Top 6 Reasons You Should Attend Cloud Identity Summit 2016
Top 6 Reasons You Should Attend Cloud Identity Summit 2016Top 6 Reasons You Should Attend Cloud Identity Summit 2016
Top 6 Reasons You Should Attend Cloud Identity Summit 2016CloudIDSummit
 
CIS 2015 Security Without Borders: Taming the Cloud and Mobile Frontier - And...
CIS 2015 Security Without Borders: Taming the Cloud and Mobile Frontier - And...CIS 2015 Security Without Borders: Taming the Cloud and Mobile Frontier - And...
CIS 2015 Security Without Borders: Taming the Cloud and Mobile Frontier - And...CloudIDSummit
 
Mobile security, identity & authentication reasons for optimism 20150607 v2
Mobile security, identity & authentication reasons for optimism 20150607 v2Mobile security, identity & authentication reasons for optimism 20150607 v2
Mobile security, identity & authentication reasons for optimism 20150607 v2CloudIDSummit
 
CIS 2015 Mobile Security, Identity & Authentication: Reasons for Optimism - R...
CIS 2015 Mobile Security, Identity & Authentication: Reasons for Optimism - R...CIS 2015 Mobile Security, Identity & Authentication: Reasons for Optimism - R...
CIS 2015 Mobile Security, Identity & Authentication: Reasons for Optimism - R...CloudIDSummit
 
CIS 2015 Virtual Identity: The Vision, Challenges and Experiences in Driving ...
CIS 2015 Virtual Identity: The Vision, Challenges and Experiences in Driving ...CIS 2015 Virtual Identity: The Vision, Challenges and Experiences in Driving ...
CIS 2015 Virtual Identity: The Vision, Challenges and Experiences in Driving ...CloudIDSummit
 
CIS 2015 Deploying Strong Authentication to a Global Enterprise: A Comedy in ...
CIS 2015 Deploying Strong Authentication to a Global Enterprise: A Comedy in ...CIS 2015 Deploying Strong Authentication to a Global Enterprise: A Comedy in ...
CIS 2015 Deploying Strong Authentication to a Global Enterprise: A Comedy in ...CloudIDSummit
 
CIS 2015 Without Great Security, Digital Identity is Not Worth the Electrons ...
CIS 2015 Without Great Security, Digital Identity is Not Worth the Electrons ...CIS 2015 Without Great Security, Digital Identity is Not Worth the Electrons ...
CIS 2015 Without Great Security, Digital Identity is Not Worth the Electrons ...CloudIDSummit
 
CIS 2015 Mergers & Acquisitions in a Cloud Enabled World - Brian Puhl
CIS 2015 Mergers & Acquisitions in a Cloud Enabled World - Brian PuhlCIS 2015 Mergers & Acquisitions in a Cloud Enabled World - Brian Puhl
CIS 2015 Mergers & Acquisitions in a Cloud Enabled World - Brian PuhlCloudIDSummit
 
CIS 2015 IoT and IDM in your Mobile Enterprise - Brian Katz
CIS 2015 IoT and IDM in your Mobile Enterprise - Brian KatzCIS 2015 IoT and IDM in your Mobile Enterprise - Brian Katz
CIS 2015 IoT and IDM in your Mobile Enterprise - Brian KatzCloudIDSummit
 
CIS 2015 Practical Deployments Enterprise Cloud Access Management Platform - ...
CIS 2015 Practical Deployments Enterprise Cloud Access Management Platform - ...CIS 2015 Practical Deployments Enterprise Cloud Access Management Platform - ...
CIS 2015 Practical Deployments Enterprise Cloud Access Management Platform - ...CloudIDSummit
 
CIS 2015 What I Learned From Pitching IAM To My CIO - Steve Tout
CIS 2015 What I Learned From Pitching IAM To My CIO - Steve ToutCIS 2015 What I Learned From Pitching IAM To My CIO - Steve Tout
CIS 2015 What I Learned From Pitching IAM To My CIO - Steve ToutCloudIDSummit
 
CIS 2015 How to secure the Internet of Things? Hannes Tschofenig
CIS 2015 How to secure the Internet of Things? Hannes TschofenigCIS 2015 How to secure the Internet of Things? Hannes Tschofenig
CIS 2015 How to secure the Internet of Things? Hannes TschofenigCloudIDSummit
 
CIS 2015 The IDaaS Dating Game - Sean Deuby
CIS 2015 The IDaaS Dating Game - Sean DeubyCIS 2015 The IDaaS Dating Game - Sean Deuby
CIS 2015 The IDaaS Dating Game - Sean DeubyCloudIDSummit
 
CIS 2015 SSO for Mobile and Web Apps Ashish Jain
CIS 2015 SSO for Mobile and Web Apps Ashish JainCIS 2015 SSO for Mobile and Web Apps Ashish Jain
CIS 2015 SSO for Mobile and Web Apps Ashish JainCloudIDSummit
 
The Industrial Internet, the Identity of Everything and the Industrial Enterp...
The Industrial Internet, the Identity of Everything and the Industrial Enterp...The Industrial Internet, the Identity of Everything and the Industrial Enterp...
The Industrial Internet, the Identity of Everything and the Industrial Enterp...CloudIDSummit
 
CIS 2015 SAML-IN / SAML-OUT - Scott Tomilson & John Dasilva
CIS 2015 SAML-IN / SAML-OUT - Scott Tomilson & John DasilvaCIS 2015 SAML-IN / SAML-OUT - Scott Tomilson & John Dasilva
CIS 2015 SAML-IN / SAML-OUT - Scott Tomilson & John DasilvaCloudIDSummit
 
CIS 2015 Session Management at Scale - Scott Tomilson & Jamshid Khosravian
CIS 2015 Session Management at Scale - Scott Tomilson & Jamshid KhosravianCIS 2015 Session Management at Scale - Scott Tomilson & Jamshid Khosravian
CIS 2015 Session Management at Scale - Scott Tomilson & Jamshid KhosravianCloudIDSummit
 
CIS 2015 So you want to SSO … Scott Tomilson & John Dasilva
CIS 2015 So you want to SSO … Scott Tomilson & John DasilvaCIS 2015 So you want to SSO … Scott Tomilson & John Dasilva
CIS 2015 So you want to SSO … Scott Tomilson & John DasilvaCloudIDSummit
 
CIS 2015 Identity Relationship Management in the Internet of Things
CIS 2015 Identity Relationship Management in the Internet of ThingsCIS 2015 Identity Relationship Management in the Internet of Things
CIS 2015 Identity Relationship Management in the Internet of ThingsCloudIDSummit
 

Más de CloudIDSummit (20)

CIS 2016 Content Highlights
CIS 2016 Content HighlightsCIS 2016 Content Highlights
CIS 2016 Content Highlights
 
Top 6 Reasons You Should Attend Cloud Identity Summit 2016
Top 6 Reasons You Should Attend Cloud Identity Summit 2016Top 6 Reasons You Should Attend Cloud Identity Summit 2016
Top 6 Reasons You Should Attend Cloud Identity Summit 2016
 
CIS 2015 Security Without Borders: Taming the Cloud and Mobile Frontier - And...
CIS 2015 Security Without Borders: Taming the Cloud and Mobile Frontier - And...CIS 2015 Security Without Borders: Taming the Cloud and Mobile Frontier - And...
CIS 2015 Security Without Borders: Taming the Cloud and Mobile Frontier - And...
 
Mobile security, identity & authentication reasons for optimism 20150607 v2
Mobile security, identity & authentication reasons for optimism 20150607 v2Mobile security, identity & authentication reasons for optimism 20150607 v2
Mobile security, identity & authentication reasons for optimism 20150607 v2
 
CIS 2015 Mobile Security, Identity & Authentication: Reasons for Optimism - R...
CIS 2015 Mobile Security, Identity & Authentication: Reasons for Optimism - R...CIS 2015 Mobile Security, Identity & Authentication: Reasons for Optimism - R...
CIS 2015 Mobile Security, Identity & Authentication: Reasons for Optimism - R...
 
CIS 2015 Virtual Identity: The Vision, Challenges and Experiences in Driving ...
CIS 2015 Virtual Identity: The Vision, Challenges and Experiences in Driving ...CIS 2015 Virtual Identity: The Vision, Challenges and Experiences in Driving ...
CIS 2015 Virtual Identity: The Vision, Challenges and Experiences in Driving ...
 
CIS 2015 Deploying Strong Authentication to a Global Enterprise: A Comedy in ...
CIS 2015 Deploying Strong Authentication to a Global Enterprise: A Comedy in ...CIS 2015 Deploying Strong Authentication to a Global Enterprise: A Comedy in ...
CIS 2015 Deploying Strong Authentication to a Global Enterprise: A Comedy in ...
 
CIS 2015 Without Great Security, Digital Identity is Not Worth the Electrons ...
CIS 2015 Without Great Security, Digital Identity is Not Worth the Electrons ...CIS 2015 Without Great Security, Digital Identity is Not Worth the Electrons ...
CIS 2015 Without Great Security, Digital Identity is Not Worth the Electrons ...
 
CIS 2015 Mergers & Acquisitions in a Cloud Enabled World - Brian Puhl
CIS 2015 Mergers & Acquisitions in a Cloud Enabled World - Brian PuhlCIS 2015 Mergers & Acquisitions in a Cloud Enabled World - Brian Puhl
CIS 2015 Mergers & Acquisitions in a Cloud Enabled World - Brian Puhl
 
CIS 2015 IoT and IDM in your Mobile Enterprise - Brian Katz
CIS 2015 IoT and IDM in your Mobile Enterprise - Brian KatzCIS 2015 IoT and IDM in your Mobile Enterprise - Brian Katz
CIS 2015 IoT and IDM in your Mobile Enterprise - Brian Katz
 
CIS 2015 Practical Deployments Enterprise Cloud Access Management Platform - ...
CIS 2015 Practical Deployments Enterprise Cloud Access Management Platform - ...CIS 2015 Practical Deployments Enterprise Cloud Access Management Platform - ...
CIS 2015 Practical Deployments Enterprise Cloud Access Management Platform - ...
 
CIS 2015 What I Learned From Pitching IAM To My CIO - Steve Tout
CIS 2015 What I Learned From Pitching IAM To My CIO - Steve ToutCIS 2015 What I Learned From Pitching IAM To My CIO - Steve Tout
CIS 2015 What I Learned From Pitching IAM To My CIO - Steve Tout
 
CIS 2015 How to secure the Internet of Things? Hannes Tschofenig
CIS 2015 How to secure the Internet of Things? Hannes TschofenigCIS 2015 How to secure the Internet of Things? Hannes Tschofenig
CIS 2015 How to secure the Internet of Things? Hannes Tschofenig
 
CIS 2015 The IDaaS Dating Game - Sean Deuby
CIS 2015 The IDaaS Dating Game - Sean DeubyCIS 2015 The IDaaS Dating Game - Sean Deuby
CIS 2015 The IDaaS Dating Game - Sean Deuby
 
CIS 2015 SSO for Mobile and Web Apps Ashish Jain
CIS 2015 SSO for Mobile and Web Apps Ashish JainCIS 2015 SSO for Mobile and Web Apps Ashish Jain
CIS 2015 SSO for Mobile and Web Apps Ashish Jain
 
The Industrial Internet, the Identity of Everything and the Industrial Enterp...
The Industrial Internet, the Identity of Everything and the Industrial Enterp...The Industrial Internet, the Identity of Everything and the Industrial Enterp...
The Industrial Internet, the Identity of Everything and the Industrial Enterp...
 
CIS 2015 SAML-IN / SAML-OUT - Scott Tomilson & John Dasilva
CIS 2015 SAML-IN / SAML-OUT - Scott Tomilson & John DasilvaCIS 2015 SAML-IN / SAML-OUT - Scott Tomilson & John Dasilva
CIS 2015 SAML-IN / SAML-OUT - Scott Tomilson & John Dasilva
 
CIS 2015 Session Management at Scale - Scott Tomilson & Jamshid Khosravian
CIS 2015 Session Management at Scale - Scott Tomilson & Jamshid KhosravianCIS 2015 Session Management at Scale - Scott Tomilson & Jamshid Khosravian
CIS 2015 Session Management at Scale - Scott Tomilson & Jamshid Khosravian
 
CIS 2015 So you want to SSO … Scott Tomilson & John Dasilva
CIS 2015 So you want to SSO … Scott Tomilson & John DasilvaCIS 2015 So you want to SSO … Scott Tomilson & John Dasilva
CIS 2015 So you want to SSO … Scott Tomilson & John Dasilva
 
CIS 2015 Identity Relationship Management in the Internet of Things
CIS 2015 Identity Relationship Management in the Internet of ThingsCIS 2015 Identity Relationship Management in the Internet of Things
CIS 2015 Identity Relationship Management in the Internet of Things
 

Último

Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#Karmanjay Verma
 
Kuma Meshes Part I - The basics - A tutorial
Kuma Meshes Part I - The basics - A tutorialKuma Meshes Part I - The basics - A tutorial
Kuma Meshes Part I - The basics - A tutorialJoão Esperancinha
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Nikki Chapple
 
Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...
Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...
Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...itnewsafrica
 
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sectoritnewsafrica
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch TuesdayIvanti
 
Digital Tools & AI in Career Development
Digital Tools & AI in Career DevelopmentDigital Tools & AI in Career Development
Digital Tools & AI in Career DevelopmentMahmoud Rabie
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Farhan Tariq
 
A Glance At The Java Performance Toolbox
A Glance At The Java Performance ToolboxA Glance At The Java Performance Toolbox
A Glance At The Java Performance ToolboxAna-Maria Mihalceanu
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsNathaniel Shimoni
 
React JS; all concepts. Contains React Features, JSX, functional & Class comp...
React JS; all concepts. Contains React Features, JSX, functional & Class comp...React JS; all concepts. Contains React Features, JSX, functional & Class comp...
React JS; all concepts. Contains React Features, JSX, functional & Class comp...Karmanjay Verma
 
React Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkReact Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkPixlogix Infotech
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Alkin Tezuysal
 
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...panagenda
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructureitnewsafrica
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfpanagenda
 
Landscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfLandscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfAarwolf Industries LLC
 
Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Kaya Weers
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesKari Kakkonen
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...Wes McKinney
 

Último (20)

Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#
 
Kuma Meshes Part I - The basics - A tutorial
Kuma Meshes Part I - The basics - A tutorialKuma Meshes Part I - The basics - A tutorial
Kuma Meshes Part I - The basics - A tutorial
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
 
Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...
Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...
Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...
 
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch Tuesday
 
Digital Tools & AI in Career Development
Digital Tools & AI in Career DevelopmentDigital Tools & AI in Career Development
Digital Tools & AI in Career Development
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...
 
A Glance At The Java Performance Toolbox
A Glance At The Java Performance ToolboxA Glance At The Java Performance Toolbox
A Glance At The Java Performance Toolbox
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
 
React JS; all concepts. Contains React Features, JSX, functional & Class comp...
React JS; all concepts. Contains React Features, JSX, functional & Class comp...React JS; all concepts. Contains React Features, JSX, functional & Class comp...
React JS; all concepts. Contains React Features, JSX, functional & Class comp...
 
React Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkReact Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App Framework
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
 
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
 
Landscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfLandscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdf
 
Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examples
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
 

CIS14: Identity at Scale: Building from the Ground Up

  • 1. Iden%ty@Scale   Angle  on  Iden%ty  Data  for  scaling  
  • 2. Growth   •  Organiza%ons  offering  more  consumer  Web-­‐  and   mobile-­‐based  services   •  2.4  billion  internet  users  on  the  planet   •  1.75  billion  smart  phones   •  Six  fold-­‐growth  in  Mobile  e-­‐commerce  thru  2017   •  IoT  50  billion  devices  in  2020  
  • 3. IAM  industry  is  catching  up   •  IAM  technologies  con%nue  to  enable   •  Tools  and  technologies  are  improving   •  New  standards  for  mobile,  cloud  +  API  economy   •  And  new  ways  of  doing  things  
  • 4. Directories  for  Authen/ca/on   -­‐  Stores  iden/ty   (And  some  authoriza%on)   Databases  for  authoriza/on   -­‐  Also  stores  iden/ty     =  Hundreds  =  Few   Security   Business  IT   Iden%ty  Data  Management  is  lagging  behind  
  • 5. Current  state  applica%on/Service  Silos   Disconnected  IT  Roles  created  for  each   individual  applica/on/service   New  database  for  each  applica/on   containing  iden/ty  and  applica/on  roles  
  • 6. And  we  keep  hearing  about  context   •  XACML   •  OpenID  Connect   •  UMA  
  • 7. Name   Brand  Informa%on   Market  Segment   Billing  Status   Licensing  &   Cer%fica%on   Role   Contact  informa%on   Account  Status   Devices       Consent   Loca%on   Organiza%on   Iden%fiers   Interac%ons   Agreements   Product  subscrip/ons   Authorized  Acct   Rela%onships   But  we  have  a  lot  of  informa%on  about  our   customers     We  don’t  use  it!  
  • 8. Business  context  o]en  remains  in  back-­‐office    systems   Front  of  house   Back  Office   Directory   Services   -­‐  Iden%ty   -­‐  Email  Address   -­‐  Group   OIen  no  user   context   -­‐  Iden%ty   -­‐  authoriza%on   -­‐  Iden%ty   -­‐  User  context   Customer   CRM   Integra/on    Services   Spend  lots  $$$  doing  the  same  things  over  -­‐  Iden%ty   -­‐  authoriza%on   Targets  
  • 9. “Killing  IAM  in  order  to  save  it”   •  Need  to  beder  define  and  describe  business  rela%onships  and   context  for  online  ac%vity   •  Create  single  user  views  for  mul%ple  services   Parental   Controls  
  • 10. Back  to  the  Future   •  Directories  store  informa%on  once  for  many   applica%ons  and  services  to  use   •  Business-­‐oriented  object  based  systems  with  security   and  distribu%on   X  User  Iden%ty  /  Authoriza%on  
  • 11. Build  Namespace  according  to  objects  and   func%ons  –  Not  hierarchies   OU=   En/tlements   OU=   Devices   OU=   Profiles   OU=   Names   OU=   Roles   OU=   Users   OU=   Products   OU=   Configura/on   Mgt   OU=   Preferences   OU=   Apps   OU=   Addr  Books   Tie  users  to  objects  using  GUIDs  to  create  rela%onships  
  • 12. Adding  it  all  up   =   +   Business  Context   Rela/onships   Scalable  +  contextual   Iden/ty  Data  Model  
  • 13. Well  designed  informa%on  sets  provide  business   efficiency  and  scale   System  Scale   Self-­‐Managed   CRM  /  Billing   Directory  NameSpace(s)   Updates  /  Reads   Reflected  in   informa%on   objects   Single  user  view   VMs   VMs   VMs   VMs  
  • 14. Provides  a  ready-­‐made  recipe  for  cloud   Single  user  view   -­‐  with  context   Iden%ty   Bridge   Portable  context  
  • 15. Beder  prepared  for  paradigm  shi]   •  An  API-­‐centric  methodology  relies  on  well  managed  and   described  informa%on  about  users   •  Requires  closer  integra%on  with  data  architecture   Services   Services   Services   Services   Services   Web  Services   Updates  Self-­‐service   Self-­‐subscribing   Names   Users   Devices   Products   Profiles   Roles   Addr.   Books   Apps   Prefs   Config.   Web  
  • 16. Making  progress   =  Hundreds   of  iden//es   We  s%ll  need  to  move   away  from  this   DBs   Single  Iden/ty   Towards  this   CRM  /  Billing   $$  
  • 17. Next  Steps   •   Get  a  handle  on  the  number  of  iden%%es  out  there   •   Use  tools  to  discover,  map  and  clean  up  duplicate   iden%%es   •   Use  Tools  to  understand  which  applica%ons  are  using   which  iden%ty  stores   VDS   •   Create  a  taxonomy  of  applica%ons  that  require   authen%ca%on/authoriza%on  and  the  condi%ons  for   access  (e.g.,  Gold  subscriber,  all  users,  certain  users)   VDS  
  • 18. Next  Steps   $$   •   Use  the  context  in  the  systems  you  own  and  build  a   richer  set  of  user  context   •   CRM/Billing  systems  don’t  sign-­‐in  users   •   Build  systems  that  represents  the  business  context  of   users  and  what  they  do   •   Needs  to  be  scalable,  distributed  and  secure   •   Transi%on  authen%ca%on  to  new  tools   •   Work  with  app  owners  to  lifecycle  current  apps   •   Use  new  tools  to  build  new  apps   VDS  
  • 19. When  you  get  back  to  the  office   •  Understand  vision  for  customer  centricity   •  Start  cleaning  up  the  iden%ty  silos  that  cause  a   disconnected  view  of  the  customer   •  Change  legacy  mindsets  and  look  to  beder  combine   iden%ty  with  data  architecture   •  Correlate  insufficient  technology  investments  to   current  problem  sets   •  Build  the  business  case  and  understand  dimensions    
  • 20. Ques%ons?   Anthony  Randall   Security  Architect  –  IAM   anthony.randall@monsanto.com  
  • 22. There  is  a  lot  of  valuable  context  informa%on  in  billing   systems  and  CRMs  that  can  replace  IT  security  groups   Name   Brand  Informa%on   Market  Segment   Billing  Status   Licensing  &   Cer%fica%on   Role   Contact  informa%on   Account  Status   Devices       Consent   Loca%on   Organiza%on   Iden%fiers   Interac%ons   Agreements   Product  subscrip%ons   Authorized  Acct   Rela%onships   CRM  /  Billing   $$   Applica/on   iden/ty  silos  
  • 23. Graph  databases  offer  another  way  to   depict  the  same  core  problem   Is  it  a  storage  and  scale  problem…   Or  the  method  we  use  to  represent  informa/on?     VS  
  • 24. Requirements  and  Processes   Business   User   Solu%on   Vision   Goals  and  drivers   Legal  and  Regulatory   Use-­‐cases   Product  Defini/on   Simple  to  use   Fast   Self-­‐service   Self-­‐controlled   Online  trust   Customer  support   Parental  controls   Privacy  control   Personaliza%on   Massive  scale   Millions  of  users   Mobile  Op/mized   Cloud-­‐based   Ensure  data  privacy   Secure   Support  social  IDs   Integrated   Federated   Account  crea%on/registra%on   Product  Management   Provisioning     Processes   Context-­‐driven  access   Account  Management     User  lifecycle  Mgt     Configura%on  Mgt   Business/Decision  Support   Customer  care    
  • 25. Model  for  Scale   Namespace,  business  objects  that  provide  specific  func%on  and   context;  Can  be  scaled  independently  according  to  need   SaaS CRM 3Rd Party Billing Administration Tools Self-Service Tools Identity Information Service Provisioning SelfService Administration Product Mgt Tool Data Tools Provisioning Synchronization Service Access/ Policy Information Point Audit Authoritative Sources People Products Name Mgt Devices Servers SaaS Satellite Information SaaS Profiles Role Def. eMail SF.com Name Mgt Config. Mgt. <new>@service.com Single User View Addr Books Policies Registration/ Account Creation Prefs Registration/ Account Creation MDM Business Context