Se ha denunciado esta presentación.
Utilizamos tu perfil de LinkedIn y tus datos de actividad para personalizar los anuncios y mostrarte publicidad más relevante. Puedes cambiar tus preferencias de publicidad en cualquier momento.

Identity and Access Management

1.048 visualizaciones

Publicado el

This webinar focuses on how to use graph databases for Identity & Access Management. This webinar is designed for people who work with entitlements, access management, and tracking origins and associations of assets.

Managing and monitoring multiple user authorizations and asset provenance across your enterprise organization is a challenging task. We’ll explore how an interconnected view of your data, gives you better real-time insights and controls than ever before. Neo4j connects your data along intuitive relationships so identity and access management happens quickly and effectively.

In this webinar we’ll start with an overview of Neo4j and Graph-thinking, and continue with exploring some of the use cases showing how Neo4j’s versatile property graph model makes it easier for organizations to evolve identity and access management models.

Publicado en: Tecnología
  • Sé el primero en comentar

Identity and Access Management

  1. 1. Identity & Access ManagementLEVERAGING CONNECTIONS IN DATA WITH GRAPH DATABASES Webinar, September 22, 2016
  2. 2. Alessandro Svensson Solutions @ Neo Technology Ryan Boyd Developer Relations @ Neo Technology
  3. 3. Agenda Intro to Graph Thinking Defining Identity & Access Management How IAM is evolving Use of graph databases in IAM Case studies - Adoption of Neo4j Demo Wrap up & Questions.
  4. 4. Intro to Graph Thinking
  5. 5. Databases have evolved in order to handle large networks of connected data
  6. 6. Databases have evolved in order to handle large networks of connected data
  7. 7. RELATIONAL DATABASES
  8. 8. The internet is a graph Huge networks of connected data
  9. 9. This is data modelled as graph!
  10. 10. A Graph Is NODE NODE NODE RELATIONSHIP RELATIONSHIP RELATIONSHIP
  11. 11. PERSON CHECKING ACCOUNT BANK A Graph Is HAS
  12. 12. HAS HOTEL ROOM BOOKING A Graph Is
  13. 13. KNOWS KNOWS WORKS_AT WORKS_AT WORKS_AT COMPANY STANFORD STUDIED_AT NEO COLUMBIA STUDIED_AT NAME:ANNE A Graph Is
  14. 14. Compan y Stanfor d Carl Tom Columb ia Bob NeoAnne WENT_TO KNOWS WORKS_AT WORKS_AT KNOWS WENT_TO WORKS_AT A Graph Is
  15. 15. A Graph Is
  16. 16. and for the right reason at the right time,Who gets access to what, Identity & Access Management (IAM)
  17. 17. & Access ManagementIdentity Defining Identity
  18. 18. & Access ManagementIdentity The structure of organisations
  19. 19. Traditional IAM-systems 2) Underlying assumption that organisations are hierarchal 1) Static idea of Identity
  20. 20. http://blogs.gartner.com/ian-glazer/2013/02/08/killing-iam-in-order-to-save-it/ IAM Active Directory SAP Knowledge Base CRM HR-system
  21. 21. http://blogs.gartner.com/ian-glazer/2013/02/08/killing-iam-in-order-to-save-it/ Customer Support IAM Active Directory SAP Knowledge Base CRM HR-system ADD
  22. 22. http://blogs.gartner.com/ian-glazer/2013/02/08/killing-iam-in-order-to-save-it/ IAM Active Directory SAP Knowledge Base CRM Customer Support Inside Sales HR-system CHANGE
  23. 23. http://blogs.gartner.com/ian-glazer/2013/02/08/killing-iam-in-order-to-save-it/ IAM Active Directory SAP Knowledge Base CRM Customer Support Inside Sales HR-system LEAVE
  24. 24. 1) Identity is increasingly complex What’s happening in the world of IAM?
  25. 25. 2) Traditional hierarchies are being revised 1) Identity is increasingly complex What’s happening in the world of IAM?
  26. 26. 2) Traditional hierarchies are being revised 1) Identity is increasingly complex What’s happening in the world of IAM? 3) Access Management is more and more about the relationships between users, partners, customers, things and their different touchpoint within organisations and eco-systems
  27. 27. Emerging Complexity of Identity
  28. 28. Complexity of Digital Identities User identities Identity of Things Serial # Unique idPersonal Customer Partner Consumer Citizen
  29. 29. Device <-> Service Security End to EndIdentity of users Identity of things Applications and services Complexity of Digital Identities
  30. 30. Identity Relationship ManagementIdentity Access Management Applications and data Endpoints People Customers (millions) Partners and Suppliers Workforce (thousands) PCs Tablets On-premises Private Cloud Public Cloud Things (Tens of millions) WearablesPhones PCs Customers (millions) On-premises Applications and data Endpoints People
  31. 31. Identity Relationship ManagementIdentity Access Management Applications and data Endpoints People Customers (millions) Partners and Suppliers Workforce (thousands) PCs Tablets On-premises Private Cloud Public Cloud Things (Tens of millions) WearablesPhones PCs Customers (millions) On-premises Applications and data Endpoints People
  32. 32. Identity Relationship ManagementIdentity Access Management Applications and data Endpoints People Customers (millions) Partners and Suppliers Workforce (thousands) PCs Tablets On-premises Private Cloud Public Cloud Things (Tens of millions) WearablesPhones PCs Customers (millions) On-premises Applications and data Endpoints People
  33. 33. Access Management is traditionally designed with the underlying assumption that everything is hierarchal
  34. 34. Access Management is traditionally designed with the underlying assumption that everything is hierarchal
  35. 35. Rigid hierarchies have defined how we have built IAM-systems in the past
  36. 36. Representing your organisation as a graph, enables you to build stronger and more accurate IAM
  37. 37. Parent-Child relationships Ideal World Query complex relationships in real-time Real World
  38. 38. How Neo4j is used in IAM
  39. 39. 1. Build your IAM as a Graph 2. Augment your existing IAM with Neo4j Different ways of adopting Neo4j
  40. 40. Case Study
  41. 41. 43 Identity and Access Management Telenor Background • Oslo-based telcom provider, #1 in Nordic countries and #10 in world • Online, mission-critical, self-serve system lets users manage subscriptions and plans • Availability and responsiveness is critical to customer satisfaction Business Problem • Logins took minutes to retrieve relational access rights • Massive joins across millions of plans, customers, admins, groups • Nightly batch production required 9 hours and produced stale data Solution and Benefits • Shifted authentication from Sybase to Neo4j • Moved resource graph to Neo4j • Replaced batch process with real-time login response using most recent data • Mitigated customer retention risks
  42. 42. 44 Identity and Access Management Telenor Background • Oslo-based telcom provider, #1 in Nordic countries and #10 in world • Online, mission-critical, self-serve system lets users manage subscriptions and plans • Availability and responsiveness is critical to customer satisfaction Business Problem • Logins took minutes to retrieve relational access rights • Massive joins across millions of plans, customers, admins, groups • Nightly batch production required 9 hours and produced stale data Solution and Benefits • Shifted authentication from Sybase to Neo4j • Moved resource graph to Neo4j • Replaced batch process with real-time login response using most recent data • Mitigated customer retention risks
  43. 43. Case Study
  44. 44. Challenges with existing IAM: Partner • Employee ID • Partner ID • Digital credentials • Sales record • Job Performance Customer • Employee ID • Company ID • Digital credentials • Devices managed • Portal software • Maintenance Employee • Employee ID • Roles • Digital Identities • Digital credentials • Personal devices Device • Serial number • Digital credentials • Make & model • GPS location • IP-adress • Firmware • Maintenance Consumer • Full name • Date/place birth • Home adress • Eye & hair color • Height/weight • Email Adress Data will be separated in Silos
  45. 45. Partner • Employee ID • Partner ID • Digital credentials • Sales record • Job Performance Customer • Employee ID • Company ID • Digital credentials • Devices managed • Portal software • Maintenance Employee • Employee ID • Roles • Digital Identities • Digital credentials • Personal devices Device • Serial number • Digital credentials • Make & model • GPS location • IP-adress • Firmware • Maintenance Consumer • Full name • Date/place birth • Home adress • Eye & hair color • Height/weight • Email Adress Data will be separated in Silos Identity data will be very static Challenges with existing IAM:
  46. 46. Partner • Employee ID • Partner ID • Digital credentials • Sales record • Job Performance Customer • Employee ID • Company ID • Digital credentials • Devices managed • Portal software • Maintenance Employee • Employee ID • Roles • Digital Identities • Digital credentials • Personal devices Device • Serial number • Digital credentials • Make & model • GPS location • IP-adress • Firmware • Maintenance Consumer • Full name • Date/place birth • Home adress • Eye & hair color • Height/weight • Email Adress Data will be separated in Silos Identity data will be very static Based on a hierarchal representation of an organisation Challenges with existing IAM:
  47. 47. Partner • Employee ID • Partner ID • Digital credentials • Sales record • Job Performance Customer • Employee ID • Company ID • Digital credentials • Devices managed • Portal software • Maintenance Employee • Employee ID • Roles • Digital Identities • Digital credentials • Personal devices Device • Serial number • Digital credentials • Make & model • GPS location • IP-adress • Firmware • Maintenance Leverage Cross-Silo Relationships to drive new business value Name CuID Emp ID Partne r Emp ID Compa ny Y Emp ID GPS Loc GPS Loc Emp ID Dig Serial# GPS Loc GPS Loc Firmw are Serial# Consumer • Full name • Date/place birth • Home adress • Eye & hair color • Height/weight • Email Adress Relationship Layer How Can You Augment This with Graphs?
  48. 48. Partner • Employee ID • Partner ID • Digital credentials • Sales record • Job Performance Customer • Employee ID • Company ID • Digital credentials • Devices managed • Portal software • Maintenance Employee • Employee ID • Roles • Digital Identities • Digital credentials • Personal devices Device • Serial number • Digital credentials • Make & model • GPS location • IP-adress • Firmware • Maintenance Leverage Cross-Silo Relationships to drive new business value Name CuID Emp ID Partne r Emp ID Compa ny Y Emp ID GPS Loc GPS Loc Emp ID Dig Serial# GPS Loc GPS Loc Firmw are Serial# Consumer • Full name • Date/place birth • Home adress • Eye & hair color • Height/weight • Email Adress Relationship Layer How Can You Augment This with Graphs?
  49. 49. Architecture openIDM openIDM Relationship layer Connector Datasources
  50. 50. OpenAM Agent Service that user wants to use Login username passwords Host Architecture OpenAM Write Event AuthZ Plugin Authorize Service for User
  51. 51. Learn more about this case study, visit the Neo4j Youtube-channel or graphconnect.com
  52. 52. Ryan Boyd Developer Relations @ Neo Technology Neo4j DEMO
  53. 53. Who’s using Neo4j?
  54. 54. Government Commercial clients Who’s Using Neo4j? Institutions Local Governments Law Enforcement Military & Intelligence
  55. 55. Neo4j Adoption by Selected Verticals SOFTWARE FINANCIAL SERVICES RETAIL MEDIA & OTHER SOCIAL NETWORKS TELECOM HEALTHC ARE
  56. 56. Towards Graph Inevitability
  57. 57. “Graph analysis is possibly the single most effective competitive differentiator for organizations pursuing data-driven operations and decisions after the design of data capture. “By the end of 2018, 70% of leading organizations will have one or more pilot or proof-of-concept efforts underway utilizing graph databases.” Towards Graph Inevitability
  58. 58. “Forrester estimates that over 25% of enterprises will be using graph databases by 2017.” Towards Graph Inevitability
  59. 59. Valuable Resources! neo4j.com/developer neo4j.com/solutions neo4j.com/product Developers Solutions Product
  60. 60. Thank you!

×