4. Key differentiators in IAM products...
● Embrace strategy over tactics
● Rapid time to value and low operational costs
● Access Control is more of a Business problem
than IT problem
● Deployment flexibility
● Customizable with minimal coding
6. Why IAM products suite the cloud ?
● Mostly standardized
● Cost effective
● Extends the same security model that is on-
premise to cloud
● Can effectively handle the distributed nature of
SaaS applications
7. Challenges in Mobile..
● SSO for Native Application
○ Native Application WG
● Dynamic Client Registration
● Client side data encryption
○ How to secure the key?
● Bring Your Own Device (BYOD)
○ Desktop Virtualization
○ OS Containerization
○ App Wrapping
○ Selective wipe
8. Future of Authentication
● Gartner predicted “Zero Trust Authentication”
way back in 2010.
● Multifactor Factor Authentication
○ Key fobs
○ Smartphone + authenticator tools
○ Smartphone + fingerprint
○ Smartphone + QR code scanner
● Fast IDentity Online (FIDO) Alliance
9. What happens to Social Login ?
● Corporate User Directories BYOI
● The surge in BYOD might even fuel this
transition.
● Consumer Identity is the next big thing
○ National Strategy for Trusted Identities in
CyberSpace (NSTIC)
○ UK Government Identity Assurance Program
○ Dubai e-Gov - Dubai Connect
10. Future of IAM
More,
● Context Based Access Control
○ Is XACML dead? No.
● More compliance
○ PCI DSS, NIST, HIPAA
11. The Enterprise Identity Bus (EIB) from WSO2
● Separation of concerns between Application
layer and the Identity layer
● No universal standard
● Can’t modify the clients as well as the backend
applications/services
19. Privileged Account Management (PAM)
PAM requires better integration with IAM systems
● Password change frequency
○ Never
○ Frequently
○ Per session
○ On demand
● Timely provisioning
● Better role management capabilities
20. Security Information Management (SIM)
● WSO2 platform has the nuts and bolts to build a
SIM solution.
● WSO2 DAS - High performing, highly scalable
data analysis
○ Reports and dashboards on identity data
○ Trend analysis and risk scores
● WSO2 CEP - Real time alerting
○ Intrusion detection and intrusion prevention
● WSO2 Machine Learner - Build machine
learning algorithms for tasks such as fraud
detection, anomaly detection, classification, etc.