Autenticazione - PowerPoint PPT Presentation

About This Presentation
Title:

Autenticazione

Description:

Title: Slide 1 Author: Francesco Morini Last modified by: notebook_Inforav Created Date: 12/4/2006 4:46:50 PM Document presentation format: Presentazione su schermo – PowerPoint PPT presentation

Number of Views:44
Avg rating:3.0/5.0
Slides: 14
Provided by: Frances165
Category:

less

Transcript and Presenter's Notes

Title: Autenticazione


1
  • Autenticazione
  • e
  • Gestione delle Identità
  • Giacomo Aimasso CISM CISA

2
Identity Access Management
The explosion of Digital IDs
3
Identity Access Management
Trends impacting identity
  • Internet was built so that communications are
    anonymous
  • In-house networks use multiple, often
    mutually-incompatible, proprietary identity
    systems.
  • Users are incapable of handling multiple
    identities.
  • Criminals love to exploit this mess!
  • Regulation and Compliance
  • SOX, HIPAA, GLB, Basel II, 21 CFR Part 1 - 15.5
    billion spent in 2005 on compliance
  • Business Automation and Integration
  • One half of all enterprises have SOA under
    development,
  • Web services spending growing 45
  • Increasing Threat Landscape
  • Identity theft costs banks and credit card
    issuers 1.2 billion in 1 yr
  • 250 billion lost in 2004 from exposure of
    confidential info
  • Maintenance Costs Dominate IT Budget
  • On average employees access 16 apps and systems,
  • Companies spend 20-30 per user/yr for PW resets

AMR Research 2006
4
Identity Access Management
Multiple contexts
5
Identity Access Management
Environment Complexity
  • Lots of users and systems required to do
    business
  • Multiple repositories of identity information
    Multiple user IDs, multiple passwords
  • Decentralized management, ad hoc data sharing

6
Identity Access Management
Pain points
7
Identity Access Management
The concept of Identity Management
  • Management of identity
  • Provisioning/De-provisioning of accounts
  • Workflow automation
  • Delegated administration
  • Password Synchronization
  • Self-Service Password Reset
  • Directory Service
  • Identity Repository (directory services for
    administration of user account attributes)
  • Meta-data Replication/Synchronization
  • Can include Access Control (IAM)
  • Policy based access control
  • Enterprise/Legacy Single Sign On (SSO)
  • Web Single Sign On (SSO)
  • Reduced Sign On
  • What is an Identity System?
  • A system (processes, rules, applications, and
    services) that coordinates identity information
    held in disparate and scattered data sources.

8
Identity Access Management
What is Identity Management ? IDM CORE
  • Employee info entered in HR
  • Accounts provisioned to enterprise systems
    applications
  • Non-digital resources assigned and/or initiated

New UsersJoin Company
Delegation Workflow Role management Rule
Policy Enforcement Reports Audit
  • Employee status updated in HR
  • Account disabled removed
  • Non-digital resources retrieved and/or cancelled

Users DepartCompany
  • Job/role/status changes
  • Password changes and resets
  • Personal profile information changes
  • Additional requests for account access or
    non-digital resources

Change Events User Support
9
Identity Access Management
What is Identity Management ?
USER
OU
HRMS
VISION
ROLE
ACCOUNT
PROFILES - GROUPS
RESOURCE
GROUPS of RESOURCES
SW Inventory
10
IAM components
11
Il nostro approccio Metodologico
12
Identity Access Management
Benefits of IAM
  • Short term
  • Long term

13
  • Grazie
  • Giacomo Aimasso
  • g.aimasso_at_exoservice.it
Write a Comment
User Comments (0)
About PowerShow.com