04 Control de acceso
Upcoming SlideShare
Loading in...5
×
 

04 Control de acceso

on

  • 409 views

 

Statistics

Views

Total Views
409
Views on SlideShare
409
Embed Views
0

Actions

Likes
0
Downloads
10
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment
  • The imperative for many organizations is to capture customers and provide a great experience both in products and service.Organizations will deploy more services in the cloud to make it easy for customers to adopt and pay as you go The risks are How do you manage the liability that comes with fraud and stolen credentials ?How do you protect your customers and provide the visibility for them to manage their security ?How do you create the confidence to assure customers their data is safeHow many of you changed your linked in passwords then changed all of the other website passwords that used the linked in password ?Organizations are also connecting with users on social media Because we want the real time response of customers and we want affluence to our brand ?How many followers do you have… how much do your followers trust you.Users today are afraid to trust their personal information to corporate websites to get offers ?How can you assure these users and provide an easy way for them to connect without incurring the risk ?It’s a bring your own device culture The next device on your network will have an OS version you cant predict and will execute applications your IT dept did not approve.How do you bridge the trust gap between the mobile world of random devices to provide secure digital access
  • The way we do business will change. The enterprise is embracing a new digital experience.58% or organizations are building mobile app store 62% of our customers will provide mobile apps by 2014 And the world will re-architect to embrace the cloud.
  • Organizations have to adapt The challenge we are facing is how to adapt and adapt quickly. Because unless we adapt we can’t unlock the opportunity. The way to adapt is to close the gap between the cloud mobile and social world. We have to be able to make the cloud transparent by applying our security controls from the enterprise to the cloud mobile and social world.While the technologies around virtualization, cloud automation and social media analytics have advanced our security is the next concern of adapting to the challenge. To adapt we need Trust – A way to trust the 3rd parties connecting on the cloud – understand Who’s Who and what should they have access to Speed – Detect issues and respond – but also accelerate the administration – WE HAVE TO BRIDGE THE SERVICE REQUEST GAPScale – Handle the massive volumes of devices and and accounts that require authentication and authorization – It has to be granular. 82% of large organizations report that they are "very concerned" or "concerned" about data leakage as related to the social web. (Forrester, 2010)Securing access is the top priority.The fact that 76% of mobile applications store passwords in plain text on the device should be of concern. – Securing access is a top priority for mobile applications social networking and cloud environments. * The proliferation of accounts and passwords alone is a significant concern in these environments that introduces risk – The breaches we are afraid of will happen when someone takes advantage of a rouge account in these environments.When employees create accounts on social media and cloud computing services we have to track these accounts and be able to manage the access control with the same level of responsiveness and service level commitment of the enterprise resources Managing the Consumer Lifecycle and Interaction.Every industry from consumer finance to pharmaceuticals is utilizing social media and mobile access as a means to interact with the consumer. We now have to manage the access lifecycle of those consumers on our website and recognize the level of relationship . Some consumers want to sign on with their facebook account or linked in account. We have to provide this to simplify the interaction. 50% of Fortune 100 companies hire through LinkedIn. (Econsultancy 2010)85% of financial services professionals under 50 are utilizing social media. (Ledermark, 2010)Restore control and prove compliance Providing the forensics and audit-ability need in a tough regulatory climate.
  • Oracle is uniquely positioned to be the premier vendor when it comes to directory services. As a result of Oracle and Sun combining forces we are uniquely positoned as not only the strongest and most complete identity management vendors but as the Only Vendor who can offer a directory server, directory integration platform and virtual directory in one license. This is critical to companies that want to world class performance, a complete tool set and want to reduce cost by managing one vendor rather than sourcing and negotiating with different providers. Let’s take a look at why this complete toolset is critical in today’s business environement.
  • Oracle Access Manager for Mobile and Social OverviewConnects mobile users to identity services using REST interfacesOrganizations can bridge the security gap between the enterprise and mobile devices. With RESTful identity services, rich mobile applications can access stateless identity functions from mobile devices which are limited by processing capacity and battery power. Delivers SSO for native mobile applications Traditional mobile security solutions like VPN tunnels are limited in that they cannot overcome the problem of SSO for native mobile apps. OAM-M&S simplifies SSO across rich mobile apps and browser applications. This reduces the number of logins required for enterprise applications from the native mobile screen. Enables sign on from 3rd party and Social identities to Enterprise resourcesWith the proliferation of social networking sites, there is a need for relying parties to consume identities from internet identity providers like Facebook, Twitter, LinkedIn, Google and Yahoo. Many of these providers support user centric federation standards like OpenID and Oauth. OAM-M&S enables organizations to accept internet identities for signing on users to low value applications like blogs, communities, etc. This in turn can provide a seamless user experience for users without the burden of additional logins.Supports industry standards (OpenID, OAuth)Oracle IDM supports OpenID and Oauth. So with Oracle Identity Management we are making it easier for relying parties to accept identities from internet identity providers like Facebook, Twitter, LinkedIn, Google and Yahoo.  
  • Native browser to web server to data/appNative app with embedded browser to web server to data/app3) Native app using native protocol direct to data/app
  • Risk analysis to determine whether to allow, flag, challenge or blockEnforce unjailbroken status, check VPN statusDetailed reporting on device attributes like OS version, GPS/WIFI geolocation, MAC/IP address
  • Mobile or Web basedCan plug in to existing OAM deployments
  • Join The Community

04 Control de acceso 04 Control de acceso Presentation Transcript

  • 1 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle. 2 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • Control de acceso y movilidad David Rodríguez-Barbero Security Presales Team Leader
  • Agenda  Introducción  Control de acceso  Dispositivos móviles y redes sociales  Control de acceso basado en el riesgo  Conclusiones 4 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • La “Experiencia ” Cloud Dispositivos móviles 5 Copyright © 2012, Oracle and/or its affiliates. All rights reserved. Redes sociales
  • Anywhere, anytime, any device 90% de las compañías proveerán aplicaciones móviles en 2014 62% de las compañías utilizarán redes sociales para conectar con clientes 6 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • Es necesario adaptarse 76% Aplicaciones móviles guardan el usuario como texto y 10% la password en texto sin cifrar Source: Information week Aug 2011 58% Construyendo app stores corporativas Partnerpedia Survey Aug 2011 7 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • Oracle Access Management Suite • Crear aplicaciones para nuevos usuarios • Simplificar y securizar el Acceso • Autorización en tiempo real basada en el contexto para reducir el fraude • Escalabilidad masiva 8 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • Agenda  Introducción  Control de acceso  Dispositivos móviles y redes sociales  Control de acceso basado en el riesgo  Conclusiones 9 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • El “control” de acceso a aplicaciones Silos de seguridad aperez/****** ana.perez/****** aperez01/****** 10 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • Simplificando el control de acceso ... Unicidad de usuario/contraseña … ana.perez/****** 11 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • Oracle Directory Services Plus Oracle Directory Server Enterprise Edition (ODSEE) Oracle Virtual Directory (OVD) ODS Plus Oracle Internet Directory (OID) 12 Copyright © 2012, Oracle and/or its affiliates. All rights reserved. Oracle Unified Directory (OUD)
  • Control de acceso centralizado a aplicaciones … Control de acceso centralizado y Single Sign-On … ana.perez/****** 13 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • Autenticación centralizada y Single Sign-On Oracle Access Manager Autenticación y SSO Resource Protected? Set/Update Token • • • • 14 Validate Credentials Check/Validate Token Credential Collection Seguridad basada en el negocio Políticas de acceso centralizadas Marco horizontal para toda la compañía Integración en la aplicaciones sin fisuras Copyright © 2012, Oracle and/or its affiliates. All rights reserved. Identity Assertion Authorize Access Retrieve Groups/Roles Assert Identity
  • Autorización centralizada de grano fino Oracle Entitlements Server Entitlements Server Petición Permitir Usuarios Aplicaciones Almacén de identidades Servicios Control de acceso Denegar Aplicaciones comerciales Bases de datos Datos de políticas • Autorización de grano fino • Gestión centralizada de políticas • Motor de ejecución distribuido para Aplicaciones, Bases de datos y entornos SOA 16 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • Hoy: el control de acceso a aplicaciones Movilidad, dispositivos, redes sociles, la nube, … 20 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • Control de acceso según el contexto • Recolección en tiempo real, análisis de riesgos, autenticación y autorización, segundo factor, OTP Enterprise / Work Social / Life Mobile / Presence Dispositivo Servidor Web Servidor de aplicaciones Capa de servicios 1. Recolecta atributos Smartphone WEB SSO Application Web Services Tablet Identity Federation Portal EJBs Laptop Risk / Adaptive Authentication SOA Databases Service Bus Directories Server OES Authorization Contexto 2. Publica, propaga y evalúa los atributos en todas las capas 21 OES Authorization Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • Oracle Access Management Mobile & Social Interfaces RESTful 22 SSO para aplicaciones móviles Copyright © 2012, Oracle and/or its affiliates. All rights reserved. Sign-On con redes sociales Soporte a estándares
  • SSO en dispositivos móviles  Navegador nativo del dispositivo móvil  Aplicaciones clientes del dispositivo móvil actuando como navegador  Aplicaciones clientes del dispositivo móvil conectando a aplicaciones o gateways 23 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • Seguimiento de los dispositivos móviles 24 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • Single Sign-On con redes sociales Selección de la red 25 Copyright © 2012, Oracle and/or its affiliates. All rights reserved. Login Autorización
  • Conclusiones Solución de control de acceso completa y escalable  Plataforma de acceso completa e integrada – Identifica, autentica, federa, y autoriza – Autorización según el contexto – Acceso basado en el riesgo – Soporte a aplicaciones Oracle, de terceros y custom  Escalabilidad probada para las necesidades actuales – Aplicaciones web, dispositivos móviles, redes sociales, … 26 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 27 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • www.oracle.com/Identity www.facebook.com/OracleIDM www.twitter.com/OracleIDM blogs.oracle.com/OracleIDM 28 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 29 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 30 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.