Your SlideShare is downloading. ×
En arkitektonisk vy av en ledande och dynamisk IT-säkerhetsportfölj - PCTY 2011
Upcoming SlideShare
Loading in...5

Thanks for flagging this SlideShare!

Oops! An error has occurred.

Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

En arkitektonisk vy av en ledande och dynamisk IT-säkerhetsportfölj - PCTY 2011


Published on

En arkitektonisk vy av en ledande och dynamisk IT-säkerhetsportfölj …

En arkitektonisk vy av en ledande och dynamisk IT-säkerhetsportfölj
Sven-Erik Vestergaard, IT Security Architect

Published in: Business, Technology

  • Be the first to comment

  • Be the first to like this

No Downloads
Total Views
On Slideshare
From Embeds
Number of Embeds
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

No notes for slide


  • 1. IBM Security solution En arkitektonisk vy av en ledande och dynamisk IT-säkerhetsportfölj IBM Security Solutions Sven-Erik Vestergaard Nordic Security Architect
  • 2. Agenda • • IBM Trends • IBM Framework and Blueprint • Mapping architecture to real life • Summary
  • 3. Trends impacting Identity and Access IBM H C R U6 IBM
  • 4. IBM Security Framework IBM Security: Improving service, managing risk and reducing cost of Security without compromise –15,000 researchers, developers and SMEs on security initiatives –3,000+ security & risk management patents –40+ years of proven success securing the zSeries environment –Already managing more than 7B security events per day for clients –IBM Security Framework, Security BlueprintSecurity acquisitions:DASCOM 4
  • 5. IBM’s Approach IBM Security IBM Security IBM Capabilities Framework Blueprint & Offerings Business View Technical View Solution Architecture View Foundational Security Common Security Security Domains Platforms Components Configurations Mgmt Services Infrastructure features Issues & Drivers Standards & principles Technologies and PracticesDescribes security issues Describes a product agnostic Catalogs of integrated products,from a business view of security, based on services and solutionsperspective. client experience and common standards and principlesClient External Best Practices / RedBooks / Solution Product Guidance /Briefings White Papers, standards / RedGuides Architectures Documentation industry frameworks
  • 6. The IBM Security Blueprint “Component Level”
  • 7. Foundational security controls closed loop
  • 8. People and Identity
  • 9. Delivering Policy Driven Identity and Access Governance Applications Entitlement Application Roles People IAM Governance using Policy Business Roles Users Management Data Unstructured Data Structured Data Monitoring User activity monitoring and conformance to policy and regulations Visibility of user identities, their roles and entitlements to applications and data Control of role definition and user’s assignment to roles and entitlements – governance and enforcement Automation of user provisioning, access recertification and policy distribution
  • 10. Controls have to be applied within a Business context • Policy driven governance • Context aware access control • Identity aware • content aware • transaction aware • Business driven IAM Governance • Empower people, enable collaboration • Business personas factored into lifecycle • Enable users, administrators, line of business owners and application owners • Security rendered as a service • integration with business applications • Interoperability through open standards11
  • 11. Improve security and compliance readiness through automated security policy enforcement, audit, and reporting 30% or more of all Accounts accounts are ‘orphans’ jcd0895 Gartner Group jdoe03 Sarah_s4 Business nbody Applications John C. Doe 1 Authoritative Identity Source TIM Trusted Eliminate orphan (Human Resources, Identity accountsCustomer Master, etc.) Store Sarah K. Smith ackerh05 3 Audit Reports 2 doej Cisco Secure Compare local smiths17 ACS privileges to policy Tivoli Identity Manager Policies and Approvals Flag/Alert/Correct/Suspend
  • 12. IBM has the standard components and solutionssupporting NemID - login in Denmark Tivoli Federated Identity ManagerCustomer, Employee,Partner etc. Validating Tivoli Access Login via Manager 3.part (example login with Nem-login) Idp Control of Business access right systems and creation MOSS/Portal of user etc Direct login Validating context via customers identities CBT Customers solution DanID digital IBM standard signature component 3. part (evt. IBM)
  • 13. Role Management • User: – the entity requesting access to a resource – Ex: John Smith, AppXYZ • Resource: – Ex: app, data base, table, etc. • Entitlement: Mgr Soc Job – a permission to access a particular resource – Ex: open table, read record, write record • Business role: – a logical collection of users performing a App1 App2 App3 similar business function – Ex: Mgr, Soc, Job • Application role: – a logical collection of entitlements needed to Entitlements perform a particular task14
  • 14. Example Classification based access control policies Swedish [City] Policy Definition: All documents classified as ‘Daily Treatment Lokal [Hospital] Daily treatment Records’ are accessible to the Duty Doctors. records Svensson [Patient] Application Role Resource EHR [EHR] Classification Action Duty DoctorImagine: Tivoli Security Policy Manager:Each admitted patient is assigned to a doctorwho has access to all his health-records and Classification based policies help enforcing access control policies on document stored across multipletreatment records. Duty Doctors can treat the folders.patient while they are on official duty for thatday. They need access ‘Daily TreatmentRecords’ to treat the patient. If only there was amechanism which automatically grants andrevokes access to ‘daily treatment records’these duty doctors!
  • 15. IBM SIEM methodology converts audit logs from varioussources to an easy to understand language, reducingmanagement and increasing insight Windows zOS AIX Oracle SAP ISS Firewall 1 Exchange IIS TAMe Translate logs to “Common format” “W7” 7 W’s of Investigation Who did What type of action on What? When did they do it and Where, From Where and Where To? View this data via a graphical enterprise compliance dashboard Reduce the need for skilled staff Ensure you see the complete audit trail Produce reports auditors can understand
  • 16. IBM Security Pattern Desktop/Client Security Policy Connection Repository HTTP (incl. SOAP/ HTTP) Connection Identity Repository Admin User Web Services (Person & Account) Connection User Self- Admin. service IdentityTivoli Identity Manager (TIM) Synchronisation Workflow & LifecycleTivoli Access Manager for e-business (TAMeb) Entitlement Policy Identity HR Store SystemTivoli Federated Identity Manager (TFIM) Auditor Provisioning Engine Management DomainTivoli Security Policy Manager (TSPM)Tivoli Access Manager for Enterprise Single Signon (TAM E-SSO) SSO WS Fed Web Policy Policy SSO PolicyTivoli Compliance Insight Manager (TCIM) Mgmt Mgmt Conf. Mgmt Admin(s) Policy Enforce Web App WebConsumer App Web Internet App Other Employee/ FedSSO Apps Staff A&A FedSSO A&A WS ESB Business Gateway (SOA) Windows Windows Windows Apps Policy Apps Apps Identity Enforce Mapping Enterprise Dir Audit Log Consolidation Audit Policy Compliance Reporting Auditor Auditor
  • 17. These capabilities provide you with end-to-end IAM governance Planning Modeling Business driven planning Process integration Role management/modeling/mining offering (planned) Policy driven governance; Identity Access and Entitlements Management Process User lifecycle integration Policy driven Entitlements Privileged Identity Mgmt Data and application entitlements Role management Tivoli Access Manager Tivoli Identity Manager (TIM) Tivoli Security Policy Manager Privileged Identity - for SOA, Compliance and monitoring Management - for Application Entitlements Compliance reports User activity monitoring Tivoli Security Information and Event Manager
  • 18. Our strategy?: Be comprehensiveProfessional Services Security Governance, Risk and Security Information and Event GRC GRC Compliance Management (SIEM) & Log ManagementManaged ServicesProducts Identity & Access Identity Management Access Management ManagementCloud Delivered Data Loss Prevention Data Entitlement Data Security Management Encryption & Key Lifecycle Management Messaging Security E-mail Database Monitoring Security Data Masking & Protection Application Web Application Application Security Vulnerability Scanning Firewall Access & Entitlement Web / URL Filtering SOA Security Management Infrastructure Vulnerability Virtual System Endpoint Protection Security Assessment Security Threat Security Event Managed Intrusion Prevention Analysis Management Mobility Svcs System Firewall, IDS/IPS Mainframe Security Audit, Security Configuration MFS Management Admin & Compliance & Patch Management Physical Security
  • 19. IBM has a unique perspective on security Trusted Advisor Security Company Solution Provider The Company Helping customers A leading provider of A leading provider of 400,000 employees to build smarter cities, software and services software and hardware across 130 countries with smarter grids, new data across a vast array of solutions around private data to protect.centers, trusted passport security product and the world. systems and more. services segments. IBM Security Solutions in 201120