CIS13: Identity is the New Currency

399 views

Published on

Gunnar Peterson, Chief Technology Officer, Artec Group
The enterprise fabric has been shredded by hybrid computing, device independence and the increase in user constituencies.

Published in: Technology, News & Politics
  • Be the first to comment

CIS13: Identity is the New Currency

  1. 1. ©2005-9 Arctec Group Identity is the New Currency Presentation by Gunnar Peterson @oneraindrop
  2. 2. ©2005-9 Arctec Group About the speaker •  Gunnar Peterson –  Managing Principal, Arctec Group –  Twitter @oneraindrop –  Editor Build Security In software security column for IEEE Security & Privacy Journal (www.computer.org/security) –  Primary and contributing author for DHS/CERT Build Security In portal on Web Services security, Identity, and Risk management ( https://buildsecurityin.us-cert.gov/daisy/bsi/home.html) –  Project lead, OWASP Top Ten Web Services, OWASP XML Security Gateway Evaluation Criteria project Associate editor Information Security Bulletin (www.chi-publishing.com) –  Contributor Web Application Firewall Evaluation Criteria ( http://www.webappsec.org/projects/wafec/) –  IANS Faculty member –  Securosis Contirbuting Analyst –  Microsoft MVP –  Visiting Scientist, Carnegie Mellon University, Software Engineering Institute –  Blog: (http://1raindrop.typepad.com) –  Slides/presentations (http://www.arctecgroup.net/articles.htm)
  3. 3. 1.  Problem statement The Hardest Question I’ve Ever Been Asked
  4. 4. 2. Lesson from Mahogany Row
  5. 5. Source: Robert Garigue http://1raindrop.typepad.com/1_raindrop/2007/02/thinking_about_.html
  6. 6. 3. Taking Yes for an Answer
  7. 7. 4. Identity is the New Currency
  8. 8. Some things we do today 1. Up front integration Automated Provisioning Stronger authentication 2. Backend integration Force reauthentication Integration to fine grained authorization 3. Keep malicious actors at bay TLS/SSL OAuth revocation ©2005-9 Arctec Group
  9. 9. 5. How well positioned are we for other trends?
  10. 10. 6. We still have more to learn from cheeseburgers
  11. 11. ©2005-9 Arctec Group •  …”let’s collectively build security in” –  Gunnar Peterson •  Blog: http://1raindrop.typepad.com •  Web: http://www.arctecgroup.net •  Twitter: @oneraindrop •  Email: gunnar@arctecgroup.net “Everything  we  think  of  as  a   computer  today  is  really   just  a  device  that  connects   to  the  big  computer  that  we   are  all  collec;vely  building”  

×