SlideShare a Scribd company logo

Identity and Access Management in the Era of Digital Transformation

Download as PPTX, PDF
U
Uthaiyashankar

Identity and Access Management in the Era of Digital Transformation

Software
1 of 32
Identity and Access Management in the Era of Digital Transformation Selvaratnam Uthaiyashankar VP – Engineering WSO2
Identity and Digital Business • Identity is at the heart of Digital Business Image source: http://coranet.com/images/network-security.png
Identity Centric • Digital Business is all about “User” – How do we know who is accessing – Things user can access or do – User’s preferences – Rules User has to adhere – Relationship with other entities
Proper identity enforcement is essential for customer experience, security, privacy
Authentication • Direct Authentication – Basic Authentication – Digest Authentication – TLS Mutual Authentication Service Providers Authentication Service Consumption Image Source : http://www.densodynamics.com/wp-content/uploads/2016/01/gandalf.jpg
Digital business requires seamless integration of various systems…
Identity Challenges When Integrating Multiple Systems • Different username, password (credential) for different systems – Preferred username is already taken – Using same username/password might become a security risk • Too many username, password • Loosing possible collaborations between applications
Authentication • Brokered Authentication – SAML – OAuth : SAML2/JWT grant type – OpenID – OpenID Connect • Single Sign-On Service Providers Service Providers Service Providers Identity Provider Service Providers Authentication Service Consumption Trust Image source: http://savepic.ru/6463149.gif
Users Might Want to Use Their Social Identities • BYOID
Users Might Want to Use Their Enterprise Identity • Trust between different Identity Domains • Identity Federation Service Providers Service Providers Service Providers Identity Provider B Service Providers Authentication Service Consumption Trust Identity Provider A Trust
Multi-option Authentication
Identity Bus
Identity links all the systems. You just increased the risk of attack on your identity…
Often, weak link is poor user credential https://www.infosecurity-magazine.com/news/compromised-credentials-quarter/
Multi Factor Authentication • What you know • What you have • What you are Image source: http://it.miami.edu/_assets/images/multifactor1.png
Adaptive Authentication • Ability to change authentication options based on the context https://3c1703fe8d.site.internapcdn.net/newman/gfx/news/hires/2013/howdochamele.jpg
Provisioning Users • Self Service – Complete user management – User Portal • Approvals and Workflows • Just In Time Provisioning http://blog.genesys.com/wp-content/uploads/2014/07/Road-Sign-Self-Service.jpg
Provisioning Users in Multiple Systems
Access Control • Principle of least privilege • Role based access control • Attribute based access control • Fine-grained access control with XACML http://findbiometrics.com/assets/iStock_Access-300x225.jpg
Auditing User Activities • You might not know who will access your system (BYOID) • Full Audit on user activities are important – Specially on User Management, Admin operations – Who, What, From Where, When, How • Accountability, Reconstruction, Problem Detection, Intrusion Detection http://cdn.gocertify.com/images/Auditing%20team%20going%20over%20report.jpg
Analytics • Understanding user behavior • Predicting future needs • Fraud detection http://www.labrechedigital.com/images/analytics.png
API Security • APIs are powering the Digital Business • Ability to secure the API (OAuth) • Identity delegation https://edinversity.files.wordpress.com/2013/07/handing-over-car-keys.jpg
IoT is an Essential Element in Digital Business • Identity Include “Things” • Securing your IoT devices is a must • Consider scalability of your IAM System https://media.licdn.com/mpr/mpr/shrinknp_400_400/AAEAAQAAAAAAAAWRAAAAJDkwODMwYzIyLTA5MzktNDAwZi05ZmI4LWJkYT AyM2U4MDBlNQ.jpg
Perimeter of Your Digital Business will Increase • Data is in cloud, mobile devices • Borders across systems don’t work anymore • Your Attack Surface increases – you can’t remove unused features in the cloud services • Security by obscurity doesn’t work anymore • Expect hacking, DoS attacks, phishing attack • Controlling access, monitoring, analyzing and predicting attacks are the way forward
Bridging Cloud and Internal Systems • Connectors to bridge Cloud Systems and Internal Systems – Might not be able to open ports for outside world http://www.stratoscale.com/wp-content/uploads/gap-1080x1080.jpg
Digital Business Requires Agility • Should be able to connect new systems easily • Frequent changes to external system • Future Proof • Needs some Identity Mediation Concepts http://s3-us-west-2.amazonaws.com/abacus-blog/wp-content/uploads/2015/10/dog-agility.png
Digital Business Encourages Innovation • Often, security strategy is viewed as restrictive for Innovation – Specially, when involving with public services, APIs • Security should be transparent to the user for better user experience https://www.gatesnotes.com/~/media/Images/Articles/About-Bill-Gates/Accelerating- Innovation/innovation_2016_article_1200px_v1.jpg
Digital Transformation Requires Cultural Changes • More and more, business units are in control rather than IT and security teams – Yet you need to know who is accessing, what they are accessing, etc. • Understanding this cultural shift will reduce frustrations http://www.leehopkins.net/wp-content/uploads/2010/11/iStock_000010822711XSmall_thumb.jpg
WSO2 Identity Server
http://cdn.ttgtmedia.com/rms/security/Gartner2014_ASA.jpg
Thank You!

Recommended

Reinforcing Your Enterprise With Security Architectures
Reinforcing Your Enterprise With Security ArchitecturesReinforcing Your Enterprise With Security Architectures
Reinforcing Your Enterprise With Security ArchitecturesUthaiyashankar
 
Planning Your Cloud Strategy
Planning Your Cloud StrategyPlanning Your Cloud Strategy
Planning Your Cloud StrategyUthaiyashankar
 
Federated and fabulous identity
Federated and fabulous identityFederated and fabulous identity
Federated and fabulous identityAndre N. Klingsheim
 
IoT mobile app device cloud identity and security architecture
IoT mobile app device cloud identity and security architectureIoT mobile app device cloud identity and security architecture
IoT mobile app device cloud identity and security architectureVinod Wilson
 
IAM Cloud
IAM CloudIAM Cloud
IAM CloudAidy Tificate
 
The lazy programmer`s way to secure application
The lazy programmer`s way to secure applicationThe lazy programmer`s way to secure application
The lazy programmer`s way to secure applicationLev Maltsev
 
IT-Security@Contemporary Life
IT-Security@Contemporary LifeIT-Security@Contemporary Life
IT-Security@Contemporary LifeOliver Pfaff
 
Identity and Security in the Cloud
Identity and Security in the CloudIdentity and Security in the Cloud
Identity and Security in the CloudRichard Diver
 

Recommended

Reinforcing Your Enterprise With Security Architectures
Reinforcing Your Enterprise With Security ArchitecturesReinforcing Your Enterprise With Security Architectures
Reinforcing Your Enterprise With Security ArchitecturesUthaiyashankar
 
Planning Your Cloud Strategy
Planning Your Cloud StrategyPlanning Your Cloud Strategy
Planning Your Cloud StrategyUthaiyashankar
 
Federated and fabulous identity
Federated and fabulous identityFederated and fabulous identity
Federated and fabulous identityAndre N. Klingsheim
 
IoT mobile app device cloud identity and security architecture
IoT mobile app device cloud identity and security architectureIoT mobile app device cloud identity and security architecture
IoT mobile app device cloud identity and security architectureVinod Wilson
 
IAM Cloud
IAM CloudIAM Cloud
IAM CloudAidy Tificate
 
The lazy programmer`s way to secure application
The lazy programmer`s way to secure applicationThe lazy programmer`s way to secure application
The lazy programmer`s way to secure applicationLev Maltsev
 
IT-Security@Contemporary Life
IT-Security@Contemporary LifeIT-Security@Contemporary Life
IT-Security@Contemporary LifeOliver Pfaff
 
Identity and Security in the Cloud
Identity and Security in the CloudIdentity and Security in the Cloud
Identity and Security in the CloudRichard Diver
 
Core defense mechanisms against security attacks on web applications
Core defense mechanisms against security attacks on web applicationsCore defense mechanisms against security attacks on web applications
Core defense mechanisms against security attacks on web applicationsKaran Nagrecha
 
The Path to IAM Maturity
The Path to IAM MaturityThe Path to IAM Maturity
The Path to IAM MaturityJerod Brennen
 
CyberArk Online Training By Expert Trainer - itjobzone
CyberArk Online Training By Expert Trainer - itjobzoneCyberArk Online Training By Expert Trainer - itjobzone
CyberArk Online Training By Expert Trainer - itjobzoneITJobZone.biz
 
Solving problems with authentication
Solving problems with authenticationSolving problems with authentication
Solving problems with authenticationMecklerMedia
 
Identity & Access Management - Securing Your Data in the 21st Century Enterprise
Identity & Access Management - Securing Your Data in the 21st Century EnterpriseIdentity & Access Management - Securing Your Data in the 21st Century Enterprise
Identity & Access Management - Securing Your Data in the 21st Century EnterpriseLance Peterman
 
SailPoint - IdentityNow Identity Governance
SailPoint - IdentityNow Identity GovernanceSailPoint - IdentityNow Identity Governance
SailPoint - IdentityNow Identity GovernanceArijan Horvat
 
Authentication Technologies
Authentication TechnologiesAuthentication Technologies
Authentication TechnologiesNicholas Davis
 
20150528_ficha SECURIS
20150528_ficha SECURIS20150528_ficha SECURIS
20150528_ficha SECURISJoaquín Reñé
 
Security Patterns with the WSO2 ESB
Security Patterns with the WSO2 ESBSecurity Patterns with the WSO2 ESB
Security Patterns with the WSO2 ESBWSO2
 
Understanding Claim based Authentication
Understanding Claim based AuthenticationUnderstanding Claim based Authentication
Understanding Claim based AuthenticationMohammad Yousri
 
Web authentication & authorization
Web authentication & authorizationWeb authentication & authorization
Web authentication & authorizationAlexandru Pasaila
 
Securing Access Through a Multi-Purpose Credential and Digital ID
Securing Access Through a Multi-Purpose Credential and Digital IDSecuring Access Through a Multi-Purpose Credential and Digital ID
Securing Access Through a Multi-Purpose Credential and Digital IDForgeRock
 
Enterprise Collaboration - 4
Enterprise Collaboration - 4Enterprise Collaboration - 4
Enterprise Collaboration - 4Nitin Kohli
 
Computer security
Computer securityComputer security
Computer securityps14016
 
Azure active directory
Azure active directoryAzure active directory
Azure active directoryEducationTamil
 
SharePoint 2010 Extranets and Authentication: How will SharePoint 2010 connec...
SharePoint 2010 Extranets and Authentication: How will SharePoint 2010 connec...SharePoint 2010 Extranets and Authentication: How will SharePoint 2010 connec...
SharePoint 2010 Extranets and Authentication: How will SharePoint 2010 connec...Brian Culver
 
Claim based authentaication
Claim based authentaicationClaim based authentaication
Claim based authentaicationSean Xiong
 
Uma webinar 2014 03-20
Uma webinar 2014 03-20Uma webinar 2014 03-20
Uma webinar 2014 03-20kantarainitiative
 
Denver ISSA Chapter Meetings - Changing the Security Paradigm
Denver ISSA Chapter Meetings - Changing the Security ParadigmDenver ISSA Chapter Meetings - Changing the Security Paradigm
Denver ISSA Chapter Meetings - Changing the Security ParadigmIdentity Defined Security Alliance
 
Identity and Access Management Introduction
Identity and Access Management IntroductionIdentity and Access Management Introduction
Identity and Access Management IntroductionAidy Tificate
 
Identity and Access Management - RSA 2017 Security Foundations Seminar
Identity and Access Management - RSA 2017 Security Foundations SeminarIdentity and Access Management - RSA 2017 Security Foundations Seminar
Identity and Access Management - RSA 2017 Security Foundations SeminarBrian Campbell
 
CIS14: Are the Enterprises Ready for Identity of Everything?
CIS14: Are the Enterprises Ready for Identity of Everything?CIS14: Are the Enterprises Ready for Identity of Everything?
CIS14: Are the Enterprises Ready for Identity of Everything?CloudIDSummit
 

More Related Content

What's hot

Core defense mechanisms against security attacks on web applications
Core defense mechanisms against security attacks on web applicationsCore defense mechanisms against security attacks on web applications
Core defense mechanisms against security attacks on web applicationsKaran Nagrecha
 
The Path to IAM Maturity
The Path to IAM MaturityThe Path to IAM Maturity
The Path to IAM MaturityJerod Brennen
 
CyberArk Online Training By Expert Trainer - itjobzone
CyberArk Online Training By Expert Trainer - itjobzoneCyberArk Online Training By Expert Trainer - itjobzone
CyberArk Online Training By Expert Trainer - itjobzoneITJobZone.biz
 
Solving problems with authentication
Solving problems with authenticationSolving problems with authentication
Solving problems with authenticationMecklerMedia
 
Identity & Access Management - Securing Your Data in the 21st Century Enterprise
Identity & Access Management - Securing Your Data in the 21st Century EnterpriseIdentity & Access Management - Securing Your Data in the 21st Century Enterprise
Identity & Access Management - Securing Your Data in the 21st Century EnterpriseLance Peterman
 
SailPoint - IdentityNow Identity Governance
SailPoint - IdentityNow Identity GovernanceSailPoint - IdentityNow Identity Governance
SailPoint - IdentityNow Identity GovernanceArijan Horvat
 
Authentication Technologies
Authentication TechnologiesAuthentication Technologies
Authentication TechnologiesNicholas Davis
 
Security Patterns with the WSO2 ESB
Security Patterns with the WSO2 ESBSecurity Patterns with the WSO2 ESB
Security Patterns with the WSO2 ESBWSO2
 
Understanding Claim based Authentication
Understanding Claim based AuthenticationUnderstanding Claim based Authentication
Understanding Claim based AuthenticationMohammad Yousri
 
Web authentication & authorization
Web authentication & authorizationWeb authentication & authorization
Web authentication & authorizationAlexandru Pasaila
 
Securing Access Through a Multi-Purpose Credential and Digital ID
Securing Access Through a Multi-Purpose Credential and Digital IDSecuring Access Through a Multi-Purpose Credential and Digital ID
Securing Access Through a Multi-Purpose Credential and Digital IDForgeRock
 
Enterprise Collaboration - 4
Enterprise Collaboration - 4Enterprise Collaboration - 4
Enterprise Collaboration - 4Nitin Kohli
 
Computer security
Computer securityComputer security
Computer securityps14016
 
Azure active directory
Azure active directoryAzure active directory
Azure active directoryEducationTamil
 
SharePoint 2010 Extranets and Authentication: How will SharePoint 2010 connec...
SharePoint 2010 Extranets and Authentication: How will SharePoint 2010 connec...SharePoint 2010 Extranets and Authentication: How will SharePoint 2010 connec...
SharePoint 2010 Extranets and Authentication: How will SharePoint 2010 connec...Brian Culver
 
Claim based authentaication
Claim based authentaicationClaim based authentaication
Claim based authentaicationSean Xiong
 
Identity and Access Management Introduction
Identity and Access Management IntroductionIdentity and Access Management Introduction
Identity and Access Management IntroductionAidy Tificate
 

What's hot (20)

Core defense mechanisms against security attacks on web applications
Core defense mechanisms against security attacks on web applicationsCore defense mechanisms against security attacks on web applications
Core defense mechanisms against security attacks on web applications
 
The Path to IAM Maturity
The Path to IAM MaturityThe Path to IAM Maturity
The Path to IAM Maturity
 
CyberArk Online Training By Expert Trainer - itjobzone
CyberArk Online Training By Expert Trainer - itjobzoneCyberArk Online Training By Expert Trainer - itjobzone
CyberArk Online Training By Expert Trainer - itjobzone
 
Solving problems with authentication
Solving problems with authenticationSolving problems with authentication
Solving problems with authentication
 
Identity & Access Management - Securing Your Data in the 21st Century Enterprise
Identity & Access Management - Securing Your Data in the 21st Century EnterpriseIdentity & Access Management - Securing Your Data in the 21st Century Enterprise
Identity & Access Management - Securing Your Data in the 21st Century Enterprise
 
SailPoint - IdentityNow Identity Governance
SailPoint - IdentityNow Identity GovernanceSailPoint - IdentityNow Identity Governance
SailPoint - IdentityNow Identity Governance
 
Authentication Technologies
Authentication TechnologiesAuthentication Technologies
Authentication Technologies
 
20150528_ficha SECURIS
20150528_ficha SECURIS20150528_ficha SECURIS
20150528_ficha SECURIS
 
Security Patterns with the WSO2 ESB
Security Patterns with the WSO2 ESBSecurity Patterns with the WSO2 ESB
Security Patterns with the WSO2 ESB
 
Understanding Claim based Authentication
Understanding Claim based AuthenticationUnderstanding Claim based Authentication
Understanding Claim based Authentication
 
Web authentication & authorization
Web authentication & authorizationWeb authentication & authorization
Web authentication & authorization
 
Securing Access Through a Multi-Purpose Credential and Digital ID
Securing Access Through a Multi-Purpose Credential and Digital IDSecuring Access Through a Multi-Purpose Credential and Digital ID
Securing Access Through a Multi-Purpose Credential and Digital ID
 
Enterprise Collaboration - 4
Enterprise Collaboration - 4Enterprise Collaboration - 4
Enterprise Collaboration - 4
 
Computer security
Computer securityComputer security
Computer security
 
Azure active directory
Azure active directoryAzure active directory
Azure active directory
 
SharePoint 2010 Extranets and Authentication: How will SharePoint 2010 connec...
SharePoint 2010 Extranets and Authentication: How will SharePoint 2010 connec...SharePoint 2010 Extranets and Authentication: How will SharePoint 2010 connec...
SharePoint 2010 Extranets and Authentication: How will SharePoint 2010 connec...
 
Claim based authentaication
Claim based authentaicationClaim based authentaication
Claim based authentaication
 
Uma webinar 2014 03-20
Uma webinar 2014 03-20Uma webinar 2014 03-20
Uma webinar 2014 03-20
 
Denver ISSA Chapter Meetings - Changing the Security Paradigm
Denver ISSA Chapter Meetings - Changing the Security ParadigmDenver ISSA Chapter Meetings - Changing the Security Paradigm
Denver ISSA Chapter Meetings - Changing the Security Paradigm
 
Identity and Access Management Introduction
Identity and Access Management IntroductionIdentity and Access Management Introduction
Identity and Access Management Introduction
 

Viewers also liked

Identity and Access Management - RSA 2017 Security Foundations Seminar
Identity and Access Management - RSA 2017 Security Foundations SeminarIdentity and Access Management - RSA 2017 Security Foundations Seminar
Identity and Access Management - RSA 2017 Security Foundations SeminarBrian Campbell
 
CIS14: Are the Enterprises Ready for Identity of Everything?
CIS14: Are the Enterprises Ready for Identity of Everything?CIS14: Are the Enterprises Ready for Identity of Everything?
CIS14: Are the Enterprises Ready for Identity of Everything?CloudIDSummit
 
CIS14: Developing with OAuth and OIDC Connect
CIS14: Developing with OAuth and OIDC ConnectCIS14: Developing with OAuth and OIDC Connect
CIS14: Developing with OAuth and OIDC ConnectCloudIDSummit
 
WSO2Con 2013 - WSO2 as a Crypto Platform
WSO2Con 2013 - WSO2 as a Crypto PlatformWSO2Con 2013 - WSO2 as a Crypto Platform
WSO2Con 2013 - WSO2 as a Crypto PlatformRoger CARHUATOCTO
 
OAuth 2.0 Token Exchange: An STS for the REST of Us
OAuth 2.0 Token Exchange: An STS for the REST of UsOAuth 2.0 Token Exchange: An STS for the REST of Us
OAuth 2.0 Token Exchange: An STS for the REST of UsBrian Campbell
 
Knowledge Management and Communication Opportunities in Peace Support Operations
Knowledge Management and Communication Opportunities in Peace Support OperationsKnowledge Management and Communication Opportunities in Peace Support Operations
Knowledge Management and Communication Opportunities in Peace Support Operationsrmcpu
 
Integrated Marketing Communication Campaign
Integrated Marketing Communication CampaignIntegrated Marketing Communication Campaign
Integrated Marketing Communication Campaignmcgrath.michaelp
 
Collaboration strategy how-to
Collaboration strategy how-toCollaboration strategy how-to
Collaboration strategy how-toGordon Vala-Webb
 
Towards unified knowledge management platform (rulefest 2010)
Towards unified knowledge management platform (rulefest 2010)Towards unified knowledge management platform (rulefest 2010)
Towards unified knowledge management platform (rulefest 2010)Geoffrey De Smet
 
Web-based Business Marketing
Web-based Business MarketingWeb-based Business Marketing
Web-based Business MarketingLeonardo ENERGY
 
Knowledge Management for Real
Knowledge Management for RealKnowledge Management for Real
Knowledge Management for RealCherwell Software
 
Knowledge Production and Dissemination in the Digital Era
Knowledge Production and Dissemination in the Digital EraKnowledge Production and Dissemination in the Digital Era
Knowledge Production and Dissemination in the Digital EraAnas Tawileh
 
If You Tag it, Will They Come? Metadata Quality and Repository Management
If You Tag it, Will They Come? Metadata Quality and Repository ManagementIf You Tag it, Will They Come? Metadata Quality and Repository Management
If You Tag it, Will They Come? Metadata Quality and Repository ManagementSarah Currier
 
Knowledge management and knowledge workers in the digital era challenges and...
Knowledge management and knowledge workers in the digital era challenges and...Knowledge management and knowledge workers in the digital era challenges and...
Knowledge management and knowledge workers in the digital era challenges and...Kishor Satpathy
 
Tara Knapp: From Conceptual Knowledge to Real World Implementation
Tara Knapp: From Conceptual Knowledge to Real World ImplementationTara Knapp: From Conceptual Knowledge to Real World Implementation
Tara Knapp: From Conceptual Knowledge to Real World ImplementationJack Molisani
 
Knowledge Management and Communication
Knowledge Management and CommunicationKnowledge Management and Communication
Knowledge Management and CommunicationICIMOD
 
Achieving Impact Through Knowledge Management and Communication in the Hindu ...
Achieving Impact Through Knowledge Management and Communication in the Hindu ...Achieving Impact Through Knowledge Management and Communication in the Hindu ...
Achieving Impact Through Knowledge Management and Communication in the Hindu ...Olivier Serrat
 
Web-based business models in 2015
Web-based business models in 2015Web-based business models in 2015
Web-based business models in 2015Eduardo Larrain
 

Viewers also liked (20)

Identity and Access Management - RSA 2017 Security Foundations Seminar
Identity and Access Management - RSA 2017 Security Foundations SeminarIdentity and Access Management - RSA 2017 Security Foundations Seminar
Identity and Access Management - RSA 2017 Security Foundations Seminar
 
CIS14: Are the Enterprises Ready for Identity of Everything?
CIS14: Are the Enterprises Ready for Identity of Everything?CIS14: Are the Enterprises Ready for Identity of Everything?
CIS14: Are the Enterprises Ready for Identity of Everything?
 
CIS14: Developing with OAuth and OIDC Connect
CIS14: Developing with OAuth and OIDC ConnectCIS14: Developing with OAuth and OIDC Connect
CIS14: Developing with OAuth and OIDC Connect
 
WSO2Con 2013 - WSO2 as a Crypto Platform
WSO2Con 2013 - WSO2 as a Crypto PlatformWSO2Con 2013 - WSO2 as a Crypto Platform
WSO2Con 2013 - WSO2 as a Crypto Platform
 
OAuth 2.0 Token Exchange: An STS for the REST of Us
OAuth 2.0 Token Exchange: An STS for the REST of UsOAuth 2.0 Token Exchange: An STS for the REST of Us
OAuth 2.0 Token Exchange: An STS for the REST of Us
 
Knowledge Management and Communication Opportunities in Peace Support Operations
Knowledge Management and Communication Opportunities in Peace Support OperationsKnowledge Management and Communication Opportunities in Peace Support Operations
Knowledge Management and Communication Opportunities in Peace Support Operations
 
Integrated Marketing Communication Campaign
Integrated Marketing Communication CampaignIntegrated Marketing Communication Campaign
Integrated Marketing Communication Campaign
 
Collaboration strategy how-to
Collaboration strategy how-toCollaboration strategy how-to
Collaboration strategy how-to
 
Towards unified knowledge management platform (rulefest 2010)
Towards unified knowledge management platform (rulefest 2010)Towards unified knowledge management platform (rulefest 2010)
Towards unified knowledge management platform (rulefest 2010)
 
Web-based Business Marketing
Web-based Business MarketingWeb-based Business Marketing
Web-based Business Marketing
 
Knowledge Management for Real
Knowledge Management for RealKnowledge Management for Real
Knowledge Management for Real
 
IFAD KM Strategy
IFAD KM StrategyIFAD KM Strategy
IFAD KM Strategy
 
Knowledge Production and Dissemination in the Digital Era
Knowledge Production and Dissemination in the Digital EraKnowledge Production and Dissemination in the Digital Era
Knowledge Production and Dissemination in the Digital Era
 
If You Tag it, Will They Come? Metadata Quality and Repository Management
If You Tag it, Will They Come? Metadata Quality and Repository ManagementIf You Tag it, Will They Come? Metadata Quality and Repository Management
If You Tag it, Will They Come? Metadata Quality and Repository Management
 
Knowledge management in the social era
Knowledge management in the social eraKnowledge management in the social era
Knowledge management in the social era
 
Knowledge management and knowledge workers in the digital era challenges and...
Knowledge management and knowledge workers in the digital era challenges and...Knowledge management and knowledge workers in the digital era challenges and...
Knowledge management and knowledge workers in the digital era challenges and...
 
Tara Knapp: From Conceptual Knowledge to Real World Implementation
Tara Knapp: From Conceptual Knowledge to Real World ImplementationTara Knapp: From Conceptual Knowledge to Real World Implementation
Tara Knapp: From Conceptual Knowledge to Real World Implementation
 
Knowledge Management and Communication
Knowledge Management and CommunicationKnowledge Management and Communication
Knowledge Management and Communication
 
Achieving Impact Through Knowledge Management and Communication in the Hindu ...
Achieving Impact Through Knowledge Management and Communication in the Hindu ...Achieving Impact Through Knowledge Management and Communication in the Hindu ...
Achieving Impact Through Knowledge Management and Communication in the Hindu ...
 
Web-based business models in 2015
Web-based business models in 2015Web-based business models in 2015
Web-based business models in 2015
 

Similar to Identity and Access Management in the Era of Digital Transformation

Why IAM is the Need of the Hour
Why IAM is the Need of the HourWhy IAM is the Need of the Hour
Why IAM is the Need of the HourTechdemocracy
 
Remote Access Policy Is A Normal Thing
Remote Access Policy Is A Normal ThingRemote Access Policy Is A Normal Thing
Remote Access Policy Is A Normal ThingKaren Oliver
 
Identity and Access Management (IAM)
Identity and Access Management (IAM)Identity and Access Management (IAM)
Identity and Access Management (IAM)Jack Forbes
 
[WSO2Con EU 2017] IAM: Catalyst for Digital Transformation
[WSO2Con EU 2017] IAM: Catalyst for Digital Transformation[WSO2Con EU 2017] IAM: Catalyst for Digital Transformation
[WSO2Con EU 2017] IAM: Catalyst for Digital TransformationWSO2
 
Identity and access management
Identity and access managementIdentity and access management
Identity and access managementPiyush Jain
 
Understanding Identity Management and Security.
Understanding Identity Management and Security.Understanding Identity Management and Security.
Understanding Identity Management and Security.Chinatu Uzuegbu
 
Building open source identity infrastructures
Building open source identity infrastructuresBuilding open source identity infrastructures
Building open source identity infrastructuresFrancesco Chicchiriccò
 
IDM in telecom industry
IDM in telecom industryIDM in telecom industry
IDM in telecom industryAjit Dadresa
 
Smart Identity for the Hybrid Multicloud World
Smart Identity for the Hybrid Multicloud WorldSmart Identity for the Hybrid Multicloud World
Smart Identity for the Hybrid Multicloud WorldKatherine Cola
 
OneIdentity - A Future-Ready Approach to IAM
OneIdentity - A Future-Ready Approach to IAMOneIdentity - A Future-Ready Approach to IAM
OneIdentity - A Future-Ready Approach to IAMAdrian Dumitrescu
 
Governance and Security Solution Patterns
Governance and Security Solution Patterns Governance and Security Solution Patterns
Governance and Security Solution Patterns WSO2
 
Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19
Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19
Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19Andrew Hughes
 

Similar to Identity and Access Management in the Era of Digital Transformation (20)

Compliance & Identity access management
Compliance & Identity access management Compliance & Identity access management
Compliance & Identity access management
 
Why IAM is the Need of the Hour
Why IAM is the Need of the HourWhy IAM is the Need of the Hour
Why IAM is the Need of the Hour
 
Remote Access Policy Is A Normal Thing
Remote Access Policy Is A Normal ThingRemote Access Policy Is A Normal Thing
Remote Access Policy Is A Normal Thing
 
Identity and Access Management (IAM)
Identity and Access Management (IAM)Identity and Access Management (IAM)
Identity and Access Management (IAM)
 
[WSO2Con EU 2017] IAM: Catalyst for Digital Transformation
[WSO2Con EU 2017] IAM: Catalyst for Digital Transformation[WSO2Con EU 2017] IAM: Catalyst for Digital Transformation
[WSO2Con EU 2017] IAM: Catalyst for Digital Transformation
 
Identity and access management
Identity and access managementIdentity and access management
Identity and access management
 
Identiverse Zero Trust Customer Briefing, Identiverse 2019
Identiverse Zero Trust Customer Briefing, Identiverse 2019Identiverse Zero Trust Customer Briefing, Identiverse 2019
Identiverse Zero Trust Customer Briefing, Identiverse 2019
 
unit4.pptx
unit4.pptxunit4.pptx
unit4.pptx
 
Advanced persistent threats
Advanced persistent threatsAdvanced persistent threats
Advanced persistent threats
 
Understanding Identity Management and Security.
Understanding Identity Management and Security.Understanding Identity Management and Security.
Understanding Identity Management and Security.
 
Introduction to Identity Management
Introduction to Identity ManagementIntroduction to Identity Management
Introduction to Identity Management
 
Building open source identity infrastructures
Building open source identity infrastructuresBuilding open source identity infrastructures
Building open source identity infrastructures
 
IDM in telecom industry
IDM in telecom industryIDM in telecom industry
IDM in telecom industry
 
Smart Identity for the Hybrid Multicloud World
Smart Identity for the Hybrid Multicloud WorldSmart Identity for the Hybrid Multicloud World
Smart Identity for the Hybrid Multicloud World
 
Co p
Co pCo p
Co p
 
OneIdentity - A Future-Ready Approach to IAM
OneIdentity - A Future-Ready Approach to IAMOneIdentity - A Future-Ready Approach to IAM
OneIdentity - A Future-Ready Approach to IAM
 
IAM
IAMIAM
IAM
 
Governance and Security Solution Patterns
Governance and Security Solution Patterns Governance and Security Solution Patterns
Governance and Security Solution Patterns
 
Co p
Co pCo p
Co p
 
Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19
Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19
Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19
 

Recently uploaded

Hand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxHand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxbodapatigopi8531
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️Delhi Call girls
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Steffen Staab
 
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AISyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AIABDERRAOUF MEHENNI
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfkalichargn70th171
 
Diamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionDiamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionSolGuruz
 
How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsAndolasoft Inc
 
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsJhone kinadey
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...ICS
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...panagenda
 
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️anilsa9823
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfkalichargn70th171
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...OnePlan Solutions
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providermohitmore19
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsAlberto González Trastoy
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVshikhaohhpro
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...MyIntelliSource, Inc.
 
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerThousandEyes
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsArshad QA
 
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...kellynguyen01
 

Recently uploaded (20)

Hand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxHand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptx
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
 
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AISyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
 
Diamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionDiamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with Precision
 
How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.js
 
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial Goals
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
 
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service provider
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTV
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
 
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview Questions
 
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
 

Identity and Access Management in the Era of Digital Transformation

  • 1. Identity and Access Management in the Era of Digital Transformation Selvaratnam Uthaiyashankar VP – Engineering WSO2
  • 2. Identity and Digital Business • Identity is at the heart of Digital Business Image source: http://coranet.com/images/network-security.png
  • 3. Identity Centric • Digital Business is all about “User” – How do we know who is accessing – Things user can access or do – User’s preferences – Rules User has to adhere – Relationship with other entities
  • 4. Proper identity enforcement is essential for customer experience, security, privacy
  • 5. Authentication • Direct Authentication – Basic Authentication – Digest Authentication – TLS Mutual Authentication Service Providers Authentication Service Consumption Image Source : http://www.densodynamics.com/wp-content/uploads/2016/01/gandalf.jpg
  • 6. Digital business requires seamless integration of various systems…
  • 7. Identity Challenges When Integrating Multiple Systems • Different username, password (credential) for different systems – Preferred username is already taken – Using same username/password might become a security risk • Too many username, password • Loosing possible collaborations between applications
  • 8. Authentication • Brokered Authentication – SAML – OAuth : SAML2/JWT grant type – OpenID – OpenID Connect • Single Sign-On Service Providers Service Providers Service Providers Identity Provider Service Providers Authentication Service Consumption Trust Image source: http://savepic.ru/6463149.gif
  • 9. Users Might Want to Use Their Social Identities • BYOID
  • 10. Users Might Want to Use Their Enterprise Identity • Trust between different Identity Domains • Identity Federation Service Providers Service Providers Service Providers Identity Provider B Service Providers Authentication Service Consumption Trust Identity Provider A Trust
  • 13. Identity links all the systems. You just increased the risk of attack on your identity…
  • 14. Often, weak link is poor user credential https://www.infosecurity-magazine.com/news/compromised-credentials-quarter/
  • 15. Multi Factor Authentication • What you know • What you have • What you are Image source: http://it.miami.edu/_assets/images/multifactor1.png
  • 16. Adaptive Authentication • Ability to change authentication options based on the context https://3c1703fe8d.site.internapcdn.net/newman/gfx/news/hires/2013/howdochamele.jpg
  • 17. Provisioning Users • Self Service – Complete user management – User Portal • Approvals and Workflows • Just In Time Provisioning http://blog.genesys.com/wp-content/uploads/2014/07/Road-Sign-Self-Service.jpg
  • 18. Provisioning Users in Multiple Systems
  • 19. Access Control • Principle of least privilege • Role based access control • Attribute based access control • Fine-grained access control with XACML http://findbiometrics.com/assets/iStock_Access-300x225.jpg
  • 20. Auditing User Activities • You might not know who will access your system (BYOID) • Full Audit on user activities are important – Specially on User Management, Admin operations – Who, What, From Where, When, How • Accountability, Reconstruction, Problem Detection, Intrusion Detection http://cdn.gocertify.com/images/Auditing%20team%20going%20over%20report.jpg
  • 21. Analytics • Understanding user behavior • Predicting future needs • Fraud detection http://www.labrechedigital.com/images/analytics.png
  • 22. API Security • APIs are powering the Digital Business • Ability to secure the API (OAuth) • Identity delegation https://edinversity.files.wordpress.com/2013/07/handing-over-car-keys.jpg
  • 23. IoT is an Essential Element in Digital Business • Identity Include “Things” • Securing your IoT devices is a must • Consider scalability of your IAM System https://media.licdn.com/mpr/mpr/shrinknp_400_400/AAEAAQAAAAAAAAWRAAAAJDkwODMwYzIyLTA5MzktNDAwZi05ZmI4LWJkYT AyM2U4MDBlNQ.jpg
  • 24. Perimeter of Your Digital Business will Increase • Data is in cloud, mobile devices • Borders across systems don’t work anymore • Your Attack Surface increases – you can’t remove unused features in the cloud services • Security by obscurity doesn’t work anymore • Expect hacking, DoS attacks, phishing attack • Controlling access, monitoring, analyzing and predicting attacks are the way forward
  • 25. Bridging Cloud and Internal Systems • Connectors to bridge Cloud Systems and Internal Systems – Might not be able to open ports for outside world http://www.stratoscale.com/wp-content/uploads/gap-1080x1080.jpg
  • 26. Digital Business Requires Agility • Should be able to connect new systems easily • Frequent changes to external system • Future Proof • Needs some Identity Mediation Concepts http://s3-us-west-2.amazonaws.com/abacus-blog/wp-content/uploads/2015/10/dog-agility.png
  • 27. Digital Business Encourages Innovation • Often, security strategy is viewed as restrictive for Innovation – Specially, when involving with public services, APIs • Security should be transparent to the user for better user experience https://www.gatesnotes.com/~/media/Images/Articles/About-Bill-Gates/Accelerating- Innovation/innovation_2016_article_1200px_v1.jpg
  • 28. Digital Transformation Requires Cultural Changes • More and more, business units are in control rather than IT and security teams – Yet you need to know who is accessing, what they are accessing, etc. • Understanding this cultural shift will reduce frustrations http://www.leehopkins.net/wp-content/uploads/2010/11/iStock_000010822711XSmall_thumb.jpg
  • 30.