BellSouth Distributed Object Security Requirements - PowerPoint PPT Presentation

1 / 11
About This Presentation
Title:

BellSouth Distributed Object Security Requirements

Description:

BellSouth Distributed Object Security Requirements. Sam Lumpkin. BellSouth Enterprise Security ... Security services will implement enterprise wide ... – PowerPoint PPT presentation

Number of Views:51
Avg rating:3.0/5.0
Slides: 12
Provided by: omg3
Category:

less

Transcript and Presenter's Notes

Title: BellSouth Distributed Object Security Requirements


1
BellSouth Distributed Object Security Requirements
  • Sam Lumpkin
  • BellSouth Enterprise Security

2
Where We Would Like To Be
  • Reduce the Number of Authenticators
  • Security services will implement enterprise wide
    authentication techniques that will reduce the
    number of logins through the use of X.509
    certificates.
  • Access Control
  • Access control mechanisms associated with user
    profiles will be mobile (follow user), will be
    utilized more in the mid-range and desktop
    environments to provide required access, and will
    restrict access that is not required.
  • Confidentiality
  • Sensitive data will be protected in transit both
    on the Internet and Intranet, and during storage
    especially on mobile computing devices. Data
    integrity services will also be available.
  • Security Management
  • Security management will be provided through the
    tools in this Security Architecture and through
    the Network and Systems Management standard
    frameworks .

3
Where We Would Like To Be
  • X.509 digital certificates for authentication.
  • Directory services to provide mobility for user
    and computing profile information, and reduce
    some of the complexity in managing profiles.
  • Smart card technology, integrated with directory
    services, to provide portability and improved
    personal accountability to digital certificates.

4
Where We Would Like To Be
  • Encryption for persistent data.
  • Encryption for sensitive data in transit.
  • VPNs to facilitate access via the public
    Internet.

5
Where We Are Today - Access Control
  • ACF2 security on mainframes
  • Kerboros security on Unix
  • Windows security on PCs
  • Locally written system for managing user profiles
  • 70 badge entry systems
  • Locally maintained access control lists for most
    distributed systems.
  • Various locally written security mechanisms
  • Token authentication for dialup, internet, etc.

6
Where We Are Today - Servers
  • Lots-O-Mainframes
  • IBM with ACF2
  • Unisys with ???
  • Unix (with and without) Kerboros
  • Sun
  • HP
  • Other (AIX, Linux, etc.)
  • Windows NT (security?)

7
Where We Are Today - Networks
  • Switched Packet Network
  • Async
  • Bisync
  • Fiber
  • etc.
  • Ethernet with filtering routers, switching hubs,
    etc.
  • TCP/IP
  • OSI
  • VTAM

8
Where We Are Today - Desk/Palm-top
  • X-Terminals
  • Network Terminals/PCs
  • Windows NT Workstation
  • PDAs
  • PalmPilot (wired and wireless)
  • Windows CE
  • Windows 98 on hardened wireless PCs

9
Challenges We Face
  • Integration with the Big N (telecommunications)
    network.
  • Numerous large, complex, very critical legacy
    applications.
  • A complex regulatory structure.
  • Affiliates, with very different architectures and
    infrastructures, who have only recently been
    allowed to work together.

10
Challenges We Face
  • Specialized problems
  • Telecom switches and adjunct processors.
  • Wireless communications, Palm VIIs, RIM pagers,
    etc.
  • Mandated external access to our provisioning and
    trouble reporting/tracking systems on parity with
    our own.

11
What Do We Need From You?
  • Interoperability
  • Scalability
  • Specialized solutions for low bandwidth areas
    like wireless.
  • Automated, scriptable administration - GUIs are
    nice, but not scalable.
  • The solution must be deployable across diverse
    environments.
  • Standards without required options
Write a Comment
User Comments (0)
About PowerShow.com