Autenticazione

1

• Autenticazione
• e
• Gestione delle Identità
• Giacomo Aimasso CISM CISA

2
Identity Access Management
The explosion of Digital IDs
3
Identity Access Management
Trends impacting identity

• Internet was built so that communications are
  anonymous
• In-house networks use multiple, often
  mutually-incompatible, proprietary identity
  systems.
• Users are incapable of handling multiple
  identities.
• Criminals love to exploit this mess!

• Regulation and Compliance
• SOX, HIPAA, GLB, Basel II, 21 CFR Part 1 - 15.5
  billion spent in 2005 on compliance
• Business Automation and Integration
• One half of all enterprises have SOA under
  development,
• Web services spending growing 45
• Increasing Threat Landscape
• Identity theft costs banks and credit card
  issuers 1.2 billion in 1 yr
• 250 billion lost in 2004 from exposure of
  confidential info
• Maintenance Costs Dominate IT Budget
• On average employees access 16 apps and systems,
• Companies spend 20-30 per user/yr for PW resets

AMR Research 2006
4
Identity Access Management
Multiple contexts
5
Identity Access Management
Environment Complexity

• Lots of users and systems required to do
  business
• Multiple repositories of identity information
  Multiple user IDs, multiple passwords
• Decentralized management, ad hoc data sharing

6
Identity Access Management
Pain points
7
Identity Access Management
The concept of Identity Management

• Management of identity
• Provisioning/De-provisioning of accounts
• Workflow automation
• Delegated administration
• Password Synchronization
• Self-Service Password Reset
• Directory Service
• Identity Repository (directory services for
  administration of user account attributes)
• Meta-data Replication/Synchronization
• Can include Access Control (IAM)
• Policy based access control
• Enterprise/Legacy Single Sign On (SSO)
• Web Single Sign On (SSO)
• Reduced Sign On

• What is an Identity System?
• A system (processes, rules, applications, and
  services) that coordinates identity information
  held in disparate and scattered data sources.

8
Identity Access Management
What is Identity Management ? IDM CORE

• Employee info entered in HR
• Accounts provisioned to enterprise systems
  applications
• Non-digital resources assigned and/or initiated

New UsersJoin Company
Delegation Workflow Role management Rule
Policy Enforcement Reports Audit

• Employee status updated in HR
• Account disabled removed
• Non-digital resources retrieved and/or cancelled

Users DepartCompany

• Job/role/status changes
• Password changes and resets
• Personal profile information changes
• Additional requests for account access or
  non-digital resources

Change Events User Support
9
Identity Access Management
What is Identity Management ?
USER
OU
HRMS
VISION
ROLE
ACCOUNT
PROFILES - GROUPS
RESOURCE
GROUPS of RESOURCES
SW Inventory
10
IAM components
11
Il nostro approccio Metodologico
12
Identity Access Management
Benefits of IAM

• Short term

• Long term

13

• Grazie
• Giacomo Aimasso
• g.aimasso_at_exoservice.it