3. Security architecture
● Identity and Access Management
● Mobile and ubiquitous devices
● The cloud and as-a-service model
4. I think therefore... IAM!
● Identity and Access Management
● Great opportunities for IAM in your SecArch
● Rally to me!
● Kicking the devil's dog
5. IAM benefits
● Cost-effective
● e.g. Limited budget; fixed-price projects.
● Robust
● e.g History of fault-tolerance and HA.
● Secure
● No option: Owners and providers want assurance.
● Claims based
● Flexible, extensible, aligned
6. We can leave the 20th century
Client 1 Client 2 Client 3
Internet Internet Internet
Services 1 Aggregate some services
Services 2 Services 3
Database 1 Merge
Database 2 Database 3
Dir 1 Dir 2 Dir 3
some
directories
7. And then we can have nice things
Client Client
Client
Internet
IdP Etc
Dir
Infrastructural sec services
Prov4
Prov1
Prov2 Prov3
8. Fun with mobiles
● Rocks and hard places
● Opportunities for enhanced services
● Marty McFly still lives!
● Platforms and lava lamps
● The users are all primed to go
● I want a flashing one, with the lot!
9.
10. Who's to know?
● Dr Gerry McCartney
● Stuxnet, Flame, Duqu and Zeus
● Bangs and whispers
11. Don't be sad
● RDRBA is your key
● Fight the battles you can win
● Thin out the threatscape
● Coral the zombies
● Two is better than one
14. Monoliths and memorials
● RDRBA will guide you
● Clouds, silver bullets and planning
Client
Presentation
Security infrastructure
Backup and DR
Virtualisation
Logic
Data store
Network
● What will you get and what will you lose?