SlideShare ist ein Scribd-Unternehmen logo

Mobile Security - Words like Bring Your Own Device, and Federation sounds familiar?

IBM Danmark
IBM Danmark

w/ Pat Wardrop, Lead architect from IBM Security access management development

Technologie
1 von 19
Downloaden Sie, um offline zu lesen
© 2013 IBM Corporation Mobile Security Identity & Access Maturity Model & Real World Deployments and Architecture Patrick R Wardrop 28 May 2013 Copenhagen, Denmark
1 Topics  IBM’s perspective  Identity & Access Mobile Security Maturity Model  Real World Use cases  Demo & Architecture Walk through
2 Enterprises face mobile security challenges Enabling secure transactions to enterprise applications and data Developing secure applications and ensuring assurance Designing and instituting an adaptive security posture Adapting to BYOD and the consumerization of IT
3 ©2013 IBM CorporationIBM MobileFirst IBM CONFIDENTIAL Managing and securing the mobile device, enterprise, and apps 5 Personal vs. corporate data. Document sync. Secure access. Easy authentication. Mobile-enabled IT & productivity apps. No device control. Malware. Secure transactions. Threat protection. Network monitoring. Rapid application delivery, APIs. Security & monitoring. Device Enterprise Apps Mobile BYOD (B2E) Mobile Transactions (B2C) Mobile adoption patterns point to focus areas around managing risk - across device, network and applications
4 Ensuring Secure Transactions span an integrated approach across Device, Enterprise and Applications  Safe usage of smartphones and tablets in the enterprise  Secure transactions enabling customer confidence  Visibility and security of enterprise mobile platform IBM Mobile Security & Management Strategy Manage Device Register; Set appropriate security policies; compliance; wipe; lock Persona Separation Data separation; data leakage prevention Data Mgmt/Protection Encryption; content (i.e. documents) management & protection; data sync Secure Access Properly identify mobile users & devices; allow or deny access Connectivity, Security Intelligence Security Intelligence, Usage Identify & stop mobile threats Logging events, anomalies Threat Protection content/info; network; transactions App Assurance scanning, analysis certification, Identify application vulnerabilities App Management App performance management. Monitoring. App store, versioning, Update apps App Security api, sdk, application level controls At the Device For the Mobile App Internet Over the Network & Enterprise
5 Current IBM capabilities - Securing the Mobile Enterprise
6 Mobile security intelligence provides deeper insights around security and risk posture of an enterprise, in the context of mobile. Mobile Security Intelligence  Intelligence around malware and advanced threats in mobile enabled enterprise  User identity and device identity correlation, leading to behavior analysis  Geo-fencing, anomaly detection based on device, user, location, and application characteristics Mobile Security Intelligence
7 Topics  IBM’s perspective  Identity & Access Mobile Security Maturity Model  Real World Use cases  Demo & Architecture Walk through
8 Mobile Security: Identity & Access Maturity Model Optimized Access Monitoring & Reporting Content Filtering/Server-Side DLP Access governance / certification to mobile applications Integration with SaaS and BaaS Context / risk-based access Advanced authentication (Bio-metrics, behavior, analytics,..) Proficient Application access management Device registration, authentication and revocation (i.e OAuth) Strong authentication (OTP, Device, .. ) Application VPN Application threat protection (WAF) Connecting client’s reputation Basic Browser based Federated Single Sign-On Server side Single Sign-On Server-side application protection (Authentication, Authorization and Audit, Session Mgmt.)
9 Topics  IBM’s perspective  Identity & Access Mobile Security Maturity Model  Real World Use case  Architecture Walk through & Demo
10 Business challenge: • Automobile customers require secure, personalized access to vehicle information services on their mobile devices • Customers require access to radio, internet and social network services from their telematics systems inside cars Solution: • Security Access Manager along with DataPower • Authentication and Authorization to back-end services • Secure integration and federated single sign-on with third party service providers FIM DataPower Authorization Request Token Request Access Token Access Token Granted Cloud Services Data Center 2 Data Center 1 ISAM Proxy (WebSEAL) Value • Fast time to value and quick integration with partner services • Secure mobile access An Automobile company secures its cloud services access with IBM Security Access Manager & Websphere Datapower
11 Topics  IBM’s perspective  Identity & Access Mobile Security Maturity Model  Real World Use case  Architecture Walk through & Demo
12 Example Architecture IBM Security Access Manager Web Gateway Appliance DMZ IBM Security Federated Identity Manager Application
13 Example Architecture IBM Security Access Manager Web Gateway Appliance DMZ Reverse Proxy WAF (PAM) OAuth RBA X IBM Security Federated Identity Manager OTP RBA OAuth Application
14 Example Architecture IBM Security Access Manager Web Gateway Appliance IBM Security Federated Identity Manager Reverse Proxy OAuth RBA Value: • Identity aware mobile applications • Non-intrusive user experience with reduced risk • Using adaptive (risk-based access) security • Strong authentication only when it’s necessary by using context-based access • Reduce unnecessary barriers • Revocable application instances OTP RBA OAuth X Application DMZ WAF (PAM)
15 Identity-aware Mobile Application Demo: OAuth device registration, identity-aware application, context-aware access & application instance revocation Scenario 1: Oauth device registration and identity-aware application launch Scenario 2: Risk-based access decision that is transaction value aware with strong authentication Scenario 3: Mobile application instance revocation
16 Identity-aware Mobile Application Demo: OAuth device registration, identity-aware application, context-aware access & application instance revocation
17 IBM Security Access Manager Web Gateway Appliance IBM Security Federated Identity Manager Reverse Proxy OAuth RBA OTP RBA OAuth IBM Worklight Server DMZ WAF (PAM) Mobile App WL Runtime Identity-aware Mobile Application Demo Architecture
18 THANK YOU!!!

Empfohlen

CIS13: Avoiding the Pitfalls of Managing IAM for a Hybrid Environment
CIS13: Avoiding the Pitfalls of Managing IAM for a Hybrid EnvironmentCIS13: Avoiding the Pitfalls of Managing IAM for a Hybrid Environment
CIS13: Avoiding the Pitfalls of Managing IAM for a Hybrid Environment
CloudIDSummit
 
Identity Management for the 21st Century IT Mission
Identity Management for the 21st Century IT MissionIdentity Management for the 21st Century IT Mission
Identity Management for the 21st Century IT Mission
CA API Management
 
CIS 2015- Understanding & Managing Discretionary Access: The TAO of Entitleme...
CIS 2015- Understanding & Managing Discretionary Access: The TAO of Entitleme...CIS 2015- Understanding & Managing Discretionary Access: The TAO of Entitleme...
CIS 2015- Understanding & Managing Discretionary Access: The TAO of Entitleme...
CloudIDSummit
 
Sailpoint Training | Best Sailpoint IdentityIQ Online Course -GOT
Sailpoint Training | Best Sailpoint IdentityIQ Online Course -GOTSailpoint Training | Best Sailpoint IdentityIQ Online Course -GOT
Sailpoint Training | Best Sailpoint IdentityIQ Online Course -GOT
Global Online Trainings
 
Identity and Access Management (IAM)
Identity and Access Management (IAM)Identity and Access Management (IAM)
Identity and Access Management (IAM)
Identacor
 
IBM Security Identity & Access Manager
IBM Security Identity & Access ManagerIBM Security Identity & Access Manager
IBM Security Identity & Access Manager
IBM Sverige
 
The Path to IAM Maturity
The Path to IAM MaturityThe Path to IAM Maturity
The Path to IAM Maturity
Jerod Brennen
 
Identity & Access Management by K. K. Mookhey
Identity & Access Management by K. K. MookheyIdentity & Access Management by K. K. Mookhey
Identity & Access Management by K. K. Mookhey
Network Intelligence India
 

Empfohlen

CIS13: Avoiding the Pitfalls of Managing IAM for a Hybrid Environment
CIS13: Avoiding the Pitfalls of Managing IAM for a Hybrid EnvironmentCIS13: Avoiding the Pitfalls of Managing IAM for a Hybrid Environment
CIS13: Avoiding the Pitfalls of Managing IAM for a Hybrid Environment
CloudIDSummit
 
Identity Management for the 21st Century IT Mission
Identity Management for the 21st Century IT MissionIdentity Management for the 21st Century IT Mission
Identity Management for the 21st Century IT Mission
CA API Management
 
CIS 2015- Understanding & Managing Discretionary Access: The TAO of Entitleme...
CIS 2015- Understanding & Managing Discretionary Access: The TAO of Entitleme...CIS 2015- Understanding & Managing Discretionary Access: The TAO of Entitleme...
CIS 2015- Understanding & Managing Discretionary Access: The TAO of Entitleme...
CloudIDSummit
 
Sailpoint Training | Best Sailpoint IdentityIQ Online Course -GOT
Sailpoint Training | Best Sailpoint IdentityIQ Online Course -GOTSailpoint Training | Best Sailpoint IdentityIQ Online Course -GOT
Sailpoint Training | Best Sailpoint IdentityIQ Online Course -GOT
Global Online Trainings
 
Identity and Access Management (IAM)
Identity and Access Management (IAM)Identity and Access Management (IAM)
Identity and Access Management (IAM)
Identacor
 
IBM Security Identity & Access Manager
IBM Security Identity & Access ManagerIBM Security Identity & Access Manager
IBM Security Identity & Access Manager
IBM Sverige
 
The Path to IAM Maturity
The Path to IAM MaturityThe Path to IAM Maturity
The Path to IAM Maturity
Jerod Brennen
 
Identity & Access Management by K. K. Mookhey
Identity & Access Management by K. K. MookheyIdentity & Access Management by K. K. Mookhey
Identity & Access Management by K. K. Mookhey
Network Intelligence India
 
Intel IT's Identity and Access Management Journey
Intel IT's Identity and Access Management JourneyIntel IT's Identity and Access Management Journey
Intel IT's Identity and Access Management Journey
Intel IT Center
 
SAP Identity Management Overview
SAP Identity Management OverviewSAP Identity Management Overview
SAP Identity Management Overview
SAP Technology
 
Identiverse 2021 enterprise identity: What foundations
Identiverse 2021 enterprise identity: What foundationsIdentiverse 2021 enterprise identity: What foundations
Identiverse 2021 enterprise identity: What foundations
Bertrand Carlier
 
SailPoint - IdentityNow Identity Governance
SailPoint - IdentityNow Identity GovernanceSailPoint - IdentityNow Identity Governance
SailPoint - IdentityNow Identity Governance
Arijan Horvat
 
Privileged Access Management (PAM)
Privileged Access Management (PAM)Privileged Access Management (PAM)
Privileged Access Management (PAM)
danb02
 
Identity & access management
Identity & access managementIdentity & access management
Identity & access management
Vandana Verma
 
Building an Effective Identity Management Strategy
Building an Effective Identity Management StrategyBuilding an Effective Identity Management Strategy
Building an Effective Identity Management Strategy
NetIQ
 
Identity and Access Management 101
Identity and Access Management 101Identity and Access Management 101
Identity and Access Management 101
Jerod Brennen
 
Sailpoint Online Training on IAM overview
Sailpoint Online Training on IAM overviewSailpoint Online Training on IAM overview
Sailpoint Online Training on IAM overview
ITJobZone.biz
 
IDENTITY ACCESS MANAGEMENT
IDENTITY ACCESS MANAGEMENTIDENTITY ACCESS MANAGEMENT
IDENTITY ACCESS MANAGEMENT
Prof. Jacques Folon (Ph.D)
 
Identity & Access Management - Securing Your Data in the 21st Century Enterprise
Identity & Access Management - Securing Your Data in the 21st Century EnterpriseIdentity & Access Management - Securing Your Data in the 21st Century Enterprise
Identity & Access Management - Securing Your Data in the 21st Century Enterprise
Lance Peterman
 
Large Scale User Provisioning with Hitachi ID Identity Manager
Large Scale User Provisioning with Hitachi ID Identity ManagerLarge Scale User Provisioning with Hitachi ID Identity Manager
Large Scale User Provisioning with Hitachi ID Identity Manager
Hitachi ID Systems, Inc.
 
Iam suite introduction
Iam suite introductionIam suite introduction
Iam suite introduction
wardell henley
 
Identity and Access Management
Identity and Access ManagementIdentity and Access Management
Identity and Access Management
Prashanth BS
 
Identity and Access Management Introduction
Identity and Access Management IntroductionIdentity and Access Management Introduction
Identity and Access Management Introduction
Aidy Tificate
 
Identity and Access Management - Data modeling concepts
Identity and Access Management - Data modeling conceptsIdentity and Access Management - Data modeling concepts
Identity and Access Management - Data modeling concepts
Alain Huet
 
ITIL - IAM (Access Management)
ITIL - IAM (Access Management)ITIL - IAM (Access Management)
ITIL - IAM (Access Management)
Josep Bardallo
 
CA Technologies and Deloitte: Unleash and Protect your Business with Identity...
CA Technologies and Deloitte: Unleash and Protect your Business with Identity...CA Technologies and Deloitte: Unleash and Protect your Business with Identity...
CA Technologies and Deloitte: Unleash and Protect your Business with Identity...
CA Technologies
 
Developing an IAM Roadmap that Fits Your Business
Developing an IAM Roadmap that Fits Your BusinessDeveloping an IAM Roadmap that Fits Your Business
Developing an IAM Roadmap that Fits Your Business
ForgeRock
 
5 reasons your iam solution will fail
5 reasons your iam solution will fail5 reasons your iam solution will fail
5 reasons your iam solution will fail
IBM Security
 
MDM is not Enough - Parmelee
MDM is not Enough - Parmelee MDM is not Enough - Parmelee
MDM is not Enough - Parmelee
Prolifics
 
In Today's Complex Multi Perimeter World, Are You Doing Enough to Secure Acce...
In Today's Complex Multi Perimeter World, Are You Doing Enough to Secure Acce...In Today's Complex Multi Perimeter World, Are You Doing Enough to Secure Acce...
In Today's Complex Multi Perimeter World, Are You Doing Enough to Secure Acce...
IBM Security
 

Weitere ähnliche Inhalte

Was ist angesagt?

Privileged Access Management (PAM)
Privileged Access Management (PAM)Privileged Access Management (PAM)
Privileged Access Management (PAM)
danb02
 
Building an Effective Identity Management Strategy
Building an Effective Identity Management StrategyBuilding an Effective Identity Management Strategy
Building an Effective Identity Management Strategy
NetIQ
 
Iam suite introduction
Iam suite introductionIam suite introduction
Iam suite introduction
wardell henley
 
CA Technologies and Deloitte: Unleash and Protect your Business with Identity...
CA Technologies and Deloitte: Unleash and Protect your Business with Identity...CA Technologies and Deloitte: Unleash and Protect your Business with Identity...
CA Technologies and Deloitte: Unleash and Protect your Business with Identity...
CA Technologies
 
5 reasons your iam solution will fail
5 reasons your iam solution will fail5 reasons your iam solution will fail
5 reasons your iam solution will fail
IBM Security
 

Was ist angesagt? (20)

Intel IT's Identity and Access Management Journey
Intel IT's Identity and Access Management JourneyIntel IT's Identity and Access Management Journey
Intel IT's Identity and Access Management Journey
 
SAP Identity Management Overview
SAP Identity Management OverviewSAP Identity Management Overview
SAP Identity Management Overview
 
Identiverse 2021 enterprise identity: What foundations
Identiverse 2021 enterprise identity: What foundationsIdentiverse 2021 enterprise identity: What foundations
Identiverse 2021 enterprise identity: What foundations
 
SailPoint - IdentityNow Identity Governance
SailPoint - IdentityNow Identity GovernanceSailPoint - IdentityNow Identity Governance
SailPoint - IdentityNow Identity Governance
 
Privileged Access Management (PAM)
Privileged Access Management (PAM)Privileged Access Management (PAM)
Privileged Access Management (PAM)
 
Identity & access management
Identity & access managementIdentity & access management
Identity & access management
 
Building an Effective Identity Management Strategy
Building an Effective Identity Management StrategyBuilding an Effective Identity Management Strategy
Building an Effective Identity Management Strategy
 
Identity and Access Management 101
Identity and Access Management 101Identity and Access Management 101
Identity and Access Management 101
 
Sailpoint Online Training on IAM overview
Sailpoint Online Training on IAM overviewSailpoint Online Training on IAM overview
Sailpoint Online Training on IAM overview
 
IDENTITY ACCESS MANAGEMENT
IDENTITY ACCESS MANAGEMENTIDENTITY ACCESS MANAGEMENT
IDENTITY ACCESS MANAGEMENT
 
Identity & Access Management - Securing Your Data in the 21st Century Enterprise
Identity & Access Management - Securing Your Data in the 21st Century EnterpriseIdentity & Access Management - Securing Your Data in the 21st Century Enterprise
Identity & Access Management - Securing Your Data in the 21st Century Enterprise
 
Large Scale User Provisioning with Hitachi ID Identity Manager
Large Scale User Provisioning with Hitachi ID Identity ManagerLarge Scale User Provisioning with Hitachi ID Identity Manager
Large Scale User Provisioning with Hitachi ID Identity Manager
 
Iam suite introduction
Iam suite introductionIam suite introduction
Iam suite introduction
 
Identity and Access Management
Identity and Access ManagementIdentity and Access Management
Identity and Access Management
 
Identity and Access Management Introduction
Identity and Access Management IntroductionIdentity and Access Management Introduction
Identity and Access Management Introduction
 
Identity and Access Management - Data modeling concepts
Identity and Access Management - Data modeling conceptsIdentity and Access Management - Data modeling concepts
Identity and Access Management - Data modeling concepts
 
ITIL - IAM (Access Management)
ITIL - IAM (Access Management)ITIL - IAM (Access Management)
ITIL - IAM (Access Management)
 
CA Technologies and Deloitte: Unleash and Protect your Business with Identity...
CA Technologies and Deloitte: Unleash and Protect your Business with Identity...CA Technologies and Deloitte: Unleash and Protect your Business with Identity...
CA Technologies and Deloitte: Unleash and Protect your Business with Identity...
 
Developing an IAM Roadmap that Fits Your Business
Developing an IAM Roadmap that Fits Your BusinessDeveloping an IAM Roadmap that Fits Your Business
Developing an IAM Roadmap that Fits Your Business
 
5 reasons your iam solution will fail
5 reasons your iam solution will fail5 reasons your iam solution will fail
5 reasons your iam solution will fail
 

Ähnlich wie Mobile Security - Words like Bring Your Own Device, and Federation sounds familiar?

In Today's Complex Multi Perimeter World, Are You Doing Enough to Secure Acce...
In Today's Complex Multi Perimeter World, Are You Doing Enough to Secure Acce...In Today's Complex Multi Perimeter World, Are You Doing Enough to Secure Acce...
In Today's Complex Multi Perimeter World, Are You Doing Enough to Secure Acce...
IBM Security
 
Surviving the Mobile Phenomenon: Securing Mobile Access with Risk-Based Authe...
Surviving the Mobile Phenomenon: Securing Mobile Access with Risk-Based Authe...Surviving the Mobile Phenomenon: Securing Mobile Access with Risk-Based Authe...
Surviving the Mobile Phenomenon: Securing Mobile Access with Risk-Based Authe...
IBM Security
 
IBM Mobile Security: A Comprehensive Approach to Securing and Managing the Mo...
IBM Mobile Security: A Comprehensive Approach to Securing and Managing the Mo...IBM Mobile Security: A Comprehensive Approach to Securing and Managing the Mo...
IBM Mobile Security: A Comprehensive Approach to Securing and Managing the Mo...
IBM Security
 
Surviving the Mobile Phenomenon: Protecting Devices without Disrupting the Us...
Surviving the Mobile Phenomenon: Protecting Devices without Disrupting the Us...Surviving the Mobile Phenomenon: Protecting Devices without Disrupting the Us...
Surviving the Mobile Phenomenon: Protecting Devices without Disrupting the Us...
IBM Security
 
Améliorer la productivité des employés et se protéger contre les menaces ...
Améliorer la productivité des employés et se protéger contre les menaces ...Améliorer la productivité des employés et se protéger contre les menaces ...
Améliorer la productivité des employés et se protéger contre les menaces ...
AGILLY
 
Ibm fiberlink analyst presentation nov 13 final
Ibm fiberlink analyst presentation nov 13 finalIbm fiberlink analyst presentation nov 13 final
Ibm fiberlink analyst presentation nov 13 final
Cleophas Kipruto
 
Are Cloud Apps the Invisible Man?
Are Cloud Apps the Invisible Man?Are Cloud Apps the Invisible Man?
Are Cloud Apps the Invisible Man?
IBM Security
 

Ähnlich wie Mobile Security - Words like Bring Your Own Device, and Federation sounds familiar? (20)

MDM is not Enough - Parmelee
MDM is not Enough - Parmelee MDM is not Enough - Parmelee
MDM is not Enough - Parmelee
 
In Today's Complex Multi Perimeter World, Are You Doing Enough to Secure Acce...
In Today's Complex Multi Perimeter World, Are You Doing Enough to Secure Acce...In Today's Complex Multi Perimeter World, Are You Doing Enough to Secure Acce...
In Today's Complex Multi Perimeter World, Are You Doing Enough to Secure Acce...
 
Surviving the Mobile Phenomenon: Securing Mobile Access with Risk-Based Authe...
Surviving the Mobile Phenomenon: Securing Mobile Access with Risk-Based Authe...Surviving the Mobile Phenomenon: Securing Mobile Access with Risk-Based Authe...
Surviving the Mobile Phenomenon: Securing Mobile Access with Risk-Based Authe...
 
Ibm mobile first protect (maas360)
Ibm mobile first protect (maas360)Ibm mobile first protect (maas360)
Ibm mobile first protect (maas360)
 
IBM MobileFirst Reference Architecture 1512 v3 2015
IBM MobileFirst Reference Architecture 1512 v3 2015IBM MobileFirst Reference Architecture 1512 v3 2015
IBM MobileFirst Reference Architecture 1512 v3 2015
 
IBM Mobile Security: A Comprehensive Approach to Securing and Managing the Mo...
IBM Mobile Security: A Comprehensive Approach to Securing and Managing the Mo...IBM Mobile Security: A Comprehensive Approach to Securing and Managing the Mo...
IBM Mobile Security: A Comprehensive Approach to Securing and Managing the Mo...
 
Cloud Security: What you need to know about IBM SmartCloud Security
Cloud Security: What you need to know about IBM SmartCloud SecurityCloud Security: What you need to know about IBM SmartCloud Security
Cloud Security: What you need to know about IBM SmartCloud Security
 
IBM Announce Intent to Acquire Fiberlink Analyst Presentation
IBM Announce Intent to Acquire Fiberlink Analyst PresentationIBM Announce Intent to Acquire Fiberlink Analyst Presentation
IBM Announce Intent to Acquire Fiberlink Analyst Presentation
 
IBM Security Portfolio - 2015
IBM Security Portfolio - 2015IBM Security Portfolio - 2015
IBM Security Portfolio - 2015
 
IBM Maas360 with Watson
IBM Maas360 with WatsonIBM Maas360 with Watson
IBM Maas360 with Watson
 
IBM MaaS360 with watson
IBM MaaS360 with watsonIBM MaaS360 with watson
IBM MaaS360 with watson
 
Udløs potentialet i Enterprise Mobility, Vijay Dheap, IBM US
Udløs potentialet i Enterprise Mobility, Vijay Dheap, IBM USUdløs potentialet i Enterprise Mobility, Vijay Dheap, IBM US
Udløs potentialet i Enterprise Mobility, Vijay Dheap, IBM US
 
Information Risk and Protection
Information Risk and ProtectionInformation Risk and Protection
Information Risk and Protection
 
Surviving the Mobile Phenomenon: Protecting Devices without Disrupting the Us...
Surviving the Mobile Phenomenon: Protecting Devices without Disrupting the Us...Surviving the Mobile Phenomenon: Protecting Devices without Disrupting the Us...
Surviving the Mobile Phenomenon: Protecting Devices without Disrupting the Us...
 
Améliorer la productivité des employés et se protéger contre les menaces ...
Améliorer la productivité des employés et se protéger contre les menaces ...Améliorer la productivité des employés et se protéger contre les menaces ...
Améliorer la productivité des employés et se protéger contre les menaces ...
 
Ibm fiberlink analyst presentation nov 13 final
Ibm fiberlink analyst presentation nov 13 finalIbm fiberlink analyst presentation nov 13 final
Ibm fiberlink analyst presentation nov 13 final
 
Presentation cloud security the grand challenge
Presentation cloud security the grand challengePresentation cloud security the grand challenge
Presentation cloud security the grand challenge
 
Pulse 2014.mobile first.security
Pulse 2014.mobile first.securityPulse 2014.mobile first.security
Pulse 2014.mobile first.security
 
IBM Cloud Security Enforcer
IBM Cloud Security EnforcerIBM Cloud Security Enforcer
IBM Cloud Security Enforcer
 
Are Cloud Apps the Invisible Man?
Are Cloud Apps the Invisible Man?Are Cloud Apps the Invisible Man?
Are Cloud Apps the Invisible Man?
 

Mehr von IBM Danmark

DevOps, Development and Operations, Tina McGinley
DevOps, Development and Operations, Tina McGinleyDevOps, Development and Operations, Tina McGinley
DevOps, Development and Operations, Tina McGinley
IBM Danmark
 
Velkomst, Universitetssporet 2013, Pia Rønhøj
Velkomst, Universitetssporet 2013, Pia RønhøjVelkomst, Universitetssporet 2013, Pia Rønhøj
Velkomst, Universitetssporet 2013, Pia Rønhøj
IBM Danmark
 
Smarter Commerce, Salg og Marketing, Thomas Steglich-Andersen
Smarter Commerce, Salg og Marketing, Thomas Steglich-AndersenSmarter Commerce, Salg og Marketing, Thomas Steglich-Andersen
Smarter Commerce, Salg og Marketing, Thomas Steglich-Andersen
IBM Danmark
 
Mobile, Philip Nyborg
Mobile, Philip NyborgMobile, Philip Nyborg
Mobile, Philip Nyborg
IBM Danmark
 
IT innovation, Kim Escherich
IT innovation, Kim EscherichIT innovation, Kim Escherich
IT innovation, Kim Escherich
IBM Danmark
 
Echo.IT, Stefan K. Madsen
Echo.IT, Stefan K. MadsenEcho.IT, Stefan K. Madsen
Echo.IT, Stefan K. Madsen
IBM Danmark
 
Big Data & Analytics, Peter Jönsson
Big Data & Analytics, Peter JönssonBig Data & Analytics, Peter Jönsson
Big Data & Analytics, Peter Jönsson
IBM Danmark
 
Social Business, Alice Bayer
Social Business, Alice BayerSocial Business, Alice Bayer
Social Business, Alice Bayer
IBM Danmark
 
Future of Power: Power Strategy and Offerings for Denmark - Steve Sibley
Future of Power: Power Strategy and Offerings for Denmark - Steve SibleyFuture of Power: Power Strategy and Offerings for Denmark - Steve Sibley
Future of Power: Power Strategy and Offerings for Denmark - Steve Sibley
IBM Danmark
 

Mehr von IBM Danmark (20)

DevOps, Development and Operations, Tina McGinley
DevOps, Development and Operations, Tina McGinleyDevOps, Development and Operations, Tina McGinley
DevOps, Development and Operations, Tina McGinley
 
Velkomst, Universitetssporet 2013, Pia Rønhøj
Velkomst, Universitetssporet 2013, Pia RønhøjVelkomst, Universitetssporet 2013, Pia Rønhøj
Velkomst, Universitetssporet 2013, Pia Rønhøj
 
Smarter Commerce, Salg og Marketing, Thomas Steglich-Andersen
Smarter Commerce, Salg og Marketing, Thomas Steglich-AndersenSmarter Commerce, Salg og Marketing, Thomas Steglich-Andersen
Smarter Commerce, Salg og Marketing, Thomas Steglich-Andersen
 
Mobile, Philip Nyborg
Mobile, Philip NyborgMobile, Philip Nyborg
Mobile, Philip Nyborg
 
IT innovation, Kim Escherich
IT innovation, Kim EscherichIT innovation, Kim Escherich
IT innovation, Kim Escherich
 
Echo.IT, Stefan K. Madsen
Echo.IT, Stefan K. MadsenEcho.IT, Stefan K. Madsen
Echo.IT, Stefan K. Madsen
 
Big Data & Analytics, Peter Jönsson
Big Data & Analytics, Peter JönssonBig Data & Analytics, Peter Jönsson
Big Data & Analytics, Peter Jönsson
 
Social Business, Alice Bayer
Social Business, Alice BayerSocial Business, Alice Bayer
Social Business, Alice Bayer
 
Numascale Product IBM
Numascale Product IBMNumascale Product IBM
Numascale Product IBM
 
Mellanox IBM
Mellanox IBMMellanox IBM
Mellanox IBM
 
Intel HPC Update
Intel HPC UpdateIntel HPC Update
Intel HPC Update
 
IBM general parallel file system - introduction
IBM general parallel file system - introductionIBM general parallel file system - introduction
IBM general parallel file system - introduction
 
NeXtScale HPC seminar
NeXtScale HPC seminarNeXtScale HPC seminar
NeXtScale HPC seminar
 
Future of Power: PowerLinux - Jan Kristian Nielsen
Future of Power: PowerLinux - Jan Kristian NielsenFuture of Power: PowerLinux - Jan Kristian Nielsen
Future of Power: PowerLinux - Jan Kristian Nielsen
 
Future of Power: Power Strategy and Offerings for Denmark - Steve Sibley
Future of Power: Power Strategy and Offerings for Denmark - Steve SibleyFuture of Power: Power Strategy and Offerings for Denmark - Steve Sibley
Future of Power: Power Strategy and Offerings for Denmark - Steve Sibley
 
Future of Power: Big Data - Søren Ravn
Future of Power: Big Data - Søren RavnFuture of Power: Big Data - Søren Ravn
Future of Power: Big Data - Søren Ravn
 
Future of Power: IBM PureFlex - Kim Mortensen
Future of Power: IBM PureFlex - Kim MortensenFuture of Power: IBM PureFlex - Kim Mortensen
Future of Power: IBM PureFlex - Kim Mortensen
 
Future of Power: IBM Trends & Directions - Erik Rex
Future of Power: IBM Trends & Directions - Erik RexFuture of Power: IBM Trends & Directions - Erik Rex
Future of Power: IBM Trends & Directions - Erik Rex
 
Future of Power: Håndtering af nye teknologier - Kim Escherich
Future of Power: Håndtering af nye teknologier - Kim EscherichFuture of Power: Håndtering af nye teknologier - Kim Escherich
Future of Power: Håndtering af nye teknologier - Kim Escherich
 
Future of Power - Lars Mikkelgaard-Jensen
Future of Power - Lars Mikkelgaard-JensenFuture of Power - Lars Mikkelgaard-Jensen
Future of Power - Lars Mikkelgaard-Jensen
 

Kürzlich hochgeladen

08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
Delhi Call girls
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
Delhi Call girls
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
Earley Information Science
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 

Kürzlich hochgeladen (20)

Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdf
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 

Mobile Security - Words like Bring Your Own Device, and Federation sounds familiar?

  • 1. © 2013 IBM Corporation Mobile Security Identity & Access Maturity Model & Real World Deployments and Architecture Patrick R Wardrop 28 May 2013 Copenhagen, Denmark
  • 2. 1 Topics  IBM’s perspective  Identity & Access Mobile Security Maturity Model  Real World Use cases  Demo & Architecture Walk through
  • 3. 2 Enterprises face mobile security challenges Enabling secure transactions to enterprise applications and data Developing secure applications and ensuring assurance Designing and instituting an adaptive security posture Adapting to BYOD and the consumerization of IT
  • 4. 3 ©2013 IBM CorporationIBM MobileFirst IBM CONFIDENTIAL Managing and securing the mobile device, enterprise, and apps 5 Personal vs. corporate data. Document sync. Secure access. Easy authentication. Mobile-enabled IT & productivity apps. No device control. Malware. Secure transactions. Threat protection. Network monitoring. Rapid application delivery, APIs. Security & monitoring. Device Enterprise Apps Mobile BYOD (B2E) Mobile Transactions (B2C) Mobile adoption patterns point to focus areas around managing risk - across device, network and applications
  • 5. 4 Ensuring Secure Transactions span an integrated approach across Device, Enterprise and Applications  Safe usage of smartphones and tablets in the enterprise  Secure transactions enabling customer confidence  Visibility and security of enterprise mobile platform IBM Mobile Security & Management Strategy Manage Device Register; Set appropriate security policies; compliance; wipe; lock Persona Separation Data separation; data leakage prevention Data Mgmt/Protection Encryption; content (i.e. documents) management & protection; data sync Secure Access Properly identify mobile users & devices; allow or deny access Connectivity, Security Intelligence Security Intelligence, Usage Identify & stop mobile threats Logging events, anomalies Threat Protection content/info; network; transactions App Assurance scanning, analysis certification, Identify application vulnerabilities App Management App performance management. Monitoring. App store, versioning, Update apps App Security api, sdk, application level controls At the Device For the Mobile App Internet Over the Network & Enterprise
  • 6. 5 Current IBM capabilities - Securing the Mobile Enterprise
  • 7. 6 Mobile security intelligence provides deeper insights around security and risk posture of an enterprise, in the context of mobile. Mobile Security Intelligence  Intelligence around malware and advanced threats in mobile enabled enterprise  User identity and device identity correlation, leading to behavior analysis  Geo-fencing, anomaly detection based on device, user, location, and application characteristics Mobile Security Intelligence
  • 8. 7 Topics  IBM’s perspective  Identity & Access Mobile Security Maturity Model  Real World Use cases  Demo & Architecture Walk through
  • 9. 8 Mobile Security: Identity & Access Maturity Model Optimized Access Monitoring & Reporting Content Filtering/Server-Side DLP Access governance / certification to mobile applications Integration with SaaS and BaaS Context / risk-based access Advanced authentication (Bio-metrics, behavior, analytics,..) Proficient Application access management Device registration, authentication and revocation (i.e OAuth) Strong authentication (OTP, Device, .. ) Application VPN Application threat protection (WAF) Connecting client’s reputation Basic Browser based Federated Single Sign-On Server side Single Sign-On Server-side application protection (Authentication, Authorization and Audit, Session Mgmt.)
  • 10. 9 Topics  IBM’s perspective  Identity & Access Mobile Security Maturity Model  Real World Use case  Architecture Walk through & Demo
  • 11. 10 Business challenge: • Automobile customers require secure, personalized access to vehicle information services on their mobile devices • Customers require access to radio, internet and social network services from their telematics systems inside cars Solution: • Security Access Manager along with DataPower • Authentication and Authorization to back-end services • Secure integration and federated single sign-on with third party service providers FIM DataPower Authorization Request Token Request Access Token Access Token Granted Cloud Services Data Center 2 Data Center 1 ISAM Proxy (WebSEAL) Value • Fast time to value and quick integration with partner services • Secure mobile access An Automobile company secures its cloud services access with IBM Security Access Manager & Websphere Datapower
  • 12. 11 Topics  IBM’s perspective  Identity & Access Mobile Security Maturity Model  Real World Use case  Architecture Walk through & Demo
  • 13. 12 Example Architecture IBM Security Access Manager Web Gateway Appliance DMZ IBM Security Federated Identity Manager Application
  • 14. 13 Example Architecture IBM Security Access Manager Web Gateway Appliance DMZ Reverse Proxy WAF (PAM) OAuth RBA X IBM Security Federated Identity Manager OTP RBA OAuth Application
  • 15. 14 Example Architecture IBM Security Access Manager Web Gateway Appliance IBM Security Federated Identity Manager Reverse Proxy OAuth RBA Value: • Identity aware mobile applications • Non-intrusive user experience with reduced risk • Using adaptive (risk-based access) security • Strong authentication only when it’s necessary by using context-based access • Reduce unnecessary barriers • Revocable application instances OTP RBA OAuth X Application DMZ WAF (PAM)
  • 16. 15 Identity-aware Mobile Application Demo: OAuth device registration, identity-aware application, context-aware access & application instance revocation Scenario 1: Oauth device registration and identity-aware application launch Scenario 2: Risk-based access decision that is transaction value aware with strong authentication Scenario 3: Mobile application instance revocation
  • 17. 16 Identity-aware Mobile Application Demo: OAuth device registration, identity-aware application, context-aware access & application instance revocation
  • 18. 17 IBM Security Access Manager Web Gateway Appliance IBM Security Federated Identity Manager Reverse Proxy OAuth RBA OTP RBA OAuth IBM Worklight Server DMZ WAF (PAM) Mobile App WL Runtime Identity-aware Mobile Application Demo Architecture