Add to collection(s) Add to saved
  1. Business

Identity Management Sergio Fiszman, Ed Koehler, International Telecommunication Union

advertisement 
International Telecommunication Union
ITU-T
Identity Management
Sergio Fiszman,
Sr. Architect,
Nortel CTO organization, sergio@nortel.com
Ed Koehler,
Sr. Architect,
Nortel Enterprise organization, ekoehler@nortel.com
ITU-T Workshop on “Digital Identity for NGN“
Geneva, 5 December 2006
Agenda
ITU-T
o Problem Statements
o Why is it important to address these problems?
o The concept of identity management
o Example - today vs. tomorrow
o Goals
ITU-T Workshop on “Digital Identity for NGN“
Geneva, 5 December 2006
2
Problem Statements
e.g. End-User and Enterprise spaces
ITU-T
END USER
• QoE:
• I have all these IDs and passwords – why can’t my life be simpler and yet secure?
• Every device is different – what do I do when I only have one device?
• Every application I use asks me to log on and verify my credentials
• Service Mobility: What will happen when I roam across different networks and devices?
• Trust: Can I trust enterprises and service providers entities, in a mobile world?
ENTERPRISE
• Regulatory: Sarbanes-Oxley introduces new authentication and access control requirements.
• OpEx: How does identity management and autonomics save TCO money?
• Supply-chain & e-Business:
• How can I control secure access to employees, contractors, suppliers, customers, …?
• How can I expand the boundaries of my enterprise services in a trusted manner?
• Business Processes & Services:
• How can I protect the enterprise assets?
• How can I guarantee security assurance levels with more complex services?
Identity Management is all about trust and is the key to the end user.
It is the underpinning of security and autonomics.
ITU-T Workshop on “Digital Identity for NGN“
Geneva, 5 December 2006
3
ITU-T
Why is it important to address
these problems?
Problem
Expected Solution Results
o QoE: Many Ids and passwords Î
Reduces Cyber fraud and overall OpEx,
while increasing end-user QoE
o Service Mobility
Î
Increases end-user productivity
o Trust
Î
Enables business growth & enterprise
effectiveness
o Business Process & Services Î
Increases client loyalty
o Supply-chain & e-Business
Î
Guarantees security assurance levels
o Regulatory compliance
Î
Offers peace of mind, greater
business agility, and reduces audit costs
ITU-T Workshop on “Digital Identity for NGN“
Geneva, 5 December 2006
4
The Concept of Identity
ITU-T
People have multiple identities
• Work – me@company.com
• Family – me@smith.family
• Hobby – me@icedevils.team
• Volunteer – me@association.org
Connecting users with services and with
others (federation)
PC
Collaboration
PDA
Video
Voice
Telephony
Smart-phone
Whatever
you’re using
(devices)
Cellular
Whatever you’re
doing
IDM
(applications)
IM,
Email
Web
Apps
ERP
Wherever you are
At your Desk
In the Air
(across various access types)
On the Road
Managed Office
At Home
In Town
Essential for trust & security and the operations of converged & virtual networks
ITU-T Workshop on “Digital Identity for NGN“
Geneva, 5 December 2006
5
Federation
ITU-T
S
E
C
U
R
I
T
Y
U
S
E
R
D
E
V
I
C
E
N
E
T
W
O
R
K
S
E
R
V
I
C
E
W
E
B
A
P
P
S*
C
O
N
T
E
N
T
IDM
Definition
Authentication
• Validate users for the
network & service
• Heightened levels of
security
Authorization
(Access Control + Policy)
• Grant users a specific set
of services and access to
information
Accounting
• Enables charging &
• billing
• Simplified audit and
regulatory compliance
Audit
• Reduced admin & help
desk costs
• Enhanced customer
service levels
• Self service
Admin (+ User self-service)
ITU-T Workshop on “Digital Identity for NGN“
Geneva, 5 December 2006
6
Example: Today versus Tomorrow
ITU-T
o Today
•
•
•
•
•
•
•
•
o Tomorrow
Multiple Sign-on
Single level of Assurance
Protection is ad-hoc & manual
Threat may not be contained and
addressed in-time
Tracking is partial. Too many ways
to record interactions
User-stickiness suffers
High cost of ownership
Mobility and Roaming is partial
•
•
•
•
•
•
•
•
Reduced Sign-on
Appropriate level of Assurance
Protection is autonomic
Threat addressed in a timely
manner
Tracking based on session-based
auditing mechanisms
User-stickiness is increased
Lower cost of ownership
Mobility and Roaming under
federation of multiple networks
and service providers
ITU-T Workshop on “Digital Identity for NGN“
Geneva, 5 December 2006
7
Goals
ITU-T
o A generic, open and context aware IDM solution
that preserves the user identity, privacy and
trust
• Allows for secure mobility
o It works in any ecosystem
o It supports any business model
o It complements different federation
methodologies
ITU-T Workshop on “Digital Identity for NGN“
Geneva, 5 December 2006
8
ITU-T
ITU-T Workshop on “Digital Identity for NGN“
Geneva, 5 December 2006
9
Related documents
ITU-T Workshop “Opportunities and Challenges in Home Networking” Abstract
ITU-T Workshop “Opportunities and Challenges in Home Networking” Abstract
Chae Sub LEE
Chae Sub LEE
Download
advertisement