Pulsen IAM: Del 2 Trender och teknik för morgondagens utmaningar Tobias Ljunggren, PULSEN
AUTHENTICATION OF TOMORROW Strong authentication simpler than user name and password Solutions for web, desktop and legacy Different methods for different requirements OTP PKI (both own and as part of the solution) Can be used for both identification and digital signatures High level of assurance Supports eidas Today's common goods
FEDERATION THE SOLUTION OF B2B & B2C?
FEDERATION BACK TO THE FUTURE! Amazon Azure Google Facebook LinkedIn
SUPPORTING THE BUSINESS NEEDS HYBRID IS EVERYTHING Hybrid from a B2B perspective must support smooth transition from aas IDP to on-prem IDP as well as locally governed authorizations for high sensitive information Legacy, sensitive information On-prem Hybrid IDaaS Preferred B2B & B2C
RISK BASED AUTHENTICATION NEXT GENERATION OF AUTHENTICATION Analytics that combine what we know about the context with patterns of what's expected (and what isn t) is a key. You authenticate to view, add or change information. Without proper classification Risk Based Authentication is just for fun. Do you even need to authenticate? (How sure is Google about who you are without you telling them?)
EIDAS, EFOS, SVENSKA PASS, FREJA EID EU-förordningen eidas ((EU) nr 910/2014) innebär att det från och med den 29 september 2018 är obligatoriskt för offentliga myndigheter att tillåta inloggning även med utländska e- legitimationer. Norge, Island och Liechtenstein ingår också i regelverket. Det är därför viktigt att tänka på eidas-förordningen både som möjlighet och som lagkrav i behovsanalyser, budgetering, projektplanering och kravställning. E-legitimationsnämnden
EIDAS, EFOS, SVENSKA PASS, FREJA EID Lagkravet omfattar de e-tjänster som inom landet erkänner e- legitimationer på minst tillitsnivå väsentlig, vilket ungefär motsvarar alla e-tjänster där man loggar in med exempelvis BankID eller Mobilt BankID. Notera att eidas-förordningen alltså även gäller för de offentliga, digitala tjänster med minst tillitsnivå väsentlig som inte har några målgrupper i utlandet. E-legitimationsnämnden
PULSEN MATURITY MODEL Initial Developing Defined Managed Optimized Identity Governance and Administration (IGA) AD HOC Manual processes on demand IT DRIVEN Life cycle management of internal users Provisioning of directory services (AD) Password Self Service Basic support for Access Governance GOVERNED Life cycle management of external B2B users Self Service and workflows Delegated administration Simple role management with few business roles Scheduled reviews Information quality assurance BUSINESS DRIVEN Life cycle management of B2C Life cycle management and processes for privileged users Analytics IoT Risk based reviews Automatic fulfilment of reviews and self service INNOVATION DRIVEN Holistic identity model Comprehensive solution for identities in the cloud, locally and hybrid Role management with both business roles and technical roles, supported by business policies Event driven adaptive governance Reviews of permissions authorizations Access Management BASIC Username and password in local repositories CONNECTED Password synchronization Simple federation CENTRALISED Central source for authentication Multi factor authentication Authentication using different methods Combined digital and physical access Advanced federation RISK DRIVEN Risk based authentication Support for secure authentication of privileged users INTELLIGENCE DRIVEN Adaptive authentication Support for hybrid scenarios Attribute and policy based authorization
Value DEPLOYMENT MODEL Fast ROI LOW-HANGING FRUITS Risk Access Certification Access Self Service Password Self Service Identity Self Service Helpdesk Administration Advanced (keep it simple) Authentication
Tobias Ljunggren tobias.ljunggren@pulsen.se tljunggren@gmail.com +46 734 213286
11:30 PRISMA (IAM) Runda bord: Från strategi till verklighet, hur skapar vi en lösning som stöttar användaren, Tobias Ljunggren GALA 1 (Security) Runda bord: Aktuella frågor kring GDPR och IT-juridik, Agnes Hammarstrand GALA 2 (Integration) Runda bord: Framtidens integrationsbehov, Sebastian Pettersson, Björn Wallin och Dick Orrmyr