SlideShare ist ein Scribd-Unternehmen logo

Common Challenges of Identity Management and Federated Single Sign-On in a SaaS World

CA Technologies
CA Technologies

This session explores common challenges and solutions associated with Identity and Access Management for SaaS, including topics such as federation vs form fill for single sign on, identity lifecycle management best practices and retaining data when de-provisioning. It also covers what to look for as a SaaS consumer and what to build as a SaaS inventor. Seating is limited and available first come-first served. For more information, please visit http://cainc.to/Nv2VOe

Technologie
1 von 23
Common Challenges of Identity Management and Federated Single Sign-On in a SaaS World Phil Tidmarsh Security CA Technologies VP, Engineering Services SCT18T @CASecurity #CAWorld
2 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD © 2015 CA. All rights reserved. All trademarks referenced herein belong to their respective companies. The content provided in this CA World 2015 presentation is intended for informational purposes only and does not form any type of warranty. The information provided by a CA partner and/or CA customer has not been reviewed for accuracy by CA. For Informational Purposes Only Terms of this Presentation
3 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD Abstract This session explores common challenges and solutions associated with identity and access management for SaaS. We will discuss topics such as single sign-on, federation vs form fill and identity lifecycle management, including some best practices like retaining data when de- provisioning. It also covers what to look for as a SaaS consumer and what to build as a SaaS inventor. Phil Tidmarsh CA Technologies Vice President, Engineering Services and acting Product Manager, CA Secure Cloud
4 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD Agenda THE CONCLUSION WHAT’S THE GOAL? BUSINESS CHALLENGE COMMON IDENTITY & ACCESS MANAGEMENT METHODS COMMON SINGLE SIGN-ON METHODS 1 2 3 4 5 SAAS INVENTOR VS. SAAS ADOPTER6
5 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD The conclusion… SCIM System for Cross-domain Identity Management The SCIM standard was created to simplify user management in the cloud by defining a schema for representing users and groups and a REST API for all the necessary CRUD operations. SCIM is developed under the Internet Engineering Task Force (IETF®). SAML Security Assertion Markup Language An XML-based, open-standard data format for exchanging authentication and authorization data between parties, in particular, between an identity provider and a service provider. SAML is a product of the OASIS® Security Services Technical Committee.
6 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD What’s the goal?  User experience  Time-to-Value  Total Cost of Ownership  Compliance
7 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD Shopping for Cloud Apps
8 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD Authentication Authorisation State
9 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD Cloud App Identity and Access Management (IAM) Cloud App Requirements  Does it meet the business requirements?  Does it deliver the desired user experience?  Does it meet our IAM compliance requirements?
10 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD  Self service/self registration – Does it integrate with Identity Management solutions?  Bulk load (CSV) – Does it meet real time Identity Management requirements?  LDAP (user store) – How do we secure this?  Just in time – Usually available as part of a federated partnership. Common Identity and Access Management Methods:
11 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD  API – APIs offer the most preferred method of achieving compliance as it offers real time management of identities, however they tend to be unique to the app. – SCIM is the only standards based approach that enables CRUD based management of users and groups. – Non-SCIM SaaS App interfaces require IAM vendors to build and maintain connectors.  Therefore SCIM makes the most sense…. Common Identity and Access Management Methods
12 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD  In the identity management world, we talk about “JML” – Joiners—The action of creating or provisioning an account – Movers—Accounts whose attributes (role, department, etc.) change – Leavers—Accounts that are no longer active or de-provisioned Fundamentals of Identity and Access Management
13 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD  What happens to data stored in SaaS apps during de- provisioning?  Cloud storage, for example: – Some cloud storage solutions offer an API to move contents to another user, i.e. based on relationship. – Other cloud storage solutions simply purge what is stored. – IAM vendors may be able to implement methods to retain data when de-provisioning. Complete SaaS App Identity Management
14 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD But, simply managing accounts isn’t enough…  An identity can be: – Authentication source – Authentication method – Attributes – Group membership – Organisation—Internal and/or external – Device – Location – Time
15 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD  Form based authentication (Form Fill) – Storing and form filling a username and password is the most basic form of SSO. – It lacks flexibility to leverage risk based authentication.  Synchronised credentials – Slightly more advanced than form based authentication as the username and password are synchronised with a user’s corporate credentials. – Removes the need to remember/manage multiple usernames and passwords. Common Single Sign-On Methods
16 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD  Federated Single Sign-On – OAuth, OpenID, Simple Web Tokens, JSON Web Tokens, Web Service Specifications, Microsoft Azure® Cloud Services and Windows® Identity Foundation all offer Federated Single Sign-On capabilities but tend to be flexible in the implementation and specification or less commonly used. – SAML (Security Assertion Markup Language) is the most rigid standard and most commonly adopted by enterprises wishing to enable Federated SSO.  Therefore SAML offers the smoothest integration experience.. Common Single Sign-On Methods
17 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD For a SaaS Inventor… SCIM System for Cross-domain Identity Management The SCIM standard was created to simplify user management in the cloud by defining a schema for representing users and groups and a REST API for all the necessary CRUD operations. SCIM is developed under the Internet Engineering Task Force (IETF®). SAML Security Assertion Markup Language An XML-based, open-standard data format for exchanging authentication and authorization data between parties, in particular, between an identity provider and a service provider. SAML is a product of the OASIS® Security Services Technical Committee.
18 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD For a SaaS Adopter… Identity Identity Management Integration Ensure the SaaS App is supported by your Identity management solution, not just for JML actions but also the implications of those actions. Enable compliance by ensuring you effectively manage identities. Access Standards Based Single Sign-On Enable a seamless user experience when accessing cloud apps by removing the need to remember usernames and passwords. Enable compliance by making real time authentication and risk decisions.
19 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD Successful adoption of Cloud Apps Cloud App Requirements  Does it meet the business requirements?  Does it deliver the desired user experience?  Does it meet security/compliance requirements?
20 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD Recommended Sessions SESSION # TITLE DATE/TIME SCT03P The Future of Identity, Access, SaaS and IoT Weds. Nov 18 at 1:00 pm SCT32T Privileged Access Management for the Software-Defined Network Thurs. Nov 19 at 11:30 pm SCT25T Preventing Data Breaches with Risk-Aware Session Management Thurs. Nov 19 at 3:00 pm
21 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD Must See Demos Protect Against Fraud & Breaches CA Advanced Auth Security Theater Engage Customers CA SSO Security Theater Innovation—IoT Slot Car CA AA, APIM Security Theater Secure Omni- Channel Access CA AA, APIM, SSO Security Theater
22 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD Q & A
23 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD For More Information To learn more, please visit: http://cainc.to/Nv2VOe CA World ’15

Empfohlen

Developing Secure Mobile Applications
Developing Secure Mobile ApplicationsDeveloping Secure Mobile Applications
Developing Secure Mobile ApplicationsCA Technologies
 
Simplified Identity Management and Governance from One UI — The CA Identity S...
Simplified Identity Management and Governance from One UI — The CA Identity S...Simplified Identity Management and Governance from One UI — The CA Identity S...
Simplified Identity Management and Governance from One UI — The CA Identity S...CA Technologies
 
Speed time to value with CA IAM solutions deployed on Docker, Kubernetes, and...
Speed time to value with CA IAM solutions deployed on Docker, Kubernetes, and...Speed time to value with CA IAM solutions deployed on Docker, Kubernetes, and...
Speed time to value with CA IAM solutions deployed on Docker, Kubernetes, and...CA Technologies
 
Centralized, Convenient Application Access–the One Stop Shop for Identity Ser...
Centralized, Convenient Application Access–the One Stop Shop for Identity Ser...Centralized, Convenient Application Access–the One Stop Shop for Identity Ser...
Centralized, Convenient Application Access–the One Stop Shop for Identity Ser...CA Technologies
 
How to Leverage New Capabilities in the CA Identity Suite
How to Leverage New Capabilities in the CA Identity SuiteHow to Leverage New Capabilities in the CA Identity Suite
How to Leverage New Capabilities in the CA Identity SuiteCA Technologies
 
CA Single Sign-On (CA SSO), The Innocent Bystander
CA Single Sign-On (CA SSO), The Innocent BystanderCA Single Sign-On (CA SSO), The Innocent Bystander
CA Single Sign-On (CA SSO), The Innocent BystanderCA Technologies
 
Security Opening Keynote Address: Security Drives DIGITAL TRANSFORMATION in...
Security Opening Keynote Address: Security Drives DIGITAL TRANSFORMATION in...Security Opening Keynote Address: Security Drives DIGITAL TRANSFORMATION in...
Security Opening Keynote Address: Security Drives DIGITAL TRANSFORMATION in...CA Technologies
 
CA UIM for z Systems Technical Deep Dive: Get the Right People Solving Probl...
CA UIM for z Systems Technical Deep Dive: Get the Right People Solving Probl...CA UIM for z Systems Technical Deep Dive: Get the Right People Solving Probl...
CA UIM for z Systems Technical Deep Dive: Get the Right People Solving Probl...CA Technologies
 

Empfohlen

Developing Secure Mobile Applications
Developing Secure Mobile ApplicationsDeveloping Secure Mobile Applications
Developing Secure Mobile ApplicationsCA Technologies
 
Simplified Identity Management and Governance from One UI — The CA Identity S...
Simplified Identity Management and Governance from One UI — The CA Identity S...Simplified Identity Management and Governance from One UI — The CA Identity S...
Simplified Identity Management and Governance from One UI — The CA Identity S...CA Technologies
 
Speed time to value with CA IAM solutions deployed on Docker, Kubernetes, and...
Speed time to value with CA IAM solutions deployed on Docker, Kubernetes, and...Speed time to value with CA IAM solutions deployed on Docker, Kubernetes, and...
Speed time to value with CA IAM solutions deployed on Docker, Kubernetes, and...CA Technologies
 
Centralized, Convenient Application Access–the One Stop Shop for Identity Ser...
Centralized, Convenient Application Access–the One Stop Shop for Identity Ser...Centralized, Convenient Application Access–the One Stop Shop for Identity Ser...
Centralized, Convenient Application Access–the One Stop Shop for Identity Ser...CA Technologies
 
How to Leverage New Capabilities in the CA Identity Suite
How to Leverage New Capabilities in the CA Identity SuiteHow to Leverage New Capabilities in the CA Identity Suite
How to Leverage New Capabilities in the CA Identity SuiteCA Technologies
 
CA Single Sign-On (CA SSO), The Innocent Bystander
CA Single Sign-On (CA SSO), The Innocent BystanderCA Single Sign-On (CA SSO), The Innocent Bystander
CA Single Sign-On (CA SSO), The Innocent BystanderCA Technologies
 
Security Opening Keynote Address: Security Drives DIGITAL TRANSFORMATION in...
Security Opening Keynote Address: Security Drives DIGITAL TRANSFORMATION in...Security Opening Keynote Address: Security Drives DIGITAL TRANSFORMATION in...
Security Opening Keynote Address: Security Drives DIGITAL TRANSFORMATION in...CA Technologies
 
CA UIM for z Systems Technical Deep Dive: Get the Right People Solving Probl...
CA UIM for z Systems Technical Deep Dive: Get the Right People Solving Probl...CA UIM for z Systems Technical Deep Dive: Get the Right People Solving Probl...
CA UIM for z Systems Technical Deep Dive: Get the Right People Solving Probl...CA Technologies
 
Securing the Award-Winning Digital Banking Services at Bank Hapoalim
Securing the Award-Winning Digital Banking Services at Bank HapoalimSecuring the Award-Winning Digital Banking Services at Bank Hapoalim
Securing the Award-Winning Digital Banking Services at Bank HapoalimCA Technologies
 
Go Mobile to Mainframe With CA Gen and CA App Services Orchestrator
Go Mobile to Mainframe With CA Gen and CA App Services OrchestratorGo Mobile to Mainframe With CA Gen and CA App Services Orchestrator
Go Mobile to Mainframe With CA Gen and CA App Services OrchestratorCA Technologies
 
Achieving a Successful Identity Management and Governance Deployment The Flor...
Achieving a Successful Identity Management and Governance Deployment The Flor...Achieving a Successful Identity Management and Governance Deployment The Flor...
Achieving a Successful Identity Management and Governance Deployment The Flor...CA Technologies
 
CA Project and Portfolio Management Budgeting & Forecasting
CA Project and Portfolio Management Budgeting & ForecastingCA Project and Portfolio Management Budgeting & Forecasting
CA Project and Portfolio Management Budgeting & ForecastingCA Technologies
 
Case Study: Versent Helps Companies Get Started in the Application Economy Wi...
Case Study: Versent Helps Companies Get Started in the Application Economy Wi...Case Study: Versent Helps Companies Get Started in the Application Economy Wi...
Case Study: Versent Helps Companies Get Started in the Application Economy Wi...CA Technologies
 
Secure the Open Enterprise with CA API Management
Secure the Open Enterprise with CA API ManagementSecure the Open Enterprise with CA API Management
Secure the Open Enterprise with CA API ManagementCA Technologies
 
Locating Unmanaged but Regulated Data on System z: CA Data Content Discovery
Locating Unmanaged but Regulated Data on System z: CA Data Content DiscoveryLocating Unmanaged but Regulated Data on System z: CA Data Content Discovery
Locating Unmanaged but Regulated Data on System z: CA Data Content DiscoveryCA Technologies
 
Go Deep and Wide: No It’s Not a Football, It’s End-to-End Performance Management
Go Deep and Wide: No It’s Not a Football, It’s End-to-End Performance ManagementGo Deep and Wide: No It’s Not a Football, It’s End-to-End Performance Management
Go Deep and Wide: No It’s Not a Football, It’s End-to-End Performance ManagementCA Technologies
 
Case Study: Oppenheimer Funds Brings IT to the People with ITSM Self-Service...
Case Study: Oppenheimer Funds Brings IT to the People with ITSM Self-Service...Case Study: Oppenheimer Funds Brings IT to the People with ITSM Self-Service...
Case Study: Oppenheimer Funds Brings IT to the People with ITSM Self-Service...CA Technologies
 
Identity As A Service Evaluation, Implementation, Realized Benefits
Identity As A Service Evaluation, Implementation, Realized BenefitsIdentity As A Service Evaluation, Implementation, Realized Benefits
Identity As A Service Evaluation, Implementation, Realized BenefitsCA Technologies
 
Dispatches from the Front: How IoT is Becoming a Game Changer
Dispatches from the Front: How IoT is Becoming a Game ChangerDispatches from the Front: How IoT is Becoming a Game Changer
Dispatches from the Front: How IoT is Becoming a Game ChangerCA Technologies
 
Pre-Con Education: CA Service Operations Insight Power User Crash Course
Pre-Con Education: CA Service Operations Insight Power User Crash CoursePre-Con Education: CA Service Operations Insight Power User Crash Course
Pre-Con Education: CA Service Operations Insight Power User Crash CourseCA Technologies
 
Freeing the World from Slow: How Service Virtualization and the Concept of S....
Freeing the World from Slow: How Service Virtualization and the Concept of S....Freeing the World from Slow: How Service Virtualization and the Concept of S....
Freeing the World from Slow: How Service Virtualization and the Concept of S....CA Technologies
 
The Known Unknown—Finding Lost, Abandoned and Hidden Regulated or Sensitive D...
The Known Unknown—Finding Lost, Abandoned and Hidden Regulated or Sensitive D...The Known Unknown—Finding Lost, Abandoned and Hidden Regulated or Sensitive D...
The Known Unknown—Finding Lost, Abandoned and Hidden Regulated or Sensitive D...CA Technologies
 
CA ACF2 and CA Top Secret Part 2: r16 is Here - More Capabilities to Better ...
CA ACF2 and CA Top Secret Part 2: r16 is Here - More Capabilities to Better ...CA ACF2 and CA Top Secret Part 2: r16 is Here - More Capabilities to Better ...
CA ACF2 and CA Top Secret Part 2: r16 is Here - More Capabilities to Better ...CA Technologies
 
CA Identity Suite – Extending Identity Management to the Business User
CA Identity Suite – Extending Identity Management to the Business UserCA Identity Suite – Extending Identity Management to the Business User
CA Identity Suite – Extending Identity Management to the Business UserCA Technologies
 
Is Complacency Around Mainframe Security a Disaster Waiting to Happen?
Is Complacency Around Mainframe Security a Disaster Waiting to Happen?Is Complacency Around Mainframe Security a Disaster Waiting to Happen?
Is Complacency Around Mainframe Security a Disaster Waiting to Happen?CA Technologies
 
Mobile Risk Analysis: Take Your Mobile App Security to the Next Level
Mobile Risk Analysis: Take Your Mobile App Security to the Next LevelMobile Risk Analysis: Take Your Mobile App Security to the Next Level
Mobile Risk Analysis: Take Your Mobile App Security to the Next LevelCA Technologies
 
Technology Primer: CA Application Performance Management Team Center – A War ...
Technology Primer: CA Application Performance Management Team Center – A War ...Technology Primer: CA Application Performance Management Team Center – A War ...
Technology Primer: CA Application Performance Management Team Center – A War ...CA Technologies
 
Protecting the Software-Defined Data Center from Data Breach
Protecting the Software-Defined Data Center from Data BreachProtecting the Software-Defined Data Center from Data Breach
Protecting the Software-Defined Data Center from Data BreachCA Technologies
 
Open authentication (oauth)
Open authentication (oauth)Open authentication (oauth)
Open authentication (oauth)Michael Maurice
 
Federated and fabulous identity
Federated and fabulous identityFederated and fabulous identity
Federated and fabulous identityAndre N. Klingsheim
 

Weitere ähnliche Inhalte

Was ist angesagt?

Securing the Award-Winning Digital Banking Services at Bank Hapoalim
Securing the Award-Winning Digital Banking Services at Bank HapoalimSecuring the Award-Winning Digital Banking Services at Bank Hapoalim
Securing the Award-Winning Digital Banking Services at Bank HapoalimCA Technologies
 
Go Mobile to Mainframe With CA Gen and CA App Services Orchestrator
Go Mobile to Mainframe With CA Gen and CA App Services OrchestratorGo Mobile to Mainframe With CA Gen and CA App Services Orchestrator
Go Mobile to Mainframe With CA Gen and CA App Services OrchestratorCA Technologies
 
Achieving a Successful Identity Management and Governance Deployment The Flor...
Achieving a Successful Identity Management and Governance Deployment The Flor...Achieving a Successful Identity Management and Governance Deployment The Flor...
Achieving a Successful Identity Management and Governance Deployment The Flor...CA Technologies
 
CA Project and Portfolio Management Budgeting & Forecasting
CA Project and Portfolio Management Budgeting & ForecastingCA Project and Portfolio Management Budgeting & Forecasting
CA Project and Portfolio Management Budgeting & ForecastingCA Technologies
 
Case Study: Versent Helps Companies Get Started in the Application Economy Wi...
Case Study: Versent Helps Companies Get Started in the Application Economy Wi...Case Study: Versent Helps Companies Get Started in the Application Economy Wi...
Case Study: Versent Helps Companies Get Started in the Application Economy Wi...CA Technologies
 
Secure the Open Enterprise with CA API Management
Secure the Open Enterprise with CA API ManagementSecure the Open Enterprise with CA API Management
Secure the Open Enterprise with CA API ManagementCA Technologies
 
Locating Unmanaged but Regulated Data on System z: CA Data Content Discovery
Locating Unmanaged but Regulated Data on System z: CA Data Content DiscoveryLocating Unmanaged but Regulated Data on System z: CA Data Content Discovery
Locating Unmanaged but Regulated Data on System z: CA Data Content DiscoveryCA Technologies
 
Go Deep and Wide: No It’s Not a Football, It’s End-to-End Performance Management
Go Deep and Wide: No It’s Not a Football, It’s End-to-End Performance ManagementGo Deep and Wide: No It’s Not a Football, It’s End-to-End Performance Management
Go Deep and Wide: No It’s Not a Football, It’s End-to-End Performance ManagementCA Technologies
 
Case Study: Oppenheimer Funds Brings IT to the People with ITSM Self-Service...
Case Study: Oppenheimer Funds Brings IT to the People with ITSM Self-Service...Case Study: Oppenheimer Funds Brings IT to the People with ITSM Self-Service...
Case Study: Oppenheimer Funds Brings IT to the People with ITSM Self-Service...CA Technologies
 
Identity As A Service Evaluation, Implementation, Realized Benefits
Identity As A Service Evaluation, Implementation, Realized BenefitsIdentity As A Service Evaluation, Implementation, Realized Benefits
Identity As A Service Evaluation, Implementation, Realized BenefitsCA Technologies
 
Dispatches from the Front: How IoT is Becoming a Game Changer
Dispatches from the Front: How IoT is Becoming a Game ChangerDispatches from the Front: How IoT is Becoming a Game Changer
Dispatches from the Front: How IoT is Becoming a Game ChangerCA Technologies
 
Pre-Con Education: CA Service Operations Insight Power User Crash Course
Pre-Con Education: CA Service Operations Insight Power User Crash CoursePre-Con Education: CA Service Operations Insight Power User Crash Course
Pre-Con Education: CA Service Operations Insight Power User Crash CourseCA Technologies
 
Freeing the World from Slow: How Service Virtualization and the Concept of S....
Freeing the World from Slow: How Service Virtualization and the Concept of S....Freeing the World from Slow: How Service Virtualization and the Concept of S....
Freeing the World from Slow: How Service Virtualization and the Concept of S....CA Technologies
 
The Known Unknown—Finding Lost, Abandoned and Hidden Regulated or Sensitive D...
The Known Unknown—Finding Lost, Abandoned and Hidden Regulated or Sensitive D...The Known Unknown—Finding Lost, Abandoned and Hidden Regulated or Sensitive D...
The Known Unknown—Finding Lost, Abandoned and Hidden Regulated or Sensitive D...CA Technologies
 
CA ACF2 and CA Top Secret Part 2: r16 is Here - More Capabilities to Better ...
CA ACF2 and CA Top Secret Part 2: r16 is Here - More Capabilities to Better ...CA ACF2 and CA Top Secret Part 2: r16 is Here - More Capabilities to Better ...
CA ACF2 and CA Top Secret Part 2: r16 is Here - More Capabilities to Better ...CA Technologies
 
CA Identity Suite – Extending Identity Management to the Business User
CA Identity Suite – Extending Identity Management to the Business UserCA Identity Suite – Extending Identity Management to the Business User
CA Identity Suite – Extending Identity Management to the Business UserCA Technologies
 
Is Complacency Around Mainframe Security a Disaster Waiting to Happen?
Is Complacency Around Mainframe Security a Disaster Waiting to Happen?Is Complacency Around Mainframe Security a Disaster Waiting to Happen?
Is Complacency Around Mainframe Security a Disaster Waiting to Happen?CA Technologies
 
Mobile Risk Analysis: Take Your Mobile App Security to the Next Level
Mobile Risk Analysis: Take Your Mobile App Security to the Next LevelMobile Risk Analysis: Take Your Mobile App Security to the Next Level
Mobile Risk Analysis: Take Your Mobile App Security to the Next LevelCA Technologies
 
Technology Primer: CA Application Performance Management Team Center – A War ...
Technology Primer: CA Application Performance Management Team Center – A War ...Technology Primer: CA Application Performance Management Team Center – A War ...
Technology Primer: CA Application Performance Management Team Center – A War ...CA Technologies
 
Protecting the Software-Defined Data Center from Data Breach
Protecting the Software-Defined Data Center from Data BreachProtecting the Software-Defined Data Center from Data Breach
Protecting the Software-Defined Data Center from Data BreachCA Technologies
 

Was ist angesagt? (20)

Securing the Award-Winning Digital Banking Services at Bank Hapoalim
Securing the Award-Winning Digital Banking Services at Bank HapoalimSecuring the Award-Winning Digital Banking Services at Bank Hapoalim
Securing the Award-Winning Digital Banking Services at Bank Hapoalim
 
Go Mobile to Mainframe With CA Gen and CA App Services Orchestrator
Go Mobile to Mainframe With CA Gen and CA App Services OrchestratorGo Mobile to Mainframe With CA Gen and CA App Services Orchestrator
Go Mobile to Mainframe With CA Gen and CA App Services Orchestrator
 
Achieving a Successful Identity Management and Governance Deployment The Flor...
Achieving a Successful Identity Management and Governance Deployment The Flor...Achieving a Successful Identity Management and Governance Deployment The Flor...
Achieving a Successful Identity Management and Governance Deployment The Flor...
 
CA Project and Portfolio Management Budgeting & Forecasting
CA Project and Portfolio Management Budgeting & ForecastingCA Project and Portfolio Management Budgeting & Forecasting
CA Project and Portfolio Management Budgeting & Forecasting
 
Case Study: Versent Helps Companies Get Started in the Application Economy Wi...
Case Study: Versent Helps Companies Get Started in the Application Economy Wi...Case Study: Versent Helps Companies Get Started in the Application Economy Wi...
Case Study: Versent Helps Companies Get Started in the Application Economy Wi...
 
Secure the Open Enterprise with CA API Management
Secure the Open Enterprise with CA API ManagementSecure the Open Enterprise with CA API Management
Secure the Open Enterprise with CA API Management
 
Locating Unmanaged but Regulated Data on System z: CA Data Content Discovery
Locating Unmanaged but Regulated Data on System z: CA Data Content DiscoveryLocating Unmanaged but Regulated Data on System z: CA Data Content Discovery
Locating Unmanaged but Regulated Data on System z: CA Data Content Discovery
 
Go Deep and Wide: No It’s Not a Football, It’s End-to-End Performance Management
Go Deep and Wide: No It’s Not a Football, It’s End-to-End Performance ManagementGo Deep and Wide: No It’s Not a Football, It’s End-to-End Performance Management
Go Deep and Wide: No It’s Not a Football, It’s End-to-End Performance Management
 
Case Study: Oppenheimer Funds Brings IT to the People with ITSM Self-Service...
Case Study: Oppenheimer Funds Brings IT to the People with ITSM Self-Service...Case Study: Oppenheimer Funds Brings IT to the People with ITSM Self-Service...
Case Study: Oppenheimer Funds Brings IT to the People with ITSM Self-Service...
 
Identity As A Service Evaluation, Implementation, Realized Benefits
Identity As A Service Evaluation, Implementation, Realized BenefitsIdentity As A Service Evaluation, Implementation, Realized Benefits
Identity As A Service Evaluation, Implementation, Realized Benefits
 
Dispatches from the Front: How IoT is Becoming a Game Changer
Dispatches from the Front: How IoT is Becoming a Game ChangerDispatches from the Front: How IoT is Becoming a Game Changer
Dispatches from the Front: How IoT is Becoming a Game Changer
 
Pre-Con Education: CA Service Operations Insight Power User Crash Course
Pre-Con Education: CA Service Operations Insight Power User Crash CoursePre-Con Education: CA Service Operations Insight Power User Crash Course
Pre-Con Education: CA Service Operations Insight Power User Crash Course
 
Freeing the World from Slow: How Service Virtualization and the Concept of S....
Freeing the World from Slow: How Service Virtualization and the Concept of S....Freeing the World from Slow: How Service Virtualization and the Concept of S....
Freeing the World from Slow: How Service Virtualization and the Concept of S....
 
The Known Unknown—Finding Lost, Abandoned and Hidden Regulated or Sensitive D...
The Known Unknown—Finding Lost, Abandoned and Hidden Regulated or Sensitive D...The Known Unknown—Finding Lost, Abandoned and Hidden Regulated or Sensitive D...
The Known Unknown—Finding Lost, Abandoned and Hidden Regulated or Sensitive D...
 
CA ACF2 and CA Top Secret Part 2: r16 is Here - More Capabilities to Better ...
CA ACF2 and CA Top Secret Part 2: r16 is Here - More Capabilities to Better ...CA ACF2 and CA Top Secret Part 2: r16 is Here - More Capabilities to Better ...
CA ACF2 and CA Top Secret Part 2: r16 is Here - More Capabilities to Better ...
 
CA Identity Suite – Extending Identity Management to the Business User
CA Identity Suite – Extending Identity Management to the Business UserCA Identity Suite – Extending Identity Management to the Business User
CA Identity Suite – Extending Identity Management to the Business User
 
Is Complacency Around Mainframe Security a Disaster Waiting to Happen?
Is Complacency Around Mainframe Security a Disaster Waiting to Happen?Is Complacency Around Mainframe Security a Disaster Waiting to Happen?
Is Complacency Around Mainframe Security a Disaster Waiting to Happen?
 
Mobile Risk Analysis: Take Your Mobile App Security to the Next Level
Mobile Risk Analysis: Take Your Mobile App Security to the Next LevelMobile Risk Analysis: Take Your Mobile App Security to the Next Level
Mobile Risk Analysis: Take Your Mobile App Security to the Next Level
 
Technology Primer: CA Application Performance Management Team Center – A War ...
Technology Primer: CA Application Performance Management Team Center – A War ...Technology Primer: CA Application Performance Management Team Center – A War ...
Technology Primer: CA Application Performance Management Team Center – A War ...
 
Protecting the Software-Defined Data Center from Data Breach
Protecting the Software-Defined Data Center from Data BreachProtecting the Software-Defined Data Center from Data Breach
Protecting the Software-Defined Data Center from Data Breach
 

Andere mochten auch

Open authentication (oauth)
Open authentication (oauth)Open authentication (oauth)
Open authentication (oauth)Michael Maurice
 
Identity Management for the 21st Century IT Mission
Identity Management for the 21st Century IT MissionIdentity Management for the 21st Century IT Mission
Identity Management for the 21st Century IT MissionCA API Management
 
Federation in Practice
Federation in PracticeFederation in Practice
Federation in PracticeForgeRock
 
OpenAM - An Introduction
OpenAM - An IntroductionOpenAM - An Introduction
OpenAM - An IntroductionForgeRock
 
Identity and Access Management Introduction
Identity and Access Management IntroductionIdentity and Access Management Introduction
Identity and Access Management IntroductionAidy Tificate
 

Andere mochten auch (6)

Open authentication (oauth)
Open authentication (oauth)Open authentication (oauth)
Open authentication (oauth)
 
Federated and fabulous identity
Federated and fabulous identityFederated and fabulous identity
Federated and fabulous identity
 
Identity Management for the 21st Century IT Mission
Identity Management for the 21st Century IT MissionIdentity Management for the 21st Century IT Mission
Identity Management for the 21st Century IT Mission
 
Federation in Practice
Federation in PracticeFederation in Practice
Federation in Practice
 
OpenAM - An Introduction
OpenAM - An IntroductionOpenAM - An Introduction
OpenAM - An Introduction
 
Identity and Access Management Introduction
Identity and Access Management IntroductionIdentity and Access Management Introduction
Identity and Access Management Introduction
 

Ähnlich wie Common Challenges of Identity Management and Federated Single Sign-On in a SaaS World

Putting Security in Identity-as-a-Service
Putting Security in Identity-as-a-ServicePutting Security in Identity-as-a-Service
Putting Security in Identity-as-a-ServiceCA Technologies
 
API’s and Identity: Enabling Optum to become the HealthCare cloud
API’s and Identity: Enabling Optum to become the HealthCare cloudAPI’s and Identity: Enabling Optum to become the HealthCare cloud
API’s and Identity: Enabling Optum to become the HealthCare cloudCA Technologies
 
Creating an Omnichannel Experience for Your Customers
Creating an Omnichannel Experience for Your CustomersCreating an Omnichannel Experience for Your Customers
Creating an Omnichannel Experience for Your CustomersCA Technologies
 
How CA Technologies Enables Its Own Employees and Secures Access to Applicati...
How CA Technologies Enables Its Own Employees and Secures Access to Applicati...How CA Technologies Enables Its Own Employees and Secures Access to Applicati...
How CA Technologies Enables Its Own Employees and Secures Access to Applicati...CA Technologies
 
Modern Architectures
Modern ArchitecturesModern Architectures
Modern ArchitecturesSecureAuth
 
Lessons Learned From Four Years of API Management Implementation Success at Unum
Lessons Learned From Four Years of API Management Implementation Success at UnumLessons Learned From Four Years of API Management Implementation Success at Unum
Lessons Learned From Four Years of API Management Implementation Success at UnumCA Technologies
 
Case Study: Digital Transformation Through Successful, Large-scale Identity M...
Case Study: Digital Transformation Through Successful, Large-scale Identity M...Case Study: Digital Transformation Through Successful, Large-scale Identity M...
Case Study: Digital Transformation Through Successful, Large-scale Identity M...CA Technologies
 
Hands-On Lab: Integrate Your Monitoring Tools into an Automated Service Impac...
Hands-On Lab: Integrate Your Monitoring Tools into an Automated Service Impac...Hands-On Lab: Integrate Your Monitoring Tools into an Automated Service Impac...
Hands-On Lab: Integrate Your Monitoring Tools into an Automated Service Impac...CA Technologies
 
Technology Primer: Building Applications the New-Fashioned Way
Technology Primer: Building Applications the New-Fashioned WayTechnology Primer: Building Applications the New-Fashioned Way
Technology Primer: Building Applications the New-Fashioned WayCA Technologies
 
TOP SAILPOINT INTERVIEW QUESTION
TOP SAILPOINT INTERVIEW QUESTIONTOP SAILPOINT INTERVIEW QUESTION
TOP SAILPOINT INTERVIEW QUESTIONInfosec Train
 
CIS 2015-API's & Identity: Enabling the Business to Become the Cloud- Carlos ...
CIS 2015-API's & Identity: Enabling the Business to Become the Cloud- Carlos ...CIS 2015-API's & Identity: Enabling the Business to Become the Cloud- Carlos ...
CIS 2015-API's & Identity: Enabling the Business to Become the Cloud- Carlos ...CloudIDSummit
 
Case Study: The Business-Focused CIO—Leveraging IT Services for Strategic Adv...
Case Study: The Business-Focused CIO—Leveraging IT Services for Strategic Adv...Case Study: The Business-Focused CIO—Leveraging IT Services for Strategic Adv...
Case Study: The Business-Focused CIO—Leveraging IT Services for Strategic Adv...CA Technologies
 
Tech Talk: Preventing Data Breaches with Risk-Aware Session Management
Tech Talk: Preventing Data Breaches with Risk-Aware Session ManagementTech Talk: Preventing Data Breaches with Risk-Aware Session Management
Tech Talk: Preventing Data Breaches with Risk-Aware Session ManagementCA Technologies
 
Survive Industry Disruption and Deliver a Great Customer Experience with APIs...
Survive Industry Disruption and Deliver a Great Customer Experience with APIs...Survive Industry Disruption and Deliver a Great Customer Experience with APIs...
Survive Industry Disruption and Deliver a Great Customer Experience with APIs...CA Technologies
 
Ten Things You Should not Forget in Mainframe Security
Ten Things You Should not Forget in Mainframe Security Ten Things You Should not Forget in Mainframe Security
Ten Things You Should not Forget in Mainframe Security CA Technologies
 
SSO Agility Made Possible - November 2014
SSO Agility Made Possible - November 2014SSO Agility Made Possible - November 2014
SSO Agility Made Possible - November 2014Andrew Ames
 
The Cloud Challenge
The Cloud ChallengeThe Cloud Challenge
The Cloud ChallengeVMware Tanzu
 
The Why, Where and How of Service Virtualization Adoption
The Why, Where and How of Service Virtualization AdoptionThe Why, Where and How of Service Virtualization Adoption
The Why, Where and How of Service Virtualization AdoptionCA Technologies
 
Infrastructure Performance Management: Flexibility Combining Breadth, Depth ...
Infrastructure Performance Management: Flexibility Combining Breadth, Depth ...Infrastructure Performance Management: Flexibility Combining Breadth, Depth ...
Infrastructure Performance Management: Flexibility Combining Breadth, Depth ...CA Technologies
 

Ähnlich wie Common Challenges of Identity Management and Federated Single Sign-On in a SaaS World (20)

Putting Security in Identity-as-a-Service
Putting Security in Identity-as-a-ServicePutting Security in Identity-as-a-Service
Putting Security in Identity-as-a-Service
 
API’s and Identity: Enabling Optum to become the HealthCare cloud
API’s and Identity: Enabling Optum to become the HealthCare cloudAPI’s and Identity: Enabling Optum to become the HealthCare cloud
API’s and Identity: Enabling Optum to become the HealthCare cloud
 
Creating an Omnichannel Experience for Your Customers
Creating an Omnichannel Experience for Your CustomersCreating an Omnichannel Experience for Your Customers
Creating an Omnichannel Experience for Your Customers
 
How CA Technologies Enables Its Own Employees and Secures Access to Applicati...
How CA Technologies Enables Its Own Employees and Secures Access to Applicati...How CA Technologies Enables Its Own Employees and Secures Access to Applicati...
How CA Technologies Enables Its Own Employees and Secures Access to Applicati...
 
Modern Architectures
Modern ArchitecturesModern Architectures
Modern Architectures
 
Lessons Learned From Four Years of API Management Implementation Success at Unum
Lessons Learned From Four Years of API Management Implementation Success at UnumLessons Learned From Four Years of API Management Implementation Success at Unum
Lessons Learned From Four Years of API Management Implementation Success at Unum
 
Case Study: Digital Transformation Through Successful, Large-scale Identity M...
Case Study: Digital Transformation Through Successful, Large-scale Identity M...Case Study: Digital Transformation Through Successful, Large-scale Identity M...
Case Study: Digital Transformation Through Successful, Large-scale Identity M...
 
Hands-On Lab: Integrate Your Monitoring Tools into an Automated Service Impac...
Hands-On Lab: Integrate Your Monitoring Tools into an Automated Service Impac...Hands-On Lab: Integrate Your Monitoring Tools into an Automated Service Impac...
Hands-On Lab: Integrate Your Monitoring Tools into an Automated Service Impac...
 
Technology Primer: Building Applications the New-Fashioned Way
Technology Primer: Building Applications the New-Fashioned WayTechnology Primer: Building Applications the New-Fashioned Way
Technology Primer: Building Applications the New-Fashioned Way
 
TOP SAILPOINT INTERVIEW QUESTION
TOP SAILPOINT INTERVIEW QUESTIONTOP SAILPOINT INTERVIEW QUESTION
TOP SAILPOINT INTERVIEW QUESTION
 
CIS 2015-API's & Identity: Enabling the Business to Become the Cloud- Carlos ...
CIS 2015-API's & Identity: Enabling the Business to Become the Cloud- Carlos ...CIS 2015-API's & Identity: Enabling the Business to Become the Cloud- Carlos ...
CIS 2015-API's & Identity: Enabling the Business to Become the Cloud- Carlos ...
 
Case Study: The Business-Focused CIO—Leveraging IT Services for Strategic Adv...
Case Study: The Business-Focused CIO—Leveraging IT Services for Strategic Adv...Case Study: The Business-Focused CIO—Leveraging IT Services for Strategic Adv...
Case Study: The Business-Focused CIO—Leveraging IT Services for Strategic Adv...
 
Iam cloud security_vision_wp_236732
Iam cloud security_vision_wp_236732Iam cloud security_vision_wp_236732
Iam cloud security_vision_wp_236732
 
Tech Talk: Preventing Data Breaches with Risk-Aware Session Management
Tech Talk: Preventing Data Breaches with Risk-Aware Session ManagementTech Talk: Preventing Data Breaches with Risk-Aware Session Management
Tech Talk: Preventing Data Breaches with Risk-Aware Session Management
 
Survive Industry Disruption and Deliver a Great Customer Experience with APIs...
Survive Industry Disruption and Deliver a Great Customer Experience with APIs...Survive Industry Disruption and Deliver a Great Customer Experience with APIs...
Survive Industry Disruption and Deliver a Great Customer Experience with APIs...
 
Ten Things You Should not Forget in Mainframe Security
Ten Things You Should not Forget in Mainframe Security Ten Things You Should not Forget in Mainframe Security
Ten Things You Should not Forget in Mainframe Security
 
SSO Agility Made Possible - November 2014
SSO Agility Made Possible - November 2014SSO Agility Made Possible - November 2014
SSO Agility Made Possible - November 2014
 
The Cloud Challenge
The Cloud ChallengeThe Cloud Challenge
The Cloud Challenge
 
The Why, Where and How of Service Virtualization Adoption
The Why, Where and How of Service Virtualization AdoptionThe Why, Where and How of Service Virtualization Adoption
The Why, Where and How of Service Virtualization Adoption
 
Infrastructure Performance Management: Flexibility Combining Breadth, Depth ...
Infrastructure Performance Management: Flexibility Combining Breadth, Depth ...Infrastructure Performance Management: Flexibility Combining Breadth, Depth ...
Infrastructure Performance Management: Flexibility Combining Breadth, Depth ...
 

Mehr von CA Technologies

CA Mainframe Resource Intelligence
CA Mainframe Resource IntelligenceCA Mainframe Resource Intelligence
CA Mainframe Resource IntelligenceCA Technologies
 
Mainframe as a Service: Sample a Buffet of IBM z/OS® Platform Excellence
Mainframe as a Service: Sample a Buffet of IBM z/OS® Platform ExcellenceMainframe as a Service: Sample a Buffet of IBM z/OS® Platform Excellence
Mainframe as a Service: Sample a Buffet of IBM z/OS® Platform ExcellenceCA Technologies
 
Case Study: How CA Went From 40 Days to Three Days Building Crystal-Clear Tes...
Case Study: How CA Went From 40 Days to Three Days Building Crystal-Clear Tes...Case Study: How CA Went From 40 Days to Three Days Building Crystal-Clear Tes...
Case Study: How CA Went From 40 Days to Three Days Building Crystal-Clear Tes...CA Technologies
 
Case Study: How The Home Depot Built Quality Into Software Development
Case Study: How The Home Depot Built Quality Into Software DevelopmentCase Study: How The Home Depot Built Quality Into Software Development
Case Study: How The Home Depot Built Quality Into Software DevelopmentCA Technologies
 
Pre-Con Ed: Privileged Identity Governance: Are You Certifying Privileged Use...
Pre-Con Ed: Privileged Identity Governance: Are You Certifying Privileged Use...Pre-Con Ed: Privileged Identity Governance: Are You Certifying Privileged Use...
Pre-Con Ed: Privileged Identity Governance: Are You Certifying Privileged Use...CA Technologies
 
Case Study: Privileged Access in a World on Time
Case Study: Privileged Access in a World on TimeCase Study: Privileged Access in a World on Time
Case Study: Privileged Access in a World on TimeCA Technologies
 
Case Study: How SGN Used Attack Path Mapping to Control Privileged Access in ...
Case Study: How SGN Used Attack Path Mapping to Control Privileged Access in ...Case Study: How SGN Used Attack Path Mapping to Control Privileged Access in ...
Case Study: How SGN Used Attack Path Mapping to Control Privileged Access in ...CA Technologies
 
Case Study: Putting Citizens at The Center of Digital Government
Case Study: Putting Citizens at The Center of Digital GovernmentCase Study: Putting Citizens at The Center of Digital Government
Case Study: Putting Citizens at The Center of Digital GovernmentCA Technologies
 
Making Security Work—Implementing a Transformational Security Program
Making Security Work—Implementing a Transformational Security ProgramMaking Security Work—Implementing a Transformational Security Program
Making Security Work—Implementing a Transformational Security ProgramCA Technologies
 
Keynote: Making Security a Competitive Advantage
Keynote: Making Security a Competitive AdvantageKeynote: Making Security a Competitive Advantage
Keynote: Making Security a Competitive AdvantageCA Technologies
 
Emerging Managed Services Opportunities in Identity and Access Management
Emerging Managed Services Opportunities in Identity and Access ManagementEmerging Managed Services Opportunities in Identity and Access Management
Emerging Managed Services Opportunities in Identity and Access ManagementCA Technologies
 
The Unmet Demand for Premium Cloud Monitoring Services—and How Service Provid...
The Unmet Demand for Premium Cloud Monitoring Services—and How Service Provid...The Unmet Demand for Premium Cloud Monitoring Services—and How Service Provid...
The Unmet Demand for Premium Cloud Monitoring Services—and How Service Provid...CA Technologies
 
Leveraging Monitoring Governance: How Service Providers Can Boost Operational...
Leveraging Monitoring Governance: How Service Providers Can Boost Operational...Leveraging Monitoring Governance: How Service Providers Can Boost Operational...
Leveraging Monitoring Governance: How Service Providers Can Boost Operational...CA Technologies
 
The Next Big Service Provider Opportunity—Beyond Infrastructure: Architecting...
The Next Big Service Provider Opportunity—Beyond Infrastructure: Architecting...The Next Big Service Provider Opportunity—Beyond Infrastructure: Architecting...
The Next Big Service Provider Opportunity—Beyond Infrastructure: Architecting...CA Technologies
 
Application Experience Analytics Services: The Strategic Digital Transformati...
Application Experience Analytics Services: The Strategic Digital Transformati...Application Experience Analytics Services: The Strategic Digital Transformati...
Application Experience Analytics Services: The Strategic Digital Transformati...CA Technologies
 
Application Experience Analytics Services: The Strategic Digital Transformati...
Application Experience Analytics Services: The Strategic Digital Transformati...Application Experience Analytics Services: The Strategic Digital Transformati...
Application Experience Analytics Services: The Strategic Digital Transformati...CA Technologies
 
Strategic Direction Session: Deliver Next-Gen IT Ops with CA Mainframe Operat...
Strategic Direction Session: Deliver Next-Gen IT Ops with CA Mainframe Operat...Strategic Direction Session: Deliver Next-Gen IT Ops with CA Mainframe Operat...
Strategic Direction Session: Deliver Next-Gen IT Ops with CA Mainframe Operat...CA Technologies
 
Strategic Direction Session: Enhancing Data Privacy with Data-Centric Securit...
Strategic Direction Session: Enhancing Data Privacy with Data-Centric Securit...Strategic Direction Session: Enhancing Data Privacy with Data-Centric Securit...
Strategic Direction Session: Enhancing Data Privacy with Data-Centric Securit...CA Technologies
 
Blockchain: Strategies for Moving From Hype to Realities of Deployment
Blockchain: Strategies for Moving From Hype to Realities of DeploymentBlockchain: Strategies for Moving From Hype to Realities of Deployment
Blockchain: Strategies for Moving From Hype to Realities of DeploymentCA Technologies
 
Establish Digital Trust as the Currency of Digital Enterprise
Establish Digital Trust as the Currency of Digital EnterpriseEstablish Digital Trust as the Currency of Digital Enterprise
Establish Digital Trust as the Currency of Digital EnterpriseCA Technologies
 

Mehr von CA Technologies (20)

CA Mainframe Resource Intelligence
CA Mainframe Resource IntelligenceCA Mainframe Resource Intelligence
CA Mainframe Resource Intelligence
 
Mainframe as a Service: Sample a Buffet of IBM z/OS® Platform Excellence
Mainframe as a Service: Sample a Buffet of IBM z/OS® Platform ExcellenceMainframe as a Service: Sample a Buffet of IBM z/OS® Platform Excellence
Mainframe as a Service: Sample a Buffet of IBM z/OS® Platform Excellence
 
Case Study: How CA Went From 40 Days to Three Days Building Crystal-Clear Tes...
Case Study: How CA Went From 40 Days to Three Days Building Crystal-Clear Tes...Case Study: How CA Went From 40 Days to Three Days Building Crystal-Clear Tes...
Case Study: How CA Went From 40 Days to Three Days Building Crystal-Clear Tes...
 
Case Study: How The Home Depot Built Quality Into Software Development
Case Study: How The Home Depot Built Quality Into Software DevelopmentCase Study: How The Home Depot Built Quality Into Software Development
Case Study: How The Home Depot Built Quality Into Software Development
 
Pre-Con Ed: Privileged Identity Governance: Are You Certifying Privileged Use...
Pre-Con Ed: Privileged Identity Governance: Are You Certifying Privileged Use...Pre-Con Ed: Privileged Identity Governance: Are You Certifying Privileged Use...
Pre-Con Ed: Privileged Identity Governance: Are You Certifying Privileged Use...
 
Case Study: Privileged Access in a World on Time
Case Study: Privileged Access in a World on TimeCase Study: Privileged Access in a World on Time
Case Study: Privileged Access in a World on Time
 
Case Study: How SGN Used Attack Path Mapping to Control Privileged Access in ...
Case Study: How SGN Used Attack Path Mapping to Control Privileged Access in ...Case Study: How SGN Used Attack Path Mapping to Control Privileged Access in ...
Case Study: How SGN Used Attack Path Mapping to Control Privileged Access in ...
 
Case Study: Putting Citizens at The Center of Digital Government
Case Study: Putting Citizens at The Center of Digital GovernmentCase Study: Putting Citizens at The Center of Digital Government
Case Study: Putting Citizens at The Center of Digital Government
 
Making Security Work—Implementing a Transformational Security Program
Making Security Work—Implementing a Transformational Security ProgramMaking Security Work—Implementing a Transformational Security Program
Making Security Work—Implementing a Transformational Security Program
 
Keynote: Making Security a Competitive Advantage
Keynote: Making Security a Competitive AdvantageKeynote: Making Security a Competitive Advantage
Keynote: Making Security a Competitive Advantage
 
Emerging Managed Services Opportunities in Identity and Access Management
Emerging Managed Services Opportunities in Identity and Access ManagementEmerging Managed Services Opportunities in Identity and Access Management
Emerging Managed Services Opportunities in Identity and Access Management
 
The Unmet Demand for Premium Cloud Monitoring Services—and How Service Provid...
The Unmet Demand for Premium Cloud Monitoring Services—and How Service Provid...The Unmet Demand for Premium Cloud Monitoring Services—and How Service Provid...
The Unmet Demand for Premium Cloud Monitoring Services—and How Service Provid...
 
Leveraging Monitoring Governance: How Service Providers Can Boost Operational...
Leveraging Monitoring Governance: How Service Providers Can Boost Operational...Leveraging Monitoring Governance: How Service Providers Can Boost Operational...
Leveraging Monitoring Governance: How Service Providers Can Boost Operational...
 
The Next Big Service Provider Opportunity—Beyond Infrastructure: Architecting...
The Next Big Service Provider Opportunity—Beyond Infrastructure: Architecting...The Next Big Service Provider Opportunity—Beyond Infrastructure: Architecting...
The Next Big Service Provider Opportunity—Beyond Infrastructure: Architecting...
 
Application Experience Analytics Services: The Strategic Digital Transformati...
Application Experience Analytics Services: The Strategic Digital Transformati...Application Experience Analytics Services: The Strategic Digital Transformati...
Application Experience Analytics Services: The Strategic Digital Transformati...
 
Application Experience Analytics Services: The Strategic Digital Transformati...
Application Experience Analytics Services: The Strategic Digital Transformati...Application Experience Analytics Services: The Strategic Digital Transformati...
Application Experience Analytics Services: The Strategic Digital Transformati...
 
Strategic Direction Session: Deliver Next-Gen IT Ops with CA Mainframe Operat...
Strategic Direction Session: Deliver Next-Gen IT Ops with CA Mainframe Operat...Strategic Direction Session: Deliver Next-Gen IT Ops with CA Mainframe Operat...
Strategic Direction Session: Deliver Next-Gen IT Ops with CA Mainframe Operat...
 
Strategic Direction Session: Enhancing Data Privacy with Data-Centric Securit...
Strategic Direction Session: Enhancing Data Privacy with Data-Centric Securit...Strategic Direction Session: Enhancing Data Privacy with Data-Centric Securit...
Strategic Direction Session: Enhancing Data Privacy with Data-Centric Securit...
 
Blockchain: Strategies for Moving From Hype to Realities of Deployment
Blockchain: Strategies for Moving From Hype to Realities of DeploymentBlockchain: Strategies for Moving From Hype to Realities of Deployment
Blockchain: Strategies for Moving From Hype to Realities of Deployment
 
Establish Digital Trust as the Currency of Digital Enterprise
Establish Digital Trust as the Currency of Digital EnterpriseEstablish Digital Trust as the Currency of Digital Enterprise
Establish Digital Trust as the Currency of Digital Enterprise
 

Kürzlich hochgeladen

How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demoHarshalMandlekar2
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesAssure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesThousandEyes
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Hiroshi SHIBATA
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsNathaniel Shimoni
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentPim van der Noll
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Alkin Tezuysal
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsRavi Sanghani
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfNeo4j
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality AssuranceInflectra
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Strongerpanagenda
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationKnoldus Inc.
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfIngrid Airi González
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesThousandEyes
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 

Kürzlich hochgeladen (20)

How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demo
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesAssure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and Insights
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdf
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog Presentation
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdf
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 

Common Challenges of Identity Management and Federated Single Sign-On in a SaaS World

  • 1. Common Challenges of Identity Management and Federated Single Sign-On in a SaaS World Phil Tidmarsh Security CA Technologies VP, Engineering Services SCT18T @CASecurity #CAWorld
  • 2. 2 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD © 2015 CA. All rights reserved. All trademarks referenced herein belong to their respective companies. The content provided in this CA World 2015 presentation is intended for informational purposes only and does not form any type of warranty. The information provided by a CA partner and/or CA customer has not been reviewed for accuracy by CA. For Informational Purposes Only Terms of this Presentation
  • 3. 3 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD Abstract This session explores common challenges and solutions associated with identity and access management for SaaS. We will discuss topics such as single sign-on, federation vs form fill and identity lifecycle management, including some best practices like retaining data when de- provisioning. It also covers what to look for as a SaaS consumer and what to build as a SaaS inventor. Phil Tidmarsh CA Technologies Vice President, Engineering Services and acting Product Manager, CA Secure Cloud
  • 4. 4 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD Agenda THE CONCLUSION WHAT’S THE GOAL? BUSINESS CHALLENGE COMMON IDENTITY & ACCESS MANAGEMENT METHODS COMMON SINGLE SIGN-ON METHODS 1 2 3 4 5 SAAS INVENTOR VS. SAAS ADOPTER6
  • 5. 5 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD The conclusion… SCIM System for Cross-domain Identity Management The SCIM standard was created to simplify user management in the cloud by defining a schema for representing users and groups and a REST API for all the necessary CRUD operations. SCIM is developed under the Internet Engineering Task Force (IETF®). SAML Security Assertion Markup Language An XML-based, open-standard data format for exchanging authentication and authorization data between parties, in particular, between an identity provider and a service provider. SAML is a product of the OASIS® Security Services Technical Committee.
  • 6. 6 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD What’s the goal?  User experience  Time-to-Value  Total Cost of Ownership  Compliance
  • 7. 7 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD Shopping for Cloud Apps
  • 8. 8 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD Authentication Authorisation State
  • 9. 9 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD Cloud App Identity and Access Management (IAM) Cloud App Requirements  Does it meet the business requirements?  Does it deliver the desired user experience?  Does it meet our IAM compliance requirements?
  • 10. 10 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD  Self service/self registration – Does it integrate with Identity Management solutions?  Bulk load (CSV) – Does it meet real time Identity Management requirements?  LDAP (user store) – How do we secure this?  Just in time – Usually available as part of a federated partnership. Common Identity and Access Management Methods:
  • 11. 11 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD  API – APIs offer the most preferred method of achieving compliance as it offers real time management of identities, however they tend to be unique to the app. – SCIM is the only standards based approach that enables CRUD based management of users and groups. – Non-SCIM SaaS App interfaces require IAM vendors to build and maintain connectors.  Therefore SCIM makes the most sense…. Common Identity and Access Management Methods
  • 12. 12 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD  In the identity management world, we talk about “JML” – Joiners—The action of creating or provisioning an account – Movers—Accounts whose attributes (role, department, etc.) change – Leavers—Accounts that are no longer active or de-provisioned Fundamentals of Identity and Access Management
  • 13. 13 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD  What happens to data stored in SaaS apps during de- provisioning?  Cloud storage, for example: – Some cloud storage solutions offer an API to move contents to another user, i.e. based on relationship. – Other cloud storage solutions simply purge what is stored. – IAM vendors may be able to implement methods to retain data when de-provisioning. Complete SaaS App Identity Management
  • 14. 14 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD But, simply managing accounts isn’t enough…  An identity can be: – Authentication source – Authentication method – Attributes – Group membership – Organisation—Internal and/or external – Device – Location – Time
  • 15. 15 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD  Form based authentication (Form Fill) – Storing and form filling a username and password is the most basic form of SSO. – It lacks flexibility to leverage risk based authentication.  Synchronised credentials – Slightly more advanced than form based authentication as the username and password are synchronised with a user’s corporate credentials. – Removes the need to remember/manage multiple usernames and passwords. Common Single Sign-On Methods
  • 16. 16 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD  Federated Single Sign-On – OAuth, OpenID, Simple Web Tokens, JSON Web Tokens, Web Service Specifications, Microsoft Azure® Cloud Services and Windows® Identity Foundation all offer Federated Single Sign-On capabilities but tend to be flexible in the implementation and specification or less commonly used. – SAML (Security Assertion Markup Language) is the most rigid standard and most commonly adopted by enterprises wishing to enable Federated SSO.  Therefore SAML offers the smoothest integration experience.. Common Single Sign-On Methods
  • 17. 17 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD For a SaaS Inventor… SCIM System for Cross-domain Identity Management The SCIM standard was created to simplify user management in the cloud by defining a schema for representing users and groups and a REST API for all the necessary CRUD operations. SCIM is developed under the Internet Engineering Task Force (IETF®). SAML Security Assertion Markup Language An XML-based, open-standard data format for exchanging authentication and authorization data between parties, in particular, between an identity provider and a service provider. SAML is a product of the OASIS® Security Services Technical Committee.
  • 18. 18 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD For a SaaS Adopter… Identity Identity Management Integration Ensure the SaaS App is supported by your Identity management solution, not just for JML actions but also the implications of those actions. Enable compliance by ensuring you effectively manage identities. Access Standards Based Single Sign-On Enable a seamless user experience when accessing cloud apps by removing the need to remember usernames and passwords. Enable compliance by making real time authentication and risk decisions.
  • 19. 19 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD Successful adoption of Cloud Apps Cloud App Requirements  Does it meet the business requirements?  Does it deliver the desired user experience?  Does it meet security/compliance requirements?
  • 20. 20 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD Recommended Sessions SESSION # TITLE DATE/TIME SCT03P The Future of Identity, Access, SaaS and IoT Weds. Nov 18 at 1:00 pm SCT32T Privileged Access Management for the Software-Defined Network Thurs. Nov 19 at 11:30 pm SCT25T Preventing Data Breaches with Risk-Aware Session Management Thurs. Nov 19 at 3:00 pm
  • 21. 21 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD Must See Demos Protect Against Fraud & Breaches CA Advanced Auth Security Theater Engage Customers CA SSO Security Theater Innovation—IoT Slot Car CA AA, APIM Security Theater Secure Omni- Channel Access CA AA, APIM, SSO Security Theater
  • 22. 22 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD Q & A
  • 23. 23 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD For More Information To learn more, please visit: http://cainc.to/Nv2VOe CA World ’15