Global network of innovation. Svein Arne Lindøe Arnfinn Strand Security Competence Center Scandic Siemens Business Services (Norway)

Transcription

1 Svein Arne Lindøe Arnfinn Strand Security Competence Center Scandic Siemens Business Services (Norway)

2 Agenda Security Portfolio intro Why SmartCard? SmartCard Applications SmartCard Solution Components SmartCard Products Customer References Q&A 2

3 Siemens Business Services Security Portfolio Security Consulting - IS Policy - Network security - Vulnerability analyses - Projects - Security Solutions design - Web security - Physical security Managed security - Firewall - VPN - IDS/IPS - AAA - Remote Access - Virus control - 24/7 monitoring - Service & maintenance Virus protection/ Content- control -Servers ( ) - End devices - Content filters - SPAM filters - Virus emergency cleanup Security assessment - Penetration tests (internal and external) - Network vulnerability scan - Client/server vulnerability scan Identity Management and PKI - SmartCard - Biometrics - Single sign-on - Access control/rbac - PKI infrastructure - Encryption ( , hard disk, VPN) - Digital Signatures - Directory services Training - Product training - Security awareness training - Workshops Mobility with security Network security (Firewall, VPN, IDS/IPS, AAA, remote access, HA) Secure e/m-business 3

4 Partners 4

5 Security Token The Key to Authentication Security Tokens (e.g. Smart Cards, USB dongles) are the central components of a comfortable and secure solution for authentication and authorization in large systems. Security Tokens supports two factor authentication for strong security Security Tokens store sensitive information safe and tamperproof biometrics information personal medical history cryptographic keys for authentication info needed for logging on to networks Security Tokens are easy to use and supports many different applications Value Proposition Keys PKI Data Two factor authentication i.e. strong security No passwords (to reset) -i.e. cost reduction No passwords (to remember) -i.e. convinience Biometrics - No passwords (to steal) - i.e. security value Certificates Login Data Personal data Logins 5

6 Smart Card Smart Employee 9.00 a.m a.m a.m p.m p.m p.m p.m p.m p.m p.m. Access to company parking lot and office Time logging Authentication for booting the PC and other PC applications Paying for lunch at the canteen Leaving corporate grounds Visiting the customer Setting up a protected connection to the corporate networks while at the customer s Directly signing a proposal in PDFformat at the customer s Access to company parking lot and office Mailing a revised concept design to the customer, encoded Accounting for travel expenses via an Intranet portal using digital signature 7.00 p.m. Time logging when leaving the office 6

7 The Smart Card as Basis for Comprehensive Security Solutions Secure Payments Secure Access Time Logging ID card Signing Documents Encryption (VPN/HardDisk) / Remote Access Secure Access: -to PCs - to existing applications, e.g. HR applications - to web applications - single sign-on (SSO) 7

8 Siemens Smart Card Products SmartCard Products SmartCard with: - Infineon SLE 66 series chip and CardOS API - Other types of plastic cards (Mifare.) SmartCard readers: - PC/SC, ISO 7816 compliant Serial/USB/PC-card reader and with and without fingerprint User Applications Personalization system - Integrated with management system - Optional PKI integration - Card printer and camera Card Lifecycle Management system Access Control Systems PKI certificates E-purse solutions Bob 83S DFG 782 C E YFD 784 GEE 345 CA01 8

9 Siemens Smart Card Services PKI infrastructure Design and integration services Operations Service and Support Total SmartCard projects CMS 9

10 Customer References Industry & Automobile Manufacturers Financial Services Telecommunications Government Authorities 10

11 Benefits of Siemens Smart Card Solutions Secure Integration of the security solutions into the employee s every-day activities increases security Successful Integration of the security solutions into the business processes increases efficiency Comfortable Ease-of use of the security solution promotes the acceptance and use Return on Security Investment (RoSI) Cost reduction achieved by greater information security and uniform management Security which pays off 11

12 Dette er et eksempel til avslutning Tenk sikkerhet tenk Siemens 12