Leveraging Teamcenter security capabilities to protect your intellectual property and enable secure collaboration



Similar documents
Enabling compliance with PLM audit management

Addressing ITAR compliance with Teamcenter

Teamcenter s Records Management Application

PLM Software. Answers for industry. Siemens PLM Software. e x e c u t i v e w h i t e p a p e r

Platform extensibility services

Teamcenter Portfolio Management project-based budgeting

Product Lifecycle Sourcing enabled by Teamcenter s SRM solutions

Increase business agility and accelerate PLM return on investment

A mobility strategy for PLM users

PLM for manufacturing

Digitally transforming the medical device lifecycle

Five steps for creating a winning product portfolio

SIEMENS. Teamcenter Security Services 11.2 Release Notes TSS

Taking PLM to production with Shop Floor Connect for Teamcenter

Solid Edge Diagramming

Teamcenter document management

NX CAM 9.0.1: Generate IPW in Background

Solid Edge Insight. Siemens PLM Software. Seamlessly integrate design management, CAD and web-based collaboration in a single tool

Product and program performance tracking and reporting

Teamcenter electronic work instruction

Medical equipment development solutions. Siemens PLM Software

Integrating Teamcenter Simulation Process Management with ANSA

Establishing regulatory compliance in the medical device industry

How do we seamlessly integrate design management, CAD and web-based collaboration in a single tool?

The NX CAM-SINUMERIK advantage

Leveraging investments in your PLM solution

How do we transform your ability to support and sustain complex capital assets?

GTAC Services Asia Pacific

Siemens PLM Software

Siemens PLM Software. Energy and utilities. PLM solutions for tough industry challenges and sustained business growth. siemens.

Create, capture and deliver a systems perspective through integrated lifecycle processes and cross-discipline synchronization.

Transforming the process of innovation in

Hybrid 2D/3D design The right tool for the right job at the right time

Siemens PLM Software. GTAC Services. A guide to support services from the Global Technical Access Center (GTAC) siemens.com/gtac

Teamcenter Reporting and Analytics

Siemens PLM Software for food and beverage White Paper

Optimizing semiconductor device innovation practices and processes

Packaging equipment manufacturer cuts R&D cycle time by 17 percent

Teamcenter for supplier relationship management: strategic sourcing

Teamcenter s Service Oriented Architecture

Goal Seeking in Solid Edge

Comprehensive digital manufacturing solutions

Siemens PLM Software. Electronics Manufacturing Services. Using PLM to accelerate and optimize the production process. siemens.

Teamcenter MRO solutions

Teamcenter multi-site collaboration

NX for Tooling and Fixture Design Transforming today s processes for designing and manufacturing injection molds, dies and fixtures

Teamcenter document management

Teamcenter Service Lifecycle Management solutions

What s new in Teamcenter Service Pack

High productivity part manufacturing

Delivering quality components: Parasolid s drive for success

Solid Edge motion simulation, explode render animate

Siemens PLM Software. Oil and gas. Delivering innovative, safe and reliable products and operations. siemens.com/plm

Image-to-Implant solution for personalized medical devices

What s new in Teamcenter Service Pack

Answers for industry. TEAMCENTER. Smarter decisions, better products through end-to-end PLM. siemens.com/teamcenter

The Panoptix Building Efficiency Solution: Ensuring a Secure Delivery of Building Efficiency

Visualizing and validating product designs across your extended enterprise

Siemens PLM Software. PLM solutions for the aerospace industry. When you only have one chance to get it right

TEAMCENTER. Connecting people with product and process knowledge, powering collaboration across the product lifecycle

Tecnomatix quality management solutions. Siemens PLM Software

TEAMCENTER Smarter decisions, better products through end-to-end PLM

HIPAA COMPLIANCE REVIEW

Solid Edge structural frames and weldments

Teamcenter feature checklist

Visual solutions for product quality management

BAE Systems Military Air Solutions

White Paper. BD Assurity Linc Software Security. Overview

NERC CIP Whitepaper How Endian Solutions Can Help With Compliance

SIEMENS. Teamcenter manufacturing process management Getting Started with Manufacturing PLM

Service Oriented Architecture Integrating Teamcenter-managed product design and development with your mainstream business processes

NX Overview.

Product Data Security and Access Management. Dilip Agrawal Security PLM Lead Ford Motor Company

TECNOMATIX. Siemens PLM Software

Open Data Center Alliance Usage: Provider Assurance Rev. 1.1

How Reflection Software Facilitates PCI DSS Compliance

PLM Software. Enabling innovation through enterprise data management. Answers for industry. Siemens PLM Software

How To Secure Your Data Center From Hackers

Product overview. CA SiteMinder lets you manage and deploy secure web applications to: Increase new business opportunities

Secure Engineering Collaboration with Integrated Rights Management

PLM-driven content management Aligning product design and technical publication support functions to ensure product launch success

Oracle Directory Services Integration with Database Enterprise User Security O R A C L E W H I T E P A P E R F E B R U A R Y

Teamcenter for maintenance, repair and overhaul (MRO)

Oracle Identity Management Concepts and Architecture. An Oracle White Paper December 2003

Business-Driven, Compliant Identity Management

An Oracle White Paper September Directory Services Integration with Database Enterprise User Security

Single Sign-on (SSO) technologies for the Domino Web Server

IBX Business Network Platform Information Security Controls Document Classification [Public]

Beyond passwords: Protect the mobile enterprise with smarter security solutions

CA Unified Infrastructure Management Server

Sammitr Motors Manufacturing

Directory-enabled Lights-Out Management

The governance IT needs Easy user adoption Trusted Managed File Transfer solutions

APIs The Next Hacker Target Or a Business and Security Opportunity?

SIEMENS. Teamcenter Security Administration PLM

Support for the HIPAA Security Rule

Process planning tools support Volvo Cars expansion to Asia Pacific region

How To Secure Your System From Cyber Attacks

WHITE PAPER. Support for the HIPAA Security Rule RadWhere 3.0

Symantec App Center. Mobile Application Management and Protection. Data Sheet: Mobile Security and Management

Transcription:

Security management White Paper Leveraging Teamcenter security capabilities to protect your intellectual property and enable secure collaboration You can use Teamcenter software s security management capabilities to establish a security model for your product lifecycle management (PLM) environment and support multiple securityrelated initiatives. Once your security model is in place, you can use it to protect your environment s underlying systems and databases from unauthorized access/use, as well as to control how individual pieces of product and process information can be used and by whom. Teamcenter supports export control initiatives such as the International Traffic in Arms Regulations (ITAR), as well as standard internet security deployments and other additional security-related programs.

White Paper Security management 2 Contents Executive summary...3 Authentication, authorization and entitlement...4 Authentication...4 Authorization...4 Entitlement concepts object-based vs. rules-based control list (ACL)...5 Authorized Data Access...6 Auditing capabilities...7 Frequently asked questions...8 Conclusion...9

White Paper Security management 3 Executive summary Today s companies face a challenging dilemma. On one hand, they need to vigorously engage global partners in commercial initiatives as they pursue many of their most promising revenue-generating opportunities. Typically, these opportunities involve forming strategic alliances with partners and suppliers to take advantage of both local and international competencies. On the other hand, sharing information externally raises numerous security concerns, including but not limited to the need to protect intellectual property, as well as to comply with various contractual obligations and regulatory requirements. In essence, today s companies must be able to share information extensively as part of their collaborative product development and manufacturing processes, while at the same time protecting their intellectual property rights and mitigating the legal, financial and business risks of non-compliant and/or insecure securityrelated practices. To address these issues, Teamcenter enables you to approach security management as a strategic business initiative. You can leverage the following security-related Teamcenter capabilities to establish a secure PLM environment that lets your company share its intellectual capital with entitled suppliers and customers in accordance with a wide variety of security-related restrictions. Authentication Teamcenter determines the identity of every user who attempts to access your PLM environment, making certain that every user is, in fact, who he or she claims to be and that this person can only access data resources to which he or she is entitled. Authorization Teamcenter determines what information each user is allowed to access based on the user s identity and/or the role, group, organization or project to which the user is assigned. Audit Teamcenter provides comprehensive and configurable auditing tools that you can use to log detailed user activities performed against this controlled information and to analyze these activities using Teamcenter software s reporting and analytics capabilities or commercial off the shelf (COTS) tools. Authorized data access You can leverage Teamcenter to establish a standards-based Authorized Data Access (ADA) model that facilitates itemlevel access control over all of the product, process and manufacturing information managed by your PLM environment, including documents, CAD models and JT data. Taken together, these Teamcenter capabilities provide fine grain controls needed to protect your intellectual property, as well as the confidence you need to share information while vigorously pursuing a globalized business strategy. Just as importantly, best practice companies can leverage Teamcenter to approach security management as a strategic initiative that mitigates the legal and financial risks associated with sharing intellectual property in support of their globalization objectives. With these considerations in mind, Teamcenter provides the following security-related advantages and business benefits. Improved security Teamcenter enables your administrators to control and restrict information access on the basis of authentication, authorization and entitlement specifications. Reduced risk Teamcenter protects against future litigation by enabling you to deliver proof of regulatory and/or best practice compliance, thereby eliminating your exposure to costly penalties and enabling you to rapidly respond to legal discovery motions. Greater productivity Teamcenter enables entitled users to easily and quickly locate controlled information by focusing their searches on active, up-to-date and accurate information and eliminating time wasted using outdated, inappropriate or irrelevant data. Reduced cost Teamcenter enables your company to minimize its security-related administrative overhead by providing a single point of administration and audit control for your PLM environment that is compatible with the industry standard security infrastructure and its related conventions.

White Paper Security management 4 Authentication, authorization and entitlement Authentication Authentication is the process of determining whether someone or something is, in fact, who or what it is declared to be. Teamcenter provides a common framework to facilitate third-party authentication, including user authentication to identify users as they log-in to the PLM environment through a single challenge and at the directory level. It also uses synchronization techniques to identify users as they access Teamcenter-provided applications. Teamcenter security services provide support for standards-based username/password validation using commercial and standards-based directory servers, such as Active Directory or any server supporting the Lightweight Directory Access Protocol (LDAP) version. In addition, all Teamcenter software clients support secure internet communication protocols (HTTP with or without support for Secure Sockets Layer or HTTPS SSL encryption) so that the firewalls and proxies implemented in a data center can further prevent unwanted persons for accessing Teamcenter resources. Authorization As indicated by the accompanying table, Teamcenter facilitates authorization for users at six levels, enabling administrators to easily control user access to information managed by your PLM system. Teamcenter determines what information each user is allowed to access based on the user s identity and/or the role, group, organization or project to which the user is assigned. Teamcenter determines whether individual users have the rights/privileges required to perform a specific function or access specific information at any given point in time. Typically, Teamcenter does this by executing business rules against the authorization defined for the information in question. Level User Person Group Hierarchical group Role Project Authorization example Design group Prototype design group Data logically grouped by project External supplier group 2 Advantages Controls information access on the basis of an individual user s Teamcenter login user name and password Controls information access on the basis of an individual user s realworld identification, such as a person s name, address and phone number Provides information access to collections of people who function within an identified group Provides information access to groups of people who function within a larger hierarchical group Controls information on the basis of the role that people perform within an identified group (a group can include people who perform multiple roles while a single role can be performed in multiple groups) Controls information access by indicating that only specific types of information are available for use by multiple groups (for example, you can limit access to an information-related work product to identified project teams, development teams, suppliers and customers) Engineering group External supplier group 2

White Paper Security management 5 Authorization-controlled information is combined with the Teamcenter access manager, a rules-based access control system that you can leverage two ways. By creating rules-based access control lists (ACLs) and rules conditions configured in a rule tree. Each rule tests both the identity and affiliations of the user and plus characteristics of the data to grant or deny read and write privileges. By creating specific ACLs attached to individual information, which enables you to model exceptions to the rules-based system for specific pieces of data In both instances, these controls can be used to specify what privileges have been assigned to individual users in terms of specific functions they are allowed to perform or specific information they are allowed to access. Rules-based Rule tree objects... ACL- R W D C User A x x x x Group B x x x x Role C x R W D C User A x x x x Group B x x Role C x Objects Entitlement concepts object-based vs. rules-based control list (ACL) Object-based Objects with privileges R W D C User A x x x x Group B x x x x Role C x Privileges are defined independent within global ACL-objects The rule tree structures the object spectrum while facilitating globally defined ACLs (for run time evaluation) The system administrator defines privileges according to a given access strategy of a company Rules-based control lists are highly flexible in terms of their ability to support subsequent modifications R W D C User A x x x x Group B x x Role C x R W D C User A x x x x Group B x x Role C x Privileges are directly attached and stored with the objects Subsequent modifications of privileges may cause intensive processing

White Paper Security management 6 Authorized Data Access Teamcenter uses an Authorized Data Access model (ADA) to enable you to securely manage sensitive information and other highly valued intellectual property in accordance with export control regulations such as the U.S. International Traffic in Arms Regulations (ITAR). Regardless of whether suppliers, partners or company employees are working with your intellectual property, you can leverage Teamcenter to reduce the effort needed to comply with requirements for exporting regulated information. Similarly, you can also use the same Teamcenter capabilities to comply with corporate policies for enforcing legal requirements documented in nondisclosure agreements and supplier contracts. Restricted data List license(s) License (Auth Doc) License (Auth Doc) Grants access to Grants access to Groups Users Groups Users Teamcenter restricts access to information on the basis of terms and conditions specified by authorizing documents, including export licenses, technical assistance agreements (TAA), non-disclosure agreements and supplier controls. You can use Teamcenter to limit information access on the basis of the user s nationality, geography, security clearance, and the access time period granted by authorizing documents. You can use Teamcenter software s ADA capabilities to establish information access control by: Identifying specific users as restricted Identifying given information as restricted Enabling restricted users to access restricted information through the use of authorizing documents Validating access when any restricted user attempts to access ADA-protected information Using Teamcenter to limit restricted data through use of authorizing documents. All information (including documents, CAD models and JT data) managed by Teamcenter can be controlled through ADA. In addition, Teamcenter provides out-of-the-box rules that let you restrict access of controlled information to US persons. You can use technical authorizing agreements (export licenses) to grant individuals or groups access to controlled information. For example, a foreign person can be granted access to an ITAR-controlled document through an export license under terms authorized by the document. Our ADA solution is especially adept at reducing the administrative activities associated with establishing and enforcing export controls while at the same time providing the ability to exercise these controls as flexibly as possible.

White Paper Security management 7 Auditing capabilities Teamcenter also provides comprehensive and configurable auditing tools so that your company can monitor detailed user activity against controlled information and log this activity to external log files or to the Teamcenter database. Subsequently, you can analyze these logs using Teamcenter software s reporting and analytics capabilities or export them for later analysis using commercial off the shelf (COTS) tools such as Microsoft Excel. You can leverage Teamcenter auditing capabilities to verify that your security requirements are intact, as well as to validate that your export controls have been met by performing regulatory-related security audits. Using Teamcenter to enable administrators to grant access to an ITAR-controlled document via an export license.

White Paper Security management 8 Frequently asked questions Does Teamcenter support two factor user authentication (such as SMART cards)? Teamcenter security services can be configured to accommodate devices such as SMART cards with Kerberos on certain platforms. Does Teamcenter use a FIPS 140-2 certified encryption library? A FIPS 140-2 certified Teamcenter library is provided with Teamcenter; it is used for Secure Socket Layer (SSL) support. Does Teamcenter support either Active Directory or LDAP-compliant directory servers for username/password authentication? Teamcenter security services support authentication using either Microsoft Active Directory or other directory servers that support the LDAP v3 protocol. Does Teamcenter support either Active Directory or LDAP-compliant directory servers for user group or role authorization? Teamcenter keeps its own internal store of group and role authorizations. However, user group and role information can be updated from a directory server using one of two tools provided for that purpose. Does Teamcenter support export regulations or supplier/joint venture need to know agreements? The Teamcenter Advanced Data Access feature enables you to configure security to support and document compliance for security programs such as the ITAR and supplier confidentiality agreements.

White Paper Security management 9 Conclusion Teamcenter software s security management functionality enables you and your external partners, suppliers and customer to share product, process and manufacturing information in a secure PLM environment with confidence that each participant s intellectual property is protected in accordance with established compliance-related conventions. Teamcenter security capabilities include authentication, authorization and entitlement features that support industry standards and proven best practices. Just as importantly, Teamcenter security capabilities are designed to facilitate a cost effective security infrastructure that will enable you to assertively pursue today s promising global commercial initiatives thereby transforming security from a challenging concern into a strategic advantage.

White Paper Security management 10 About Siemens PLM Software Siemens PLM Software, a business unit of the Siemens Industry Automation Division, is a leading global provider of product lifecycle management (PLM) software and services with 6.7 million licensed seats and more than 69,500 customers worldwide. Headquartered in Plano, Texas, Siemens PLM Software works collaboratively with companies to deliver open solutions that help them turn more ideas into successful products. For more information on Siemens PLM Software products and services, visit www.siemens.com/plm. www.siemens.com/plm All rights reserved. Siemens and the Siemens logo are registered trademarks of Siemens AG. D-Cubed, Femap, Geolus, GO PLM, I-deas, Insight, JT, NX, Parasolid, Solid Edge, Teamcenter, Tecnomatix and Velocity Series are trademarks or registered trademarks of Siemens Product Lifecycle Management Software Inc. or its subsidiaries in the United States and in other countries. All other logos, trademarks, registered trademarks or service marks used herein are the property of their respective holders. 2011 Siemens Product Lifecycle Management Software Inc. X4 25097 6/11 C Siemens Industry Software Headquarters Granite Park One 5800 Granite Parkway Suite 600 Plano, TX 75024 USA 1 972 987 3000 Fax 1 972 987 3398 Americas Granite Park One 5800 Granite Parkway Suite 600 Plano, TX 75024 USA 1 800 498 5351 Fax 1 972 987 3398 Europe 3 Knoll Road Camberley Surrey GU15 3SY United Kingdom +44 (0) 1276 702000 Fax +44 (0) 1276 702130 Asia-Pacific Suites 6804-8, 68/F Central Plaza 18 Harbour Road WanChai Hong Kong 852 2230 3333 Fax 852 2230 3210

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information