Identity Management. SmartCities



Similar documents
Introduction to Identity and Access Management for the engineers. Radovan Semančík April 2014

Identity Management with midpoint. Radovan Semančík FOSDEM, January 2016

Open Source Identity Management

IDENTITY MANAGEMENT AND WEB SECURITY. A Customer s Pragmatic Approach

Business and Process Requirements Business Requirements mapped to downstream Process Requirements. IAM UC Davis

Identity Governance Evolution

Achieving HIPAA Compliance with Identity and Access Management

DirX Identity V8.5. Secure and flexible Password Management. Technical Data Sheet

Identity and Access Management for the Hybrid Enterprise

Identity Management Basics. OWASP May 9, The OWASP Foundation. Derek Browne, CISSP, ISSAP

How to leverage SAP NetWeaver Identity Management and SAP Access Control combined solutions

Protected Trust Directory Sync Guide

The School Board of Palm Beach

Identity & Access Management new complex so don t start?

Identity and Access Management

midpoint Overview Radovan Semančík December 2015

Role Based Identity and Access Management Basic Infrastructure for New Citizen Services and Lean Internal Administration

Identity and Access Management PI-1 Demo. December 2, 2014 Tuesday 10:00 A.M. 6 Story Street

SchoolBooking SSO Integration Guide

Identity Management with SAP NetWeaver IdM

University of Maine System Active Directory Services - RFP# ADDENDUM #01

Tools4ever Identity and Access Management. A step-by-step transition from requirement to realization

DirX Identity V8.4. Secure and flexible Password Management. Technical Data Sheet

G Cloud 6 CDG Service Definition for Forgerock Software Services

Automated User Provisioning

Gabriel Magariño. Software Engineer. Overview Revisited

Getting the Most From. Your Help Desk

(A) User Convenience. Password Express Benefits. Increase user convenience and productivity

The Unique Alternative to the Big Four. Identity and Access Management

Securing your business

FaxCore 2007 Getting Started Guide (v1.0)

qliqdirect Active Directory Guide

Course 50382A: Implementing Forefront Identity Manager 2010 OVERVIEW

Directory Integration with Okta. An Architectural Overview. Okta Inc. 301 Brannan Street San Francisco, CA

Manage Oracle Database Users and Roles Centrally in Active Directory or Sun Directory. Overview August 2008

aaps algacom Account Provisioning System

Entrust IdentityGuard Comprehensive

OneLogin Integration User Guide

Protect Everything: Networks, Applications and Cloud Services

Het Dynamisch Datacenter uitgelicht. Arne Peleman

Approaches to Enterprise Identity Management: Best of Breed vs. Suites

CA Single Sign-On Migration Guide

Identity and Access Management. An Introduction to IAM

Integrating Autotask Service Desk Ticketing with the Cisco OnPlus Portal

First-hand Information about the Enhanced Functionality and Integration Options Within SAP NetWeaver Identity Management 7.2

SAP Identity Management Overview

Centrify Cloud Connector Deployment Guide

QliqDIRECT Active Directory Guide

Infrastructure security Active Directory and beyond.

The Top 5 Federated Single Sign-On Scenarios

Single Sign On. SSO & ID Management for Web and Mobile Applications

Configuration Guide for Active Directory Integration

SAP Identity Management Overview

STATE OF NEW YORK IT Transformation. Request For Information (RFI) Enterprise Identity and Access Management Consolidated Questions and Responses

Directory Integration with Okta. An Architectural Overview. Okta White paper. Okta Inc. 301 Brannan Street, Suite 300 San Francisco CA, 94107

Administration Guide for the System Center Cloud Services Process Pack

ABOUT TOOLS4EVER ABOUT DELOITTE RISK SERVICES

Oracle Identity Manager (OIM) as Enterprise Security Platform - A Real World Implementation Approach for Success

Active Directory Self-Service FAQ

Interoperable Provisioning in a Distributed World

Security Best Practices for Microsoft Azure Applications

5 Day Imprivata Certification Course Agenda

Total Cost of Ownership Overview ADFS vs OneLogin WHITEPAPER

UNI. UNIfied identity management. Krzysztof Benedyczak ICM, Warsaw University

Documentation. CloudAnywhere. Page 1

managing SSO with shared credentials

ALTIRIS Package Server

Architecture Guidelines Application Security

Open Data Center Alliance Usage: Identity Management Interoperability Guide rev. 1.0

Password Management Guide

Feature Comparison. Help Desk. Ticket Management. to Ticket. Fully Customizable User Interface. Escalation Rules.

Enterprise Identity Management Reference Architecture

SAP Secure Operations Map. SAP Active Global Support Security Services May 2015

Cloud Services Catalog with Epsilon

POLICY Identity Access Management. Number: G 0900 Date Published: 18 February 2014

CL_50382 Implementing Forefront Identity Manager 2010

Integrated Identity and Access Management Architectural Patterns

IBM Tivoli Composite Application Manager for Microsoft Applications: Microsoft Exchange Server Agent Version Fix Pack 2.

Azure Active Directory

Identity and Access Management Integration with PowerBroker. Providing Complete Visibility and Auditing of Identities

Alex Wong Senior Manager - Product Management Bruce Ong Director - Product Management

Extending Identity and Access Management

MS 20341B: Core Solutions of Microsoft Exchange Server 2013

Integrating OID/SSO with E- Business Suite and Third-Party SSO Solutions. Presented by Paul Jackson (Norman Leach)

Introduction. Connection security

ActiveRoles Server v 6.7

Password Self-Service for Novell edirectory. Brent McCormick Novell Corporate Technology Strategist

The Emerging Infrastructure for Identity and Access Management

SELF SERVICE RESET PASSWORD MANAGEMENT DATABASE REPLICATION GUIDE

IDENTITY MANAGEMENT ROLLOUT: IN A HURRY. Jason Blackader, UNIX Systems Administrator

Configuring the Cisco SPA9000 Voice System with the Cyberdata VoIP Intercom for Door Bell Applications

Transcription:

Identity Management SmartCities Thursday May 7th 2009

Information Security at Digipolis SaRMA-model: Self Assessment, Risk-analysis, Maturity and improvement Actions Based on the ISO 17799 standard Code voor Informatiebeveiliging : Security policy Organization of information security Inventory, management and classification of information assets Security aspects linked to human resources Physical and environmental security Communications and operations management Access Control Information systems acquisition, development and maintenance Business Continuity Management Compliance Long term project: started in 2007, subprojects per topic Continuous improvement process

Introduction Who? For the customers of Digipolis Ghent and Antwerp and Digipolis itself City of Antwerp City of Ghent OCMW Ghent OCMW Antwerp Local Police Antwerp VZW s, Autonoom Gemeentebedrijven, a.o. By SIEMENS IT Solutions & Services with the DirX-solution and by Digipolis

Purpose of the IDM system Automatic creation of identities based on HR data Automatic creation of identities based on manual input Automatic creation of accounts in target systems Automatic distribution of standard access rights Automatic withdrawal of accounts and access rights when the person is leaving or when a change in assignment occurs Request, process, grant and withdraw access rights upon request. Self-Service: password reset, request for access rights

Prerequisites & Dependencies Centralized management of the identities (logging & auditing) Target systems remain autonomous Accounts are being linked to groups in target systems Target systems control and decide which access rights are granted to the groups Domain separation Ghent/Antwerp (on user and management level) Identical platform for Ghent and Antwerp Redundant setup in 2 datacenters in Antwerp using virtualisation Possible expansion of the scope with additional target and source systems Take existing processes and procedures into consideration which are being used within the different administrations and which are related to HR.

Integration Antwerp/Ghent Antwerp: Source systems: Peoplesoft HR system SDWORX SAP HR Manual input Target systems: Active Directory Exchange DTB (.NET-applications) Manual Ghent: Source systems CEVIPS city Ghent CEVIPS OCMW Ghent Manual input Target systems: Active Directory Exchange Wie is Wie Stad Gent applications Manual provisioning/ INFRA

Integration Antwerp/Ghent

Digipolis Platform topology - AD Bronsystemen Handmatige Invoer SDWORX Peoplesoft HR CEVIPS Stad Gent CEVIPS OCMW Gent Handmatige Invoer DirX Web Center DirX Identity DirX Directory Identity Store Centraal Digipolis DirX Systeem Antwerpen Gent Handmatige Forest Trust Antwerpen.local Forest Trust Forest Trust Forest Trust GIGA Interforest Trust ADOCMW GENT Handmatige DIGANT STAD OCMW Interforest Trust GENT GRP Active Directory Doelsystemen DEV RTE Active Directory Doelsystemen Doelsystemen

Components Diagram of the Solution Digipolis IAM Beheerder Beheerders Eindgebruikers Bronsystemen AD Beheer Self-Service Applicaties Werkplektoegang Peoplesoft HR SDWORX Handmatige Invoer Cevips Stad Gent Cevips OCMW Gent Handmatige Invoer Sync Sync Sync Sync Directory Manager DirX Directory Directory Server & Data Repository LDAP Server DSA Server DBAM Database Monitoring Logging Clients Identity Manager Identity Server Identity Services Identity Integration Framework Scheduling Recovery & Retry Notification Auditing, Logging & Statistics Monitoring DirX Identity Web Admin Policy Execution Privilige Execution Request Workflows Event Triggered & Scheduled Workflows Web Center DirX Identity Web Center Connector Integr. Framework Agent Integration Framework Identity Web Services & API SPML, LDAP, SOAP, Message Queues, DirX Server Platforms, LAN, WAN Agents & Agents & Connectors Connectors DirX Product Suite MS AD AD Password Listener MS AD AD Password Listener MS AD AD Password Listener MS AD AD Password Listener MS AD AD Password Listener digant.antwerpen.local stad.antwerpen.local ocmw.antwerpen.local gentgrp.gent.be adocmwgent.be Handmatige Antwerpen Monitoring & Auditing Beheerder Overige Doelsystemen Handmatige Gent

Functional Domain Separation

IDM Evolution in 2010 RBAC Roll Based Access Control Integrate SAP as a target system Single Sign On (SSO) Additional application integrations (physical access control, time registration) Federation

Q&A?

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information