Trust: When Physical and Logical Security Worlds Collide



Similar documents
TNC is an open architecture for network access control. If you re not sure what NAC is, we ll cover that in a second. For now, the main point here is

Security Orchestration with IF-MAP

Orchestrated Security Network. Automated, Event Driven Network Security. Ralph Wanders Consulting Systems Engineer

Trusted Network Connect (TNC)

Security Coordination with IF-MAP

IF-MAP Use Cases: Real-Time CMDB, and More

ARCHITECT S GUIDE: Comply to Connect Using TNC Technology

ARCHITECT S GUIDE: Mobile Security Using TNC Technology

Internet Technologies for Digital Libraries

Potential Targets - Field Devices

IF-MAP Overview. Jan Ursi Technical Director EMEA Infoblox Inc. All Rights Reserved.

Secure Content Automation Protocol (SCAP): How it is increasingly used to automate enterprise security management activities

Network Access Control (NAC) and Network Security Standards

Manage and secure your workplace by controlling who, what, when, why, where and how people are allowed in your facility. Marquee

Required changes to Table 6 2 in FIPS 201

SCADA Security. Enabling Integrated Windows Authentication For CitectSCADA Web Client. Applies To: CitectSCADA 6.xx and 7.xx VijeoCitect 6.xx and 7.

Achieving Universal Secure Identity Verification with Convenience and Personal Privacy A PRIVARIS BUSINESS WHITE PAPER

Audio: This overview module contains an introduction, five lessons, and a conclusion.

Guard All Security Symposium. Identity and Access Management

Verifone Enhanced Zone Router

Introduction to SAML

INTERNATIONAL JOURNAL OF PURE AND APPLIED RESEARCH IN ENGINEERING AND TECHNOLOGY

Westcon Presentation on Security Innovation, Opportunity, and Compromise

VDI can reduce costs, simplify systems and provide a less frustrating experience for users.

What is NAS? Why NAS? Brief Introduction to Synology NAS

solutions Biometrics integration

Comodo LoginPro Software Version 1.5

FREEDOM ACCESS CONTROL

Identiv is a publicly traded company and its common stock is listed on the NASDAQ Capital Market in the U.S. under the symbol INVE.

Exploring Converged Access of IT Security and Building Access Today, Tomorrow and the Future

TNC: Open Standards for Network Security Automation. Copyright 2010 Trusted Computing Group

Cisco Integrated Video Surveillance Solution: Expand the Capabilities and Value of Physical Security Investments

Where are Organizations Today? The Cloud. The Current and Future State of IT When, Where, and How To Leverage the Cloud. The Cloud and the Players

IT Networking and Security

PaperClip. em4 Cloud Client. Manual Setup Guide

Autodesk PLM 360 Security Whitepaper

ADDING STRONGER AUTHENTICATION for VPN Access Control

Department of Veteran Affairs. Fred Catoe Office of Cyber and Information Security AAIP Project Manager March 2004

Identity & Access Management The Cloud Perspective. Andrea Themistou 08 October 2015

Why Can t We Be Friends?

White Paper: Managing Security on Mobile Phones

Security Issues in Cloud Computing

What s New in Juniper Networks Secure Access (SA) SSL VPN Version 6.4

Strong Authentication for Future Web Applications

Derived credentials. NIST SP ( 5.3.5) provides for long term derived credentials

Smart Integration of Wireless Temperature Monitoring System with Building Automation System

Critical Controls for Cyber Security.

SAP SECURITY CLEARING THE CONFUSION AND TAKING A HOLISTIC APPROACH

Smart Card Deployment in the Data Center: Best Practices for Integrating Smart Card Authentication in a Secure KVM Environment

National Cyber Security Framework and Protocol. for securing digital information in networked critical infrastructures and communications

9. Database Management Utility

Content Delivery Service (CDS)

The Protection Mission a constant endeavor

THE BLUENOSE SECURITY FRAMEWORK

Connected Intelligence and the 21 st Century Digital Enterprise

M2M & Internet of Things Opportunities

A Systems Approach to HVAC Contractor Security

Contactless Solutions

Consensus Policy Resource Community. Lab Security Policy

How To Manage A Privileged Account Management

SIMPLIFYING THE PATCH MANAGEMENT PROCESS

Shared Infrastructure: What and Where is Collaboration Needed to Build the SM Platform?

Additional Security Considerations and Controls for Virtual Private Networks

National Cybersecurity Challenges and NIST. Donna F. Dodson Chief Cybersecurity Advisor ITL Associate Director for Cybersecurity

CONECTIVIDAD EN LA ERA DEL IOT THE INTERNET OF THINGS

e-governance Password Management Guidelines Draft 0.1

Secure any data, anywhere. The Vera security architecture

S ERV I S I O N A P P L I C A T I O N M U L T I C L I E N T. Copyright Copyright 2011 SerVision Inc. All Rights Reserved.

Extending Identity and Access Management

DIVAR IP 3000 / Video Management Appliance and Bosch Video Security Mobile APP

Fingerprint Identity User Manual for the Griaule Biometric Framework Rev 1.00

If you can't beat them - secure them

Your Data, Any Place, Any Time.

Information Technology Branch Access Control Technical Standard

Information Security. Rick Aldrich, JD, CISSP Booz Allen Hamilton

Hong Kong Information Security Outlook 2015 香 港 資 訊 保 安 展 望

Active Network Defense: Real time Network Situational Awareness and a Single Source of Integrated, Comprehensive Network Knowledge

Microsoft SharePoint Architectural Models

EMC Physical Security Enabled by RSA SecurID Two-Factor Authentication with Verint Nextiva Review and Control Center Clients

A New Layer of Security to Protect Critical Infrastructure from Advanced Cyber Attacks. Alex Leemon, Sr. Manager

Mobile. Pull. Solution. Print. and. Get true printing flexibility and document security with EveryonePrint

AT&T Global Network Client Client Features Guide. Version 9.6

Transcription:

Trust: When Physical and Logical Security Worlds Collide Bob Beliles VP. Enterprise Business Development Hirsch Electronics Copyright 2009 Trusted Computing Group

Copyright 2009 Trusted Computing Group Other names and brands are properties of their respective owners. Slide #2

Convergence a Typical Security Perspective Usually One or the Other A Common Infrastructure Eliminates separate networks IP-based Greater accessibility to information Interoperability with security applications / systems New uses via connection to non-physec systems / applications A Common Credential Authenticate Individual Policy based Facility / room, etc PC, logical / network assets Instant and global use / privileges Extension to cafeteria and other purchases Copyright 2009 Trusted Computing Group Other names and brands are properties of their respective owners. Slide #3

When Security Worlds Collide Trust Must Be Created Smart Credentials With Strong Authentication Common, Secure Communications Infrastructure Trust Data Protection At Rest & In Transit Copyright 2009 Trusted Computing Group Other names and brands are properties of their respective owners. Slide #4

Trust with Policy-Based Enforcement The Access Control Ecosystem Files, databases / data located anywhere in the cloud. Single device or asset, i.e. a PC, a phone, etc. Digital Identities Communications infrastructure (routers, switches) connects PCs, servers, storage. Buildings, rooms, roads, etc. Aggregates sensors (contacts, credentials, video, audio), policy based response. Copyright 2009 Trusted Computing Group Other names and brands are properties of their respective owners. Slide #5

The Converged Vision From Credential to Cloud Copyright 2009 Trusted Computing Group Other names and brands are properties of their respective owners. Slide #6

Trust Enablers Smart Credentials, Systems and Standards Smart & Secure Credentials Multi-factor Authentication Encryption Certificates Secure Devices / Systems Network security features Encryption Certificates Standards & Processes FIPS 140 & 201 Trusted Network Connect Copyright 2009 Trusted Computing Group Other names and brands are properties of their respective owners. Slide #7

Pervasive Security: Cyber Meets Physical Tailgating / No Badge-In = No Access Reader bypassed, employee tailgates Panel receives no information Server has employee logged as outside building Access Requestor! Policy Enforcement Point Policy Decision Point Metadata Access Point! Sensor Flow Controller Copyright 2009 Trusted Computing Group Other names and brands are properties of their respective owners. Slide #8

Pervasive Security: Cyber meets Physical Presence Enables Network Access Readers capture / pass credential info Panel authenticates identity and enforces policy Hirsch Velocity with PACE Gateway server converts messages to IF-MAP events and vice-versa!!!! IF-MAP Event Messages Access Requestor Policy Enforcement Point Policy Decision Point Metadata Access Point Sensor Flow Controller!! Copyright 2009 Trusted Computing Group Other names and brands are properties of their respective owners. Slide #9

The Converged Enterprise Copyright 2009 Trusted Computing Group Other names and brands are properties of their respective owners. Slide #10

Summary and Key Take-Aways Trust Enables Pervasive Security When: All system elements are properly secured, vetted and authorized Enabled through digital identities and encrypted data (at rest & transit) Physical, device, logical and network access control are tied together Copyright 2009 Trusted Computing Group Other names and brands are properties of their respective owners. Slide #11

Thank You For More Information TCG Playground TCG Cocktail Party Hirsch Booth 856 Presentation: Does Physical Security on the Network Create New Vulnerabilities?" Orange #305, Friday 11:10am www.hirschelectronics.com Bob Beliles rbeliles@hirschelectronics.com Copyright 2009 Trusted Computing Group Other names and brands are properties of their respective owners. Slide #12

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information