sislink11 - cloud security, identity en social login in het onderwijs: studenten aan de macht! -...
DESCRIPTION
TRANSCRIPT
People Matter, Results Count
Studenten aan de macht!Cloud security, identity en social login in het onderwijs
Hans Scholten, CISSP CISA
Manager Security, Risk & Compliance
Capgemini ITS
Information Security | the way we see it
The interesting thing about cloud computing is that we've redefined cloud
computing to include everything that we already do. I can't think of anything that
isn't cloud computing with all of these announcements.
The computer industry is the only industry that is more fashion-driven than
women's fashion.
Maybe I'm an idiot, but I have no idea what anyone is talking about. What is it?
It's complete gibberish. It's insane. When is this idiocy going to stop?
Een definitie van Cloud Computing…
© 2011 Capgemini. All rights reserved 2
Larry Ellison, August 2008
Information Security | the way we see it
Hoe veilig is de cloud?
© 2011 Capgemini. All rights reserved 3
Kenmerken?• 984 cc motor• watergekoeld, horizontaal
gelegen cilinder• 0,9 pk bij 400 toeren/minuut• 1450 mm wielbasis• 2547 mm lengte• 1454 mm breedte• 313 kg drooggewicht• Max. 15 km p/u• Benzine
Veiligheid?• Slechte remmen• Slecht stuur• Geen verlichting• Geen airbags, gordels, etc.• Geen ESP, SIPS, ABS, etc.• Geen kooicontructie• Geen motorkap
Information Security | the way we see it
Wie durft de cloud in?
© 2011 Capgemini. All rights reserved 4
Durft u hier 120 km per uur te rijden?
En zonder rem?
Information Security | the way we see it
IT Consumerization
© 2011 Capgemini. All rights reserved 5
Information Security | the way we see it
IT Consumerization
© 2011 Capgemini. All rights reserved 6
Information Security | the way we see it
It’s all about Apps
© 2011 Capgemini. All rights reserved 7
Information Security | the way we see it
Context Based Identity
© 2011 Capgemini. All rights reserved 8
Persoon
Henk Janssen
- Directeur Hogeschool
- RvB
- Username/password
Applicatie
- Internet Explorer
- No TLS/SSL
Device
- Apple iPhone
- 00:AE:2F…:EF (Mac-address)
- F00:…:3412 (IPv6 address)
- Geen client certificate
Context
Identity
Attribuut
Attribuut
Attribuut
Identity
Attribuut
Attribuut
Attribuut
Identity
Attribuut
Attribuut
Attribuut
Persoon Applicatie Device
1. Identity is de som van de attributen!
2. Context is: Wie, Wat, Waar, Wanneer en Hoe!
3. De volledige context is de som van alle betrokken identities!
…en onthoud: Neem nooit beslissingen zonder context!
Information Security | the way we see it
Context Based Identity
© 2011 Capgemini. All rights reserved 9
Identity Only
Henk Janssen
Identity + Role
Henk Janssen
Directeur
RvB
Context Based
Henk Janssen
Directeur
RvB
iPhone
No TLS/SSL
Usrname/Pwd
Access Granted! Access Granted! Access Denied!
Information Security | the way we see it
IAM Roadmap
© 2011 Capgemini. All rights reserved 10
Integrated Identity
Rule Based Access Control
AdvancedSelf Service
Business Process
Alignment
Role Based Access Control
Delegated Administration
FederationContext Based Access Control
User CentricIdentity
Execution
Tactical
BusinessAligned
EcosystemAligned
Reactive Managed Agile
Min
ds
et
Information Security | the way we see it
Overal accounts
© 2011 Capgemini. All rights reserved 11
Information Security | the way we see it
Maar ook…
© 2011 Capgemini. All rights reserved 12
Information Security | the way we see it
Studenten aan de macht!
© 2011 Capgemini. All rights reserved 13
Studenten willen……niet elke keer nieuwe accounts
…eigen devices kunnen gebruiken
…meerdere devices kunnen gebruiken
…overal en nergens kunnen werken
…wel Single Sign-on
…wel eenvoudig registreren
…op één plek hun gegevens kunnen wijzigen
Information Security | the way we see it
Studenten aan de macht!
© 2011 Capgemini. All rights reserved 14
Studenten willen……niet elke keer nieuwe accounts
…eigen devices kunnen gebruiken
…meerdere devices kunnen gebruiken
…overal en nergens kunnen werken
…wel Single Sign-on
…wel eenvoudig registreren
…op één plek hun gegevens kunnen wijzigen
Information Security | the way we see it
Hoe dan?
© 2011 Capgemini. All rights reserved 15
Social Login Registreer ‘CRM’ Personaliseer
Information Security | the way we see it
© 2011 Capgemini. All rights reserved 16
Information Security | the way we see it
Cloud diensten
© 2011 Capgemini. All rights reserved 17
Information Security | the way we see it
Capgemini Immediate Framework
© 2011 Capgemini. All rights reserved 18
Information Security | the way we see it
Capgemini Immediate Framework
© 2011 Capgemini. All rights reserved 19
Information Security | the way we see it
Gelaagde Security
© 2011 Capgemini. All rights reserved 20
Information Security | the way we see it
Vragen?
© 2011 Capgemini. All rights reserved 21
Information Security | the way we see it
Hans F. Scholten CISSP CISA
Principle Consultant, Capgemini ITS
twitter.com/hansfscholten
( #ZeroIT, #CapgeminiSRC)
of kijk op
http://immediate.capgemini.com/
Meer weten?
© 2011 Capgemini. All rights reserved 22