Securing your Web Applications Subbaraju Uppalapati Manager, Software
17 Slides397.50 KB
Securing your Web Applications Subbaraju Uppalapati Manager, Software Engineering Identity & Security BU, Novell
Agenda 2 Security Concerns for Web Applications Solutions Products and Vendors Evolving Needs Discussion Novell, Inc. All rights reserved.
Security Concerns
Breaking down security concerns Trust Manageability Provisioning and Deprovisioning of users Roles-based access Policy-driven management Confidentiality Integrity Authentication Authorization Non-repudiation Multiple Identities Financial Audit, logging, reporting Cost to refactor traditional applications 4 Novell, Inc. All rights reserved. Novell, Inc. All rights reserved. Contractual Compliance violations Resource access Monitoring Business service mgmt SLAs, e.g., 99.99% uptime Intellectual property issues
Security Concerns - Solutions
SSL Trust Manageability Provisioning and Deprovisioning of users Roles-based access Policy-driven management Confidentiality Integrity Authentication Authorization Non-repudiation Multiple Identities Financial Audit, logging, reporting Cost to refactor traditional applications 6 Novell, Inc. All rights reserved. Novell, Inc. All rights reserved. Contractual Compliance violations Business service mgmt SLAs, e.g., 99.99% uptime Intellectual property issues
Access Management Trust Manageability Provisioning and Deprovisioning of users Roles-based access Policy-driven management Confidentiality Integrity Authentication Authorization Non-repudiation Multiple Identities Financial Audit, logging, reporting Cost to refactor traditional applications 7 Novell, Inc. All rights reserved. Novell, Inc. All rights reserved. Contractual Compliance violations Business service mgmt SLAs, e.g., 99.99% uptime Intellectual property issues
Access Management User Attributes Authorization Policy Authentication Authorization Decision Password Biometric Smartcard etc. User 8 Novell, Inc. All rights reserved. Novell, Inc. All rights reserved. Assertion Permit or Deny Request Application
Identity Management Trust Manageability Provisioning and Deprovisioning of users Roles-based access Policy-driven management Confidentiality Integrity Authentication Authorization Non-repudiation Multiple Identities Financial Audit, logging, reporting Cost to refactor traditional applications 9 Novell, Inc. All rights reserved. Novell, Inc. All rights reserved. Contractual Compliance violations Business service mgmt SLAs, e.g., 99.99% uptime Intellectual property issues
Identity Management What is the process for Provisioning identities? Guarding them? De-provisioning with role changes? Password synchronization across multiple systems Policy based workflow 10 Novell, Inc. All rights reserved.
SIEM Trust Manageability Provisioning and Deprovisioning of users Roles-based access Policy-driven management Confidentiality Integrity Authentication Authorization Non-repudiation Multiple Identities Financial Audit, logging, reporting Cost to refactor traditional applications 11 Novell, Inc. All rights reserved. Novell, Inc. All rights reserved. Contractual Compliance violations Resource access Monitoring Business service mgmt SLAs, e.g., 99.99% uptime Intellectual property issues
SIEM How do you find out what’s going on inside your vendor’s data center? How do you check up on SLA terms? Can you reconcile information you do receive with the rest of your compliance data? 12 Novell, Inc. All rights reserved.
Products and Vendors IAM IBM – TIM/TAM CA - SiteMinder Oracle IAM Novell – IDM/NAM 13 Novell, Inc. All rights reserved. Novell, Inc. All rights reserved. SIEM ArcSight RSA - enVision Novell - Sentinel
Evolving Needs
Creating IT Administration Nightmare User data/ permissions User data/ permissions User data/ permissions User data/ permissions Users Enterprise Challenge IT Department User data/ permissions Apps Multiple Username/ passwords Multiple identity silos Disparate administration tools 15 ChallengeDirectory User data/ Systems/ in timely de-provisioning accounts of permissions tools ex-employees Novell, Inc. All rights reserved.
Better integration of IAM and SIEM across PVC 16 SaaS adoption is projected to increase three-fold to 14 Billion by 2012 according to Gartner Secure data should reside within Enterprise Increased proliferation of Web Services and Security needs for the same How do I manage secure channel b/w multiple cloud vendors? Novell, Inc. All rights reserved.
Discussion – Thank You
