Post on 26-Dec-2015
transcript
Energy Ecosystem
Overview
David Miller
Chief Security Officer
Covisint Summary
“In a league of their o
wn with no
direct competitors” – ID
C Research
“In a league of their o
wn with no
direct competitors” – ID
C Research
World’s Largest, Global B2B Ecosystem• Automotive• Energy• Financial Services• Healthcare• Travel
Global Business:• Detroit (MI)• Frankfurt (Germany)• Shanghai (China)
Analyst Recognition: “Covisint has been a visionary in
leveraging the cloud” – Gartner
“Covisint has been a visionary in
leveraging the cloud” – Gartner
$800 million investment
18,000,000+ Identities
Issues in Energy Industry
Visibility Trust Compliance
Technology Cost Change UserExperience
Issues in Energy Industry
Visibility Trust Compliance
Technology Cost Change UserExperience
Issues in Energy Industry
Visibility Trust Compliance
Technology Cost Change UserExperience
Visibility Trust Compliance
Technology Cost Change UserExperience
IdentityLifecycle
Management
FederationManagemen
t
Audit andAttestation
Brokeringand
ProtocolTrans
SSO, Portals andDashboards
SaaS -Always up
to Date
SaaS -Lower TCO
Energy Industry Solution
Shell Oil
JointVentures
Contractors
BusinessPartners
Employees
ExecutiveLeadership
Suppliers
Shell OilEcosystem
Challenges:
Diverse, loosely coupled workforce with
special identity and security requirements.
Need to provide provisioning services for
~ 750,000 identities of contractors and joint
ventures
Goal = Institute highly secure provisioning
throughout extended workforce
Results:
Quick provisioning and de-provisioning
Improved security and auditing
Better security visibility across contractors and joint ventures
How Covisint helped Shell?
Phase I: Implement Basic Identity Lifecycle Management• Single point of administration for JV’s, partners, suppliers, and other
extended enterprise identities
• Invite and register organizations
• Delegate authority and administration
• Invite, register & credential end users via self-service
• Orchestrated application provisioning
• Attestation features
• Strong audit & reporting capabilities
Phase II: Enhanced Identity Lifecycle Management• Rich user profiles for employees of JV’s, partners, suppliers, and other
extended workforce constituents
• Role definitions and assignments (leveraging delegated model)
• Service package definitions and assignments (leveraging roles and rules)
• Request & Approval workflows
• Federated provisioning:• On first federation (SAML)
• Web services (SPML)
• Administrator managed (orchestrated, manual)
• Identity Synchronization (IDSync)
Phase III: Federated Single Sign-on• Outbound Federation: your users accessing externally hosted
applications connected to Covisint
• Inbound Federation: external users accessing your applications connected to Covisint
• Federated Sign On: User credentialed by your organization or a third party federate inbound or outbound via Covisint
• Direct Authentication: Users that are credentialed by Covisint sign in directly to Covisint, and subsequently federate to your applications or externally hosted applications connected to Covisint
Benefits Shell has seen
Benefits of Cloud Model • Lower Total Cost of Ownership• Expenses are operational - rather than capital• Time to market• Speed to value• Enhanced security posture• Focus on your core competencies• Covisint's experience = reduced project risk
Thank you.