Security in a Global World Identity Management Trends - IBM · How do I successfully implement my...

IBM Global Services

© Copyright IBM Corporation 2004

Security in a Global WorldIdentity Management Trends

ITSM and Security ConferenceHong Kong, July 19th, 2006

Michel BobillierGlobal Offering ExecutiveIBM Security and Privacy Services

Security in a Global World - Identity management trends | 10-Aug-062

IBM Global Services


Agenda

1. Illustrate the Business Challenge created by security

2. Highlight the transformation underway

3. Review trends in identity management


IBM Global Services


Some important current market dynamics impacting security

Increasingly serious and more rapid cyber threats

New technologies drive new/different risks

Integration of physical and logical security

Increasing interest for outside help (skill availability, focus on the core business)

Increasing interest in integrated solutions versus point technologies

Regulatory compliance includes a dependency on security (data management)

Security and privacy are now boardroom issues


IBM Global Services


Security breaches published regularly demonstrate the spread of the menace

Phishing attacks against over two dozen European banks were detected by security firm Websense last weekendThe Register, Sept. 20, 2005

Dutch suspects arrested earlier this month controlled some 1.5 million computers as part of a worldwide bot net, not 100,000 as first thought.Associated Press, Oct. 20th, 2005

Fraudsters use iPodsto steal company informationThe Guardian, June 14, 2005

About 1 in 4 Internet users are hit with e-mail scams every month that try to lure sensitive personal information fromunsuspecting consumersCNN.com, Dec. 7th, 2005MasterCard says 40 million

files are put at risk. New Your Times, May 18, 2005

The number of bank accounts accessed illegally by a New Jersey cybercrime ring has grown to 676,000, according to police investigators.ComputerWorld, May 20, 2005

Estimated number of infected PCs = 47 million or 7% worldwidesecurityfocus.com, April 25, 2006


IBM Global Services


Security threats are growing in numbers and sophisticationIncidents reported

0

20'000

40'000

60'000

80'000

100'000

120'000

140'000

1994 1995 1996 1997 1998 1999 2000 2001 2002 2003

(Source:www.cert.org/stats/cert_stats.html)

• The incidents reported are growing exponentially years after years

• The focus, creativity and sophistication of these attacks has reached unprecedented levels

• The weaker point of the chain is often the target. Today: the end user and wireless networks

• Active reported Phishing sites are sharply on the rise

Financial Impact of Major Malware Attacks 1999-2004 ($B)

0123456789

10

1999

Exp

lorer

Meliss

a

2000

Lov

e Bug

1001

SirC

amCod

e Red

Nimda

2002

Klet

zBug

Bear

Badtra

nds

2003

Slam

merNac

hiSoB

ig20

04 K

orgo

Sober

Bagle

NetSck

ySas

ser

MyDoo

m

Financial Impact of Major Virus Attacks 1995-2004 ($B)

0

2

4

6

8

10

12

14

16

18

20

1995 1996 1997 1998 1999 2000 2001 2002 2003 2004

(Source: Computer Economics, May 2005


IBM Global Services


Phishing is up according to IBM Security Index and other sources

Phishing, Pharming, Spyware, Malware, Ransomware, Phrauding, Botnets, Zombies…

• Based on 237 million security attacks during one semester last year • Resurgence of targeted phishing attacks for money laundering and identity fraud purposes• More and more astute in the creation and delivery of such attacks• Hackers have turned toward more criminal and lucrative areas • Email stays a major infection vehicle• During one quarter, 35 million attacks specifically designed to steal critical data for financial gains

(Source: Network World, May 22, 2006) (Source: MessageLabs Intelligence, May 2006)


IBM Global Services


Real losses are encountered. Amount by category according to 2006 FBI/CSI survey

Dollar Amount of Losses by Type (M$)

0 2 4 6 8 10 12 14 16 18

Web site defacement

Sabotage

Misuse of public web apps

Instand messaging misuse

Phishing (you represented as sender)

System penetration from ousider

Bots (zombie) withing org

Telecome fraud

Insider Net abuse

Financial Fraud

Denial of service

Theft of Proprietary Info

Laptop or mobile HW theft

Unauthorized access

Virus contamination

Source: Computer Security Institute, CSI/FBI Spring 2006 Computer Crime and Security Survey, N = 313

Likely Sources of Attack:11% 10%

32%16%

31%

Foreign GvtForeign CorpIndep HackersCompetitorsEmployees

(Source:2003 CSI/FBI survey, n=488)


IBM Global Services


Why is this happening today? 1) Adoption of new business models provide key benefits as well as new security challenges

Businessprocesses

consumer organization IT consumer organization

Increasing need for:FlexibilityResponsivenessAvailabilitySecurity

• IT is key interface with outside

•Faster pace, less predictable

•Realtime linkage (IT/business)

• IT was insulated within business

•Slower, more predictable

•After the fact linkage (IT/business)

ITIT

Businessprocesses

IT


IBM Global Services


Why is this happening today? 2) Increased collaboration brings greater business rewards… and greater business risks

Collaboration

Trus

t

Isolated Operations

Select ‘Trusted Partners’

Value Chain Visibility

Industry-Centric Value Web

Cross-Industry Value Coalition

Core Business

Subsidiary/JV

Customer

Partner/Channel

Supplier/Outsourcer

Legend

11

22

33

44

55


IBM Global Services


Why is this happening today? 3) Technology developments fuel provide a moving technical environment

Doubles every 12 month

Doubles ever 12 month (fiber), but access to home much less

CPUStorage

BandwidthDisplay

New Technologies

wired

wirelessOLED

NanoQuantum

fiber Broadband

Gadgets

Super-computing

Memory

Doubles ever 12 month

Doubles ever 18 month

More gadgets than PCs

250 Pixels per inch

Better, Faster, Cheaper !


IBM Global Services


How will the security challenges evolve?

Identity management and theft

Integration of physical and logical security

Wireless and Nanotechnology leverage

Compliance

Intrusion detection is morphing into intrusion prevention

Focus on the “internal threat” and/or data movement inside the perimeter

Skills shortages

Organized crime and industrial espionage


IBM Global Services


There is a need to approach security in a holistic manner. Our Security Capabilities and Offerings are organized by client themes

IBM Information Security Framework

GovernanceGovernance

PrivacyPrivacy

Threat mitigationThreat mitigation Transaction and data integrity

Transaction and data integrity

Identity andaccess management

Identity andaccess management Application securityApplication security

Physical securityPhysical security Personnel securityPersonnel security


IBM Global Services


IBM uses the ISF to facilitate security strategy planning, and to organized its broad security portfolio on both the traditional core security issues …

Identity managementProcesses for recognizing and monitoring users,

and granting or restricting their access to business assets or resources

Application securityThis includes addressing the Systems

Development Life Cycle and helping organizations build secure applications and testing them around the world

Network, Host, End Node securityProcesses for managing access and threats to

networking capabilities, including wireless networks & Host, end user systems

Organizations are typically focusing in four key areas to enhance enterprise security:

Data securityProcesses for data / back-up encryption, content

security, as well as protecting the security of information about the business and its customers, employees and partners


IBM Global Services


…. and the linkage to the broader security issues that many organizations are struggling to address across the enterprise

Personnel SecurityProcesses for ensuring workforce and employee

security including awareness programs and security guards and coverage

Physical SecurityThis includes the consulting and design of the

solution such as digital video surveillance, as well as integration of the pieces that includes storage, networks, cameras & surveillance

PrivacyProcesses for implementing privacy policies and

enforcing them across the enterprise, including identifying data and its classification

Effective Security programs also integrate these additional security areas:

GovernanceApproach for developing management processes

for the overall Security, Risk, & Privacy posture of the organization. Includes Security Advisory, Health Check, and Compliance services


IBM Global Services


The IBM Information Security Framework (ISF) provides an approach to addressing security that is holistic, complete and differentiating

IBM addresses the entirety of an organization’s security challenges:Across the capabilities needed for each security requirement:


GovernanceGovernance

PrivacyPrivacy






And at the appropriate maturity level of each

security capability:Across all attributes of

security capability:


IBM Global Services


Effective Identity Management programs address the lifecycle activities of Identity Proofing, Provisioning, & Access Control

Security Policies

Applications

Authentication Methods

Identity Credentials

Users

Identity Information

ProofProof

ProvisionProvision

AccessAccess


IBM Global Services


And in turn are linked to an overall information security framework to provide enterprisewide best practices and implementation guidance.

IBM Information Security FrameworkGovernanceGovernance

PrivacyPrivacy








• Identity proofing• Background screening• Identity establishment

• Lifecycle management• User provisioning• Other entity provisioning• Identity credentials

• Access management• Authentication services• Access control services• Single sign-on

• Identity proofing• Background screening• Identity establishment

• Lifecycle management• User provisioning• Other entity provisioning• Identity credentials

• Access management• Authentication services• Access control services• Single sign-on


How do I successfully implement my identity management program?


IBM Global Services


The ideal IDM Process implements provisioning in a seamless fashion across the corporation

• Automated process based on user role authorization and predefined policies

• Established workflow and response/ escalation criteria when human intervention required

• Consistent policy administration and enforcement

New user

Online request for

access • For new

employees, may be fed by automated HR processes

Policy and role verified

• Pre-established access and authorization policy, based on user role

• Integrated user identity directory

Approval routing

• Policy and role-based approval

• Workflow engine routes to approvers and tracks response, per set criteria

User with accounts

Hours, not weeks!

Systemcreates accounts

• Single sign-on user ID and password generated automatically, based on established policies

Elapsed activation time: hours, not weeks

Scalability not constrained by administrative staffing

New initiatives define access policies, leverage established process


IBM Global Services


The challenge of implementing an IDM program is developing the technical and procedural links to the many systems that require identity & access integration

401K

DesktopID

VPN ID

HR ID

Health Provider ID

NotesID

CorporateTravel ID

SupplyChain ID

IRAAccount

SAP IDSiebel ID

MS AdminNetwork ID

OnlineBank

Account

Financial ServicesAccount

Everyone has to manage everyone’susers!

Each user ID adds cost and complexity.

How to ensure compliance with legislation and regulations?

Each ID adds business risk to compliance with business, regulatory,

legal and security requirements.


IBM Global Services


IDM Lifecycle Solution Context

PLAN & DESIGNPLAN & DESIGNPLAN & DESIGN IMPLEMENTIMPLEMENTIMPLEMENT RUN & MANAGERUN & MANAGERUN & MANAGE

IDM Strategy

IDM Solution Architecture &Design

Role-Based Access Control Strategy

IDM Pilot, Phase I target implementation

IDM Phase II Broader SystemRollout & Deployment

IDM Managed Service

Business Strategy & Technical Implementation

IDM Phase III RBAC Implementation

IDM User & Operational ProcessesHR & User Account Administration Processes

Program Management across Identity and Access Management LifecycProgram Management across Identity and Access Management Lifecycle le


IBM Global Services


New Approaches: IBM Smart Surveillance SystemA unique management, search, and retrieval of surveillance information

The ChallengeSecuring facilities needs defense against multiple threats

- Outsider threat – people breaching the perimeter.- Insider threat – employees tailgating or bringing in

packages.

The typical approach –silo systemsAdd video cameras with preprogrammed real-time alerting capability – “movement in restricted area”

Our approach – unified searchable indexAllow plug and play of video analytics and biometrics technologies through an extendable interface.Extract generic object movement meta-data from surveillance video and enable searching through standards based interfaces, SQL & Web services in an open architecture.

S3 Features.Real-Time Alerts: tripwire, abandoned objectEvent Searching: Find events by

- time – (start time, end time)- object type – (vehicle, person, group), object size,

object velocity- region – (events occurring in a specified window)- Duration

Event Statistics – when is the peak activity in this store

Meta-data for activity over a 24 hour period

Embedded Privacy can beinvoked


IBM Global Services


New Approaches: Cancelable BiometricsEnhancing Privacy & Security in biometric applications

The ChallengeA single biometric (e.g., right index finger) used with several applications (bank ATM, building access, Internet commerce,...)

- If compromised at one place, other applications become vulnerable

• A credit card number can just be reassigned, not a biometric

Cross matching: biometrics collected for one application, can be also shared with agencies to retrieve past history (health care, law-enforcement, financial background)

- What if a biometric is compared?- Credit card account to old immigration

record

Our SolutionIntentional repeatable distortion alters signal but still in correct format generates a similar signal each time

Compromised scenario:

- a new distortion creates a new biometric

Comparison scenario:

- different distortions for different accounts

Original Biometric –Never Revealed

Distorted Biometric –Used in applications


IBM Global Services


Thank YouThank You

[email protected]/services/security

Date post:	03-May-2018
Category:	Documents
Upload:	vonhan
View:	214 times
Download:	1 times

Security in a Global World Identity Management Trends - IBM · How do I successfully implement my...

Documents