SSO-Report 2007: Key-Players, Status and Trends
Martin Kuppinger will present the major findings of KCP’s latest SSO Report which analyses the various segments of the SSO market from tactical to strategic solutions, as well as introducing the key players and evaluating their products.
Credential Lifecycle Management – Smartcards, E-SSO and the Organisation
Today it is not enough simply to fill out digital certificates and transfer them to a SmartCard. The challenge lies in the ability to manage credentials and passwords over the process lifecycle. This is much more about organisation and process management than about technology. Experts in this field will exchange vies and share their experiences in a session chaired by KCP’s Martin Kuppinger.
Kerberos als Bestandteil einer umfassenden SSO-Strategie
This session will cover the approach WestLB has used to implement Kerberos across Windows and UNIX systems. It will focus on the technical approach and possible hurdles in projects like this.
Employee smart cards as an integrated part of identity- and access management
In many enterprises the internal and external staffs already uses smart cards for years as an electronic key for the access to important company areas, buildings and rooms. The approach of the Peak Solution is to integrate this kind of physical access control with the logical IT administration to a holistic authorization management. The basis for this integration is a high performance identity- and access management system. With this system it is possible to extend existing processes and functions for the personal assignment of physical access authorizations by processes and functions for the automated, role based provisioning of user accounts into IT systems and applications. At the same time the staffs only need one multifunctional medium for the identification and authorization against the access control system and the enterprise network. In this way many processes for the administration and use of IT systems and applications are automated and simplified for all involved people. That leads to more security for immaterial enterprise values, cost savings in the administration and higher acceptance for necessary security measures. In the presentation Mr. Kremer shows the main components, functions and processes of such an integrated solution.
Totally Integrated SmartCard Architecture – Combining Industry Specific Requirements with Security Solutions
The “Five C'” of identity management are Collaboration, Coopetition, Communication, Confidentiality und Commitment. Siemens has demonstrated its ability to combine all five in multifunctional ID cards for universities, corporations and government agencies, creating real business value on the way.
Short Introduction and Moderation:
Effective use of Digital Identities and ID cards in a Government Environment
Based on Erik’s experience in the federal government (among which being co-author of the Belgian Personal ID-Card-blueprint) and Erik’s and Bavo’s role as IAM-program-manager and lead-/chief-architect of the Flemish government, they will share some of their ideas with you on:
- How government agencies and other organizations can benefit from an eID-card — what are the possible wins and losses;
- How the Flemish government is taking a step-by-step process to rapidly stage its identity and access control management platform to enable a rich set of secure e-government applications and an increased level of security internally;
- What their experience is in building a distributed/generic ACM-environment in context of G2G, G2C, G2B, … ;
- How they play with digital identities, entitlements, roles, mandates, etc in a process-oriented architecture;
- All this, whilst reckoning with the existing (legacy) environment, whilst minimizing effort to change application-architectures, whilst honoring privacy-legislation and whilst maintaining and establishing a high level of user-friendliness.
Identity driven Security Management or Security driven Identity Management?
Which came first – the hen or the egg? Security and identity professionals can argue the toss for hours. This panel will try and find a common understanding of the issues facing both industries and identify differences in their approaches to handling digital identities.