This tutorial will detail the use of smart cards in Identity Management. Security professionals are changing the way they think about security, identity management, and authentication. The session includes ways of establishing an identity, transforming identity attributes into digital credentials, assigning privileges associated with that identity, and methods for presenting those credentials in a secure, authenticated manner for physical and logical access use cases.
This session will explain the practical application of identity management and its usage of digital credentials stored on smart cards, and how they are issued, managed and revoked. The U.S. Government Federal Identity, Credential and Access Management (ICAM) committee has released a roadmap for the usage of millions of PIV compliant credentials, and many corporate enterprises are issuing PIV compatible smart card ID badges for the convergence of physical and logical access control and to cross-federate in some cases with the federal government ID systems. Because interoperable credentials make good security and fiscal sense, this session will look at how these new credentials are moving outside of the initial domain of federal agencies and into the commercial enterprise market.
This session will explain the practical application of identity management and its usage of digital credentials stored on smart cards, and how they are issued, managed and revoked. The U.S. Government Federal Identity, Credential and Access Management (ICAM) committee has released a roadmap for the usage of millions of PIV compliant credentials, and many corporate enterprises are issuing PIV compatible smart card ID badges for the convergence of physical and logical access control and to cross-federate in some cases with the federal government ID systems. Because interoperable credentials make good security and fiscal sense, this session will look at how these new credentials are moving outside of the initial domain of federal agencies and into the commercial enterprise market.
This session begins by exploring the independence and interrelationships between the concepts of Identity, Privilege and Person in relation to privacy, consent, and authentication in the context of government and non-government issued IDs. Examples are presented on how specific smart card technologies are utilized to implement these concepts in well-known application contexts.
This session will conclude with an overview of the latest technology innovations in smart cards for IT. Advances in application and content management capabilities are shown that create flexibility for how smart cards are applied in IT environments.
This session will look at large scale smart card deployments that exemplify the value of secure, interoperable, and scalable smart card-enabled identity solutions that take a systematic approach to managing identity and integrating the physical and logical access needs for organizations of all types and sizes.
Identity and Access Management is the foundation for access controls in the Enterprise, a mission-critical IT function that is both the lifeblood of your business, and a frustrating and difficult beast to tame. Your IdM infrastructure is more complicated, with more moving parts, and more partners across the enterprise, than any other security related service.
This interactive session, taught by experienced IdM veterans and practitioners, provides an architectural view to resolving identity challenges, and will provide detailed and informative discussions on directory services, web access management, Single Sign-on, federated identity, authorization, provisioning and more. The morning session will provide an overview of the foundations of IdM, while the afternoon will provide a customized, detailed and interactive session to focus on the specific identity disciplines they find most challenging.
This workshop will cover:
- Principles of Identity and Access Management and implementation strategies
- Infrastructure architecture -- critical underlying processes to run a successful enterprise
- Web-based authentication & Web Access Management
- Selling Identity strategy in the C-suite
- Directory Services – Enterprise, meta-directories and virtual directories
- Provisioning - managing the processes of Identity and Access Management
- Identity mapping and roll-up
- Detailed Single Sign-on strategies: Getting off Identity islands
- Detailed Federated Identity discussion and case studies
- Gritty Reality of Federation SSO: Lessons learned from 14 major federation projects
- Multi-factor authentication: biometrics, tokens & more
- Functional IDs - real world considerations of this often forgotten access control
- User Access Audit: Proving only authorized users have access
- Auditing the identity systems
Participants should have a basic background in Information Security, IT systems, and identity management. After the class, participants should feel well grounded in identity management, understand the broad landscape from both a technical as well as a business perspective, and have gained practical insight into the strategies which will enable them to meet identity challenges in their organization.
Security Basics Boot Camp is a new day long course that explains some of the most important security principles and technologies. Designed for practitioners with less than three years of information security experience or those new to the field, Boot Camp will create a foundation of essential concepts to enhance your understanding of the more advanced security sessions during the week. Taught by the “who’s who” in the security industry, Security Basics Boot Camp is not to be missed. Topics and speakers include:
- Business of Security
• Hugh Thompson, Chief Security Strategist, People Security - External Hackers and Insider Threats
• George Kurtz, Worldwide Chief Technology Officer & Executive
Vice President, McAfee, Inc. and Dr. Eric Cole, McAfee
• Vinny Guilloto, Microsoft - Crypto 101/Encryption basics/SSL & certificates
• Josh Rosenthol, Consultant Product Manager, RSA, The Security Division
of EMC - Introduction to Security Architecture
• Jeff Bardin, VP, Chief Security Officer, ITSolutions - Firewalls and Perimeter Protection
• Bill Cheswick, Lead Member of Technical Staff, AT&T Labs - Research - Intrusion detection and data loss prevention
• Kevin Rowney, Founder, Symantec DLP, Symantec Corporation - Authentication Technologies
• Bret Hartman, CTO, RSA, The Security Division of EMC and
John Linn, Sr. Technologist, RSA, The Security Division of EMC - Application Security
• Jason Rouse, Cigital
No comments:
Post a Comment