Secure Identity Management – SIM

Raiffeisen Informatik GmbH

Adolf Formanek

2

Sec

ure

Id

enti

ty M

anag

emen

t

Raiffeisen Informatik/A.Formanek/29.03.2007

Not another security issue more!!

More security = less convenience!

More or less useless – always one step behind!

Where are those useful applications??

3

Sec

ure

Id

enti

ty M

anag

emen

t

Raiffeisen Informatik/A.Formanek/29.03.2007

4

Sec

ure

Id

enti

ty M

anag

emen

t

Raiffeisen Informatik/A.Formanek/29.03.2007

What is e-Commerce??

Electronic Banking

E-Procurement, e-Billing

Platforms

Portals

Webshops

And what is e-Government…….

5

Sec

ure

Id

enti

ty M

anag

emen

t

Raiffeisen Informatik/A.Formanek/29.03.2007

The Chellenge

How to guarantee services

Processes

Weak spots in the processes for the user and authorisation management

Insufficient level of automation (system breaks)

Storage and Archive

bad data quality

Sessionhandling

Impediment of adaptable and mobile solutions

And above all: Security

6

Sec

ure

Id

enti

ty M

anag

emen

t

Raiffeisen Informatik/A.Formanek/29.03.2007

Ausgangssituation

Existing security gaps in the system access , e.g.:

Use of „Team-Passwords“

Use of redundant access to different applications (on an average 8-12 min.)

use of "pattern users" for the authorisation assignment for new employees without plausibility cheque are copied to "amassed" rights of existing employees

7

Sec

ure

Id

enti

ty M

anag

emen

t

Raiffeisen Informatik/A.Formanek/29.03.2007

Secure Identity Management – a milestone!

Card and password allow the secure authorised access to all

internal applications

HR-Management

Lotus Notes

Groupware

Admission

authorisations

Intranet

Phone-

System

8

Sec

ure

Id

enti

ty M

anag

emen

t

Raiffeisen Informatik/A.Formanek/29.03.2007

Functionality of SIM

Identity-Management: All functions concerning to user management

Single-Sign-On: Functionality for automated registration in systems and applications

Public-Key-Infrastructure:The management of certificates

Identity Management

Public Key Infrastructure

Single-Sign-On

9

Sec

ure

Id

enti

ty M

anag

emen

t

Raiffeisen Informatik/A.Formanek/29.03.2007

Elementary Parts of SIM

10

Sec

ure

Id

enti

ty M

anag

emen

t

Raiffeisen Informatik/A.Formanek/29.03.2007

SIM – advantages

unified efficient administration, standardised workflows

Simplified processes for user- administration (user- management, rights etc.) due to

authorisation assignment based on roles

Improved data protection and raised data security

Functioning and simple documentation and archiving of legal assignment and completely

written logfiles along the prozess-chain

Unified setup

Discharge of routine operations (e.g., password resetting), focus on core operations

(efficiency increase)

Transactions are directly connected to authorised persons due to the use of

hardwarebased certificates (no Dummy User)

Dataset is permanently cleared and settled which improves data quality with lasting effect

11

Sec

ure

Id

enti

ty M

anag

emen

t

Raiffeisen Informatik/A.Formanek/29.03.2007

SIM – Advantages from user‘s view

Security is clearly improved combined with simplification (easy Login with card, two-factor authentication, 1 PIN)

The Digital Signature-Card is designed for multiple purpose (Legic Chip, Identity Card)

Easy Handling of integrated security components

Easy authorisation requirement and quick realization of legal assignment

Fast and easy user change - fast application access

12

Sec

ure

Id

enti

ty M

anag

emen

t

Raiffeisen Informatik/A.Formanek/29.03.2007

Fast and easy user exchange …

Konzept

Für eine wunderbare Präsentation zum Thema SIM

Aöewfnawef iwepfnöawfn öanefwfn

13

Sec

ure

Id

enti

ty M

anag

emen

t

Raiffeisen Informatik/A.Formanek/29.03.2007

… rapid application access in different workplaces and different locations

Konzept

Für eine wunderbare Präsentation zum Thema SIM

Aöewfnawef iwepfnöawfn öanefwfn

14

Sec

ure

Id

enti

ty M

anag

emen

t

Raiffeisen Informatik/A.Formanek/29.03.2007

SummarySecury Identity Management

Easy access to all applications and systems for centrally authorised users

Tremendous reductions in administration

Encrease of security within the

More efficiency with enterprise-internal processes

Near to the customer requires more mobility

Customer-related processes will change further on

Competitiveness by trendsetting investments in IT security

And: In fact security and convenience fit together!!

Adolf Formanek

Raiffeisen Informatik GmbH

adolf.formanek@r-it.at

http://www.r-it.at