Cloud Information Security

  • TYPE: Combined Session DATE: Wednesday, April 18, 2012 TIME: 14:00-15:00 LOCATION: Alpsee
Track

Sessions:

Information Security in the Cloud - that's in fact moving towards a location-independent and provider-independent approach for information security. In the days of on-premise only IT (plus maybe an outsourcer), the focus could be on securing the network and the device. In these days where IT services are a mix of on-premise, private and public cloud services - i.e. in days where things become hybrid - we can't rely on network or system security. We don't really know where our data remains and where services are run. The cloud sprawl, with chains of providers like your SaaS provider relying for example on Amazon Web Services, leads to a situation where we have to re-think the approach in Information Security.

The most important cornerstone is to move from system, network, device security towards information-centric security, which we might name "real Information Security". Another one is understanding Information Security as an initiative which isn't focused on technologies first of all, but on understanding risks, contracts and other aspects. Another important cornerstone is, without any doubt, the identity. We have to deal with more identities and with persons using different identities. Identity and Access Management is a key element in Information Security in, for, and with the Cloud.

There are many other aspects. In this session, we will provide our view on the future of Information Security - an approach that works seamless for the hybrid world of today and tomorrow, from classical on-premise IT to the public Clouds.


Speaker:

As the creator of breakthrough concepts like NetWare Open Systems, The Network Services Model, metadirectory, and The Internet Services Model, Craig Burton is one of the leading visionaries and analysts in the computing industry. He is a frequently consulted expert on new technologies and the...


Identity management across multiple SaaS (software-as-a-Service) applications as well as on-premise systems is a challenge to most enterprises. Challenges in Identity Management in the cloud, simply goes beyond how we do authentication, authorization and auditing right. Cross domain authentication, provisioning, interoperability, multi-tenancy, delegation and security are few challenges to name. The best way to preserve interoperability is to adhere to open standards. Lots of proprietary standards came a long way, but at the time they felt a larger audience is needed and interactions with other systems, those became open standards. SAML2 Web SSO, OpenID, OAuth are some popular open standards, widely used across many cloud providers for authenticating users while facilitating identity portability. WS-Trust, WS-Federation used to cater the same aspect while dealing with systems. XACML is another open standard, which is considered to be the de-facto standard for authorization. It facilitates fine-grained authorization in a policy driven manner. Provisioning is also an important aspect in a cloud identity management system. SPML failed to be the de-facto standard for provisioning due to its heavyweight nature and being bias to SOAP. The latest emerging standard for provisioning is SCIM, which is still in progress at the specification level, but looks promising.


Speakers:

As an infrastructure architect in the enterprise networking field since 1994, Bruce possesses in-depth experience in all facets of Identity & Access Management which include enterprise provisioning, access certification, password and credential management, as well as privileged access...

Dr. Barbara Mandl is Senior Manager of DAIMLER AG, responsible for the Global Daimler IT-Organization: CoC Identity and Access Management.  Dr. Barbara Mandl’s career lead her through various Telecommunication and IT organizations. Among those were leading Management Positions as...

Prabath Siriwardena is the Director of Security Architecture at WSO2 Inc. He is a member of OASIS Identity Metasystem Interoperability (IMI) TC,OASIS eXtensible Access Control Markup Language (XACML) TC, OASIS Security Services (SAML) TC, OASIS Identity in the Cloud TC and OASIS Cloud...

James (Jim) Taylor is responsible for the overall product strategy, pricing and packaging and future direction for NetIQ's Identity and Security products. Jim has over 20 years of experience in the Identity and Security industry, working in a variety of roles from consulting to quality...



Log in to download the presentation:  

Moderator:

Session Links

Quick Links

Stay Connected

Information

Congress

European Identity & Cloud Conference 2012

Language:
English
Registration fee:
€1980.00 $2376.00 S$3168.00
Mastercard Visa PayPal INVOICE
Contact person:

Mr. Levent Kara
+49 211 23707710
lk@kuppingercole.com
  • Apr 17 - 20, 2012 Munich, Germany

Partners

The European Identity & Cloud Conference 2012 is proud to present a large number of partners
Learn more

How can we help you

Send an inquiry

Call Us +49 211 2370770

Mo – Fr 8:00 – 17:00