1 / 26

IAM – GRC - SOA

IAM – GRC - SOA. 03.06.2008 Martin Kuppinger, KCP mk@kuppingercole.de. Identity Management: Vision – five years from now…. Business. Business Control Enterprise Entitlements (IAM for Business). Standardization and Services:

rosa
Download Presentation

IAM – GRC - SOA

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. IAM – GRC - SOA 03.06.2008 Martin Kuppinger, KCP mk@kuppingercole.de

  2. Identity Management:Vision – five years from now… Business Business Control Enterprise Entitlements (IAM for Business) Standardizationand Services: Services, Application Security Infrastructure, Integrated IAM (IAM forApplications) Fundamentals: Integration and (Basic) Provisioning (IAM for Administrators) Technology 2008 2009 2010 2011 2012 2013 © Kuppinger Cole + Partner 2008

  3. Two definitions to start… © Kuppinger Cole + Partner 2008

  4. IAM – SOA – BSMUnsolved relationships… Controlling IAM Services End-to-End Security „ERP for IT“ App Security Infrastructure GRC Services on App level © Kuppinger Cole + Partner 2008

  5. GRC: Governance, Risk Management, Compliance © Kuppinger Cole + Partner 2008

  6. GRC Market:Level 1 © Kuppinger Cole + Partner 2008

  7. GRC Market:Level 2 © Kuppinger Cole + Partner 2008

  8. Generic GRC tools:General purpose © Kuppinger Cole + Partner 2008

  9. GRC:Business Control for IAM © Kuppinger Cole + Partner 2008

  10. Layered approach © Kuppinger Cole + Partner 2008

  11. Multi-layered IAM:Business Control for IAM OM ECM Enterprise Roles BPM PPM … © Kuppinger Cole + Partner 2008

  12. GRC: The way towards an integrated system of control © Kuppinger Cole + Partner 2008

  13. Tactical and strategical:The right tool © Kuppinger Cole + Partner 2008

  14. Why SOA Governance is relevant © Kuppinger Cole + Partner 2008

  15. Some issues © Kuppinger Cole + Partner 2008

  16. Missing end-to-end security © Kuppinger Cole + Partner 2008

  17. Missing service management on the software level © Kuppinger Cole + Partner 2008

  18. Missing reuse © Kuppinger Cole + Partner 2008

  19. The main reason why:Siloed IT organizations Infrastructure Software architecture and development © Kuppinger Cole + Partner 2008

  20. The technical solution Application Application Application Application Requires organization changes first! Application Infrastructure: Application Server, Orchestration,… Application Security Infrastructure: Identity Services Layer Central Directories Auditing Services More Services Application Directories © Kuppinger Cole + Partner 2008

  21. How to reengineer (or even create) SOA Governance © Kuppinger Cole + Partner 2008

  22. Reorganize IT:Some ideas… © Kuppinger Cole + Partner 2008

  23. Apply BSM principles © Kuppinger Cole + Partner 2008

  24. Apply risk controls © Kuppinger Cole + Partner 2008

  25. Conclusion: There has to be SOA Governance © Kuppinger Cole + Partner 2008

  26. IAM – SOA – BSMUnsolved relationships… Controlling IAM Services End-to-End Security „ERP for IT“ App Security Infrastructure GRC Services on App level © Kuppinger Cole + Partner 2008

More Related