1 / 13

WP8 Security and Privacy Identity Management 15. November 2012 Wolfgang Steigerwald (DT) Robert Seidl (NSN)

WP8 Security and Privacy Identity Management 15. November 2012 Wolfgang Steigerwald (DT) Robert Seidl (NSN). Agenda . Aspects of Identity Management Differences of the IdM solutions The Nokia Siemens Network (NSN) IdM -System The Deutsche Telekom (DT) IdM -System

tilden
Download Presentation

WP8 Security and Privacy Identity Management 15. November 2012 Wolfgang Steigerwald (DT) Robert Seidl (NSN)

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. WP8 Security and Privacy Identity Management 15. November 2012 Wolfgang Steigerwald (DT) Robert Seidl (NSN)

  2. Agenda • Aspects of Identity Management • Differences of the IdM solutions • The Nokia Siemens Network (NSN) IdM-System • The Deutsche Telekom (DT) IdM-System • Questions, Answers and Discussion

  3. Device Application User Service Network Aspects of Identity Management Single Sign-Ontoservice domains Identity Federationtowardsapplications Authentication Authentication Authorisation private secure Accounting mutual User & ProfileManagement Authorisation & Trust Management

  4. Features NSN DT Authentication Methods: • Username/Password Yes Yes • eID (STORK) Yes (2nd version) No • 3rd Party Login Yes Yes • Attribute Based Credentials Yes No • Supported Protocols: • OAuth2.0 Yes (2nd version) Yes • SAML2.0 Yes No • OpenID Yes (2nd version) Yes • https Yes Yes • Interfaces: • Web Yes Yes • RestFull No Yes • Markets: Telecommunication Internet Shops

  5. Nokia Siemens Networks IDM Solution One-IDM

  6. What we have and what we will offer in detail to FI-Ware UC projects. Customer self care / Customer care tools Identity management / Authentication • At the portal, the user may choose different authentication methods: • username / password • Facebook Connect (Facebook can be used as Identity Provider) • Support of ABC4Trust credentials • Other authentication methods (not in portal) include: • AAA • GBA • German eID • Identity federation in general possible • Full list of attributes can be viewed on overview page • Transparency towards user is an important concern • At the portal, users are able to view and (partially) modify their attributes • Basic identifiers cannot be modified (because e.g. full name is legally bound to a contract) Service specific profile Features for One-IDM customers • Service specific attributes can be viewed • Account name at service • Account type (existing or on-demand) • Attribute release policy (admin role) • Authentication at service can consider the trust level of used authentication method at portal (cf. box above) • Service will be managed and hosted by NSN • Provisioning of user accounts will be done by NSN • Set-up of trust relations will be done by NSN • Configuration of attribute database scheme will be done by NSN The red marked features will be not available in the project.

  7. How you can use the One-IDM federation One-IDM System IdMServer Example Service IdM Portal Service browserbasedredirect User’s Home

  8. The Global Customer Platform GCP

  9. What we have and what we will offer in detail to FI-Ware UC projects. Customer self care / Customer care tools Registration / Identity management / Product booking • Customizable customer self care portal for customer data administration, account administration, contract management, billing management • Customer care tooling for managing user-data, customer-data, contract-data and invoicing • Customer care tooling can be integrated with existing customer care systems • Complete online registration • Complete Login, logout, single-sign-on • Registration and login using 3rd party identity providers (facebook, google, yahoo!, …) • Password change, password recovery, management of 3rd party ID-federations • OAuth 2.0-based API for apps on iOS, android, … • Complete checkout-process for product booking • Complete management of payment-information Product management / Subscription management for free products Features for GCP-B2B-customers • Product catalog management (commercial aspects such as price-plans, contractual attributes) • Payment management for subscription products • Wide range of pricing-models for subscriptions (fixed recurring, trial periods, set-up fees, usage based post paid, …) • Global payment methods • Cloud-offer: Managed and hosted environment • DTAG security- and data-privacy standards • Complete online administration • Online management of customer care agents • Complete control over your brand – white-label platform • Any functionality also exposed via APIs for full integration • Complete and comprehensive online documentation The red marked features will be not available in the project.

  10. How you can use GCP WEB Shop login Customer Self-care Management WEB Shop login Registrationor Login Customer Care Management Tenant Instance WEB Shop login Admin Configuration Global Customer Platform

  11. How to access the demos Outlook GCP demo https://logint2.idm.toon.sul.t-online.de/media-store https://logint2.idm.toon.sul.t-online.de/music-service https://logint2.idm.toon.sul.t-online.de/video-service Please contact wolfgang.steigerwald@telekom.de One-IDM https://85.183.197.168:8443/idmPortal http://85.183.197.168/shop/catalog Please contact gerald.meyer@nsn.com Prerequisite: add these lines to your „hosts“ file(/etc/hosts or c:\windows\system32\drivers\etc\hosts): 85.183.197.168 idm.nsn.com 85.183.197.168 payb.nsn.com 85.183.197.168easybuy • During the project we will provide a common interface for both IDM systems • We will provide additional features: • One-IDM: • switch to Digital Self • support of OAuth2.0, OpenID, eID • GCP: • new features will be developed regarding customer needs • enhancements to the REST-API

  12. Thanks !!

  13. Preliminary Core GEs Architecture

More Related