Agenda
| Wednesday, 06.05.2009 | ||
| 07:30-10:00 |
Check-In |
|
| 08:30-09:00 |
Risk, Reward and Compliance in Challenging Times Mike Small, KuppingerCole
IT managers are now faced with daunting challenges: to reduce costs while managing risk and compliance and at the same time improving organizational flexibility to operate in different ways. Attend this presentation to hear global examples of how new approaches can help meet these challenges. |
|
| 09:00-09:30 |
SAP-GRC-IdM - What is the Problem? Marina Walser, Novell Europe, Middle East & Africa (EMEA)
|
|
| 09:30-10:00 |
Enterprise IT-enabled Cost Avoidance & Reduction: The Role of Identity & Access Management John Aisien, Oracle Corporation
|
|
| 10:00-10:30 |
Coffee Break |
|
|
Business-driven Authorization Management Moderator: Felix Gaehtgens, Kuppinger Cole
|
|
| 10:30-11:30 |
Authorization and Entitlements Today - What a Mess! Felix Gaehtgens, Kuppinger Cole
Common Security Realm: A Case StudyJames McGovern, The Hartford Financial Services Group
In this session, you will learn about the strategies used to secure enterprise applications. We will present insight into business drivers, IT benefits and how security is core to making it easier to do business. Some of the things that will be covered include:
|
|
| 11:30-12:30 |
Realigning AuthZ and Access Control with the Business John Aisien, Oracle Corporation
Kim Cameron, Microsoft
Finn Frisch, Axiomatics
Keith Grayson, SAP
Pat Patterson, Sun Microsystems
Bavo De Ridder, De Ridder Consulting
|
|
| 12:30-14:00 |
Lunch Break |
|
|
|
SSO & Identity Federation Moderator: Felix Gaehtgens, Kuppinger Cole
|
|
| 14:00-15:00 |
State-of-the-Art Web Services Federation Felix Gaehtgens, Kuppinger Cole
Dr. Oliver Pfaff, Siemens AG
With respect to the enablement of federated identity, Web services have advantages over traditional Web applications because Web services technologies natively support the externalization of subject authentication in a standard way. This is facilitated through dedicated security services provided by the infrastructure (WS-Trust STSs). However, when it comes to advanced identity federation use cases demanding more sophisticated federation features, Web services also suffer from a scattered technology landscape not easily accessible for non-experts. This landscape at least comprises WS-Federation, Liberty-Alliance ID-WSF, OASIS WSFED. This contribution investigates these Web services federation technologies. It uses a health- care use case that demands sophisticated features in identity federation to pinpoint their capabilities. Moreover, it considers the identity federation enablement features of common Web services stacks e.g. Apache Axis, Microsoft WCF and Sun Metro. This aims at providing a compass for those who are charged with architecting, designing and building identity federation solutions in Web services environments: Which technologies are out there? What are they good for? How are they supported in Web services stack?... |
|
| 15:00-16:00 |
Federation at Scotiabank Chris Harvison, Scotiabank
The origins and evolution in the use of Federation within Scotiabank Federation Services for the Automotive Industry
Tobias Frech, iC CONSULT
Wolfgang Jodl, BMW Group
|
|
| 16:00-16:30 |
Coffee Break |
|
| 16:30-17:30 |
Investigating User Centric and Identity-as-a-Service Federation models for Dutch Higher Education Institutes (SURFfederatie). Joost van Dijk, SURFnet
The SURFfederatie is the comprehensive identity federation for higher education in The Netherlands, connecting higher education institutes (as identity providers, IdPs) with public and commercial service providers (SPs). The SURFfederatie is an infrastructure with a well-developed hub-like architecture, including contracts that are signed by IdPs and SPs. It is seen as an example large scale federation approach for other sectors as well, and has earned the EEMA award of excellence in 2008. The main issue for the SURFfederatie is scalability, especially with respect to trust establishment. Therefore the federation is currently developing and testing future service service models beyond the traditional SP-IdP model, in particular: expand its domain to a wider range of (commercial) service providers; offer comprehensive identity-as-a-service for its customers; and introduce a user centric, rather than IdP-centric, federation model. Best practice experience of SURFfederatie and the results of investigating and trying out the alternative new service models will be presented. Mike Llerandi, Ping Identity
Jürgen Mannheim, Covisint
Dr. Prateek Mishra, Oracle
Darren Platt, Symplified
Peter Valkenburg, Everett
|
|
| 17:30-18:00 |
Identity Management & GRC - A Powerful Team? Dr. Martin Dehn, KOGIT GmbH
Dr. Peter Gergen, SAP Deutschland AG & Co. KG
Dave Kearns, KuppingerCole
Michel Prompt, Radiant Logic
Jackson Shaw, Quest Software
Especially in Western Europe we see lots of projects which implement access requests on a very detailed level. All access rights obtained through such processes are approved and by definition valid. On the other hand, regulations press organizations to establish periodic access certifications. They mean a high workload for managers and data owners. However, the amount of work can effectively be reduced by integrating a validity stamp of access rights stemming from official access requests. In both approaches roles can further enhance the overall processes with regards to efficiency, security and transparency. The speech discusses the powerful combination of the proactive access request and aftercare access certifications, where both share a common set of policies, rules and roles. |
|
| 18:00-18:30 |
End-to-end Business Process Governance Keith Grayson, SAP
When we talk about "best practice" governance, we are using the same words, but are we all talking about the same thing? When we talk about the convergence of GRC and Identity Management, do we have a common understanding of what they are and how they fit with business processes? This keynote looks at the question "what could an end-to-end business process governance model achieve and what might it look like?". |
|
| 19:00-22:00 |
European Identity Awards Ceremony & Buffet Dinner |
|