identity in the world of iot
DESCRIPTION
RANJAN JAIN, Enterprise IT Architect, Cisco, at the European IRM Summit 2014.TRANSCRIPT
© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1© 2014 Cisco and/or its affiliates. All rights reserved. 1© 2014 Cisco and/or its affiliates. All rights reserved. 1
November 3rd, 2014
Ranjan Jain
Enterprise IT Architect
Cisco Systems Inc.
#identity_guy
Identity in the IoT World
© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2
1. Identity – The-Not-so-fun Facts
2. Trends & Identity of Thing Framework
3. NextGen IT Requirements
© 20134 Cisco and/or its affiliates. All rights reserved.
Agenda
© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 4
The-Not-so-Fun facts
© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 5
Identity – Not So Fun FactsIdentities frequently targeted for attack:
Executives
Administrators
Outsourced vendors
Unable to quantify loss due to lack of visibility
Trend in targeted attacks are many occurrences over an extended period of time
Cyber-attackers need to be right once. Enterprise security need to be right every time
© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 6
Security Incident Examples
Impacted 148 million users
© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 7
Security Incident Examples
Impacted 110 million users
© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 8
Security Incident Examples
Refrigerator got hacked. Google Nest thermostat was hacked & more to come
Courtesy: www.readwrite.com
© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 9
Trends and Identity of Thing Framework
© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 10
Trends Elevating the Importance of Identity
Enabling New Business Models
Security
User Experience
Simplification
Operational Expense
Reduction
50
Business
Source: http://share.cisco.com/internet-of-things.html
© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 11
Trends Elevating the Importance of Identity
Enabling New Business Models
Security
User Experience
Simplification
Operational Expense
Reduction
50
Business Technology
Internet of Thing
Mobile / Cloud
Externalizing Data via API’s
Collaboration / Social / Data Analytics
Advanced Threats
Source: http://share.cisco.com/internet-of-things.html
© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 12
IDentity of Thing (IDoT) Vision
Location
IT Managed
Un-managed
Device
IT Managed
Personal
Any Device
“Enable secure access from any client, on any device, to any service, located anywhere.”
From Anywhere Any Resource
(Anyone, Anything, Anywhere – For Right Business Outcome)
Identities depicted are only representative, and not the comprehensive list
Identity
Human
Device
Application
API
Resource
Web Apps
Mobile Apps
API
Devices
SaaS
Service Providers
© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 13
Data Model to Encompass All Types of Identities
Badged Non-Badged
FTEOutsourced
Regular New Acq’stn
Guest
User Device ResourceLocation
Partner
Customer
End User Server
IT Asset BYOD
Host
Network
PC
Mac
Linux
iOS
Android
IT Mn’gd Un-Mn’gd
DMZ Internal
Protected
Partner Sites
Public Internet
Default
SimDMZ
IT Hosted Ext Hosted
Service Asset
Data Application
- Each User, Device, and Resource has a unique Identity.
• Campus / FSO• Data Center• Bandwidth• …
Additional Attributes• Data Classification• Regulatory Comp.• Access Protocol• …
Additional Attributes• OS• Version• Display Size• …
Additional Attributes
- Each Identity has several attributes that describe its type and their attributes.
- One or more of these attributes can then be combined to create a composite identity.
Additional Attributes
• First Name• Last Name• Email • …
© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 14
NextGen IT Requirements
© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 15
IDoT Vision Realization FactorsThe 4 Must-Haves
Federation and APIWill be Ubiquitous
Identity for Things-Human-Device-App, API etc.
Multi-factor Authentication - It will be a Must- Context will be new dimension
Standards DrivenP2P, M2M, P2M
(Open Source based)
© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 16
- IoT will Connect the Un-connected
- Identity will be the core for IoT
- Securing IAM will be more important than ever
- Things will participate in “Federation Grid”
In Closing
Thank you.