Jun 3, 2014 - stateless and link all types of devices, applications and things. ..... to exposing the ForgeRock REST Use
IDENTITY RELATIONSHIP MANAGEMENT SUMMIT June 3-5, 2014 Phoenix, Arizona
HOST SPONSOR
SCHEDULE TUESDAY TIME EVENT
LOCATION
5:00 - 8:00 PM 8:00 PM
Hotel Lobby Aztec room
Registration Opens Welcome Reception - Sponsored by Radiant Logic
WEDNESDAY
Unlock the hidden conteXt that dRiVeS YoUR BUSineSS deciSionS
www.radiantlogic.com Page 2
Diamond Sponsor
© 2014 Radiant Logic, Inc. All rights reserved.
IRM Summit 2014
TIME EVENT
LOCATION
7:00 AM Registration Opens 7:00 - 8:00 AM Breakfast - Sponsored by 2Keys 7:30 AM Exhibition Floor Opens 8:00 AM Keynotes & General Sessions 9:40 - 10:00 AM Break 10:00 - 12:00 PM General Session 1:00 - 5:45 PM Breakouts Track 1 Track 2 Track 3 2:00 - 2:10 PM Break 3:10 - 3:20 PM Break 4:20 - 4:30 PM Break 7:00 PM Dinner 9:00 PM After Hours Party - Sponsored by Syntegrity
Casa Foyer Gold Room Casa Foyer Casa Grande Casa Foyer Casa Grande Flagstaff Mesa Casa Grande Casa Foyer Casa Foyer Casa Foyer Grand Ballroom Garden Outside Grand Ballroom
THURSDAY TIME EVENT
LOCATION
8:00 AM Registration Opens 8:00 AM Exhibition Floor Opens 7:30 - 8:30 AM Breakfast 8:30 AM Keynotes & General Sessions 10:00 - 10:30 Break 10:30 - 12:15 Breakouts Track 1 Track 2 Track 3 12:15 - 1:15 PM Lunch 1:15 - 4:00 PM General Session
Casa Foyer Casa Foyer Gold Room Casa Grande Casa Foyer
http://irmsummit.com/us/agenda
Casa Grande Mesa Flagstaff Gold Room Casa Grande
Schedule
Page 3
GENERAL SESSIONS
Casa Grande
DAY 1 MIKE ELLIS CEO, ForgeRock 8:00 AM
IDENTITY RELATIONSHIP MANAGEMENT: Using Identity to Empower CIOs Everywhere
DANIEL RASKIN VP Marketing, ForgeRock
Identity and Access Management (IAM) was traditionally designed for internal, perimeter-based
LORI ROBINSON Research VP, Identity & Privacy Strategies, Gartner
value. What does this mean with regards to an organization’s brand? How do we use identity
to shift investments from lowering operational costs to driving top-line revenue. Solutions must be
to help tame chaos in a constantly changing world? In this session we will discuss identity as a
stateless and link all types of devices, applications and things. In this session we will discuss the new
foundational element for building, protecting and increasing an organization’s brand equity—
model for identity—Identity Relationship Management—and its impact on the modern enterprise.
customer awareness, loyalty, value, and positive associations.
IAM FOR THE MASSES: Managing Consumer Identities and more Web-based, consumer-facing applications and services. This is good news for consumers! But, the explosive growth of web-based services has introduced new identity and access management
KEYNOTE
The premise of Identity Relationship Management (IRM) is leveraging identities to drive business
enterprises. However, the world has significantly changed. Today’s CIOs and CISOs are being asked
In today’s digital age of e-commerce, cloud-computing and social media, organizations are offering more
8:20 AM
9:20 AM
LIVIN’ ON A PRAYER: Identity, Brands and Chaos. Oh My!
(IAM) challenges. The more Web-based services an organization offers to its consumers, the more digital identities it must manage—for some organizations this means managing millions of consumer identities. In this session, Lori Robinson will provide an overview of the consumer identity challenge and discuss
SCOTT STEVENS
IDENTITY IS THE FIRST STEP TO TRUE NETWORK SECURITY
VP, Technology – WW Systems Engineering, Palo Alto Networks
User management and network security are separate, siloed teams within most organizations, resulting in gaps in the way security is treated across the enterprise. The onset of identity relationship
ALLAN FOSTER
management that extends user management to customers and things, not just employees, is
VP Technology & Standards, Office of the CTO, ForgeRock
exposing the inadequacies and complexities in this disjointed approach to security. Hear how Palo
10:00 AM
Alto Networks is working with ForgeRock to build a new kind of network security—an approach that for the first time connects the network security layer with the user management layer, enabling a nextgeneration of security ready for the “internet of everything.”
how IAM technologies are evolving to help organizations address these new challenges.
IAN GLAZER
KILLING IAM IN ORDER TO SAVE IT
Senior Director, Identity, salesforce.com
Identity and access management is losing its value to the business. By optimizing for internal IT needs, IAM misses the larger opportunity to support business enablement efforts. In order to be
8:50 AM
invaluable to the enterprise, IAM has to radically adapt. This session will discuss: • How current IAM is not well suited for the modern business • What a truly modern IAM system would include • How the market is beginning to change • What we as an industry can do to evolve
Page 4
General Sessions
IRM Summit 2014
http://irmsummit.com/us/agenda
General Sessions
Page 5
Product Manager, ForgeRock
AS THE WORLD TURNS: The Changing Drivers Behind User Authentication (Duo, Inwebo, Encap, Certivox, NokNok)
10:20 AM
Altering authentication based context and risk is a critical aspect of access management in today’s
MODERATOR:
ANDY HALL
borderless world. In this panel we will discuss the changing digital environment, the increase in breaches, and how User Authentication (UA) is the last mile of defense. We will also discuss the future of where UA is headed.
PANEL MEMBERS:
LASSE ANDRESEN
MARK STANISLAV
BRIAN SPECTOR
RAJIV DHOLAKIA
Security Evangelist, Duo Security
CEO, CertiVox
VP Products Nok Nok Labs Inc
ADAM DOLBY
DIDIER PERROT
JOSH ALEXANDER
VP Business, Encap Security
CEO, inWebo Development
CEO & Co-Founder, Toopher
Access + Identity Managed Security + Professional Services
www.
TECHNOLOGY PREVIEW
.ca
CTO, ForgeRock A technology preview from our CTO office, don’t miss it!
10:50 AM
RAJIV DHOLAKIA VP Products, Nok Nok Labs Inc
THE FUTURE OF AUTHENTICATION & THE FIDO ALLIANCE Authentication is broken. It causes friction in our customer interactions causing loss of revenue and creates vulnerabilities in infrastructure that leads to losses and liability. Come get an overview of the
11:40 AM
FIDO Alliance (Fast IDentity Online) whose mission is to make authentication stronger and simpler and understand how it works with identity stacks to reengineer the customer experience. The FIDO Alliance
Portals
has gone from six to over 120 members in a year, has released a set of specifications for the FIDO Authentication protocols and is transforming the nature of authentication.
Content Big Data Analytics
America I Asia I Australia I Europe 22 Offices across 9 Countries
Page 6
General Sessions
IRM Summit 2014
http://irmsummit.com/us/agenda
Open Source Enterprise Solutions
Global Leader in
400+ Implementations Worldwide
www.cignex.com
[email protected]
General Sessions
Page 7
DAY 2 CHUCK MORTIMORE VP Product Management, Identity & Security, salesforce.com
LUDO POITOU, ANDY HALL, ANDERS ASKÅSEN
MINIONS AND THEIR MASTERMIND: How Behind Every Device There’s a Customer
Product Management, ForgeRock Usain Bolt is the fastest man in the world, but his accomplishments pale compared to the challenge
The future - billions of internet-connected minions, dutifully scurrying around performing their little
8:30 AM
KEYNOTE
EVE MALER Principal Analyst Serving Security & Risk Professionals, Forrester
minion tasks. Like it or not, it’s coming, and it’s going to challenge many of the basic assumptions
PAT PATTERSON
of deploying identity fast. As time to market becomes more and more important, it is essential that
of our IAM systems. These are Identities fundamentally different than we manage today in terms
Developer Evangelist Architect, salesforce.com
this session we will find out who is the fastest deployer of identity products. We will have a timed and
of scale, attributes, and above all, their maniacal devotion to their mastermind. Let’s explore what building blocks we have, what we’ll need to change, and a basic pattern for using minions (devices) to connect us to their masterminds (customers).
1:35 PM
ADDING RELATIONSHIP MANAGEMENT TO IDENTITY: It’s a Must For Customer-Obsessed Companies
ANDRÉ BOISVERT
We’re in the age of the customer. Empowered buyers are demanding a new level of customer
9:00 AM
THE AMAZING RACE! On your Mark, Get Set, Go!
obsession, and bring-your-own-everything is accelerating. If you think your organization can stick
Chief Architect, Yellow Pages Group 2:05 PM
identity becomes something that can be deployed in minutes or hours rather than days or months. In refereed race deploying ForgeRock’s OpenAM, OpenIDM and OpenDJ. May the best geek win!
CASE STUDY: Yellow Pages Canada’s Yellow Pages Group (YPG) is a leading digital media and marketing solutions company. Recently YPG deployed the complete ForgeRock Open Identity Stack to support the security
with classically IT-shaped goals and metrics for identity and access management, the data tells us
requirements of its next-generation, mobile merchant marketing platform. In this session, learn how
you’ve got another think coming. The security and customer experience challenges are multi-
YPG is deploying identity relationship management to build a more agile, responsive relationship
dimensional; to answer them you’ve got to get strategic about adding notions of relationship and
with its more than 250,000 small and medium-sized business customers.
context to IAM.
PARVEZ NAQVI Sr. Director, Platform Solutions Technology, Thomson Reuters
JEFF BAGBY SVP, Head of Social Media Platform, Thomson Reuters
DIETER SCHULLER
CASE STUDY: Thomson Reuters
VP Business Development, Radiant Logic
Thomson Reuters is the world’s leading source of intelligent information for businesses and
2:25 PM
professionals. It combines industry expertise and innovative technology to deliver critical
An evolution of the infrastructure that secures user access today can also drive better customer intimacy and customized services tomorrow. Learn how innovations in identity virtualization and the
information to leading decision makers. A large, global company, Thomson Reuters operates in
reverse-engineering of relationships from across data silos will yield a more secure environment
more than 100 countries and has annual revenue exceeding 12 billion dollars. The company’s
and lead to context-based computing. Explore the next frontier of digital identity—leveraging
operations include four large business units: Financial & Risk, Legal, Tax & Accounting and IP &
9:30 AM
THE RISE OF CONTEXT: Moving from IAM to Identity Relationship Management and the Internet of Things
identity and relationships to represent context.
Science. This session will review its strategic project to centralize its many separate customer identity systems, with a goal of improving our customers’ experience, simplifying our technology footprint, and increasing our understanding of our customers.
LASSE ANDRESEN JOHN SCOTT CEO, 2Keys 1:15 PM
TECHNOLOGY PREVIEW
CTO, ForgeRock
CASE STUDY: GCKey - The Digital Canadian Citizen
A technology preview from our CTO office, don’t miss it!
2:55 PM
GCKey was launched in September 2012 and provides 4.3 million citizens (individuals and businesses) with electronic credentials for securely interacting with over 45 Government of Canada online services. When given the choice, Canadians choose GCKey over all the third party credential
3:40 PM
CLOSING REMARKS
services at a rate of ten to one. In this session, hear why GCKey has been broadly adopted, its impact on online government, and future plans. GCKey is operated and maintained by 2Keys and was developed using ForgeRock products.
Page 8
General Sessions
IRM Summit 2014
http://irmsummit.com/us/agenda
General Sessions
Page 9
BREAKOUT SESSIONS DAY 1 - TRACK 1
Flagstaff
PRODUCT TRAINING: An Introduction for Beginners
DR. MATTHIAS TRISTL Senior Instructor, ForgeRock
Three introductory sessions have been prepared by ForgeRock University introducing the components of ForgeRock’s Open Identity Stack. If there is an IAM concept you would like to understand in more detail then these sessions are for you. There are no prerequisites and all questions are welcomed.
3:20 PM
OPENIDM An Introduction This educational session will provide a high-level overview of the core OpenIDM functionality. It introduces concepts such as provisioning, self-service, business workflow integration and resource connection, and how OpenIDM implements these concepts in an Identity Management infrastructure. The session focuses on the areas that are important during a product evaluation. The session will look at a few common IDM use cases to help illustrate said concepts and how OpenIDM will be able to help deal with them in an IT infrastructure.
Senior Instructor, ForgeRock
OPENDJ An Introduction
1:00 PM
This educational session will provide a high-level overview of the core OpenDJ functionality. It
DR. MATTHIAS TRISTL
DR. MATTHIAS TRISTL
introduces concepts such as LDAP, directory schemas and schema extension, multi-master replication for scalability and high availability and directory security. The session also discusses how OpenDJ
Senior Instructor, ForgeRock 4:30 PM
implements these concepts as a key element of an IDM infrastructure.
BRIDGE SPE An Introduction This educational session will provide a high-level overview of the core functionality of the ForgeRock Bridge SPE. If you want to know how you can easily set up a bridge from your on-premises identity directories (be they LDAP or AD-based) to service providers in the cloud, this will be the session where you can learn about how ForgeRock’s Bridge can help you or your clients with a minimum of time. You will learn how easy it can be to synchronize identity data in a very controlled way between
DR. MATTHIAS TRISTL Senior Instructor, ForgeRock 2:10 PM
your local and remote accounts.
OPENAM An Introduction
Some knowledge about OpenIDM would be beneficial but not mandatory for the session.
This educational session will provide a high-level overview of the core OpenAM functionality. It introduces concepts such as authentication, authorization, single sign on (SSO), and federation, and how OpenAM implements these concepts in a production-ready IAM infrastructure. The session focuses on the areas that are important during a product evaluation such as high-level product architecture, installation procedure and product features. We will also give an overview of the communication protocols and standards that are available in OpenAM.
Page 10
Breakout Sessions
IRM Summit 2014
http://irmsummit.com/us/agenda
Breakout Sessions
Page 11
DAY 1 - TRACK 2 ANDERS ASKÅSEN
Mesa FORGEROCK OPENIDM 3.0 PREVIEW
Product Management, ForgeRock In this session we will discuss how the release of ForgeRock’s OpenIDM 3.0 redefines how one
1:00 PM
thinks about identity administration. Learn about the new 3.0 features - Role-based provisioning, Performance enhancement, Delivery Guarantees, UI Enhancements, OpenICF 1.4. This modern architecture makes OpenIDM an important building block in ForgeRock’s overall solution for modern Identity Relationship Management (IRM), and a perfect solution for your modern provisioning needs for users, devices, and things.
SHAWN KEVE Partner, Simeio Solutions 1:30 PM
CASE STUDY: Cloud-Based IRM, Abt Associates Abt Associates is a global research and services organization with over 60 independent project sites and offices in over 40 countries. Their employees are thought leaders who solve complex problems for their clients through research and collaboration. Ease of use, ease of access, and ability to find collaboration partners are significant drivers for their IRM solution. One of the key use cases is helping Abt draw relationships between professionals in specific fields and a specific business need (e.g. a research effort that required certain contributors, a large proposal that required representative professionals) so they can respond to business opportunities and client needs easier and faster. We will discuss how Abt uses IRM to address key business drivers and deliver better client services.
ROB JACKSON Identity Solutions Architect, Nulli 2:10 PM
CASE STUDY: Utilizing OpenIDM with an External AJAX Interface ForgeRock OpenIDM provides users with unparalleled flexibility in terms of customizing a user’s Identity Management experience. It does away with inflexible GUIs and gives the implementor a chance to deliver only the functionality they need or want for any given IAM situation. Based on a recent customer deployment, this technical paper will identify security, business functionality and technical concerns related to exposing the ForgeRock REST User Interface to external AJAX clients. The paper and presentation speaks to how Nulli has addressed these concerns through the use of techniques being deployed for one of their clients. The paper will provide considerations as well as tips and tricks for use by all attendees of the session.
Page 12
Breakout Sessions
IRM Summit 2014
http://irmsummit.com/us/agenda
Breakout Sessions
Page 13
STEPHAN PAPADOPULOS Managing Director, The Triage Group 2:40 PM
CASE STUDY: Securing Access Through a Multi-Purpose Credential and Digital ID Modern Identity and Access Management (IAM) platforms are critical to improving the relationships governments have with their constituents. They enable the management of physical and digital IDs and provide tools for permitting relevant and timely access to facilities, programs and systems. Learn how one state government is using ForgeRock IAM to vastly improve services by granting its citizens better access to recreation centers, borrowing privileges at libraries, security control at schools, privileges on the local transportation system, etc. through one physical card and associated digital ID.
AMIT SAHA COO, Saviynt 3:20 PM
Are they really who they say they are? Or are they bad actors masked by good credentials?
Protect your company. Protect your customers.
BORDERLESS OVER PERIMETER (Technical Pillar of IRM) With the increase in adoption of cloud, social and mobile, enterprises are noticing blurring of the traditional perimeter. Legacy security controls such as firewalls, IDS, etc. are no longer deemed sufficient as businesses continue to move to sensitive platforms e.g. HCM, CRM, etc. and data e.g.
Please stop by our display to learn how our real-time behavioral analytics prevents fraud, information loss, and identity theft, so you can improve security while identifying opportunities to build relationships, expand services, and increase revenue.
GuardianAnalytics.com
Box, Office365, etc. outside of their enterprise boundaries. There is a need to extend enterprise security controls and processes to cloud and mobile applications. In addition, these controls have to be further ingrained within applications in the form of fine-grained application security management. ForgeRock and Saviynt have come together to create a unique solution that provides a central platform to manage fine-grained access for critical applications, within the perimeter of an enterprise as well as outside. Join us to understand how you can leverage advanced technologies such as usage and behavioral analytics, statistical role mining algorithms, segregation of duties controls, etc. to secure your critical assets beyond the perimeter. We will visit a success story of a large enterprise securely adopting cloud applications and learn about the challenges, the solution, and its subsequent benefits.
Page 14
Breakout Sessions
IRM Summit 2014
http://irmsummit.com/us/agenda
Breakout Sessions
Page 15
NATHANAEL COFFING
RAPID DEPLOYMENT BEST PRACTICES
VP Business Development, Syntegrity Networks, Inc.
This presentation details:
3:50 PM
• Using ForgeRock’s IRM Platform for Mobile Initiatives • A comprehensive End-to-End mobile Security solution • Simplification of configuration and security best practices • Auditing and Monitoring of access and authorization We’ll detail how to configure four VMs in less than 30 minutes, to provide Intrusion Detection, OpenAM, OpenDJ, WAF, Strong two factor Authentication, Advance Device Finger Printing and LDAP firewall capabilities within a highly-scalable, fully-redundant, mobile-enabled security platform. This Usage model
HELPING CUSTOMERS MANAGE DIGITAL IDENTITIES SINCE 1997
enables both business units and developers to rapidly deploy production-grade security, integrated with IRM for functional testing in Development, to an elastic, horizontally scalable environment in Production. Enable your developers, your customers, and your business while dramatically increasing the overall security of the solution.
www.indigoconsulting.com CYRIL GOLLAIN CEO, Brainwave 4:30 PM
NEXT-GEN ENTERPRISE IDENTITY SERVICES: Brainwave’s Integrated Governance and Analytics Suite Powered by ForgeRock OpenICF Welcome to a world where all things are interconnected and interacting! The revolutions of Cloud, Mobility and the Internet of Things are big challenges for enterprise IT: how do you increase flexibility without decreasing security? How do you provide pervasive access to resources while keeping a keen eye on ”who has access to what?” In this session, we will present a new approach to enterprise identity services that enable these revolutions while reducing the risks and complexity: • The consumerization of enterprise Identity: could requesting access become as easy as ordering a book on Amazon? • WWW governance: Who, What, When - control who has access to your resources • Identities beyond IT: identity services that bring value to the business • Live demonstration of Brainwave Identity GRC with OpenICF connectors
Page 16
Breakout Sessions
IRM Summit 2014
http://irmsummit.com/us/agenda
Breakout Sessions
Page 17
MODERATOR:
STEVE FERRIS VP Services, ForgeRock
BEST PRACTICES Benefit from Steve’s 14 years of deployment, development, and support experience and learn how to ensure that your IAM initiative is a success. This session will include an interactive panel of experienced system integrators who will also share and discuss their deployment best practices.
5:00 PM
PANEL MEMBERS: ROGERIO RONDINI
MICHAEL SEAVER
JIM MCDONALD
Chief Architect, Smart Software
Chief of Staff, TriVir
Engagement Manager, Indentropy
PAWEL PIETRZYNSKI
HARISH RAMACHANDRAN
Access and Identity Management Architect, Indigo
VP of Global Pre-sales & Co-Founder, CIGNEX Datamatics
Offering a comprehensive suite of services and solutions that provide a single-source for all your Identity and Access Management needs.
www.simeiosolutions.com
Page 18
Breakout Sessions
IRM Summit 2014
http://irmsummit.com/us/agenda
Breakout Sessions
Page 19
DAY 1 - TRACK 3 PAT PATTERSON Developer Evangelist Architect, salesforce.com
Casa Grande API-DRIVEN RELATIONSHIPS: Building The Trans-Internet Express of the Future
DON THIBEAU Chairman & President, The Open Identity Exchange (OIX)
Move over Thomas the Tank Engine! If developers are the train conductors of the railway, then APIs
1:00 PM
are the bullet trains of the future. In this session, Pat Patterson will explain how identity allows API
3:20 PM
interoperability among identity federations in the commercial, non-profit, and public sectors. The goal:
ExactTarget, Minecraft, or other great services, APIs are the basis for empowering developers to build
a greater variety of trusted transactions at a greater velocity. This session will be an overview of the
boundary-less railways across the web. ALLLLLL ABOOOOOOOOOAAAARD!
current OIXnet initiatives in the UK and the US.
AVINASH UMAP
TECHNICAL OVERVIEW OF FIDO SOLUTION
Software Architect, Nok Nok Labs
Username and password is a staple of Authentication. It is simple, easy to implement, and generally
Systems Engineer, ForgeRock
fail-safe. Except as we have seen in recent breaches, passwords fall very easily to attack. In this session, we will introduce the FIDO Alliance and the FIDO specs, showing one solution for moving away from username/password while still maintaining the flexibility. We will demonstrate how the Nok
GERRY GEBEL
TOP TEN REASONS WHY DEVELOPERS DON’T ADOPT ABAC
President, Axiomatics Americas, Axiomatics
We’ve all heard excuses as to why application developers resist adopting externalized authorization
3:50 PM
latest transgression. At Axiomatics, we’ve also heard many excuses over the years, and they range
Nok FIDO solution works, showing how you can use multiple devices for authentication.
1:30 PM
MIKE SCHWARTZ
and ABAC approaches—it is sometimes a lot like listening to a teenager trying to explain away their from legitimate to debatable. In this session, Gerry Gebel will review our top ten reasons for not adopting ABAC—plus a rebuttal for each.
THE RENAISSANCE OF AUTHENTICATION
STEIN MYRSETH
CLOUD DEPLOYMENT MANAGEMENT (JUJU)
It’s an age-old problem: How do you prove your identity? The advent of the Internet has made
Sr Pre-Sales Engineer and Founder, ForgeRock
Juju from Canonical (Ubuntu) is the next-generation tool for enterprise “service” management. It
4:30 PM
multiple cloud platforms including AWS EC2, OpenStack, HP Cloud, Microsoft Azure, Joyent, and local.
CEO, Gluu 2:10 PM
Under the direction of the OIX Board of Directors, OIX is building OIXnet, an authoritative registry for online identity trust and a neutral exchange for sharing trusted identity data to enable global
ecosystems to flourish, enabling developers to build ever more elaborate integrations. Whether it be
JAVED SHAH
THE CHALLENGES OF THIRD-PARTY IDENTITY CREDENTIALS & WHY A TRUSTED IDENTITY REGISTRY IS NEEDED: Current Initiatives in the UK and the US
identification even harder. To a website, you are a stream of electrons. Before you can transact business, the website needs to reliably associate that stream of electrons with a person. 80% of the Internet’s security breaches have been traced back to bad passwords, but until recently,
provides a powerful web-based interface to encapsulate services and orchestrate provisioning across This session will show you how to manage and orchestrate the ForgeRock Open Identity Stack using Juju as part of a complete IT enterprise architecture.
anything better than passwords meant expensive hardware tokens, or complex digital certificates. Luckily, authentication is experiencing a renaissance. New technologies have made it easier, more secure, and even less expensive to authenticate a person. Authentication is the front door to your network service. What device does the person have in their hands? Is your website or mobile app for customers or employees? This talk will help you understand your options, and how to use
MODERATOR:
authentication for competitive advantage.
ALLAN FOSTER VP Technology & Standards, Office of the CTO, ForgeRock 5:00 PM
EVE MALER Principal Analyst Serving Security & Risk Professionals, Forrester 2:40 PM
attributes as inputs to adaptive authentication. However, there are a plethora of untapped opportunities around the use of identity attributes beyond risk. In this session, we will discuss how identity attributes can be used to personalize customer-facing services and drive competitive differentiation in your respective markets.
Douglas Crockford of JSON fame said it: “The good thing about reinventing the wheel is that you can
MARK STANISLAV
BRIAN SPECTOR
get a round one.” SAML used to be the new kid on the block, and now it’s the graybeard. We face
Security Evangelist, Duo Security
CEO, CertiVox
DIDIER PERROT
JOSH ALEXANDER
PANEL MEMBERS:
that force us to reevaluate exactly how we secure, identity-enable, and access-control everything. How much of an answer do emerging interop standards such as OAuth, OpenID Connect, and UMA
CEO, inWebo CEO & Co-Founder, Development Toopher
provide? What remains to be solved?
Breakout Sessions
With the recent increase in breaches, there has been a lot of dialogue around the use of identity
THE NEW VENN OF ACCESS CONTROL IN THE API-MOBILE-IOT ERA
API management and security challenges, and an explosion of mobile devices and even “IoThings,”
Page 20
CONTEXTUAL IDENTITY AS A DIFFERENTIATOR
IRM Summit 2014
http://irmsummit.com/us/agenda
Breakout Sessions
Page 21
DAY 2 - TRACK 1 PAUL MEZZERA Principal Security Architect, McKesson 10:30 AM
Introduces:
Casa Grande ADDING RELATIONSHIP MANAGEMENT TO IDENTITY: It’s A Must For Customer-Obsessed Companies McKesson is deploying a Federated Identity Service that improves access for all users. The federated identity hub unifies data stores for a single 360 degree view of users, regardless of their source, while simultaneously speeding up application deployment and improving security and compliance. Find out
INTELLIGENT IDENTITY OVERLAY
how a fully integrated attribute server, rich user profile, and a unified directory can help your business deliver finer-grained access control and SSO.
• Rapid Deployment Reduces Project Timelines for Months to Minutes • Full Mobile/Device Recognition Support and Management • Proven Track Record
JONI BRENNAN
• Direct 24x7x365 Integration and Monitoring Via our Managed Services Platform
Executive Director, Kantara Initiative 11:00 AM
CONTEXT HAS ARRIVED AT THE IRM COMMUNITY REVOLUTION Joni Brennan discusses IRM from a community-based perspective. At Kantara Initiative, communities are getting engaged in IRM peer review. How does industry “do” IRM? Who’s leading the revolution and how can you take advantage? What’s next regarding studies and adoption? We’re moving into
WWW.SYNTEGRITYNET.COM
the next era of identity services and one thing is for sure: context, context, context has arrived and it’s here to stay. Join us to discuss the new frontier of Identity - contextual, agile, business-driven, privacyrespecting, and relationship-based.
IAN GLAZER Senior Director, Identity, salesforce.com
STRONGER AUTHENTICATION? CHANGE YOUR EXPERIENCE.
11:30 AM
THE LAW OF RELATIONSHIPS: A Work In Progress Traditional IAM techniques are not optimized for the world our industry faces—a world populated by innumerable things and the complicated interactions between people and those things. Such a world runs on relationships. As we enhance IAM to be vitally relevant in such a world, the question remains as to how we should guide it. Topics that will be covered in this interactive session include:
FOR OPENAM
Location-based Multifactor Revolutionizing Strong Security with Patented Invisible User Experience
• Why “relationship” is not well understood by IAM systems and approaches today • How principles are needed to guide the development of IAM • What are some starting “laws“ of relationships
FRANCISCO KATTAN www.toopher.com
VP Marketing, Exadel
ALLAN FOSTER
MOBILE APPLICATION DEVELOPMENT (APPERY.IO) Hear how Exadel and ForgeRock are working together to reduce the complexity of mobile application development while also ensuring user and data security.
ForgeRock 12:00 PM
Page 22
Breakout Sessions
IRM Summit 2014
http://irmsummit.com/us/agenda
Breakout Sessions
Page 23
DAY 2 - TRACK 2 CHRIS SILVEIRA Manager, Fraud Intelligence, Guardian Analytics
Mesa USING BEHAVIOR TO IMPROVE SECURITY AND ENHANCE RELATIONSHIPS Insights into how your individual customers behave create unique opportunities to build customer
10:30 AM
trust, expand customer relationships and increase revenue. Knowing details about customer interactions such as how, when and where each customer typically engages with you, what online services they access, and from what device leads to a depth of customer knowledge that can be used to not only better protect access to customers’ systems, but also to identify ways to increase the relationship you have with them and the value they receive from you. This presentation will explain how behavioral analytics works and how it integrates with identity relationship management to provide new insights into customer behavior across applications, devices and services.
ADAM DOLBY
BORDERLESS SECURITY FOR UNBOUNDED ACCESS
VP Business Development, Encap Security
With the evolution of identity relationship management, users expect the same level of functionality and security on their mobile devices, connected to a public cloud, for example, as they expect on
11:00 AM
their desktops connected to a private network. This session will discuss how a smart-device can be turned into a banking-grade security credential; providing hardware-independent remote access that bridges the gap between speed and reliability, security and usability, and the physical and the digital, and enables a new generation of innovative services and applications. The result is a frictionless user experience that will increase adoption and use of services and applications, reduce the risk of fraud and reputational damage through security breaches, and lead to a greater ROI for cloud and mobile services. The presentation will include a demonstration.
DIRK HOGAN Sr Software Engineer, ForgeRock
ELECTRIC DREAMS: The Rise of Machine to Machine Communication In Star Trek the universal translator was a device used to decipher and interpret alien languages
11:30 AM
into the native language of the user. This device allowed Captain Kirk and Commander Spock to communicate with a universe of different species. Coming back to reality… we see more and more machines coming online, many of which speak “different” languages. The old way of doing machine to machine communications, WS-Trust, was overly complex and never gained traction. A new model is required to flexibly deploy IoT solutions over the coming years. In this session we will recap the tragic history of WS* and introduce a next-generation, simpler, kinder web services security model and token translation service.
JEAN-FRANCOIS RUBON
SIMALLIANCE
SIMalliance member representative, Gemalto
What UICC Security Means for NFC.
12:00 PM
Page 24
Breakout Sessions
IRM Summit 2014
http://irmsummit.com/us/agenda
Breakout Sessions
Page 25
DAY 2 - TRACK 3 WARREN STRANGE Principal Systems Engineer, ForgeRock 10:30 AM
SPONSORS
Flagstaff CUSTOMER INTELLIGENCE: Using the ELK Stack (Elasticsearch, Logstash and Kibana) to Analyze ForgeRock OpenAM Audit Data
DIAMOND SPONSOR
In this breakout we will show you how to use Logstash to collect audit data from OpenAM, OpenDJ and OpenIDM, giving you a new view on customer behavior. We will feed this data into Elasticsearch, and demonstrate how to visualize the data using Kibana. The ELK stack allows you to perform ad hoc queries across your audit data to look for anomalies or to spot interesting trends.
PETER MAJOR Support Engineer, ForgeRock
Thank you to our enthusiastic sponsors for making the Identity Relationship Management Summit possible!
IDP PROXY CONCEPT: Accessing Identity Data Sources Everywhere! With the rise of digital citizen platforms, next-generation customer portals, and cloud services, it is
11:00 AM
TM
GOLD SPONSORS
more and more common that applications/services need to be accessible from several different identity sources. When dealing with SAMLv2-based federation deployments, one way to handle these use cases is to leverage the IdP Proxy concept. The IdP Proxy is essentially an intermediary component between the application (Service Provider) and the different Identity Providers. The IdP Proxy setup can also be used to handle more complex use cases as well, such as the European Secure identity across borders (STORK) project in Europe. STORK aims to provide a European eID Interoperability Platform that allows citizens to establish new e-relationships across borders, just by presenting their national eID. In this presentation the IdP proxy concept will be presented to the audience and then the STORK project will be briefly introduced.
JAMIE NELSON VP Engineering, ForgeRock
JONATHAN SCUDDER OpenAM Lead Architect & Co-founder, ForgeRock
JAKE FEASEL
INCREDIBLE EDIBLE IDENTITY: Rise of the Atomic Architecture … KABOOM!!!! The demand for delivering identity at a fast pace is mission-critical. We can no longer expect companies to deploy lots of monolithic applications. We also need to architect and build identity smarter to make it simpler to deploy, with more common services and more elegant forms of integration. In this session we will demonstrate the benefits of a modular architecture and how it reduces deployment complexity.
Sr Software Developer, ForgeRock 11:30 AM
toopher
Page 26
Breakout Sessions
IRM Summit 2014
http://irmsummit.com/us/agenda
Summit Sponsors
Page 27
Page 28
Summit Sponsors
IRM Summit 2014
