graphtalks rome - identity and access management

Identity & Access ManagementLEVERAGING CONNECTIONS IN DATA WITH GRAPH DATABASES

GraphTalks, ROME - March 8, 2017

presented by

Lorenzo Speranzoni[:NEO4J AMBASSADOR]

https://neo4j.com/ambassador/

[:FOUNDER, CEO]

https://neo4j.com/ambassador/

[:SPECIALIZED_IN]

[:PARTNER_WITH]

[:PARTNER_WITH]

[:SPECIALIZED_IN]

[:FOUNDED]

2016

Neo4j Contributors

20152011

First Spikes

2013

LARUS IS THE OFFICIAL DEVELOPER AND MAINTAINER OF THE NEW NEO4J 3.x JDBC DRIVER

neo4j 3.x

JAVA APPLICATION

JDBC

http://www.larus-ba.it/neo4j/en/tag/neo4j-jdbc/

http://www.larus-ba.it/neo4j/en/tag/neo4j-jdbc/

LARUS IS THE CREATOR OF THE DOC2GRAPH PROJECT

http://www.larus-ba.it/neo4j/en/tag/doc2graph/

DOC2GRAPH

neo4j 3.x

http://www.larus-ba.it/neo4j/en/tag/doc2graph/

and for the right reasonat the right time,Who gets access to what,

Identity & Access Management (IAM)

Presentation realized by Alessandro Svensson & Ryan Byod

& Access ManagementIdentity

Defining Identity


& Access ManagementIdentity

The structure of organisations


Traditional IAM-systems

2) Underlying assumption that organisations are

hierarchal

1) Static idea of Identity


http://blogs.gartner.com/ian-glazer/2013/02/08/killing-iam-in-order-to-save-it/

IAM

Active Directory

SAP

Knowledge Base

CRM

HR-system

Ian Glazer


http://blogs.gartner.com/ian-glazer/2013/02/08/killing-iam-in-order-to-save-it/

Customer Support

IAM

Active Directory

SAP

Knowledge Base

CRM

HR-system

ADD

Ian Glazer


IAM

Active Directory

SAP

Knowledge Base

CRM

Customer Support

Inside Sales

HR-system

CHANGE

http://blogs.gartner.com/ian-glazer/2013/02/08/killing-iam-in-order-to-save-it/Ian Glazer


IAM

Active Directory

SAP

Knowledge Base

CRM

Customer Support

Inside Sales

HR-system

LEAVE

http://blogs.gartner.com/ian-glazer/2013/02/08/killing-iam-in-order-to-save-it/Ian Glazer


1) Identity is increasingly complex

What’s happening in the world of IAM?


2) Traditional hierarchies are being revised1) Identity is increasingly complex



2) Traditional hierarchies are being revised1) Identity is increasingly complex


3) Access Management is more and more about the relationships between users, partners, customers, things and their different touchpoint within organisations and eco-systems


Emerging Complexity of Identity


Complexity of Digital Identities

User identities Identity of Things

Serial # Unique idPersonal Customer Partner

Consumer Citizen


Device <-> ServiceSecurity End to EndIdentity of users

Identity of things

Applications and services

Complexity of Digital Identities


Identity Relationship ManagementIdentity Access Management

Applications and data

Endpoints

People

Customers (millions)

Partners and Suppliers

Workforce (thousands)

PCs Tablets

On-premises Private Cloud Public Cloud

Things (Tens of millions)

WearablesPhones

PCs

Customers (millions)

On-premises

Applications and data

Endpoints

People


Access Management is traditionally designed with the underlying assumption that everything is hierarchal


Rigid hierarchies have defined how we have built IAM-systems in the past


Representing your organisation as a graph, enables you to build stronger

and more accurate IAM


Parent-Child relationships

Ideal World

Query complex relationships in real-time

Real World


How Neo4j is used in IAM


1.Build your IAM as a Graph2.Augment your existing IAM with Neo4j

Different ways of adopting Neo4j


http://neo4j.com/case-studies/telenor/

1. Building IAM as a Graph

http://neo4j.com/case-studies/telenor/

Partner

• Employee ID• Partner ID• Digital credentials• Sales record• Job Performance

Customer

• Employee ID• Company ID• Digital credentials• Devices managed• Portal software• Maintenance

Employee

• Employee ID• Roles• Digital Identities• Digital credentials• Personal devices

Device

• Serial number• Digital credentials• Make & model• GPS location• IP-adress• Firmware• Maintenance

Consumer

• Full name• Date/place birth• Home adress• Eye & hair color• Height/weight• Email Adress

2. Augmenting existing IAM with a Graph


Partner

• Employee ID• Partner ID• Digital credentials• Sales record• Job Performance

Customer

• Employee ID• Company ID• Digital credentials• Devices managed• Portal software• Maintenance

Employee

• Employee ID• Roles• Digital Identities• Digital credentials• Personal devices

Device

• Serial number• Digital credentials• Make & model• GPS location• IP-adress• Firmware• Maintenance

Leverage Cross-Silo Relationships to drive new business value

Name

CuID

Emp ID

Partner

Emp ID Company Y

Emp ID

GPS Loc GPS Loc

Emp ID Dig Serial#

GPS Loc GPS Loc Firmware

Serial#

Consumer

• Full name• Date/place birth• Home adress• Eye & hair color• Height/weight• Email Adress

Relationship Layer




Dave

Safari/537.36 (184.71.215.10)

22

29

28

Tue Jan 16 22:29:35

UTC 2017Tue Jan 16 22:28:53 UTC 2017


March, 24

June, 9

Alessandro SvenssonSolutions @ Neo Technology

Ryan BoydDeveloper Relations @ Neo Technology

https://www.slideshare.net/neo4j/identity-and-access-management-66349146

Kudos to Alessandro and Ryan for this amazing presentation !!

https://www.slideshare.net/neo4j/identity-and-access-management-66349146

Thank you!