graphtalks rome - identity and access management
TRANSCRIPT
Identity & Access ManagementLEVERAGING CONNECTIONS IN DATA WITH GRAPH DATABASES
GraphTalks, ROME - March 8, 2017
presented by
Lorenzo Speranzoni[:NEO4J AMBASSADOR]
https://neo4j.com/ambassador/
[:FOUNDER, CEO]
[:SPECIALIZED_IN]
[:PARTNER_WITH]
[:PARTNER_WITH]
[:SPECIALIZED_IN]
[:FOUNDED]
2016
Neo4j Contributors
20152011
First Spikes
2013
LARUS IS THE OFFICIAL DEVELOPER AND MAINTAINER OF THE NEW NEO4J 3.x JDBC DRIVER
neo4j 3.x
JAVA APPLICATION
JDBC
http://www.larus-ba.it/neo4j/en/tag/neo4j-jdbc/
LARUS IS THE CREATOR OF THE DOC2GRAPH PROJECT
http://www.larus-ba.it/neo4j/en/tag/doc2graph/
DOC2GRAPH
neo4j 3.x
and for the right reasonat the right time,Who gets access to what,
Identity & Access Management (IAM)
Presentation realized by Alessandro Svensson & Ryan Byod
& Access ManagementIdentity
Defining Identity
Presentation realized by Alessandro Svensson & Ryan Byod
& Access ManagementIdentity
The structure of organisations
Presentation realized by Alessandro Svensson & Ryan Byod
Traditional IAM-systems
2) Underlying assumption that organisations are
hierarchal
1) Static idea of Identity
Presentation realized by Alessandro Svensson & Ryan Byod
http://blogs.gartner.com/ian-glazer/2013/02/08/killing-iam-in-order-to-save-it/
IAM
Active Directory
SAP
Knowledge Base
CRM
HR-system
Ian Glazer
Presentation realized by Alessandro Svensson & Ryan Byod
http://blogs.gartner.com/ian-glazer/2013/02/08/killing-iam-in-order-to-save-it/
Customer Support
IAM
Active Directory
SAP
Knowledge Base
CRM
HR-system
ADD
Ian Glazer
Presentation realized by Alessandro Svensson & Ryan Byod
IAM
Active Directory
SAP
Knowledge Base
CRM
Customer Support
Inside Sales
HR-system
CHANGE
http://blogs.gartner.com/ian-glazer/2013/02/08/killing-iam-in-order-to-save-it/Ian Glazer
Presentation realized by Alessandro Svensson & Ryan Byod
IAM
Active Directory
SAP
Knowledge Base
CRM
Customer Support
Inside Sales
HR-system
LEAVE
http://blogs.gartner.com/ian-glazer/2013/02/08/killing-iam-in-order-to-save-it/Ian Glazer
Presentation realized by Alessandro Svensson & Ryan Byod
1) Identity is increasingly complex
What’s happening in the world of IAM?
Presentation realized by Alessandro Svensson & Ryan Byod
2) Traditional hierarchies are being revised1) Identity is increasingly complex
What’s happening in the world of IAM?
Presentation realized by Alessandro Svensson & Ryan Byod
2) Traditional hierarchies are being revised1) Identity is increasingly complex
What’s happening in the world of IAM?
3) Access Management is more and more about the relationships between users, partners, customers, things and their different touchpoint within organisations and eco-systems
Presentation realized by Alessandro Svensson & Ryan Byod
Emerging Complexity of Identity
Presentation realized by Alessandro Svensson & Ryan Byod
Complexity of Digital Identities
User identities Identity of Things
Serial # Unique idPersonal Customer Partner
Consumer Citizen
Presentation realized by Alessandro Svensson & Ryan Byod
Device <-> ServiceSecurity End to EndIdentity of users
Identity of things
Applications and services
Complexity of Digital Identities
Presentation realized by Alessandro Svensson & Ryan Byod
Identity Relationship ManagementIdentity Access Management
Applications and data
Endpoints
People
Customers (millions)
Partners and Suppliers
Workforce (thousands)
PCs Tablets
On-premises Private Cloud Public Cloud
Things (Tens of millions)
WearablesPhones
PCs
Customers (millions)
On-premises
Applications and data
Endpoints
People
Presentation realized by Alessandro Svensson & Ryan Byod
Access Management is traditionally designed with the underlying assumption that everything is hierarchal
Presentation realized by Alessandro Svensson & Ryan Byod
Access Management is traditionally designed with the underlying assumption that everything is hierarchal
Presentation realized by Alessandro Svensson & Ryan Byod
Rigid hierarchies have defined how we have built IAM-systems in the past
Presentation realized by Alessandro Svensson & Ryan Byod
Representing your organisation as a graph, enables you to build stronger
and more accurate IAM
Presentation realized by Alessandro Svensson & Ryan Byod
Parent-Child relationships
Ideal World
Query complex relationships in real-time
Real World
Presentation realized by Alessandro Svensson & Ryan Byod
How Neo4j is used in IAM
Presentation realized by Alessandro Svensson & Ryan Byod
1.Build your IAM as a Graph2.Augment your existing IAM with Neo4j
Different ways of adopting Neo4j
Presentation realized by Alessandro Svensson & Ryan Byod
http://neo4j.com/case-studies/telenor/
1. Building IAM as a Graph
Partner
• Employee ID• Partner ID• Digital credentials• Sales record• Job Performance
Customer
• Employee ID• Company ID• Digital credentials• Devices managed• Portal software• Maintenance
Employee
• Employee ID• Roles• Digital Identities• Digital credentials• Personal devices
Device
• Serial number• Digital credentials• Make & model• GPS location• IP-adress• Firmware• Maintenance
Consumer
• Full name• Date/place birth• Home adress• Eye & hair color• Height/weight• Email Adress
2. Augmenting existing IAM with a Graph
Presentation realized by Alessandro Svensson & Ryan Byod
Partner
• Employee ID• Partner ID• Digital credentials• Sales record• Job Performance
Customer
• Employee ID• Company ID• Digital credentials• Devices managed• Portal software• Maintenance
Employee
• Employee ID• Roles• Digital Identities• Digital credentials• Personal devices
Device
• Serial number• Digital credentials• Make & model• GPS location• IP-adress• Firmware• Maintenance
Leverage Cross-Silo Relationships to drive new business value
Name
CuID
Emp ID
Partner
Emp ID Company Y
Emp ID
GPS Loc GPS Loc
Emp ID Dig Serial#
GPS Loc GPS Loc Firmware
Serial#
Consumer
• Full name• Date/place birth• Home adress• Eye & hair color• Height/weight• Email Adress
Relationship Layer
2. Augmenting existing IAM with a Graph
Presentation realized by Alessandro Svensson & Ryan Byod
2. Augmenting existing IAM with a Graph
Dave
Safari/537.36 (184.71.215.10)
22
29
28
Tue Jan 16 22:29:35
UTC 2017Tue Jan 16 22:28:53 UTC 2017
Presentation realized by Alessandro Svensson & Ryan Byod
March, 24
June, 9
Alessandro SvenssonSolutions @ Neo Technology
Ryan BoydDeveloper Relations @ Neo Technology
https://www.slideshare.net/neo4j/identity-and-access-management-66349146
Kudos to Alessandro and Ryan for this amazing presentation !!
Thank you!