twelve diagrams to save your identity bacon
DESCRIPTION
ROBERT LAPES, Head of Identity Advisory Services, Capgemini, at the European IRM Summit 2014.TRANSCRIPT
Venn and the art of Identity Relationship
Management
Using diagrams to save your identity bacon
Robert Lapes
• 30 years experience in I.T.• 10 years of identity program
assurance• Head of IAM Advisory Services• Capgemini UK’s IAM practice• 120,000 staff in 40 countries• 200+ identity specialists worldwide
Agenda
1. IRM context2. Why diagrams?3. What diagrams?– Identity– Relationships– Management
4. Summary and questions
context
IRMis the new
IAM
IRM’s four business pillars
1. CONSUMERS and THINGS over employees2. ADAPTABLE over predictable3. TOP LINE REVENUE over operating
expense4. VELOCITY over process
IRM’s four technical pillars
1. INTERNET SCALE over enterprise scale2. DYNAMIC INTELLIGENCE over static
intelligence3. BORDERLESS over perimeter
4. MODULAR over monolithic
scale complexityadaptable
dynamicbigger faster
connected diverse
decentralisationnon-linearity
IRM
Scale
Complexity
IxMInternet
Why diagrams?
We learn mainly by sight
Sight Hearing Touch Smell Taste0%
10%
20%
30%
40%
50%
60%
70%
80% 75%
13%
6%3% 3%
We can process large amounts of visual data
Writing is a recent invention
identity diagrams
Georg Hegel
PhilosopherNewspaper editorHeadmaster1770 – 1831
Hegelian Dialectic
Georg Hegel
“Identity is the identity of identity and non-identity.”
particularity
universality
individuality
• " CryptographerPrivacy expert
b. 1973 Canada
Inventor of the “Nymity Slider”
Prof. Ian Goldberg
• "“Privacy and national
security are like opposite ends of a
slider,“
• " "Technology is like a magnet that allows
individuals to pull that slider back toward
themselves.“
The Nymity Slider
John Venn
TheologianLogicianCricketer1837 – 1923
Inventor of theVenn diagram
Similar to Euler diagram
Business Partners
Anonymous
CustomersMyAccount
relationship diagrams
Prof. Jiro Kawakita
AnthropologistMountain climberPlant collector1920 – 2009
Inventor of theAffinity diagram
“Let the facts speak for themselves”
•Too many facts or ideas in apparent chaos• Issues are too large and complex to grasp •Group consensus
KJ Method or Affinity diagram
Prof. Peter Chen
Computer scientistInventor of the Entity-Relationship modelb. 1947
“Entities and relationships are a natural way to organize physical things as well as information … “
“… The ER concept is the basic fundamental principle for conceptual modelling. It has been with us since thousands of years ago and will be with us for many years to come.”
Entity–relationship model
2 Registrar5 Attribute Authority
Registers for identity
Issues identifier
Enrols for service
Assur
ance
4 Credential Authority
Asserts access claim
Issues credential
Authe
ntica
tion
Provides service
Circle of Trust
Authorisation
1 Policy 6 Governance
Subject
Identity service
Authentication service
Reliant party
Access service
2 Entity3 Service
or Resource
Prof. Shigeru Mizuno
Quality management guru
Inventor of matrix diagram
Matrix diagram
4
3
2
1
0
Minimal
Minimal
Minimal
Minimal
1
Low
Low
Low
Minimal
2
Moderate
Moderate
Low
Minimal
3
High
Moderate
Low
Minimal
4
Str
ength
of
Regis
trati
on
Strength of Authentication Mechanism
Matrix diagram
Source: Eve Maler
Matrix diagram
SAP Microsoft IBM
Security strong positive strong positive strong positive
Functionality strong positive neutral positive
Integration positive positive positive
Interoperability positive neutral positive
Usability positive neutral neutral
Innovativeness positive neutral positive
Market Position positive strong positive strong positive
Financial Strength
strong positive strong positive strong positive
Ecosystem positive strong positive strong positive
Matrix diagramTOGAF Policy
Entities & Identity
Resources & Assets
Authentication & Credentials
Authorization & Access
Operation & Governance
1 Vision
2Business Architecture
3Information System Architecture
4Technology Architecture
5Opportunities & Solutions
6Migration Planning
7Implementation Governance
8Change Management
9 Requirements
Y-Matrix Diagram
management diagrams
Dr W. Edwards Deming
Father of modernquality control
Quality management
guru
1900 - 1993
“It is not enough to do your best; you must know what to do and then do your
best.”
The Deming Cycle
The Deming Cycle
Do
Check
Act
Plan
PolicyReview
EntityReview
ResourceReview
Authentication
Review
AccessReview
Governance&
OperationalReview
Entityscope
Collection and
consolidation
Verificationand
validation
Reconcile &remediation
Authoritativeentities
Resourcescope
Impact analysis
Resource classificatio
n
Classification
remediation
Authoritative
classification
Enrolment and
authorisation scope
Collection and
consolidation
Mapping andvalidation
Reconcile and
remediation
Authoritativeaccess control
Contextscope
Workflow and event collection
Context analysis
Review and certify
Authoritativecontext
Identifier andcredential
scope
Collection and
consolidation
Mapping andvalidation
Reconcile and
remediation
Authoritative identifiers
and credentials
Policyscope
Collection and
consolidation
Policy review
Policyremediation
Authoritativepolicy
Matthew Henry Phineas Riall Sankey
Engineer
Introduced the first energy flow diagram
1853 – 1926 Ireland
Internet traffic 2010
summaryand
questions
scale complexityadaptable
dynamicbigger faster
connected diversedecentralisation
non-linearity
IRM is the new IAM
Why diagrams?
• Data can be hard to understand especially in written form.
• Diagrams help us understand complex data and information and identify complex relationships.
• We learn better visually.
These people developed diagrams to make life easier
to understand
Thank you
Contact information
Insert contact picture
Robert LapesIdentity [email protected]
Capgemini UK | Bristol (Toltec)Tel: +44 0 870 194 6658
Insert contact picture
Andrew CritchleyIAM Proposition Lead andrew.critchley @capgemini.com
Capgemini UK | SaleTel: + 44 (0)7891 154281