View
30
Download
0
Category
Preview:
DESCRIPTION
Smart Card meets Identity & Access Management – The key to your security. CeBIT 2004. A modular HiPath Portfolio. optiClients, optiPoints & Portals. Business Applications. Business Applications. HiPath MetaDirectory HiPath SIcurity HiPath MetaManagement & QoS. HiPath MobileOffice. - PowerPoint PPT Presentation
Citation preview
6,00
0,00
8,00
Informationand Communication Networks
CeBIT 2004
Smart Card meets Identity & Access Management –The key to your security
Information and Communication Networks
6,00
0,00
8,00
HiPath Servers & Gateways
HiP
ath
Com
Sce
ndo
HiP
ath
Pro
Cente
r
HiP
ath
OpenSca
pe
HiP
ath
Mobile
Offi
ce
Oth
er
Applic
ati
ons
HiP
ath
M
eta
Dir
ect
ory
HiP
ath
SIc
uri
ty
HiP
ath
M
eta
Managem
ent
& Q
oS
optiClients, optiPoints & Portals
HiPath Services
A modular HiPath Portfolio
HiPath is a comprehensive portfolio of modular, multi-function software, services and supporting hardware.
Business Applications Business Applications
Information and Communication Networks
6,00
0,00
8,00
HiPath Servers & Gateways
HiP
ath
Com
Sce
ndo
HiP
ath
Pro
Cente
r
HiP
ath
OpenSca
pe
HiP
ath
Mobile
Offi
ce
Oth
er
Applic
ati
ons
optiClients, optiPoints & Portals
HiPath Services
A modular HiPath Portfolio
HiPath is a comprehensive portfolio of modular, multi-function software, services and supporting hardware.
Business Applications Business Applications
HiP
ath
M
eta
Dir
ect
ory
HiP
ath
SIc
uri
ty
HiP
ath
M
eta
Managem
ent
& Q
oS
Information and Communication Networks
6,00
0,00
8,00
HiPath SIcurity in the Modular HiPath Portfolio
HiP
ath
SIc
uri
ty
HiPath SIcurity
Solutions
It’s all right to laugh for who is allowed in
Only Mr. Right is welcome
The first step is always security
Protected in networks
Security Analysis and
Consulting
Security Analysis and
Consulting
Smart Card-Based
Solutions
Smart Card-Based
Solutions
Identity & Access
Management
Identity & Access
Management
Netzwerk & System Security
Netzwerk & System Security
Information and Communication Networks
6,00
0,00
8,00
One smart card as unique ID card for all of your IT and communication
applications
Smart Card-Based Identity Management
Why Siemens?
Information and Communication Networks
6,00
0,00
8,00
Cost-effective processes
Security
One solution for several applications
ChallengesSmart Card-Based Identity Management
Ease-of-use
Up-to-date data
Information and Communication Networks
6,00
0,00
8,00
Secure processes, state-of-the art security
solutions
Central user rights
management, high availability
User-friendly solution
Cost reduction and fast RoIAccelerated business
processes
Multifunctional Smart Card
Challenges and Benefits forSmart Card-Based Identity Management
Several applications
Cost-effective processes
Ease-of-use
Consistent security
Up-to-date data
Information and Communication Networks
6,00
0,00
8,00
A smart card as multifunctional ID card for all IT and communication applications
A smart card replaces all functions of existing island solutions for different access and security mechanisms, e.g. SecurID Token, transponder, passwords and more
Siemens is the most competent general contractor for large-scale smart card projects – from smart card and security infrastructure to smart card applications andintegration into existing systems
Siemens is your partner to talk to for the entire project.
HighlightsSmart Card-Based Identity Management
Information and Communication Networks
6,00
0,00
8,00
Optimal security Protection of confidential information against
unauthorized access Secure and confidential communications Secure identification of your communication partner Consistent strong protection of business processes
Enhanced efficiency High degree of process automation Acceleration of your business flows Integration into existing processes and infrastructures
Decisive Factors for Value-Add
Information and Communication Networks
6,00
0,00
8,00
Economy
Reduce capital costs
Reduce operati-
onal costs
Increase poduc-tivity
PayBack
HiPath Business Case Builder: Planning in a secure and transparent manner
Process acceleration
Central Identity Management
Information security
Protection of confidential
information against misuse
Up-to-date data
Automation of yourIT processes
Investment protectionIntegration into
existing infrastructures
Information and Communication Networks
6,00
0,00
8,00
Customer
HiPath Services: Global Customer centric One Stop Shopfor Real Time Communications Services
HiPath Lifecycle ServicesHiPath Lifecycle Services Installation and Commissioning Maintenance and related Services Channel Services Disassembly and Recycling Training
HiPath Professional Services
HiPath Professional Services
HiPath Managed ServicesHiPath Managed Services Enterprise Network Operations Managed Security Services Help Desk Services Business Continuation Services Network Application Services
We offer you Security Services for value added• Risk Analysis • Design workshops for customizing
solutions Implementation workshop• Implementation workshop• Administrator and employee
trainings
Information and Communication Networks
6,00
0,00
8,00
LösungLösung
Info Portal - Our OfferingSmart Card-Based Identity Management
Siemens ProductsSiemens Products
Application ScenarioApplication Scenario
Examples for Every-Day
Applications
Examples for Every-Day
Applications
SolutionSolution
Infrastructure
Central data management and provisioning using a Metadirectory
Integration of a Public Key Infrastructure
Production of personal smart cards
Applications
PC access with Personal certificate Email encryption & signature Signature of
documents
Infrastructure
Central data management and provisioning using a Metadirectory
Integration of a Public Key Infrastructure
Production of personal smart cards
Applications
PC access with Personal certificate Email encryption & signature Signature of
documents
Information and Communication Networks
6,00
0,00
8,00
SolutionSolution
Info Portal - Our OfferingSmart Card-Based Identity Management
Siemens ProductsSiemens Products
Application ScenarioApplication Scenario
Examples for Every-Day
Applications
Examples for Every-Day
Applications
Siemens ProductsSiemens Products
HiPath SIcurity CardOS
Certified smart card operating system for corporate badge and ID Card projects
HiPath SIcurity Card MakerSecure, high-performance smart card personalization system
HiPath SIcurity Card APIStandard crypto interfacefor using certificate-based applications using the smart card
HiPath SIcurity Identity & Access Management
Identity Management solutions one-stop shopping including authentication and authorization
HiPath SIcurity CardOS
Certified smart card operating system for corporate badge and ID Card projects
HiPath SIcurity Card MakerSecure, high-performance smart card personalization system
HiPath SIcurity Card APIStandard crypto interfacefor using certificate-based applications using the smart card
HiPath SIcurity Identity & Access Management
Identity Management solutions one-stop shopping including authentication and authorization
Information and Communication Networks
6,00
0,00
8,00
SolutionSolution
Info Portal - Our OfferingSmart Card-Based Identity Management
Siemens ProductsSiemens Products
Application ScenarioApplication Scenario
Examples for Every-Day
Applications
Examples for Every-Day
Applications
Application ScenarioApplication ScenarioPersonalization of thesmart card with certificate
Generating the identity and distribution to
target systems / provisioning
Entering a user into the Directory
Using the smart cardfor various applications
Information and Communication Networks
6,00
0,00
8,00
SolutionSolution
Info Portal - Our OfferingSmart Card-Based Identity Management
Siemens ProductsSiemens Products
Application ScenarioApplication Scenario
Anwendungen
im Alltag
Anwendungen
im Alltag
Examples for Every-Day
Applications
Examples for Every-Day
Applications
Corporate ID Card
Health ProfessionalCard
Campus Card
Information and Communication Networks
6,00
0,00
8,00
Practical Scenario – Smart Card-Based Identity Management
In the corpo-rate directory a data record is generated for the user (identity)
The identity is synchronized in the distribu-ted IT systems
Personal-lization is performed based on the guaranteed identity
Employee can use applications:
Process
Digital Signature
Remote LAN Access
Secure EmailSecure PC Logon
Meta Directory Synchronization Personalization on smart card
Information and Communication Networks
6,00
0,00
8,00
Smart Card-Based Identity Management
PKI
Smart Card operating system
HiPath SIcurity CardOS
Chip
Smart CardPersona-lization
Directory
PC Logon
Signature
EmailSecurity
Interface to PKI
applications
HiPath SIcurity
Card Maker
HiPath SIcurity Identity Management
Public KeyInfrastructure
HiPath SIcurity Card API
(Documents)
Information and Communication Networks
6,00
0,00
8,00
HiPath SIcurity Card API
Standard crypto-interface for using certificate-based applications based on smart cards
HiPath Security Products in the - Practical scenario -
HiPath SIcurity Card Maker
Secure, high performance smart card personalization system
HiPath SIcurity Identity & Access Mgt.
Identity Management solutions one-stop-shopping including Authentication and authorization
HiPath SIcurity CardOSCertified smart card operating system for corporate badge and ID card projects
Information and Communication Networks
6,00
0,00
8,00
HiPath SIcurity Card Maker
Features Personalization of smart cards with contact-
based (optionally also contact-free) chips in ONE step
Writing security-relevant data onto the smart card for a number of applications such as e-mail encryption and building access control
Import of user information from existing database systems
Integration for many CAs* and card management systems
Secure, high-performance smart card personalization system
Customer Benefits
Flexible integration in various smart card management systems
Interoperability with any relevant customer environment
Complete, fast personalization of corporate badges in ONE step and subsequent immediate use
Post-personalization of smart cards already issued for new applications * Certificate Authority
Bell ID
Siemens SIPORT
VPS
Database of CA*
HiPath SIcurity Card Maker
Entrust CA
Guardeonic CA
Microsoft CA
Data
Card management database
Information and Communication Networks
6,00
0,00
8,00
HiPath SIcurity CardOS
Features
Compatibility with international standards (ISO 7816) and certification as per ITSEC E4-high (German law on digital signatures)
Separate management of applications due to hierarchically structured file system
Comprehensive management of access rights
Clearly structured, modular system architecture, extensible by functions and algorithms
HiPath SIcurity
CardOS Card
Certified smart card operating system for corporate card and ID card projects
Customer Benefits
Fast implementation of the operating system in standard environments
Yet flexibility due to fast modifications to or extensions of the existing functionality
Multi-functionality: one card supports various applications
Storage of security-sensitive data (keys, certificate) on a hardware token protected against spoofing
Information and Communication Networks
6,00
0,00
8,00
HiPath SIcurity Card API
Features
Interface between hardware token with HiPath SIcurity CardOS and applications using crypto functions such as browsers and secure mail
Parallel provision of the common crypto- interfaces (PKCS#11, Microsoft CSP)
Using the same keys and certificates on one token using PKCS#11 as well as Microsoft CSP
Standard crypto interface to use certificate-based applications
Customer Benefits
Comfortable use of the same keys / certificates using several interfaces and in several applications
Simplified integration in various scenarios through a standard interface
Uniform connection of all certificate-based applications to the hardware token * Application
Programming Interface
PC accessAccess to procedures
Secure E-Mail
Signature ofDocuments
Remote access (RLA) /encryption (VPN)
Crypto Service Provider (CSP)Crypto Service Provider (CSP)
PKCS#11 Module PKCS#11 Module
Card API*
Applications with HiPath SIcurity CardOS
Information and Communication Networks
6,00
0,00
8,00
Customer Benefits
DirXmetahub Investment protection for existing systems
Standardization of processes, applications und infrastructures of information & communications
DirXmetaRole Fastest possible, automated assignment of
access rights for internal and external users Fastest possible reaction to new or changed
access rights
Features
DirXmetahub Consistent, standardized data for users and
applications Strongly enhanced quality and up-to-dateness of
data
DirXmetaRole Drastic reduction of efforts for access right
management Standardized top level security control for
administrators due to compatibility with the standard RBAC (Role-Based Access Control)
HiPath SIcurity - DirX Solutions Identity & Access Management
What?Rolls
RightsRolls
Rights
When?
PoliciesRules
PoliciesRules
IT systemsResources
Applications
IT systemsResources
Applications
Access to what?
Who?
Employee
PartnerPartner
CustomerCustomer
Information and Communication Networks
6,00
0,00
8,00
Examples for Every-Day Applications- Corporate ID card -
09:00 h09:10 h
09:15 h
12:00 h
14:00 h
15:00 h
16:00 h
17:30 h
18:00 h
19:00 h
Time logging
Authentication for starting PC and further PC applications
Paying for lunch at the canteen
Setting up a protected connection to the corporate network from the customer’s Signing a proposal in PDF format directly at the customer’s
Mailing an encrypted revised concept design to the customer
Access to the company’s parking lot and the office
Travel expenses are accounted for via an Intranet portal using digital signatureTime logging when leaving the office
Access to the company’s parking lot and the office
Leaving the company grounds to visit customers
13:00 h
Information and Communication Networks
6,00
0,00
8,00
Examples for Every-Day Applications - Health Care -
08:00 h
08:15 h
08:30 h
09:00 h
09:30 h
11:00 h
14:00 h
14:15 h
Access to the doctors’ office
Access to special wards such as newly born child unit and laboratory
Authentication at the PC and access to patients’ data
Authentication towards a knowledge database for physiciansSetting up a VPN connection for consulting a specialist
Encrypted mailing of the diagnosis to the practitioner
Signing a diagnosis before storing it
Access to the doctors’ parking lot
.
.
.
12:00 h Paying for lunch at the canteen
Information and Communication Networks
6,00
0,00
8,00
Examples for Every-Day Applications - Campus Card -
Enrolling for the term and for the disciplines chosen
Paying tuition fees, copy jobs, fines for late payments and meals at the students’ restaurant using the smart cardMaking online reservations for books following successful authentication
Digitally signing and submission of term papers
Signing up for exams and inquiring about the results online
Remote access to centrally stored contents
Encoded data exchange in case of studies performed externally in companies
Card is issued upon registration
Information and Communication Networks
6,00
0,00
8,00
Customer ReferencesHiPath SIcurity Smart Card - Solutions
Industry &Automobile
Financial Services
Telecommunications
Government Authorities
Information and Communication Networks
6,00
0,00
8,00
Resilience in Communications
The modular HiPath architecture
creates a
resilient and cost-effective communication environment
that facilitates
heightened business productivity
and efficient business processes
Information and Communication Networks
6,00
0,00
8,00
Workgroups
Individuals
Partners Customers
Security
Management
HiPath Customer Value
Op
Ex
Pro
du
cti
vit
yC
ap
ex
Enhance Business Productivity at All Levels by Optimizing Communication Among Individuals, Workgroups, Partners &
Customers.
Information and Communication Networks
6,00
0,00
8,00
Enterprise
LifeWorksLifeWorksCarrier
Consumer
LifeWorks is our concept for the business communication.It links enterprise networks with carrier networks and
makes the applications that run on the enterprise network available everywhere.
Enterprise solutions contribute to Lifeworks Concept
Information and Communication Networks
6,00
0,00
8,00
WANCellular
PSTN VPN
Unified Domain
Branch OfficeMobile Worker Home Office Headquarters
Central Office/Data Center
Unified User Experience
Mobility Client IP Client Survivable Media Gateways
LifeWorks Concept:Unified Domain, Unified User Experience
Recommended