Securing Cloud and Mobile Pragmatic Enterprise Security Architecture

  • View
    34

  • Download
    0

Embed Size (px)

DESCRIPTION

Securing Cloud and Mobile Pragmatic Enterprise Security Architecture. Prabath Siriwardena (@prabath) WSO2 Director, Security Architecture. Within the first decade of the 21 st century – internet worldwide increased from 350 million to more than 2 billion . - PowerPoint PPT Presentation

Text of Securing Cloud and Mobile Pragmatic Enterprise Security Architecture

PowerPoint Presentation

Securing Cloud and Mobile Pragmatic Enterprise Security ArchitecturePrabath Siriwardena (@prabath)WSO2Director, Security ArchitectureWithin the first decade of the 21st century internet worldwide increased from 350 million to more than 2 billion.

2Mobile phone subscribers increased from 750 million to 5 billionToday its around 6 billion

3Only 30% of mobile users, password protect their mobile devices

4Many SaaS providers ignore multifactor authentication for mobile applications

5113 cell phones are lost or stolen every minute in the U.S and $7 million worth of smartphones are lost daily

662% of mobile workers currently use their personal smartphones for work7

http://www.websense.com/assets/reports/websense-2013-threat-report.pdf8Mobile Device Management systems need to be an integral part of the corporate Identity Management

9Cloud service providers are becoming mobile friendly with REST/JSON APIs

10OAuth 2.0 dominates Mobile and API security

11Avoid using Resource Owner Password OAuth grant type

12Mobile applications secured with OAuth can be vulnerable to phishing

13Your Facebook or Twitter account credentials can be quite easily phished through your mobile phone - than from a laptop computer14The need to bake-in client key and the secret key into the mobile app itself is an issue yet to solve15 OAuth has given a better failover capability to mobile applications in case of an attack16It takes an average of 20 seconds for a user to log into a resource17Single Sign On increases user productivity18Browser based Single Sign OnNative AppNative Web BrowserAuthorization Server (IdP)Mobile Device19

20Native Single Sign OnNative AppNative IdP AppMobile Device21

22OpenID Foundation is working on standardizing Native Single Sign On based on OpenID Connect23Federated Single Sign OnNative AppNative Web BrowserAuthorization Server (IdP)Mobile DeviceSAML2 IdPSAML2 IdP24Federated Single Sign On with heterogeneous Authorization Servers 25Secured / Confidential data channels26TLS, JSON Web Encryption (JWE)27Managed Cloud APIsMobile AppAPI GatewayCloud API28Thank You