Upload
forgerock
View
388
Download
1
Embed Size (px)
Citation preview
© 2016 ForgeRock. All rights reserved.
No IoT Without Identity How Identity Tackles the IoT Challenge
Stein Myrseth, Technology Solutions Director Rob MacDonald Director, Product Marketing
1
© 2016 ForgeRock. All rights reserved.
2010 Founded 10 Offices worldwide, headquarters in San Francisco 400+ Employees 500+ Customers 50% Americas / 50% International Commercial Revenue 30+ Countries
ForgeRock is the leading, next-generation, identity security software platform, driving digital transformation.
© 2016 ForgeRock. All rights reserved.
$15T Impact of Digitalization
on Global Economic Value in 2020
90% Of Enterprises Suffered a Data Breach over the Last Year
50 Billion Connected Devices by 2020
$312B Cloud Software by 2019
12 Billion Mobile Devices by 2019
25 Million Software Developers by 2020
Global Trends Supporting Growth through Digital Transformation
Source: IDC Worldwide Internet of Things Forecast, 2015; IDC Digital Universe, 2014; Cisco VNI; Gartner Research; Evans Data; PwC
© 2016 ForgeRock. All rights reserved.
Connected Things Require Security
Cargo Container Energy Substation Smartphone Wearables Animals Shopping Cart Vehicles Bike Computer
Smart Meter
Stoplight
Parking Meter Sensor Camera Oil Barrel Forklift Buildings
Wind Turbine
Gas Pump
© 2016 ForgeRock. All rights reserved.
Identity Access Management Identity Relationship Management Customers (millions)
On-premises
People
Applications and data
PCs
Endpoints
Workforce (thousands)
Partners and Suppliers
Customers (millions)
On-premises Public Cloud
Private Cloud
People
Things (Tens of millions)
Applications and data
PCs Phones Tablets Smart
Watches Endpoints
Digital Transformation & Customer Engagement Require Identity Relationship Management (IRM)
© 2016 ForgeRock. All rights reserved.
Authoriza*on Federa*on
Iden*ty Workflow Self Service
Authen*ca*on
Iden*ty Synchroniza*on
Adap*ve Risk
Directory Services
User-‐Managed Access
Iden*ty Gateway
ForgeRock Identity Platform
© 2016 ForgeRock. All rights reserved.
ForgeRock Core Differentiation
Scale Scale Scale
Contextual Identity &
Trust
IoT Ready
Open Source
Unified Platform
Single View
© 2016 ForgeRock. All rights reserved.
Stein Myrseth Technology Solution Director – Office of the CTO
© 2016 ForgeRock. All rights reserved.
No Identity, No Security, Very little value…
© 2016 ForgeRock. All rights reserved.
Connected Things
Cargo Container Energy Substation Smartphone Wearables Animals Shopping Cart Vehicles Bike Computer
Smart Meter
Stoplight
Parking Meter Sensor Camera Oil Barrel Forklift Buildings
Wind Turbine
Gas Pump
© 2016 ForgeRock. All rights reserved.
Web 3.0 (Realtime)
Web 2.0 (Share)
Web 1.0 (Presence)
• Interactive, co-creative web, interoperable profiles, integrated games, education and business, augmented reality, multi device support, federated and global identities. Two factor, biometric, password less authentication. Adaptive and context driven authorization, and user managed access.
• Two way, blogs, wikis, video, podcasts, sharing, personal publishing, social networks, single sign-on, SAML federation, transactional web, secure payments
• Internet connected, retrieve data, multi-protocol, multi-vendor solutions
The Web Evolution
© 2016 ForgeRock. All rights reserved.
IoT 3.0 (Realtime)
IoT 2.0 (Share)
IoT 1.0 (Presence)
• Root of trust at the edge, onboard trusted identities, secure and trusted automation,
• data privacy. Cross IoT ecosystems trust and sharing with a single security domain across IoT, consumer, customers and enterprise
• Single device identities, secure connect and onboard, connect or pair consumer devices and users, enterprise collect and share data across consumers, customers and enterprise. Closed ecosystems, disconnected security across users and IoT
• Internet connected, retrieve data, multi-protocol, multi-vendor solutions
The IoT Evolution
© 2016 ForgeRock. All rights reserved.
Demo IoT 2.5
© 2016 ForgeRock. All rights reserved.
Stein Myrseth Technology Solution Director – Office of the CTO
© 2016 ForgeRock. All rights reserved.
Only one security breach is enough !
Everyone makes their own gateway, WHY ? They all face the same basic challenges - Access security - Authenticity - Secure communication - Application lifecycle management
© 2016 ForgeRock. All rights reserved.
IoT Reference Architecture
© 2016 ForgeRock. All rights reserved.
End-to-End IoT Identity Platform
BIG DATA Little Data End-to-End Security
Solutions
Edge
Identity Platform
• Consumers • Customers • Partners • Contractors • Employees • …
Device to Cloud
Platform Enterprise
© 2016 ForgeRock. All rights reserved.
• Thread • Zigbee • Z-wave • EnOcean • BLE • NFC • LoRa
Provisioning, reconciliation, notifications, workflow, events, interaction, scheduling, relationships, ownership, authentication, authorization, entitlement
IoT - Reconcile and Integrate
CoAP MQTT HTTP Websocket
Identity Platform
© 2016 ForgeRock. All rights reserved.
Connecting Identities Establish relationships across all assets based on trusted
identities across enterprise boundaries.
© 2016 ForgeRock. All rights reserved.
IAM in the age of the digital business is more typically characterized by a web of paths involving a variety of application locations, endpoint devices, and things.
Workforce (thousands)
Partners and Suppliers
Customers (millions)
On-premises Public Cloud
Private Cloud
People
Things (Tens of millions)
Applications and data
PCs Phones Tablets Smart
Watches Endpoints
Next Generation IAM
© 2016 ForgeRock. All rights reserved.
Is friend of
Flights
in Located at
Owns
Works at a
Lives at
Located at
Going to
Works
at
Identity Relationships Efficiently and Conveniently Driving Access
RELATIONSHIPS convey authorization
information
Can be used to FEED A POLICY ENGINE
TOGETHER WITH ATTRIBUTES
© 2016 ForgeRock. All rights reserved.
Relationship Based Access Control
ReBAC
© 2016 ForgeRock. All rights reserved.
IoT 3.0
© 2016 ForgeRock. All rights reserved.
How to make IoT 3.0 happen ! 1. IoT Security by design 2. Establish the “Root of trust” at the edge 3. Same security context from the edge to the enterprise 4. Establish trusted identities across ecosystems 5. Share security context with users to enable rich relations 6. Secure an trusted onboarding, no human intervention 7. Real time device to device authorization
© 2016 ForgeRock. All rights reserved.
Summary
• Trusted identities is the only way to drive real value from IoT investment
• Trusted IoT identities starts at the edge • Only a single IoT identity domain can bridge IoT ecosystems • Without trusted identities
• No secure IoT automation • No trusted IoT identity lifecycle management • No way to establish ownership, responsibility, legal • No way to trust the source of your data • No privacy
© 2016 ForgeRock. All rights reserved.
Find Out More • Contact us
• https://www.forgerock.com/contact/ • Smart City, Smart Customer and Smart Healthcare
• www.forgerock.com • Blog
• https://www.forgerock.com/blog/ • Twitter
• @ForgeRock • Community
• www.forgerock.org • GitHub - https://github.com/ForgeRock
• Right to the source: • Stein: [email protected] • Rob: [email protected]