26
© 2016 ForgeRock. All rights reserved. No IoT Without Identity How Identity Tackles the IoT Challenge Stein Myrseth, Technology Solutions Director Rob MacDonald Director, Product Marketing 1

No IoT Without Identity

Embed Size (px)

Citation preview

Page 1: No IoT Without Identity

© 2016 ForgeRock. All rights reserved.

No IoT Without Identity How Identity Tackles the IoT Challenge

Stein Myrseth, Technology Solutions Director Rob MacDonald Director, Product Marketing

1

Page 2: No IoT Without Identity

© 2016 ForgeRock. All rights reserved.

2010 Founded 10 Offices worldwide, headquarters in San Francisco 400+ Employees 500+ Customers 50% Americas / 50% International Commercial Revenue 30+ Countries

ForgeRock is the leading, next-generation, identity security software platform, driving digital transformation.

Page 3: No IoT Without Identity

© 2016 ForgeRock. All rights reserved.

$15T Impact of Digitalization

on Global Economic Value in 2020

90% Of Enterprises Suffered a Data Breach over the Last Year

50 Billion Connected Devices by 2020

$312B Cloud Software by 2019

12 Billion Mobile Devices by 2019

25 Million Software Developers by 2020

Global Trends Supporting Growth through Digital Transformation

Source: IDC Worldwide Internet of Things Forecast, 2015; IDC Digital Universe, 2014; Cisco VNI; Gartner Research; Evans Data; PwC

Page 4: No IoT Without Identity

© 2016 ForgeRock. All rights reserved.

Connected Things Require Security

Cargo Container Energy Substation Smartphone Wearables Animals Shopping Cart Vehicles Bike Computer

Smart Meter

Stoplight

Parking Meter Sensor Camera Oil Barrel Forklift Buildings

Wind Turbine

Gas Pump

Page 5: No IoT Without Identity

© 2016 ForgeRock. All rights reserved.

Identity Access Management Identity Relationship Management Customers (millions)

On-premises

People

Applications and data

PCs

Endpoints

Workforce (thousands)

Partners and Suppliers

Customers (millions)

On-premises Public Cloud

Private Cloud

People

Things (Tens of millions)

Applications and data

PCs Phones Tablets Smart

Watches Endpoints

Digital Transformation & Customer Engagement Require Identity Relationship Management (IRM)

Page 6: No IoT Without Identity

© 2016 ForgeRock. All rights reserved.

Authoriza*on   Federa*on  

Iden*ty  Workflow   Self  Service  

Authen*ca*on  

Iden*ty  Synchroniza*on  

Adap*ve  Risk  

Directory  Services  

User-­‐Managed  Access  

Iden*ty  Gateway  

ForgeRock Identity Platform

Page 7: No IoT Without Identity

© 2016 ForgeRock. All rights reserved.

ForgeRock Core Differentiation

Scale Scale Scale

Contextual Identity &

Trust

IoT Ready

Open Source

Unified Platform

Single View

Page 8: No IoT Without Identity

© 2016 ForgeRock. All rights reserved.

Stein Myrseth Technology Solution Director – Office of the CTO

Page 9: No IoT Without Identity

© 2016 ForgeRock. All rights reserved.

No Identity, No Security, Very little value…

Page 10: No IoT Without Identity

© 2016 ForgeRock. All rights reserved.

Connected Things

Cargo Container Energy Substation Smartphone Wearables Animals Shopping Cart Vehicles Bike Computer

Smart Meter

Stoplight

Parking Meter Sensor Camera Oil Barrel Forklift Buildings

Wind Turbine

Gas Pump

Page 11: No IoT Without Identity

© 2016 ForgeRock. All rights reserved.

Web 3.0 (Realtime)

Web 2.0 (Share)

Web 1.0 (Presence)

• Interactive, co-creative web, interoperable profiles, integrated games, education and business, augmented reality, multi device support, federated and global identities. Two factor, biometric, password less authentication. Adaptive and context driven authorization, and user managed access.

• Two way, blogs, wikis, video, podcasts, sharing, personal publishing, social networks, single sign-on, SAML federation, transactional web, secure payments

• Internet connected, retrieve data, multi-protocol, multi-vendor solutions

The Web Evolution

Page 12: No IoT Without Identity

© 2016 ForgeRock. All rights reserved.

IoT 3.0 (Realtime)

IoT 2.0 (Share)

IoT 1.0 (Presence)

• Root of trust at the edge, onboard trusted identities, secure and trusted automation,

• data privacy. Cross IoT ecosystems trust and sharing with a single security domain across IoT, consumer, customers and enterprise

• Single device identities, secure connect and onboard, connect or pair consumer devices and users, enterprise collect and share data across consumers, customers and enterprise. Closed ecosystems, disconnected security across users and IoT

• Internet connected, retrieve data, multi-protocol, multi-vendor solutions

The IoT Evolution

Page 13: No IoT Without Identity

© 2016 ForgeRock. All rights reserved.

Demo IoT 2.5

Page 14: No IoT Without Identity

© 2016 ForgeRock. All rights reserved.

Stein Myrseth Technology Solution Director – Office of the CTO

Page 15: No IoT Without Identity

© 2016 ForgeRock. All rights reserved.

Only one security breach is enough !

Everyone makes their own gateway, WHY ? They all face the same basic challenges -  Access security -  Authenticity -  Secure communication -  Application lifecycle management

Page 16: No IoT Without Identity

© 2016 ForgeRock. All rights reserved.

IoT Reference Architecture

Page 17: No IoT Without Identity

© 2016 ForgeRock. All rights reserved.

End-to-End IoT Identity Platform

BIG DATA Little Data End-to-End Security

Solutions

Edge

Identity Platform

•  Consumers •  Customers •  Partners •  Contractors •  Employees •  …

Device to Cloud

Platform Enterprise

Page 18: No IoT Without Identity

© 2016 ForgeRock. All rights reserved.

•  Thread •  Zigbee •  Z-wave •  EnOcean •  BLE •  NFC •  LoRa

Provisioning, reconciliation, notifications, workflow, events, interaction, scheduling, relationships, ownership, authentication, authorization, entitlement

IoT - Reconcile and Integrate

CoAP MQTT HTTP Websocket

Identity Platform

Page 19: No IoT Without Identity

© 2016 ForgeRock. All rights reserved.

Connecting Identities Establish relationships across all assets based on trusted

identities across enterprise boundaries.

Page 20: No IoT Without Identity

© 2016 ForgeRock. All rights reserved.

IAM in the age of the digital business is more typically characterized by a web of paths involving a variety of application locations, endpoint devices, and things.

Workforce (thousands)

Partners and Suppliers

Customers (millions)

On-premises Public Cloud

Private Cloud

People

Things (Tens of millions)

Applications and data

PCs Phones Tablets Smart

Watches Endpoints

Next Generation IAM

Page 21: No IoT Without Identity

© 2016 ForgeRock. All rights reserved.

Is friend of

Flights

in Located at

Owns

Works at a

Lives at

Located at

Going to

Works

at

Identity Relationships Efficiently and Conveniently Driving Access

RELATIONSHIPS convey authorization

information

Can be used to FEED A POLICY ENGINE

TOGETHER WITH ATTRIBUTES

Page 22: No IoT Without Identity

© 2016 ForgeRock. All rights reserved.

Relationship Based Access Control

ReBAC

Page 23: No IoT Without Identity

© 2016 ForgeRock. All rights reserved.

IoT 3.0

Page 24: No IoT Without Identity

© 2016 ForgeRock. All rights reserved.

How to make IoT 3.0 happen ! 1.  IoT Security by design 2.  Establish the “Root of trust” at the edge 3.  Same security context from the edge to the enterprise 4.  Establish trusted identities across ecosystems 5.  Share security context with users to enable rich relations 6.  Secure an trusted onboarding, no human intervention 7.  Real time device to device authorization

Page 25: No IoT Without Identity

© 2016 ForgeRock. All rights reserved.

Summary

• Trusted identities is the only way to drive real value from IoT investment

• Trusted IoT identities starts at the edge • Only a single IoT identity domain can bridge IoT ecosystems • Without trusted identities

•  No secure IoT automation •  No trusted IoT identity lifecycle management •  No way to establish ownership, responsibility, legal •  No way to trust the source of your data •  No privacy

Page 26: No IoT Without Identity

© 2016 ForgeRock. All rights reserved.

Find Out More •  Contact us

•  https://www.forgerock.com/contact/ •  Smart City, Smart Customer and Smart Healthcare

•  www.forgerock.com •  Blog

•  https://www.forgerock.com/blog/ •  Twitter

•  @ForgeRock •  Community

•  www.forgerock.org •  GitHub - https://github.com/ForgeRock

•  Right to the source: •  Stein: [email protected] •  Rob: [email protected]