THE IDENTITY BROKER AS DRIVER FOR GROWTH
THE IDENTITY SUMMIT 2015
Jens SonnentrückerHead of Identity Access Management & Governance, Swisscom
Oliver StampfliSecurity Architect Identity & Access Management, Swisscom
London - 08. October 2015
About Swisscom AGThe leading telecommunications company in Switzerland
2
Data meritsoptimalprotection
1,2 MioTV subscribers
BestInfrastructure
2,7 MioLandlines
21’599Employees
Employees from
88 nations,innovative work models
Swiss made –for the world
300 Multinational
customers in
2’600 international
offices, Swisscom offices
in Vienna und Singapore
1,9 MioBroadband customers
One of the mostsustainablecompaniesof Switzerland
6,5 MioMobile customers
>35’000Offices connected
>6’000Served major customers
ISO 27001ISO 15504
certified
2'893 Mio.CHF net sales
1'051 Mio.CHF EBITDA
Field-Service in
20 Min.on-site
Swisscommore than «just» a telecommunications provider
3
200Banks 50’000
UCC-Users
35’000Printers
117’000Desktopcomputers
1’100Banking specialists
85Operational
banking platforms
11’500Servers
13 PBManaged storage
42’000 kmfibre optics
190’000 kmcopper lines
170SAP servicecustomers
6 SAP Quality Awards
>1 Mrd./yearInvestment in networkinfrastructure
1’800Hotspotsin Switzerland
Private Cloud Public Cloud
Hybrid Cloud
Cloud Provider
Swisscom Storebox
Cloud-memory foryour Company
Secure document storagein one place
Swisscom Docsafe
Evita Electronichealth dossier
M2MConnecting thingsfor people
Quing Home Your smart homeby Swisscom
Tapit AccessPhysical access withyour mobile
Simple design andusage
Trustfully participatingIn the digital future
Inspire new forms of valuecreation
Inno-vativedetec-
tion
Security must be simple
Base
Swisscom SecurityOur standard: «We create security for people in a connected world – any time and anywhere»
5
IAM from then to now6
2000< 1989 2014
IDP IDP
The future of Identity Management and Authentication at Swisscom
7
> The IAM of tomorrow orients itself towards the consumer market.
> Digital Identities create a competitive market place
> Management of digital identities is key for the Internet of Things (IoT)
> Self-control over data is theessential for the future of oursociety..
> Privacy: To whom do we trustwhat data and why?
> In the Digisphere new forms ofdigital life are created, mutatedand destroyed.
Technical strategy ofSwisscom AG
Gartner forecast for the future of IAM until 2020
Vision of Swisscom
People-centric Identity Management:
„Swisscom enables its customers toget their right of informational self-
control"
GDI-Study about the futureof the connected society
We are convinced that…
… the customer in the digital world wants to have thesame privacy as there is forthe physical world.
The future of Access Management and Access Control at Swisscom8
> Future access management will focus on valuable resources.
> Roles are attributes among others.
> The internet is growing but isalso growing apart.
> Data security is also abouttrust.
> „Smart Contracts“ withintegrated algorithms assuitable methodology for thefuture access control.
Technical strategy ofSwisscom AG
Gartner forecast for the future of IAM until 2020
Vision of Swisscom
Policies Based Access Control:
„Swisscom enables its customers tocontrol the risks of the digital world“
GDI-Study about the futureof the connected society
We are convinced that…
… the customer should keepits privacy in the most simple way.
IAM Vision until 20259
2017
IDP
> 20252020
IDP
IDP
IDP
IDP
IDP
IDP
Use Case “Identity Broker”Bring Your Own Identity @ Swisscom Cloud
10
Operation Layer
Enterprise Cloud
Cloud Foundry (PaaS)
OpenstackVMware
Infrastructure
Swisscom Network
Service Cloud Application Cloud
Entry Zone
ID BrokerAPI Gateway
11
Use Case “Identity Broker”Architecture of the Access Broker
Identity BrokerCloud Environment
AuthzProvider
Web Applications
Policy Management
PDP
PAP
ID Provider Contracts
ClientContracts
Clients
(WebUI, mobile/comp. APP)
Identity Stores
IDP 1 IDP 2 IDP …
API-Gateway /Reverse Proxy
(with PEP)Authn
Provider
Use Case “Identity Broker”Bring Your Own Identity for Swisscom Services
12
Swisscom Cloud Services
Swisscom Residential Services
Swisscom Extranet Services
Swisscom Corporate Services
SwisscomID Broker
CustomerActive Directory
Swisscom CorporateActive Directory
PublicIdentity Provider
IDPPrivateIdentity Provider
Private Cloud Public Cloud Quing Home Storebox Collaboration Serivces
TicketingSystem
Corporate Application
Mobile Application
Portal Login via CustomerAD
26
.05
.20
15
13
Clo
ud
Se
curi
ty A
rch
ite
ctu
re
Demo “Identity Broker”Portal Login via CustomerAD
14
Demo “Identity Broker”Portal Login via CustomerAD
15
Demo “Identity Broker”Portal Login via CustomerAD
16
Demo “Identity Broker”Portal Login via CustomerAD
17
Demo “Identity Broker”Portal Login via CustomerAD
18
Portal Login via Google+
26
.05
.20
15
19
Clo
ud
Se
curi
ty A
rch
ite
ctu
re
Demo “Identity Broker”Portal Login via Google+
20
Demo “Identity Broker”Portal Login via Google+
21
Demo “Identity Broker”Portal Login via Google+
22
Demo “Identity Broker”Portal Login via Google+
23
Demo “Identity Broker”Portal Login via Google+
24
Demo “Identity Broker”Portal Login via Google+
25
Demo “Identity Broker”Portal Login via Google+
26
Demo “Identity Broker”Portal Login via Google+
27
Demo “Identity Broker”Portal Login via Google+
28
Thank you!
SwisscomDev what you can find on http://developer.swisscom.com
Questions?