1

Solving Cloud Access Complexity Using a Broker Model

Presented by:

Girish Juneja – Director- Intel Application Security & Identity Products Group

Identity & Service Broker

2

Enterprise Now Using Several Cloud Applications

Messaging Service

File System

Virtual Service PortalCollab App

Public Cloud

Enterprise Legacy Infrastructure

BPMS

Mainframe

Data Warehouse ESB

IdentityPKI

Private Cloud B

Web Gateway Financial System ID Store

Private Cloud A

CRM Social AppsHR

SaaS

3

Market Shifting to Cloud Broker Model

• IdM • Legacy• Mobile

• SaaS, PaaS, IaaS

• B2B• MashupsPrivate Cloud

Provider

Provider

Provider

Do-it-yourself IT and/or 3rd Party Intermediary Consumption Models

A CSB aggregates services from multiple cloud providers, adds value, & simplifies consumption for the enterprise

IT Broker 3rd Party Broker

Simplified Service Consumption

Public Cloud

1-n Departments

CSB PlatformCSB Platform

1-n Providers

Apps

4

When Do You Need a Broker?

Key Services Brokered• Different provider offerings• Broker identity & authentication• Manage & govern APIs• Coordinate different SLAs

When• High volume of nested provider

relationships• To manage risk across providers• Complexity of service interoperability• Compelling value added services• IT has capacity to manage

Traditional Role of IT Changes with CSBs

Broker

CSB Platform

Shielded from overhead and complexity

AP

I

• Billing• Support• Security•

Governance

• Integration

Focus on core business

ProvidersEnterprise

5

Integration Focused

Customized Process Outsourcing

SaaS & Service Aggregation

Sample CSB Models & Providers Today

Value Add CSB

Similar to How EDI Evolved from Internal to Outsourced Vertical Exchanges

*Other names and brands may be claimed as the property of others.

6

Identity Broker

Identity Brokerage - An Essential CSB Service

Security technology is evolving to a specialized cloud broker model delivered “as a service”

• Secure SSO• Secure APIs

Manual Provisioning

Multiple LoginsWeak Security

?Anywhere

Access

Admin Control

Lack of Enterprise Control Enterprise Control

Identity Broker

Mobile Access/ Visibility

7

Building a Strong Standards Based CSB Platform

• Cloud Computing Reference Architecture • Defines CSB Role

• Self certification of a 3rd Party CSB• Consensus Assessments Initiative

Questionnaire (CAIQ)• Public registry

• Domain 12: Guidance for Identity & Access Management

8

Identity in the cloud, for the cloud

- Platform

- Identities-Trusted SaaS Operator

Identity Brokerage Technology

Introducing:

9

Intel® Cloud SSO - Your Trusted Identity Broker

One price: on-prem, as a service, or 1-n target apps

Enterprise

Certified Operating Environment

Hybrid Deployment Connectivity to Enterprise IDs & Threat Protection

10

Drive Cloud ROI with Identity-as-a-Service

Browser

SSO PortalAccount

Provisioning

Mobile

Laptop

iPad

Enterprise

My Apps

One Time Password

• Delivers same level of control as on-prem IAM

• Leverage Salesforce or enterprise accounts for SSO

• Trigger mobile & hardware assisted authentication

Force.comApps

Access 100s of External SaaS Apps

11

100s of Out-of-Box Connectors

SSO Portal

12

Simple Set-up for Fast Productivity

Simple 3 Step Configuration for:

Packaged ConnectorsSaaS & Custom Apps

Full Provisioning Engine

13

Context Aware Authentication

Intel Identity Protection TechnologyEmbedded in 120 million Ultra Books

Hardware Assisted AuthN

Equip IT with Same Level of On-prem Security Controls Access

Decision

Fast enrollment mobile OTP

14

Ron Huddleston

Senior Vice President, ISV Alliances Salesforce.com

15One of the Fastest Growing Cloud Platform

100K CustomersMillions of Identities

All MajorCertifications

40 Billion+Transactions /QTR

1,300,000+ Custom Apps

Apps

Salesforce.com: Proven Cloud Platform

16

Intel® Cloud SSO IDaaS Built on Salesforce PaaS

Browser Access 100s of External SaaS Apps

Mobile

Laptop

iPad

Enterprise

• Ease of deployment

• Enterprise accounts “identities”

• Enterprise integration

Force.comApps

17

Visit Intel Booth for Cloud SSO, OTP, IPT Demos

Apply for “Beta” Today at Site

Bonus Free Box.net Account

On-Demand Webinar• Cloud Service Brokers w/CSA & NIST

www.intelcloudsso.com www.intel.com/go/identity

www.mcafee.com/cloudsecurity

• Meet the Cloud API w/Forrester Research

Mar 29 - Kuppinger Cole Webinar• How To Outsource Identity to the Cloud

Wed 9:15 am RSA Talk: Blending Embedded Hardware OTP, SSO, and Out of band Auth for Secure Cloud Access

18

More Contact: todd.cramer@intel.com

INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION WITH INTEL® PRODUCTS. EXCEPT AS PROVIDED IN INTEL'S TERMS AND CONDITIONS OF SALE FOR SUCH PRODUCTS, INTEL ASSUMES NO LIABILITY WHATSOEVER, AND INTEL DISCLAIMS ANY EXPRESS OR IMPLIED WARRANTY RELATING TO SALE AND/OR USE OF INTEL PRODUCTS, INCLUDING LIABILITY OR WARRANTIES RELATING TO FITNESS FOR A PARTICULAR PURPOSE, MERCHANTABILITY, OR INFRINGEMENT OF ANY PATENT, COPYRIGHT, OR OTHER INTELLECTUAL PROPERTY RIGHT.Intel may make changes to specifications, product descriptions, and plans at any time, without notice. All dates provided are subject to change without notice.Intel is a trademark of Intel Corporation in the U.S. and other countries.*Other names and brands may be claimed as the property of others.Copyright © 2012, Intel Corporation. All rights are protected.