EOT_IT_Sub_Template.ppt | 1/4/2007 | 1 BOEING is a trademark of Boeing Management Company. Copyright © 2011 Boeing. All rights reserved.

Digital Identity in Perspective

John Tolbert May 2011

Engineering, Operations & Technology | Information Technology Information Security

History

•  Users •  Groups •  ACLs •  RBAC •  ABAC •  PBAC •  PABAC •  RAdAC

EOT_IT_Sub_Template.ppt | 2 Copyright © 2011 Boeing. All rights reserved.

Engineering, Operations & Technology | Information Technology Information Security

The machinery of identity

•  LDAP directories •  Web access management systems •  Identity federation •  Public key infrastructure •  SmartCards

EOT_IT_Sub_Template.ppt | 3 Copyright © 2011 Boeing. All rights reserved.

Engineering, Operations & Technology | Information Technology Information Security

Different communities, different identities

•  Education •  Enterprise •  Government & defense •  Health care •  Finance •  Retail •  Social media

EOT_IT_Sub_Template.ppt | 4 Copyright © 2011 Boeing. All rights reserved.

Engineering, Operations & Technology | Information Technology Information Security

Digital identity: not an end-in-itself

EOT_IT_Sub_Template.ppt | 5 Copyright © 2011 Boeing. All rights reserved.

Engineering, Operations & Technology | Information Technology Information Security

Issues

•  Identity providers? •  Standards support & interoperability

•  SAML •  OpenID •  oAUTH

•  Movement of emphasis from identity to access control, audit, and privacy

•  Data protection •  Platform assurance

EOT_IT_Sub_Template.ppt | 6 Copyright © 2011 Boeing. All rights reserved.

Engineering, Operations & Technology | Information Technology Information Security

Data Protection

We must find innovative ways to protect data within all levels of electronic systems:

1.  Inventory data 2.  Categorize data 3.  Tag/mark data with meaningful

metadata 4.  Cryptographically bind metadata

to data objects 5.  Allow administrators to grant

permissions to individual data elements, based on user/device/application identities as well as resource metadata, actions, and environmental factors.

EOT_IT_Sub_Template.ppt | 7 Copyright © 2011 Boeing. All rights reserved.

Engineering, Operations & Technology | Information Technology Information Security

The Road Ahead

EOT_IT_Sub_Template.ppt | 8 Copyright © 2011 Boeing. All rights reserved.

Engineering, Operations & Technology | Information Technology Information Security

The Road Ahead

•  The “role” of identity •  Balanced with access control, privacy, etc. •  Platform assurance •  Encourage work of Trusted Computing Group

•  Extend existing standards and profiles

•  SAML •  XACML •  OpenID, oAUTH

•  Interoperability of identity concepts, products, and protocols, across multiple platforms and multiple sectors: Kantara Initiative

EOT_IT_Sub_Template.ppt | 9 Copyright © 2011 Boeing. All rights reserved.

EOT_IT_Sub_Template.ppt | 10 Copyright © 2011 Boeing. All rights reserved.