LSEC - Leaders in Security

Dealing with Identity Fraud and Identities in today’s society is an increasingly difficult challenge. We have a personal identity, but typically many electronic identities.
User names, passwords, a variety of tokens and appliances are a challenge to us on personal basis. But for a company, an organization or a government department that has to manage many user accounts and citizen identities, it could even be worse. Passwords get forgotten, an administrator has too many privileges, electronic identities get abused and data integrity is lost.
Managing identities in 2010 has become a real challenge. The reality of Identity Management in 2010 is that most companies today are still trying to understand why Identity Management would need to be important to them, the types of challenges that effective Identity and Access management can help resolve and how it fits within their organization. Companies that did embrace the concept of Identity Management, for reasons of Single Sign On, reduction of cost of IT support, more efficient use of resources, segregation of duties, or transparent but securely working with a variety of partners and organizations, … – those companies today should be looking into the potential of the reality of Federated Identity Management the challenges of Privacy and the opportunity to expand the functionalities and integrations of the Identities consisting out of many attributes and functions, or expanding into cloud systems. Technologies have matured and are specializing in specific services, Service Providers and System Integrators have further professionalized and deepened their expertise. Enterprises and government institutions are constantly increasing the ease of access and availability of systems to a wider area of users, thus reducing their own operational costs and empowering their business lines and still being in control of the activities and facilitating audits.

Read the following review in Uri’s blog : Private IDs – or – Time, space, and Leuven.

Final Program

Subjects for discussion :
- Back to the basics : why identity management is relevant to today’s business and government environments, cases, examples, best practices
- The business reasoning for Identity Management : cost reduction, managing controls, facilitating activities, ease of access and use
- The cost of a single project vs company wide deployment
- IDM, the new e-business?
- Governance of identity management projects : learning from experience
- Best practices
- Examples of federated identities
- Challenges towards the future : privacy, dealing with multiple functions, going towards attribute management
- The Sun behind the Cloud
- …

9.15 : Registration & Welcome Coffee
9.45 : Introduction & Opening Notes, by Ulrich Seldeslachts, CEO LSEC

10.00 : Experiences in managing Identities, in Belgium and abroad. The current status of Identity Management, by Wouter Janssen, Axl-Trax

About : Wouter Janssen CISSP CISA CISM CGEIT CFE is a security specialist working as a director for Axl & Trax in Belgium. Working in the security consulting and audit field for many years, he has combined his technical skills and security knowledge with business insight and experience to assist customers in finding tailored solutions for security challenges.
He has over 10 years of professional experience in the areas of IT security, identity & access management, SAP security, governance, compliance and control. He has been involved in and managed large-scale IT security projects and advised various multinationals across Europe.

Abstract :  Identity Management?; The identity management business case; The current status of identity management; Managing expectations; Challenges ahead; Lessons learned; Reflections

10.45 :  Shifts in identity management introduced by the cloud and virtualization, by Dave Vijzelman - Principal Security Consultant, CA Technologies

About : Dave Vijzelman has worked in several large heterogeneous environments and has a large experience in designing and implementing architectural RBAC solutions. His focus is primarily on RBAC strategies and role mining. Besides this, he also has a wide knowledge towards the technical approach regarding identity and access management (IAM) strategies. Previously he was as a Senior Information Security Consultant at Ascure where he was responsible for the architectural approach of analyzing and designing RBAC strategies for clients. Before this, he was an RBAC Consultant at BHOLD Company. Today, Dave is Principal Security Consultant with CA Technologies, supporting large associations in their Identity Management challenges.

His variety of experience has been proven in a number of business and industry sectors. In Switzerland, he designed and implemented an RBAC strategic tool for audit and control for a large insurance company in Basel. Also for a banking company in The Netherlands, he successfully implemented a RBAC tool primarily based to audit a Active Directory environment.

Abstract : The Cloud has multiple perspectives, each of which influences how security is managed. Your organization might consume Cloud-based applications and services, might provide Cloud-based applications and services, or even provide aspects of security from the Cloud to others. Organizations should not dismiss any of these roles out-of-hand, even if at first glance they seem different from past practices. The emergence of the Cloud might re-jigger existing markets as well as open-up new market opportunities. This session will focus on CA’s security management product strategies and how we enable all three of these modes of Cloud security, both now and with an eye towards the future.

11.20 : Coffee Break & Networking

11.40 : Identity Management in Practice – The case of a large Hospital in Flanders by Jeff Verhulst, Traxion

Customer Case: Identity Management @ AZ Sint-Lucas Gent, by Jeff Verhulst - Project Manager, Traxion

Abstract : Identity Management in practice, Identity Management in Health Care, Customer Case: AZ Sint-Lucas Gent

Outline presentatie:

Customer Case: Identity Management @ AZ Sint-Lucas Gent

- Identity Management in practice
- Traxion in practice
- Identity Management in Health Care
- Customer Case: AZ Sint-Lucas Gent
- Conclusions
- Questions

About : Jeff is currently project manager and IAM Consultant at Traxion. Previously he was IAM Solution Engineer at ACA IT-Solutions and ICT Engineer at Contineo. He did his master thesis at Janssen Pharmaceutica and was educated at the Katholieke Hogeschool Kempen, and Katholieke Universiteit Leuven . At Traxion, Jeff has moved towards business consultancy and is currently responsible for project management, functional and technical analysis.

12.15 : Federated Identities in Practice – The case of a large corporate company , by Marc Vanmaele, SecurIT

Abstract : Federated Identity Management has come to age: if not between disperse organisations, for sure within large enterprises as a means to overcome difficult Identity Management challenges. The presentation will illustrate multiple use cases, including the Belgacom case and POCs realised to demonstrate the integrating of Microsoft SharePoint servers at ING and the Flemish government.

About : Marc Vanmaele is the Founder and Managing Director of SecurIT, located in the Benelux and specialised in Identity and Access Management since 1999. In addition to its System Integrators role, the company sells its own software products, such as its innovative TrustBuilder® Identity data Services solution, on a worldwide basis in close cooperation with a network of partners in many countries. More info on http://www.securit.biz. Marc has over 30 years of experience in ICT with large organisations. He is a recognized authority in this field and renowned speaker at conferences over the past years.

12.50 : Walking lunch & Networking

13.45 : Keynote : The basics of an Identity and the Challenge of managing identities in the future, by Kim Cameron, Microsoft

About : Kim Cameron is the Chief Architect of Identity in the Identity and Security Division at Microsoft, where he champions the emergence of a privacy enhancing Identity Metasystem reaching across technologies, industries, vendors, continents and cultures.

Kim plays a leading role in the evolution of Active Directory, Federation Services, Identity Lifecycle Manager, CardSpace and Microsoft’s other Identity Metasystem products.

He joined Microsoft in 1999 when it bought the ZOOMIT Corporation.  As VP of Technology at ZOOMIT, he had invented metadirectory technology and built the first shipping product. Before that he led ZOOMIT’s development team in producing a range of SMTP, X.400, X.500, and PKI products.

Kim is a Microsoft Distinguished Engineer.  He grew up in Canada, attending King’s College at Dalhousie University and l’Université de Montréal.  He serves on RISEPTIS, a high-level European Union advisory body providing vision and guidance on policy and research challenges in the field of security and trust in the Information Society.  He has won a number of industry awards, including Digital Identity World’s Innovation Award (2005), Network Computing’s Top 25 Technology Drivers Award (1996) and MVP (Most Valuable Player) Award (2005), Network World’s 50 Most Powerful People in Networking (2005), Microsoft’s Trustworthy Computing Privacy Award (2007) and Silicon.com’s Agenda Setters 2007.

Kim blogs at identityblog.com, where he published the Laws of Identity.

14.40 : Why does a standard matter for Identity Management and how to apply them in an integrated world, by Marcel Rizcallah, Western Europe Security Strategy & Business Development, Oracle Consulting

About : Marcel Rizcallah is currently responsible for the Western Europe IDM & Security Service Line at Oracle Consulting. He is also heading the Security Practices in France and Switzerland.
He is in charge of defining the Security Sales Strategy and Business development for the Western Europe region, including packing the consulting offerings and methodologies, training the sales representatives, launching the go-to-market initiatives, liaising with Product management and working closely with License Sales representatives to sell the Security products (Identity management products and security database options).
He is also a thought leader in IDM & Security and has participated to different events in Europe (Assises de la Securité in France, IDC and Gartner events, etc.).
Prior to Oracle, Marcel was the head of Technology at Valoris, a leading European Consulting and System Integrator in BIW, CRM and Internet technologies, during 12 years (including 2 years in London).  He was responsible for business development and consulting on e-Commerce, Portal and Content Management, SOA/BPM, and Identity & Access Management. Before Valoris, Marcel was the CTO of Telino, an X400 messaging and EDI software company, and was responsible for Product Management and R&D during 7 years.
Marcel is the author of a book on LDAP directories in French (Annuaires LDAP - Eyrolles 2004), and translated in English (LDAP directories - John Wiley & Sons Ltd 2003).

15.20 : Panel Discussion

15.40 : Coffee Break

16.15 : Federation is surrounded by a cloud of uncertainty… (Point of View on real-life Federation Services) by Jan Vanhaecht, Deloitte Enterprise Risk Services

About : Jan joined Deloitte and is more specifically active in the Enterprise Risk Services/Security and Privacy-group since June 2008. There, he is acting as a leading Identity and Access Management Architect. He is involved in major national and international projects. Next to the projects he’s involved in, he actively researches the possibilities of commercial IAM platforms and the integration of these platforms with major software components (ERP systems, Document Management Systems, …).
Amongst other projects, Jan is the lead architect of the awarded project “Identity Management at the Flemish Government” (Gebruikersbeheer bij de Vlaamse Overheid). This project allows for the Flemish Government to make applications available to partners (local government, education institutes, economic actors, …) in both a secure and fast way. Next to his experience in Public Sector, Jan is also active in private sector (especially financial services) as a trusted IAM expert.
Meanwhile, Jan regarded as a very senior expert in the fields of Identity Provisioning, Access Control Management, Role Management, Federated Identity/Access Management, IAM-GRC integration, ...

Abstract : Federation is surrounded by a cloud of uncertainty…although federation standards have been around for many years. Technically, federation projects face little or no challenges. But still effective, large scale federation projects are hard to find.
During this keynote, Jan Vanhaecht will discuss conflicting interests and problems he faced during actual projects. Based on his field-experience, Jan will analyze root cause of both successful and failing federation projects. From his Enterprise Risk Services background, he will focus on different levels of problems: technical implementation, information exchange and business level “trust” issues and how these issues were handled in a number of real-life projects.

17.00 : Identity Management integration in practice (File temporarily unavailable)- Prevent fraudulous access to IT assets, by Dominique LAIGLE - Senior Security Consulant, Bull

About : Dominique LAIGLE, Dominique is Senior Security Consulant at Bull in charge of recommendations and design of complex secure IT architecture.

Abstract: In most companies and/or organizations, ICT system and application administrators do have access to technical accounts. They therefore administer systems and applications through those accounts and not through their personal IT account. This is of course not compliant with recommendations but also not in line with most companies and organisation security policies. Following an internal audit, a large financial organisation has asked Bull to put in place an infrastructure that will prevent access to technical account while allowing auditors to track un-authenticated accesses to systems and application resources. Moreover, the infrastructure had to support a complete heterogeneous environment consisting of different UNIX platforms and several applications (like DB2, BEA, Oracle, MQ-Series, Swift?) The technical infrastructure that in scope of this project is based on MIT Kerberos and OpenLDAP while logging and auditing rely on OSSEC. This infrastructure offers furthermore the Single Sign On feature.The project is split into 3 phases:
• The proof of concept which aims at building, testing and, evaluating the technical infrastructure
• The pilot whose objective is to deploy the technical infrastructure on several hardware platforms, assess impacts on applications and evaluate the deployment process
• The final deployment, to be carried out on more than thousand servers.

17.35 : Closing Notes & Reception & Networking

19.00 : Close of Seminar

Practical Details

Managing Identities in 2010 & Federated Identities Seminar
Thursday June 17th, Leuven
Auditorium “De Tweede Hoofdwet”, Kasteelpark Arenberg, KU Leuven, Heverlee

Free to participate upon prior registration

A non-cancellation fee of 150 € will be charged upon non-attendance and non-cancellation at least 24 hours prior to the event, by sending an email to identities2010 at lsec.be and getting confirmation of your cancellation.

Thanks for participating.