logging in or signing up Identity and Access Management Overview aSGuest10677 Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINT lite Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: (To copy code, click on the text box) Embed: URL: Thumbnail: WordPress Embed Customize Embed The presentation is successfully added In Your Favorites. Views: 1401 Category: Business & Fin.. License: All Rights Reserved Like it (1) Dislike it (0) Added: January 15, 2009 This Presentation is Public Favorites: 0 Presentation Description No description available. Comments Posting comment... By: techblue (21 month(s) ago) Good Presentation You must take a look on Techblue Software's Product that is a recognized leader in the Software Development field. TechBlue Software is a recognized leader in the Software Development field, having helped a range of organizations in their mission to cut down their costs while retaining or increasing the level of quality of their software. Active Directory Password Reset Solution (ADPR) is TechBlue Software flagship product for active directory user management. TechBlue Software provides solution for small and large businesses. Specializing in custom development and well crafted products. Active Directory Password Reset Program Large number of IT helps desk calls involve password-related issues. TechBlue Software reset is the best tool to better manage such situations. Active Directory Password Reset Program (ADPR) is Techbluesoftware flagship product for active directory user management and user account management for help desk management and a very effective active directory password manager and password management solution. The latest development includes secure and cost effective Active Directory Password Reset solution, providing a secure way for password reset; password change and account unlock capabilities. Get More Details On http://www.techbluesoftware.com/ Saving..... Post Reply Close Saving..... Edit Comment Close By: yyshah (37 month(s) ago) Hi, Can you please forward me your presentation on id: yash.shah1983@gmail.com Saving..... Post Reply Close Saving..... Edit Comment Close Premium member Presentation Transcript Identity and Access Management: Overview : Identity and Access Management: Overview Rafal Lukawiecki Strategic Consultant, Project Botticelli Ltd rafal@projectbotticelli.co.uk www.projectbotticelli.co.uk Copyright 2006 © Microsoft Corp & Project Botticelli Ltd. E&OE. For informational purposes only. No warranties of any kind are made and you have to verify all information before relying on it. You can re-use this presentation as long as you read, agree, and follow the guidelines described in the “Comments” field in File/Properties. This presentation is based on work of many authors from Microsoft, Oxford Computer Group and other companies. Please see the “Introductions” presentation for acknowledgments. Objectives : Objectives Build a good conceptual background to enable later technical discussions of the subject Overview the problems and opportunities in the field of identity and access management Introduce terminology Highlight a possible future direction Session Agenda : Session Agenda Identity Problem of Today Identity Laws and Metasystem Components and Terminology Roadmap Slide 4: Identity Problem of Today Universal Identity? : Universal Identity? Internet was build so that communications are anonymous In-house networks use multiple, often mutually-incompatible, proprietary identity systems Users are incapable of handling multiple identities Criminals love to exploit this mess Explosion of IDs : Explosion of IDs Pre 1980’s 1980’s 1990’s 2000’s # of Digital IDs Time The Disconnected Reality : The Disconnected Reality “Identity Chaos” Lots of users and systems required to do business Multiple repositories of identity information; Multiple user IDs, multiple passwords Decentralized management, ad hoc data sharing Enterprise Directory HR System Infra Application Lotus Notes Apps In-House Application COTS Application NOS In-House Application Multiple Contexts : Your COMPANY andyour EMPLOYEES Customer satisfaction & customer intimacy Cost competitiveness Reach, personalization Collaboration Outsourcing Faster business cycles; process automation Value chain M&A Mobile/global workforce Flexible/temp workforce Multiple Contexts Trends Impacting Identity : Trends Impacting Identity Increasing Threat Landscape Identity theft costs banks and credit card issuers $1.2 billion in 1 yr $250 billion lost in 2004 from exposure of confidential info Maintenance Costs Dominate IT Budget On average employees need access to 16 apps and systems Companies spend $20-30 per user per year for PW resets Deeper Line of Business Automation and Integration One half of all enterprises have SOA under development Web services spending growing 45% CAGR Rising Tide of Regulation and Compliance SOX, HIPAA, GLB, Basel II, 21 CFR Part 11, … $15.5 billion spend in 2005 on compliance (analyst estimate) Data Sources: Gartner, AMR Research, IDC, eMarketer, U.S. Department. of Justice Pain Points : BusinessOwner End User IT Admin Developer Security/ Compliance Too expensive to reach new partners, channels Need for control Too many passwords Long waits for access to apps, resources Too many user stores and account admin requests Unsafe sync scripts Pain Points Redundant code in each app Rework code too often Too many orphaned accounts Limited auditing ability Possible Savings : Possible Savings Directory Synchronization “Improved updating of user data: $185 per user/year” “Improved list management: $800 per list” - Giga Information Group Password Management “Password reset costs range from $51 (best case) to $147 (worst case) for labor alone.” – Gartner User Provisioning “Improved IT efficiency: $70,000 per year per 1,000 managed users” “Reduced help desk costs: $75 per user per year” - Giga Information Group Can We Just Ignore It All? : Can We Just Ignore It All? Today, average corporate user spends 16 minutes a day logging on A typical home user maintains 12-18 identities Number of phishing and pharming sites grew over 1600% over the past year Corporate IT Ops manage an average of 73 applications and 46 suppliers, often with individual directories Regulators are becoming stricter about compliance and auditing Orphaned accounts and identities lead to security problems Source: Microsoft’s internal research and Anti-phishing Working Group Feb 2005 One or Two Solutions? : One or Two Solutions? Better Option: Build a global, universal, federated identity metasystem Will take years… Quicker Option: Build an in-house, federated identity metasystem based on standards Federate it to others, system-by-system But: both solutions could share the same conceptual basis Slide 14: Identity Laws and Metasystem Lessons from Passport : Lessons from Passport Passport designed to solve two problems Identity provider for MSN 250M+ users, 1 billion logons per day Significant success Identity provider for the Internet Unsuccessful: Not trusted “outside context” Not generic enough Meant giving up control over identity management Cannot re-write apps to use a central system Learning: solution must be different than Passport Idea of an Identity Metasystem : Idea of an Identity Metasystem Not an Identity System Agreement on metadata and protocols, allowing multiple identity providers and brokers Based on open standards Supported by multiple technologies and platforms Adhering to Laws of Identity With full respect of privacy needs Roles Within Identity Metasystem : Roles Within Identity Metasystem Identity Providers Organisations, governments, even end-users They provide Identity Claims about a Subject Name, vehicles allowed to drive, age, etc. Relying Parties Online services or sites, doors, etc. Subjects Individuals and other bodies that need its identity established Metasystem Players : Metasystem Players Relying Parties Require identities Subjects Individuals and other entities about whom claims are made Identity Providers Issue identities Identity Metasystem Today : Identity Metasystem Today Basically, the set of WS-* Security Guidelines as we have it Plus Software that implements the services Microsoft and many others working on it Companies that would use it Still to come, but early adopters exist End-users that would trust it Will take time Identity Lawswww.identityblog.com : Identity Lawswww.identityblog.com User Control and Consent Minimal Disclosure for a Constrained Use Justifiable Parties Directed Identity Pluralism of Operators and Technologies Human Integration Consistent Experience Across Contexts Enterprise Applicability : Enterprise Applicability That proposed metasystem would work well inside a corporation Of course, we need a solution before it becomes a reality Following the principles seems a good idea while planning immediate solutions Organic growth likely to lead to an identity metasystem in long term Enterprise Trends : Enterprise Trends Kerberos is very useful but increasingly it does not span disconnected identity forests and technologies easily We are moving away from static Groups and traditional ACLs… Increasingly limited and difficult to manage on large scales …towards a dynamic combination of: Role-Based Access Management, and, Rich Claims Authorization PKI is still too restrictive, but it is clearly a component of a possible solution Slide 23: Components and Terminology What is Identity Management? : What is Identity Management? Strong Authentication Authorization Role Management Digital Rights Management Identity and Access Management : Identity and Access Management The process of authenticating credentials and controlling access to networked resources based on trust and identity Repositories for storing and managing accounts, identity information, and security credentials The processes used to create and delete accounts, manage account and entitlement changes, and track policy compliance Remember the Chaos? : Remember the Chaos? Enterprise Directory HR System Infra Application Lotus Notes Apps In-House Application COTS Application NOS In-House Application Identity Integration : Identity Integration HR System Infra Application Lotus Notes Apps In-House Application COTS Application Student Admin In-House Application Identity Integration Server Enterprise Directory IAM Benefits : IAM Benefits Benefits to take you forward (Strategic) Benefits today (Tactical) Some Basic Definitions : Some Basic Definitions Authentication (AuthN) Verification of a subject’s identity by means of relying on a provided claim Identification is sometimes seen as a preliminary step of authentication Collection of untrusted (as yet) information about a subject, such as an identity claim Authorization (AuthZ) Deciding what actions, rights or privileges can the subject be allowed Trend towards separation of those two Or even of all three, if biometrics are used Components of IAM : Components of IAM Administration User Management Password Management Workflow Delegation Access Management Authentication Authorization Identity Management Account Provisioning Account Deprovisioning Synchronisation IAM Architecture : IAM Architecture Slide 32: Roadmap Microsoft’s Identity Management : Microsoft’s Identity Management PKI / CA Extended Directory Services Active Directory & ADAM Enterprise Single Sign On Authorization Manager Active Directory Federation Services Audit Collection Services BizTalk Identity Integration Server ISA Server SQL Server Reporting Services for Unix / Services for Netware Directory (Store) Services Access Management Identity Lifecycle Management Components of a Microsoft-based IAM : Components of a Microsoft-based IAM Slide 35: Summary Summary : Summary We have reached an “Identity Crisis” both on the intranet and the Internet Identity Metasystem suggests a unifying way forward Meanwhile, Identity and Access Management systems need to be built so enterprises can benefit immediately Microsoft is rapidly becoming a strong provider of IAM technologies and IM vision www.microsoft.com/idm & www.microsoft.com/itsshowtime & www.microsoft.com/technet Special ThanksThis seminar was prepared with the help of: : Special ThanksThis seminar was prepared with the help of: Oxford Computer Group Ltd Expertise in Identity and Access Management (Microsoft Partner) IT Service Delivery and Training www.oxfordcomputergroup.com Microsoft, with special thanks to: Daniel Meyer – thanks for many slides Steven Adler, Ronny Bjones, Olga Londer – planning and reviewing Philippe Lemmens, Detlef Eckert – Sponsorship Bas Paumen & NGN - feedback Slide 38: Appendix Identity Management Platform : Identity Management Platform Directory Services Identity Management Platform : Identity Management Platform Directory Services Provisioning Services Frontend Services Identity Management Platform : Identity Management Platform Directory Services Provisioning Services Frontend Services Access Services Identity Management Platform : Identity Management Platform Directory Services Provisioning Services Frontend Services Access Services Extended Directory Services Identity Management Platform : Identity Management Platform Directory Services Provisioning Services Frontend Services Access Services Extended Directory Services Windows Server (Active Directory/ADAM, PKI, AzMan) Directory Services Identity Management Platform : Identity Management Platform Directory Services Provisioning Services Frontend Services Access Services Extended Directory Services Windows Server (Active Directory/ADAM, PKI, AzMan) Directory Services Microsoft Identity Integration Server Provisioning & Password Management Services Identity Management Platform : Identity Management Platform Directory Services Provisioning Services Frontend Services Access Services Extended Directory Services Windows Server (Active Directory/ADAM, PKI, AzMan) Directory Services Microsoft Identity Integration Server Provisioning & Password Management Services Active Directory Federation Server Identity Management Platform : Identity Management Platform Directory Services Provisioning Services Frontend Services Access Services Extended Directory Services Windows Server (Active Directory/ADAM, PKI, AzMan) Directory Services Microsoft Identity Integration Server Provisioning & Password Management Services Active Directory Federation Server Quest /Centrify Identity Management Platform : Identity Management Platform Directory Services Provisioning Services Frontend Services Access Services Extended Directory Services Windows Server (Active Directory/ADAM, PKI, AzMan) Directory Services Microsoft Identity Integration Server Provisioning & Password Management Services Active Directory Federation Server Quest /Centrify HIS & ESSO ISA Server Identity Management Platform : Identity Management Platform Directory Services Provisioning Services Frontend Services Access Services Extended Directory Services Windows Server (Active Directory/ADAM, PKI, AzMan) Directory Services Microsoft Identity Integration Server Provisioning & Password Management Services Active Directory Federation Server Quest /Centrify HIS & ESSO ISA Server MOM & ACS Identity Management Platform : Identity Management Platform Directory Services Provisioning Services Frontend Services Access Services Extended Directory Services Windows Server (Active Directory/ADAM, PKI, AzMan) Directory Services Microsoft Identity Integration Server Provisioning & Password Management Services Active Directory Federation Server Quest /Centrify HIS & ESSO ISA Server MOM & ACS Info Card Identity Management Platform : Identity Management Platform Directory Services Provisioning Services Frontend Services Access Services Windows Server (Active Directory/ADAM, PKI, AzMan) Directory Services Microsoft Identity Integration Server Provisioning & Password Management Services Active Directory Federation Server Quest /Centrify HIS & ESSO ISA Server MOM & ACS Info Card Extended Directory Services Identity Management Platform : Identity Management Platform Windows Server (Active Directory/ADAM, PKI, AzMan) Directory Services Microsoft Identity Integration Server Provisioning & Password Management Services Frontend Services Access Services Sharepoint Active Directory Federation Server Quest /Centrify ISA Server MOM & ACS HIS/ESSO Extended Directory Services Info Card IIS AzMan SQL-Server BizTalk Build Identity Management Platform : Identity Management Platform Windows Server (Active Directory/ADAM, PKI, AzMan) Directory Services Microsoft Identity Integration Server Provisioning & Password Management Services Frontend Services Access Services bHold Active Directory Federation Server Quest /Centrify ISA Server MOM & ACS HIS/ESSO Extended Directory Services Info Card FastPass AVAC Quest Ultimus Buy Identity Management Platform : Identity Management Platform Directory Services Provisioning Services Frontend Services Access Services Extended Directory Services Windows Server (Active Directory/ADAM, PKI, AzMan) Directory Services Microsoft Identity Integration Server Provisioning & Password Management Services Active Directory Federation Server Quest /Centrify HIS & ESSO You do not have the permission to view this presentation. In order to view it, please contact the author of the presentation.
Identity and Access Management Overview aSGuest10677 Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINT lite Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: (To copy code, click on the text box) Embed: URL: Thumbnail: WordPress Embed Customize Embed The presentation is successfully added In Your Favorites. Views: 1401 Category: Business & Fin.. License: All Rights Reserved Like it (1) Dislike it (0) Added: January 15, 2009 This Presentation is Public Favorites: 0 Presentation Description No description available. Comments Posting comment... By: techblue (21 month(s) ago) Good Presentation You must take a look on Techblue Software's Product that is a recognized leader in the Software Development field. TechBlue Software is a recognized leader in the Software Development field, having helped a range of organizations in their mission to cut down their costs while retaining or increasing the level of quality of their software. Active Directory Password Reset Solution (ADPR) is TechBlue Software flagship product for active directory user management. TechBlue Software provides solution for small and large businesses. Specializing in custom development and well crafted products. Active Directory Password Reset Program Large number of IT helps desk calls involve password-related issues. TechBlue Software reset is the best tool to better manage such situations. Active Directory Password Reset Program (ADPR) is Techbluesoftware flagship product for active directory user management and user account management for help desk management and a very effective active directory password manager and password management solution. The latest development includes secure and cost effective Active Directory Password Reset solution, providing a secure way for password reset; password change and account unlock capabilities. Get More Details On http://www.techbluesoftware.com/ Saving..... Post Reply Close Saving..... Edit Comment Close By: yyshah (37 month(s) ago) Hi, Can you please forward me your presentation on id: yash.shah1983@gmail.com Saving..... Post Reply Close Saving..... Edit Comment Close Premium member Presentation Transcript Identity and Access Management: Overview : Identity and Access Management: Overview Rafal Lukawiecki Strategic Consultant, Project Botticelli Ltd rafal@projectbotticelli.co.uk www.projectbotticelli.co.uk Copyright 2006 © Microsoft Corp & Project Botticelli Ltd. E&OE. For informational purposes only. No warranties of any kind are made and you have to verify all information before relying on it. You can re-use this presentation as long as you read, agree, and follow the guidelines described in the “Comments” field in File/Properties. This presentation is based on work of many authors from Microsoft, Oxford Computer Group and other companies. Please see the “Introductions” presentation for acknowledgments. Objectives : Objectives Build a good conceptual background to enable later technical discussions of the subject Overview the problems and opportunities in the field of identity and access management Introduce terminology Highlight a possible future direction Session Agenda : Session Agenda Identity Problem of Today Identity Laws and Metasystem Components and Terminology Roadmap Slide 4: Identity Problem of Today Universal Identity? : Universal Identity? Internet was build so that communications are anonymous In-house networks use multiple, often mutually-incompatible, proprietary identity systems Users are incapable of handling multiple identities Criminals love to exploit this mess Explosion of IDs : Explosion of IDs Pre 1980’s 1980’s 1990’s 2000’s # of Digital IDs Time The Disconnected Reality : The Disconnected Reality “Identity Chaos” Lots of users and systems required to do business Multiple repositories of identity information; Multiple user IDs, multiple passwords Decentralized management, ad hoc data sharing Enterprise Directory HR System Infra Application Lotus Notes Apps In-House Application COTS Application NOS In-House Application Multiple Contexts : Your COMPANY andyour EMPLOYEES Customer satisfaction & customer intimacy Cost competitiveness Reach, personalization Collaboration Outsourcing Faster business cycles; process automation Value chain M&A Mobile/global workforce Flexible/temp workforce Multiple Contexts Trends Impacting Identity : Trends Impacting Identity Increasing Threat Landscape Identity theft costs banks and credit card issuers $1.2 billion in 1 yr $250 billion lost in 2004 from exposure of confidential info Maintenance Costs Dominate IT Budget On average employees need access to 16 apps and systems Companies spend $20-30 per user per year for PW resets Deeper Line of Business Automation and Integration One half of all enterprises have SOA under development Web services spending growing 45% CAGR Rising Tide of Regulation and Compliance SOX, HIPAA, GLB, Basel II, 21 CFR Part 11, … $15.5 billion spend in 2005 on compliance (analyst estimate) Data Sources: Gartner, AMR Research, IDC, eMarketer, U.S. Department. of Justice Pain Points : BusinessOwner End User IT Admin Developer Security/ Compliance Too expensive to reach new partners, channels Need for control Too many passwords Long waits for access to apps, resources Too many user stores and account admin requests Unsafe sync scripts Pain Points Redundant code in each app Rework code too often Too many orphaned accounts Limited auditing ability Possible Savings : Possible Savings Directory Synchronization “Improved updating of user data: $185 per user/year” “Improved list management: $800 per list” - Giga Information Group Password Management “Password reset costs range from $51 (best case) to $147 (worst case) for labor alone.” – Gartner User Provisioning “Improved IT efficiency: $70,000 per year per 1,000 managed users” “Reduced help desk costs: $75 per user per year” - Giga Information Group Can We Just Ignore It All? : Can We Just Ignore It All? Today, average corporate user spends 16 minutes a day logging on A typical home user maintains 12-18 identities Number of phishing and pharming sites grew over 1600% over the past year Corporate IT Ops manage an average of 73 applications and 46 suppliers, often with individual directories Regulators are becoming stricter about compliance and auditing Orphaned accounts and identities lead to security problems Source: Microsoft’s internal research and Anti-phishing Working Group Feb 2005 One or Two Solutions? : One or Two Solutions? Better Option: Build a global, universal, federated identity metasystem Will take years… Quicker Option: Build an in-house, federated identity metasystem based on standards Federate it to others, system-by-system But: both solutions could share the same conceptual basis Slide 14: Identity Laws and Metasystem Lessons from Passport : Lessons from Passport Passport designed to solve two problems Identity provider for MSN 250M+ users, 1 billion logons per day Significant success Identity provider for the Internet Unsuccessful: Not trusted “outside context” Not generic enough Meant giving up control over identity management Cannot re-write apps to use a central system Learning: solution must be different than Passport Idea of an Identity Metasystem : Idea of an Identity Metasystem Not an Identity System Agreement on metadata and protocols, allowing multiple identity providers and brokers Based on open standards Supported by multiple technologies and platforms Adhering to Laws of Identity With full respect of privacy needs Roles Within Identity Metasystem : Roles Within Identity Metasystem Identity Providers Organisations, governments, even end-users They provide Identity Claims about a Subject Name, vehicles allowed to drive, age, etc. Relying Parties Online services or sites, doors, etc. Subjects Individuals and other bodies that need its identity established Metasystem Players : Metasystem Players Relying Parties Require identities Subjects Individuals and other entities about whom claims are made Identity Providers Issue identities Identity Metasystem Today : Identity Metasystem Today Basically, the set of WS-* Security Guidelines as we have it Plus Software that implements the services Microsoft and many others working on it Companies that would use it Still to come, but early adopters exist End-users that would trust it Will take time Identity Lawswww.identityblog.com : Identity Lawswww.identityblog.com User Control and Consent Minimal Disclosure for a Constrained Use Justifiable Parties Directed Identity Pluralism of Operators and Technologies Human Integration Consistent Experience Across Contexts Enterprise Applicability : Enterprise Applicability That proposed metasystem would work well inside a corporation Of course, we need a solution before it becomes a reality Following the principles seems a good idea while planning immediate solutions Organic growth likely to lead to an identity metasystem in long term Enterprise Trends : Enterprise Trends Kerberos is very useful but increasingly it does not span disconnected identity forests and technologies easily We are moving away from static Groups and traditional ACLs… Increasingly limited and difficult to manage on large scales …towards a dynamic combination of: Role-Based Access Management, and, Rich Claims Authorization PKI is still too restrictive, but it is clearly a component of a possible solution Slide 23: Components and Terminology What is Identity Management? : What is Identity Management? Strong Authentication Authorization Role Management Digital Rights Management Identity and Access Management : Identity and Access Management The process of authenticating credentials and controlling access to networked resources based on trust and identity Repositories for storing and managing accounts, identity information, and security credentials The processes used to create and delete accounts, manage account and entitlement changes, and track policy compliance Remember the Chaos? : Remember the Chaos? Enterprise Directory HR System Infra Application Lotus Notes Apps In-House Application COTS Application NOS In-House Application Identity Integration : Identity Integration HR System Infra Application Lotus Notes Apps In-House Application COTS Application Student Admin In-House Application Identity Integration Server Enterprise Directory IAM Benefits : IAM Benefits Benefits to take you forward (Strategic) Benefits today (Tactical) Some Basic Definitions : Some Basic Definitions Authentication (AuthN) Verification of a subject’s identity by means of relying on a provided claim Identification is sometimes seen as a preliminary step of authentication Collection of untrusted (as yet) information about a subject, such as an identity claim Authorization (AuthZ) Deciding what actions, rights or privileges can the subject be allowed Trend towards separation of those two Or even of all three, if biometrics are used Components of IAM : Components of IAM Administration User Management Password Management Workflow Delegation Access Management Authentication Authorization Identity Management Account Provisioning Account Deprovisioning Synchronisation IAM Architecture : IAM Architecture Slide 32: Roadmap Microsoft’s Identity Management : Microsoft’s Identity Management PKI / CA Extended Directory Services Active Directory & ADAM Enterprise Single Sign On Authorization Manager Active Directory Federation Services Audit Collection Services BizTalk Identity Integration Server ISA Server SQL Server Reporting Services for Unix / Services for Netware Directory (Store) Services Access Management Identity Lifecycle Management Components of a Microsoft-based IAM : Components of a Microsoft-based IAM Slide 35: Summary Summary : Summary We have reached an “Identity Crisis” both on the intranet and the Internet Identity Metasystem suggests a unifying way forward Meanwhile, Identity and Access Management systems need to be built so enterprises can benefit immediately Microsoft is rapidly becoming a strong provider of IAM technologies and IM vision www.microsoft.com/idm & www.microsoft.com/itsshowtime & www.microsoft.com/technet Special ThanksThis seminar was prepared with the help of: : Special ThanksThis seminar was prepared with the help of: Oxford Computer Group Ltd Expertise in Identity and Access Management (Microsoft Partner) IT Service Delivery and Training www.oxfordcomputergroup.com Microsoft, with special thanks to: Daniel Meyer – thanks for many slides Steven Adler, Ronny Bjones, Olga Londer – planning and reviewing Philippe Lemmens, Detlef Eckert – Sponsorship Bas Paumen & NGN - feedback Slide 38: Appendix Identity Management Platform : Identity Management Platform Directory Services Identity Management Platform : Identity Management Platform Directory Services Provisioning Services Frontend Services Identity Management Platform : Identity Management Platform Directory Services Provisioning Services Frontend Services Access Services Identity Management Platform : Identity Management Platform Directory Services Provisioning Services Frontend Services Access Services Extended Directory Services Identity Management Platform : Identity Management Platform Directory Services Provisioning Services Frontend Services Access Services Extended Directory Services Windows Server (Active Directory/ADAM, PKI, AzMan) Directory Services Identity Management Platform : Identity Management Platform Directory Services Provisioning Services Frontend Services Access Services Extended Directory Services Windows Server (Active Directory/ADAM, PKI, AzMan) Directory Services Microsoft Identity Integration Server Provisioning & Password Management Services Identity Management Platform : Identity Management Platform Directory Services Provisioning Services Frontend Services Access Services Extended Directory Services Windows Server (Active Directory/ADAM, PKI, AzMan) Directory Services Microsoft Identity Integration Server Provisioning & Password Management Services Active Directory Federation Server Identity Management Platform : Identity Management Platform Directory Services Provisioning Services Frontend Services Access Services Extended Directory Services Windows Server (Active Directory/ADAM, PKI, AzMan) Directory Services Microsoft Identity Integration Server Provisioning & Password Management Services Active Directory Federation Server Quest /Centrify Identity Management Platform : Identity Management Platform Directory Services Provisioning Services Frontend Services Access Services Extended Directory Services Windows Server (Active Directory/ADAM, PKI, AzMan) Directory Services Microsoft Identity Integration Server Provisioning & Password Management Services Active Directory Federation Server Quest /Centrify HIS & ESSO ISA Server Identity Management Platform : Identity Management Platform Directory Services Provisioning Services Frontend Services Access Services Extended Directory Services Windows Server (Active Directory/ADAM, PKI, AzMan) Directory Services Microsoft Identity Integration Server Provisioning & Password Management Services Active Directory Federation Server Quest /Centrify HIS & ESSO ISA Server MOM & ACS Identity Management Platform : Identity Management Platform Directory Services Provisioning Services Frontend Services Access Services Extended Directory Services Windows Server (Active Directory/ADAM, PKI, AzMan) Directory Services Microsoft Identity Integration Server Provisioning & Password Management Services Active Directory Federation Server Quest /Centrify HIS & ESSO ISA Server MOM & ACS Info Card Identity Management Platform : Identity Management Platform Directory Services Provisioning Services Frontend Services Access Services Windows Server (Active Directory/ADAM, PKI, AzMan) Directory Services Microsoft Identity Integration Server Provisioning & Password Management Services Active Directory Federation Server Quest /Centrify HIS & ESSO ISA Server MOM & ACS Info Card Extended Directory Services Identity Management Platform : Identity Management Platform Windows Server (Active Directory/ADAM, PKI, AzMan) Directory Services Microsoft Identity Integration Server Provisioning & Password Management Services Frontend Services Access Services Sharepoint Active Directory Federation Server Quest /Centrify ISA Server MOM & ACS HIS/ESSO Extended Directory Services Info Card IIS AzMan SQL-Server BizTalk Build Identity Management Platform : Identity Management Platform Windows Server (Active Directory/ADAM, PKI, AzMan) Directory Services Microsoft Identity Integration Server Provisioning & Password Management Services Frontend Services Access Services bHold Active Directory Federation Server Quest /Centrify ISA Server MOM & ACS HIS/ESSO Extended Directory Services Info Card FastPass AVAC Quest Ultimus Buy Identity Management Platform : Identity Management Platform Directory Services Provisioning Services Frontend Services Access Services Extended Directory Services Windows Server (Active Directory/ADAM, PKI, AzMan) Directory Services Microsoft Identity Integration Server Provisioning & Password Management Services Active Directory Federation Server Quest /Centrify HIS & ESSO