Upload
others
View
1
Download
0
Embed Size (px)
Citation preview
Securing The EnterpriseSmart Card Alliance11th Annual Fall ConferenceOctober 16, 2003
Albert LeungGroup Marketing ManagerJava Card TechnologySun Microsystems, Inc.
Enterprise Market Statistics● Smart cards for network security demand
– Under 5 million cards in 2000 (source: Dataquest)– 155 million cards projected in 2004 (source: Dataquest)
● Windows outlook– 1 in 3 users of Windows 2000 will log-on with a smart
card by 2004 (source: Dataquest)
● PKI product and service revenue– $345 million in 1998 (source: Dataquest)– $3.6 billion projected in 2003 (source: Dataquest)
● Survey: 2,500 largest international companies
– 98% currently use static IDs/passwords for th ti ti
Multi-application Smart Card is Key to Secure Enterprise Digital Identity
Back Office ServersBack Office Servers
NetworkNetworkServicesServices
What is JavaBadge?Sun's new digital key to the global enterprise...
...Securely delivering enterprise services...
Why JavaBadge for Enterprise Authentication?
JavaBadge Goal● Securely enable the virtual enterprise by
rebadging employees with a multi-application Java-powered digital ID card for:
– Authentication throughout the enterprise– Convenient access to enterprise services
● Improve security and increase productivity● Reduce costs and complexity● Single, federated source for all credentials● Deliver best practices and expertise for use in
customers' enterprise deployments
JavaBadge Functions● Physical access
– Transition from mag stripe to contactless readers● Logical access via single sign-on
– Multi-factor authentication– Platform for legacy and future credentials
▪ Static IDs/passwords▪ Dynamic challenge/response (Safeword)▪ PKI digital certificates for authentication,
digital signing, encryption▪ Stores basic "business card" user data
● SunRay server session mobility● ePurse
Multi-Application Badge with Futurevs. Multiple Cards with No Future
=
Corporate ID Card Physical Access CardSunRay Server Session Mobility Card
PKI Authentication Token Card / x509
Safeword Challenge/ Response Card
ePurse/Payment Card
JavaBadge's Potent Potential● Encryption/Decryption● Digital Signatures● Biometrics● ePurse/Cashless Campus● Payment● Customer/Supplier/Partner Tokens● Supplier/Service Migration
i.e. AMEX, United Healthcare, MCI
Customer Focus: Motivations One, Multi-Application Card to allow Secure Access for Customer to Sun's Personalized Portal From Anywhere
=
SunRay Server Session Mobility Card
PKI Authentication Token Card / x509
Personalized soft phone/VoIP on SunRays at Sun's EBC
Epurse / Payment Card
Customers ExperienceIVT
Major OEM:
● Access via Portal to Opt-in & WebCast
● Access from any platform:Sun, Windows, Linux, Mac
All visitors:
● Session mobility● Physical Badge
● Registration & Opt-in● JavaCard applets support● Digital conference room
● WebCast● iForce demos
All visitors:
● Access to content via Portal● E-Messaging
● JavaCard applets support● WebCast
PKI Authentication
PKI Authentication
Pre-Visit Post-VisitVisit
Strong Credentials in PKI● PKI critical for enabling Liberty, iWork
– Core technology for single sign-on: Employee Portal; Personalized Customer Portal
– Authentication: digital signatures; encryption for email and documents
– Strong credentials: virtually uncrackable– Key to iWork: VPN access; global persistent
sessions; Sun ONE web services– Fundamental enabler for Liberty Alliance
in the enterprise
All Services Delivered Through PortalRuns on any device
or OS with a browser
ConsistentInterface with
Content Channels
All DARTs*Availableas Web
Services
Emailand
CalendarDelivered
as aService
Digital ID
*Data, Applications, Reports & Transactions
Sun IT Directions● JavaBadge Digital Identity● JavaTM Desktop System● Global login / Flexible Offices / Thin
Clients, Persistent Sessions, Mobile Secure Access
● VoIP and Soft PBX● Services to the Edge (Email/Calendar)
Java Desktop System
● Secure Mobile Access through VPN and Portal
● EnvironmentSynchronization
● Bundled Open Stack
● GNOME Desktop● StarOfficeTM
Software ● Mozilla● Evolution
Global Persistent Session via Thin ClientUser Starts Session onHome Sun RayServer withSmart Card
User MovesSession
Who Needs aFixed OfficeAnymore!
VoIP Soft Phones on Sun Ray Server Replaces Standard
Phones
Soft PBX
Voice Communications
Voice Network
IP Network
Soft PBXMessaging Convergence:“Follow-Me” NumberVoicemail RoutingConference CallsFax RoutingWeb InterfaceEmail/Voicemail Integration
Phone Number Follows
JavaBadge
Follow-Me Number Will Route to
Cellphone
VoIP on Long Haul
Office
Airplane
Hotel
Airplane
Office
Conference Room
Flex Office
Home
Flex Office
Always Secure, Always Encryptedto Your JavaBadge
Home
“Day in the Life” Secure Session Access
Mobility With Security Today
BigSavings
=
● 27, 000+ Sun Rays deployed at Sun● 1 SysAdmin per 2000 clients● $ 2.8M Power Savings ● Zero Move/Add/Changes● Patching and OS upgrade speed● Zero annual desktop
refresh costs● $71M/yr Savings in Real Estate● Software License Savings● Secure: token authentication, no viruses● Silent: no fans or moving part● No User time for boot up and OS management
BigSavings
=
Mobility With Security Tomorrow● Soft phone Savings● Soft PBX (available today)● N1™/Grid on Sun Rays● Zero admin offices● Sun Ray at home
– No license costs– No admin costs– No lost data– No sync file problems– Secure connection with token– Fast and simple
Secure Access AnywhereUnmanagedClient withBrowser
Sun Ray at Home
Unmanaged Client with Browser
Managed Clientwith iWORK
Toolkit
Dial upConnect Dial Upand Broadband
Broadband
Managed Client with iWORK Toolkit
VPN Tunnel
VPN Tunnel
VPN Tunnel
Portal
Por
tal
WAN Resources
For more information:http:://java.sun.com/products/javacard