redp4548.pdf - Front cover Addressing Identity Access and Compliance Requirements Using IBM Tivoli Identity and Access Assurance Introduces security

redp4548.pdf - Front cover Addressing Identity Access and...

This preview shows page 1 - 8 out of 62 pages.

ibm.com /redbooks Red paper Front cover Addressing Identity, Access, and Compliance Requirements Using IBM Tivoli Identity and Access Assurance Axel Buecker Ryan Fanzone Leandro Hobo Mike Maurer Introduces security solution and security management components Describes tangible business benefits and investment returns Provides customer deployment scenarios
Image of page 1
Image of page 2
International Technical Support Organization Addressing Identity, Access, and Compliance Requirements Using IBM Tivoli Identity and Access Assurance September 2010 REDP-4548-00
Image of page 3
© Copyright International Business Machines Corporation 2010. All rights reserved. Note to U.S. Government Users Restricted Rights -- Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp. First Edition (September 2010) This edition applies to Version 1.1 of the IBM Tivoli Identity and Access Assurance offering, Product number 5724-X91. Note: Before using this information and the product it supports, read the information in “Notices” on page v.
Image of page 4
© Copyright IBM Corp. 2010. All rights reserved. iii Contents Notices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .v Trademarks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . vi Preface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .vii The team who wrote this paper . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .vii Now you can become a published author, too! . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . viii Comments welcome. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ix Stay connected to IBM Redbooks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ix Chapter 1. IBM Tivoli Identity and Access Assurance . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 1.1 Overview of the solution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 1.1.1 Help automate the management of compliance initiatives . . . . . . . . . . . . . . . . . . . 2 1.1.2 Help with operational efficiency and cost reduction . . . . . . . . . . . . . . . . . . . . . . . . 2 1.1.3 Help address security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 1.1.4 Help improve user productivity and cost reduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 1.2 IBM Tivoli Identity and Access Assurance components . . . . . . . . . . . . . . . . . . . . . . . . . 3 1.2.1 IBM Tivoli Identity Manager V5.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 1.2.2 IBM Tivoli Access Manager for Operating Systems V6.0 . . . . . . . . . . . . . . . . . . . . 4 1.2.3 IBM Tivoli Security Information and Event Manager V2.0. . . . . . . . . . . . . . . . . . . . 4 1.2.4 IBM Tivoli Unified Single Sign-On V1.1. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 1.2.5 Included IBM middleware products. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 1.3 Tangible benefits and return on investment (ROI) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 1.3.1 Impact on business drivers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 1.3.2 Impact on IT operations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 1.4 Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12 Chapter 2. Customer scenarios . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13 2.1 Single sign-on and centralized user ID management for employees . . . . . . . . . . . . . . 13 2.1.1 Phase 1: Implementing an automatic provisioning service . . . . . . . . . . . . . . . . . . 14 2.1.2 Phase 2: Implementing password-reset self-service. . . . . . . . . . . . . . . . . . . . . . . 18 2.1.3 Phase 3: Implementing enterprise single sign-on . . . . . . . . . . . . . . . . . . . . . . . . . 21 2.2 Log and access management for audit readiness . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26 2.2.1 Phase 1: Implementing improved log management . . . . . . . . . . . . . . . . . . . . . . . 26 2.2.2 Phase 2: Implementing improved access controls for applications. . . . . . . . . . . . 31 2.3 Accessing services from external business partners . . . . . . . . . . . . . . . . . . . . . . . . . . 37 2.3.1 Phase 1: Enabling access to third-party business services . . . . . . . . . . . . . . . . . 38 2.3.2 Phase 2: Enabling federated identity-management-based access. . . . . . . . . . . . 41 2.3.3 Phase 3: Implementing centralized logging and reporting . . . . . . . . . . . . . . . . . . 43 2.4 Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45 Related publications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47 IBM Redbooks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47 Online resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47 How to get Redbooks. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48 Help from IBM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48
Image of page 5
iv Addressing Identity, Access, and Compliance Requirements Using IBM Tivoli Identity and Access Assurance
Image of page 6
© Copyright IBM Corp. 2010. All rights reserved. v Notices This information was developed for products and services offered in the U.S.A.
Image of page 7
Image of page 8

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture