Single Sign-On Summit Speakers

The Single Sign-On Summit is shaping up as a must-attend event. From perspectives to case-studies, these speakers bring you the real-world experience you need to succeed in your single sign-on deployment.

Perspectives Speakers

John Haggard - Board of Advisors, Passfaces

History of SSO - A Perspective from the Original Front Lines.

SSO is a story of extremes. The history of SSO is a story of extreme complexities, compromises, vulnerabilities, and unintended consequences. This presentation will examine; the beginnings of what today is known as SSO, how we got to where we are, and why this authentication pioneer sees the explosion in Web Services (apps) and XML-based standards (controls) as the driver behind Identity Federation and why SSO is finally being addressed properly.

John Haggard holds a BCSC degree from NIU ('82). Contributions to the security industry are:

Extension of DEA from 56-112 bits (implemented BAL/370, NSA evaluated)

Architect of ACF2 SSO features

Tri-Architect of Extended User Authentication Exit Facility

Co-Founder VASCO Data Security

Advisor for various startups (Passfaces)

Patrick Harding - CTO, Ping Identity

Differentiating SSO Options

Organizations have been grappling to solve Single Sign-On - the 'holy grail' of identity management – for close to 30 years. From the time an organization added that second application their users have been forced to enter multiple credentials. Unfortunately, as technology has gone through phase shifts everyone always conveniently forgets how to address SSO. As such, new technologies have been required every few years to re-address the SSO problem - from Kerberos, to PKI, to Enterprise SSO (E-SSO), to Web Access Management, to Web Services SSO, to Identity Federation and onwards to User-Centric Identity. In this presentation Harding will differentiate between all these SSO technologies and describe how most, if not all of these technologies are still relevant to the enterprise today.

Patrick Harding is the Chief Technology Officer of Ping Identity, responsible for emerging technologies, architecture and standards, and developing the technology strategy for the company. Previously, Harding was a VP and the Security Architect (Enterprise Architect Division) at Fidelity Investments where he was responsible for aligning identity management with the strategic goals of the business.

Dave Kearns - Contributing Editor and Identity Management Consultant, Network World

Customer Perspectives on ESSO - a Panel by Dave Kearns

Panelists:

Steven Craige- Bank of the West
Christopher Paidhrin- Security Compliance Officer, Southwest Washington Medical Center
Michael Thomason- Emory Healthcare

This session, moderated by Network World's Dave Kearns, allows three enterprise implementers (Steven Craige from Bank of the West, Michael Thomason of Emory Healthcare and Christopher Paidhrin of Southwest Washington Medical Center), who chose three different ESSO solutions, to give you the real lowdown on what they learned about themselves, their organizations and their vendors while choosing, negotiating, rolling out and maintaining ESSO for their organizations. You'll hear the straight scoop from these battle-scarred veterans.

Dave Kearns

Dave Kearns is an analyst, writer and consultant in the Silicon Valley, USA, specializing in Identity issues. His newsletter, "Dave Kearns on Identity Management" is published twice weekly by Network World. Kearns primarily provides content services to network vendors: books, manuals, white papers, lectures and seminars, marketing, technical marketing and support documents.

Christopher Paidhrin

Christopher Paidhrin is the IT Security and HIPPA Compliance Officer for ACS-HCS at SWMC in Vancouver, WA. Christopher has worked for many years in IT and business operations, in higher education, private sector and entrepreneur environments, where he has held numerous Director level positions. Christopher is an advocate of IT best practices, standards, learning organizations and knowledge management.

Gunnar Peterson - Principal, Arctec Group

Web Services Single Sign-On: There and Back Again

What happens to your identity information and business data after you press "SUBMIT" on a website? These bits have a journey as dangerous as Frodo Baggins' travels through Mordor. This talk traces the path from the website through the perils that lurk in the enterprise and legacy systems. We will explore what threats are encountered along the way, and how to design a cost effective security architecture with Security Token Servers using open standards.

Gunnar Peterson focuses on distributed systems security for large financial exchanges, healthcare, manufacturer, and insurance systems, as well as emerging start-ups. He is an internationally recognized software security expert, frequently published, an Associate Editor for IEEE Security & Privacy Journal on Building Security In, an Associate Editor for Information Security Bulletin, and a contributor to the SEI and DHS Build Security In portal on software security.

Case Study and Panel Presenters

Implementing Federated SSO at 3M

Bob Brandt - Security Architect, 3M

A presentation about the approach that 3M used to provide interoperable and cost-effective, simplified Single Sign-On (SSO) in its multi-vendor environment. Standardization towards federated SSO between companies’ environments and some current open challenges will also be discussed.

Rich is a Director in PricewaterhouseCoopers Identity Management practice with over 12 years experience in Identity Management area. Over the past seven years Rich has worked extensively with Fortune 50 companies in the financial, manufacturing and pharmaceutical sectors. Rich specializes in the design and deployment of comprehensive security solutions including Web Access Control, RBAC, Directories and Federation.

GM’s Experiences Implementing Single Sign On (SSO)

Andrew Cameron - Enterprise Architect for SSO Technologies, General Motors

Implementing identity management systems and associated best practices in your organization can give you a real competitive advantage. This session will discuss GM’s global SSO strategy and implementation experiences. It will describe GM's journey including lessons learned and some war stories that will help ensure the success of Identity Management at any company. The focus of the discussion will be on GM’s experiences with SSO, Identity data, processes, adoption, roll out and future possibilities.

K. Andrew Cameron has over 18 years of experience helping companies enable business solutions with Information Technology. Andrew specializes in the design and implementation of Security, and Access & Identity Management systems architecture. He has led initiatives that have enabled SSO within the GM Enterprise for hundreds of key business applications.

Identity Integration: The Key to Successful SSO

Todd Clayton - President and CEO, Coreblox

The core value of Single-Sign-On (SSO) is to enable a user to authenticate once and gain access to the resources of multiple systems thereby increasing security and providing a simplified and unified experience for application users. Several solutions, particularly on the Web Access Management side, have addressed the challenge of SSO at the application layer. However, often overlooked is the "behind the scenes" requirement of identity integration in cases where identities and credentials exist in multiple repositories. Without the ability to correlate and synchronize data and expose a unified profile, users can not be properly identified and integrated into a unified system and SSO cannot be successfully deployed.

Todd Clayton has fourteen years of executive experience overseeing the design, development, delivery and support of award winning eService and Identity Management solutions. Prior to founding CoreBlox in 2005, Todd served as Director of Business Systems and a Senior Architect at Netegrity, a leading provider of Identity Management solution, which was acquired by Computer Associates in 2004.

SSO at the Commonwealth of Pennsylvania

Mark Ford - Principal, Enterprise Risk Services, Deloitte & Touche

Frank Morrow - Division Manager, Commonwealth of Pennsylvania

A case study on secure single sign on to applications at the Commonwealth of Pennsylvania which are utilized by common user groups across multiple agencies of the government, including about 65,000 business users and over 200,000 residents of Pennsylvania. The presentation will cover the implementation at the enterprise as well as at two major agencies. The general architecture for identity management at the Commonwealth will also be discussed.

Mark Ford is the U.S. National Managing Principal of the Identity & Access Management Service Offering within the Deloitte & Touche LLP Security & Privacy Services practice. Mark also helped found our Identity Management service offering and has specialized in IAM for over 10 years.

Frank Morrow has worked for the Commonwealth of Pennsylvania for 9 years, primarily in security and IAM. He was originally with the Department of Public Welfare and is now with the Governor's Office of Administration. He has a BS degree from the University of Connecticut and a PhD from Cornell University.

Federation: An Essential Tool for Chrysler

Richard Kneeley - Director, Technology Practice, Security Identity Management, PWC

The existing environment utilized a variety of solutions to establish SSO to third party partners and across the global organization. On top of this, necessary initiatives were knowingly going to further impact existing internal SSO functionality. Recognizing all of the SSO needs, both internal to the organization and external to the organization, the inefficiencies of disparate SSO solutions, and the increasing demand for additional SSO agreements internal and external to the organization, a Federation strategy was developed as was an associated implementation roadmap. The implementation soon followed and to this point Federation has addressed the following key areas: SSO from a global supplier portal to enterprise applications, SSO from an employee facing portal to a remotely hosted time and expense system, and SSO internal to the organization for applications with incompatible security mechanisms. Future plans are currently in place to continue to replace dated, non-standards based mechanisms and to continue to integrate new partners via the centralized Federation infrastructure.

Federated Identity Communities in Action

Dave Miller - CSO, Covisint

The development of communities of interest for business, government and healthcare is on the rise. These communities are sharing more and more data every day and often times they are comprised of competitors or organizations that are distrustful of each other. A new model has risen where in each of these types of communities "identity brokers" have allowed for this information sharing in a secure and auditable manner. This session will outline lessons learned in establishing these "identity brokers", along with best practices for "identity community systems".

David Miller is Chief Security Officer for Covisint, where he is responsible for internal and external system architecture security issues for e-business exchange. In addition, Miller directs the identity management offering at Covisint, which currently secures access for automotive, healthcare and government customers.

Implementing Federated SSO in the Pharmaceutical Industry

Steve Miller - Identity Management Architect, Wyeth

The presentation will provide an overview of the process and technology involved in implementing Federated Single Sign-On at Wyeth. The focus will be on the successful integration of Ping Identity's PingFederate with a Microsoft IIS Intranet and SAP Netweaver Portal using internally trusted identities. The presentation will also touch on future plans to extend SSO to other applications (eRoom, Documentum, WebEx, . . . ) and plans to evaluate leveraging the current infrastructure to begin trusting identities of key business partners.

Steve has worked in various roles in Corporate IT for over 12 years, including engineering and architecture roles in the Desktop, Server, Networking, and Identity Management disciplines. He is currently the Identity Management Architect at Wyeth where he defines the Identity Management Strategy and ensures that engineering efforts are aligning with the strategic direction and business requirements.

Enterprise Single Sign-On: What Every Security Executive Needs to Know

Ken Tyminski - Retired CISO, Prudential

Many security managers who want to add enterprise single sign-on to their security framework to combat password fatigue, password inflation and related problems run into stumbling blocks in securing funding. Kenneth Tyminski, former chief information security officer for one of the country's largest financial services companies, will discuss the top five business drivers that can help convince corporate executives to earmark funds for an ESSO implementation. The discussion will also debunk the three main myths about single sign-on and offers a list of guidelines for organizations to use in determining whether they would benefit from an ESSO deployment.

Ken Tyminski has more than 32 years of information technology experience. Ken recently retired from Prudential Financial where he served as Vice President and Chief Information Security Officer for the enterprise. Ken has also managed Information Technology Help Desks, IT Controls and Compliance functions, Technology Research and Software Engineering organizations.