THE IDENTITY BROKER AS DRIVER FOR GROWTHTHE IDENTITY SUMMIT 2015

Jens SonnentrückerHead of Identity Access Management & Governance, Swisscom

Benjamin MateiSecurity Consultant for IAM, Swisscom

Amsterdam - 05. November 2015

About Swisscom AGThe leading telecommunications company in Switzerland

2

Data meritsoptimalprotection

1,2 MioTV subscribers

BestInfrastructure

2,7 MioLandlines

21’599Employees

Employees from88 nations,innovative work models

Swiss made – for the world

300 Multinationalcustomers in

2’600 internationaloffices,

Swisscom offices in Vienna und Singapore

1,9 MioBroadband customers

One of the mostsustainablecompaniesof Switzerland

6,5 MioMobile customers

>35’000Offices connected

>6’000Served major customers

ISO 27001ISO 15504

certified

2'893 Mio.CHF net sales

1'051 Mio.CHF EBITDA

Field-Service in 20 Min.on-site

Swisscommore than «just» a telecommunications provider

3

200Banks 50’000

UCC-Users

35’000Printers

117’000Desktopcomputers

1’100Banking specialists

85Operational

banking platforms

11’500Servers

13 PBManaged storage

42’000 kmfibre optics

190’000 kmcopper lines

170SAP servicecustomers

6 SAP Quality Awards

>1 Mrd./yearInvestment in networkinfrastructure

1’800Hotspotsin Switzerland

Private Cloud

Public Cloud

Hybrid CloudCloud Provider

Swisscom Storebox

Cloud-memory for your Company

Secure document storagein one placeSwisscom Docsafe

Evita Electronichealth dossier

M2MConnecting thingsfor people

Quing Home Your smart homeby Swisscom

Tapit AccessPhysical access withyour mobile

Simple design and usage Trustfully

participatingIn the digital future

Inspire new forms of value creation

Inno-vative detec-tion

Security must be simple

Base

Swisscom SecurityOur standard: «We create security for people in a connected world – any time and anywhere»

5

6

IAM From Then To Now

2000< 1989 2014

IDP IDP

7

The Future of Identity Management and Authentication at Swisscom

> The IAM of tomorrow orients itself towards the consumer market.

> Digital Identities create a competitive market place

> Management of digital identities is key for the Internet of Things (IoT)

> Self-control over data is the essential for the future of our society..

> Privacy: To whom do we trust what data and why?

> In the Digisphere new forms of digital life are created, mutated and destroyed.

Technical strategy of Swisscom AG

Gartner forecast for the future of IAM until 2020

Vision of SwisscomPeople-centric Identity

Management:

„Swisscom enables its customers to get their right

of informational self-control"

GDI-Study about the future of the connected society

We are convinced that…

… the customer in the digital world wants to have the same privacy as there is for the physical world.

8

The Future of Access Management and Access Control at Swisscom

> Future access management will focus on valuable resources.

> Roles are attributes among others.

> The internet is growing but is also growing apart.

> Data security is also about trust.

> „Smart Contracts“ with integrated algorithms as suitable methodology for the future access control.

Technical strategy of Swisscom AG

Gartner forecast for the future of IAM until 2020

Vision für SwisscomPolicies Based Access Control:

„Swisscom enables its customers to control the risks of the digital world“

GDI-Study about the future of the connected society

We are convinced that…

… the customer should keep its privacy in the most simple way.

9

IAM Vision Until 2025

2017

IDP

> 20252020

IDP

IDP

IDP

IDP

IDP

IDP

10

Use Case “Identity Broker”Bring Your Own Identity @ Swisscom Cloud

Operation Layer

Enterprise Cloud

Cloud Foundry (PaaS)

OpenstackVMware

Infrastructure

Swisscom Network

Service Cloud Application Cloud

Entry Zone

ID BrokerAPI Gateway

11

Use Case “Identity Broker”Architecture of the Access Broker

Identity BrokerCloud Environment

AuthzProvider

Web Applicatio

ns

Policy Management

PDP

PAP

ID Provider Contracts

ClientContracts

Clients(WebUI, mobile/comp. APP)

Identity Stores

IDP 1 IDP 2 IDP …

API-Gateway /

Reverse Proxy

(with PEP)Authn

Provider

12

Use Case “Identity Broker”Bring Your Own Identity for Swisscom Services

Swisscom Cloud Services

Swisscom Residential Services

Swisscom Extranet Services

Swisscom Corporate Services

SwisscomID Broker

CustomerActive Directory

Swisscom CorporateActive Directory

PublicIdentity Provider

IDPPrivateIdentity Provider

Private Cloud

Public Cloud

Quing Home

Storebox Collaboration Serivces

TicketingSystem

Corporate Applicatio

n

Mobile Applicatio

n

13

Clou

d Se

curit

y Ar

chite

ctur

ePortal Login via CustomerAD 26.0

5.20

15

14

Demo “Identity Broker”Portal Login via CustomerAD

15

Demo “Identity Broker”Portal Login via CustomerAD

16

Demo “Identity Broker”Portal Login via CustomerAD

17

Demo “Identity Broker”Portal Login via CustomerAD

18

Demo “Identity Broker”Portal Login via CustomerAD

19

Clou

d Se

curit

y Ar

chite

ctur

ePortal Login via Google+

26.0

5.20

15

20

Demo “Identity Broker”Portal Login via Google+

21

Demo “Identity Broker”Portal Login via Google+

22

Demo “Identity Broker”Portal Login via Google+

23

Demo “Identity Broker”Portal Login via Google+

24

Demo “Identity Broker”Portal Login via Google+

25

Demo “Identity Broker”Portal Login via Google+

26

Demo “Identity Broker”Portal Login via Google+

27

Demo “Identity Broker”Portal Login via Google+

28

Demo “Identity Broker”Portal Login via Google+

Thank you!

SwisscomDev what you can find on http://developer.swisscom.com

Questions?

30

Backup

31

Use Case “Identity Broker”Big Picture PoC Infrasctructure