Information Security - Neil Readshaw
Neil Readshaw 270001X752 firstname.lastname@example.org Tags:  tivoli-security-policy-ma... pcty tspm pcty-nordic security microsoft-sharepoint pulse 630 Visits
In a couple of days I fly to Copenhagen to attend and speak at the Nordic version of Tivoli's Pulse Comes to You customer event. As well as meeting with specific customers, I am looking forward to reprising the "Heterogeneous Identity and Access Management for Microsoft Office SharePoint Server" presentation that Nataraj Nagaratnam and myself developed for the global Pulse event. As in Vegas, I'll be demo'ing some advanced capabilities that integrate Tivoli Security Policy Manager and Microsoft SharePoint for fine-grained application entitlements.
If you'll be at Pulse Nordic, stop by and say hej/hei/hallo/g'day.
Neil Readshaw 270001X752 email@example.com Tags:  authorization tspm tivoli-access-manager tameb security-policy-managemen... tivoli-security-policy-ma... authorization-policy-desi... tam 1 Comment 1,245 Visits
I've worked with Tivoli Access Manager (TAM) for a long time (through three product name changes and two company name changes at least) and have been getting into Tivoli Security Policy Manager (TSPM) over the last year or so. One of the things that I have become more aware of is the different thought process I go through to design authorization policies with these two products. I wouldn't say that I have developed a migration procedure or anything like that just yet. However, I did want to write down a few notes on the approach I take and how I neutralize the TAM bias currently in my brain.
Firstly, here is a recap on writing TAM authorization policies:
TSPM authorization policies, making some indirect comparisons to TAM authorization policies, have these highlights:
When it comes time to construct policies in TSPM, I try to keep these things at front of mind:
Then, I (think I) go through a process like this. For each role (including the special 'all authenticated' and 'everyone' roles)
I hope you found that useful. Now then, if you've played with TSPM or other XACML based products, how do you approach policy authoring?
Neil Readshaw 270001X752 firstname.lastname@example.org Tags:  demo pulse entitlements tspm sharepoint 2 Comments 918 Visits
In a few hours I head to Brisbane airport to begin my 18-20 hour journey to IBM Pulse in Las Vegas. I am looking forward to catching up with colleagues and customers from my time working in the US, and a lot of new faces as well.
Over the last week I have been putting the finishing touches on my presentation, thanks to some constructive review from my colleagues. The demo has come together brilliantly as well. One of the stretch goals for the demo is to show a prototype of some Tivoli Security Policy Manager/SharePoint integration. I'm pleased to say that the developers involved have gone through with flying colours and the demo will go ahead as planned. I will show two scenarios involving TSPM for XACML based fine grained entitlements, as well as some Tivoli Access Manager and Tivoli Compliance Insight Manager integraiton (also prototype). The usual caveats around prototype code apply of course, but I am hoping that the concept and business value get conveyed.
Neil Readshaw 270001X752 email@example.com Tags:  tfim sharepoint tam pulse security tim tspm 1 Comment 1,028 Visits
What better way to kick off my external IBM blog than to share with you some details of the presentation I intend to give at IBM Pulse in Las Vegas in early February. The presentation is titled Heterogeneous Identity and Access Management for Microsoft Office SharePoint Server. Integration with Microsoft SharePoint has been a topic of growing interest among our customers, and I'm excited about the chance to update people on the solutions we have available now, and the even newer things that are being explored, planned, discussed, implemented.
What I'd hope attendees get from the presentation is:
What I hope to get from delivering the presentation is copious feedback from customers and business partners on how they perceive the suitability of some of the solutions I will present (and demo!) as well as where they still see gaps that we must close. What we can't cover during my scheduled session can be discussed at one of the hospitality functions throughout the week.
I hope to see you there, but if you can't make it and have an interest in the topic, let me know and we can setup another time to discuss.