1 / 17

Directories for Inter-Enterprise Collaboration

Directories for Inter-Enterprise Collaboration. Eric Burger, PI. The State of the Art. Enterprises with secure networks Keep bad guys out Keep data in. The Problem. Good guys cannot get in Collaboration data cannot get out People cannot get their jobs done. The Problem.

inga
Download Presentation

Directories for Inter-Enterprise Collaboration

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Directories for Inter-Enterprise Collaboration Eric Burger, PI

  2. The State of the Art • Enterprises with secure networks • Keep bad guys out • Keep data in S2ERC Planning Workshop

  3. The Problem • Good guys cannot get in • Collaboration data cannot get out • People cannot get their jobs done S2ERC Planning Workshop

  4. The Problem • Good guys cannot get in • Collaboration data cannot get out • People cannot get their jobs done Sometimes our security technology works too well S2ERC Planning Workshop

  5. Why Don’t We Use Existing Protocols? NOTICE • Technology • Incompatible protocols • Different methods of manipulating security infrastructure • Policy • Impact of laws, regulations, economics • Leads to non-obvious behavior If It’s Stupid But WorksIt’s Not Stupid In theory, there is no difference between theory and practice. In practice, there is. – Yogi Berra S2ERC Planning Workshop

  6. Overarching Philosophy • Do not build theoretically perfect protocol first • Find out what enterprises can deploy first • Then build the appropriate protocol S2ERC Planning Workshop

  7. Telepresence As an Example S2ERC Planning Workshop

  8. Problem S2ERC Planning Workshop

  9. Why? What is Different Here? • Public companies • Due standard of care for proprietary information • SOX • Health care: HIPPA • Financial Services: BASEL III January 22, 2012 Cameras May Open Up the Board Room to Hackers By NICOLE PERLROTH SAN FRANCISCO — One afternoon this month, a hacker took a tour of a dozen conference rooms around the globe via equipment that most every company has in those rooms; videoconferencing equipment. With the move of a mouse, he steered a camera around each room, occasionally zooming in with such precision that he could discern grooves in the wood and paint flecks on the wall. In one room, he zoomed out through a window, across a parking lot and into shrubbery some 50 yards away where a small animal could be seen burrowing underneath a bush. With such equipment, the hacker could have easily eavesdropped on privileged attorney-client conversations or read trade secrets on a report lying on the conference room table. S2ERC Planning Workshop

  10. Technology Issues to Overcome • How can an enterprise enable a partner to discover endpoint addresses? • How can an enterprise that needs to keep endpoint addresses private advertise those addresses to partners? • How can an enterprise share this information with select individuals at partner enterprises? S2ERC Planning Workshop

  11. Issues Are Not Technology • Impetus for closing the network are • Public policy • Law • Regulation • Economics (e.g., competitive advantage) • Need to work out these issues before we solve the technology • Goal: Create tailored trustworthy space for real-time communications S2ERC Planning Workshop

  12. Project Proposal S2ERC Planning Workshop

  13. Project: Policy Investigations • Survey companies, agencies, and departments • Identify factors that inhibit interconnection • This is relevant to the industry as there are many anecdotes as to why enterprises do not interconnect, but there is no published data on the problem S2ERC Planning Workshop

  14. Plan: Economic / Policy Investigations • Survey planning, construction, execution, responses • Time: 9 months wall • Budget: $210,000 • PI: Lead by CBPP S2ERC Planning Workshop

  15. Plan: Technology Investigations • Analyze directory federation technology • Provide gap analysis • Time: 2 months • Budget: $50,000 • PI: Eric Burger S2ERC Planning Workshop

  16. Plan: Secure Inter-Enterprise Directory Protocol • Expect to use member intellectual property • Will be a project in the GCSC S2ERC Planning Workshop

More Related