Presented by Cyril Gollain, General Manager for Brainwave at ForgeRock Open Identity Stack Summit June 2013
Learn more about ForgeRock Access Management:
https://www.forgerock.com/platform/access-management/
Learn more about ForgeRock Identity Management:
https://www.forgerock.com/platform/identity-management/
7. Brainwave Proprietary and Confidential Information
Our goal: assess & mitigate the User risks
7
Who they are
What they
can do / what
they have done
What they have
been allowed to do
9. Brainwave Proprietary and Confidential Information
Architecture
Information
System
Cloud
Company Policies,
Regulations…
Reports + Insight:
• What are my risks?
• What needs to be fixed?
• Am I compliant?
10. Brainwave Proprietary and Confidential Information
Integration with OpenIDM
10
IT Resources
Manual operationsAutomated provisioning
Accounts and fine-grained access rights information
Identities and access
rights assignments
• Access rights reconciliation
• Theoretical rights control
• Account Recertification process
• Remediation process
• Controls & Insight
Automated / manual
remediation actions
HR and
organization-related
information
Access logs
11. Brainwave Proprietary and Confidential Information – All Rights Reserved.
How it works
Brainwave Architecture
12. Brainwave Proprietary and Confidential Information
iGRC analytics client
Brainwave Architecture
12
RDBMS
iGRC analytics server
Equinox OSGI batch runtime
XMLConfiguration
export
………
………
……
Consultant
J2EE Web Container
OSGI Equinox
iGRC Portal
Eclipse RAP
• Page rendering
• Data Access (ODA)
• Birt Reporting engine
• Activiti Workflow engine
iGRC Web Application
End User
HTTP/HTML/Ajax
22. Brainwave Proprietary and Confidential Information – All Rights Reserved.
Other ways to leverage
Brainwave
23. Brainwave Proprietary and Confidential Information
« Pull » approach: REST services
Query the Brainwave
datawarehouse and
instantly publish REST
services
23
24. Brainwave Proprietary and Confidential Information
« Push » approach: Emailing campaign
Trigger emails messages / reports based on
control results, review results…
24