Please join the Phoenix Linux Users Group Security Team as we welcome a guest presentation from Steven Kaplan covering FreeIPA. *BIO: Steven D Kaplan, MSCS, BSEE, CISSP** * *Waxman Associates, LLC* * * Mr. Kaplan has extensive experience in all areas of computer and network security, from instructor to practitioner. His combined problem solving, insights, innovations, programming and integration techniques have saved companies (in some cases) millions of dollars in fines avoided and achieved huge optimizations in their processes – gains not strictly limited to computer security. He holds relevant industry certifications, like the CISSP and IBM certifications for Ethical Hacker and Security Consultant. Mr. Kaplan has done significant amounts of software development to optimize his security consulting effectiveness. This includes process automation, especially related to collecting network security vulnerabilities, user ID revalidation, and SOX compliance Some tools and programs are currently in patent review. Activities over the last 20 years cover both Federal Government (NSA) INFOSEC experience and private sector work from all areas and industries. Technological experience includes evaluation of Role Based Access Control (RBAC) systems, Java software review (for vulnerabilities), ethical hacking (EH) as well as design, evaluation, certification and accreditation (C&A) of security architectures and infrastructures. Evaluated systems and networks of varied architectures, including service-oriented architecture (SOA) for security vulnerabilities and legislative requirements compliance. Audit experience includes review for compliance to Sarbanes-Oxley and HIPAA regulations, and the development of specialized software tools and scripts to expedite compliance. FreeIPA Discussion Abstract Over the years, as a security practitioner, I have had to support the forward progress and integration of user identity management systems. Usually this goes in fits and starts, as companies try to migrate to their best guess as to the where their technology should be so that they can be compliant with legislative and fiduciary requirements. While I have had to work with proprietary solustions, I have been on the look for an open source program that would meet or exeed what (expensive) solutions I had to deal with. FreeIPA, while in its infancy, threatens to become the 800 pound gorilla in this area, being the vehicle to which most modern identity manange systems can integrates. “FreeIPA is an integrated security information management solution combining Linux (Fedora), Fedora Directory Server, MIT Kerberos, NTP, DNS. It consists of a web interface and command-line administration tools. Currently it supports identity management with plans to support policy and auditing management. “ http://freeipa.org Discussion Overview: · Motivations, historical, experiential and legislative · Basic principles, CIA, IAAA, and Identity Management · What are features should a current IDM have? Does FreeIPA meet them? · Current release information, demonstration, install issues *WHEN:* 2nd Saturday of the Month at Foundation for Blind Children from Noon - 3PM. July 11, 2009 Noon *WHERE: * http://www.seeitourway.org/ProgramsServices/programsServices.html *MORE Information:* http://plug.phoenix.az.us -- (503)754-4452 http://en.wikipedia.org/wiki/User:LisaKachold http://www.theregister.co.uk/2009/05/29/wikipedia_bans_scientology/