Session ID: 105050

Abstract: Enterprise systems provide a single system of record with endless business capabilities; but exposing the whole monolithic system through a single interface to all users comes with substantial security risks. When designing for security; system architects should begin by identifying different user groups that will interact with the system; separating operational groups from internal and external customers. Once the user groups and their requirements are understood; an architect can design a web gateway with appropriate 'application facades' for each user group. Each application facade will hide implementation details and internal structure of the underlying enterprise system; restrict access to appropriate endpoints; and add an essential layer of protection to the enterprise system from outside threats.

Objective 1: Attendees will learn about the concept of application facades as a security construct for providing additional security to existing ERP systems.

Objective 2: Attendees will learn how to segment user groups based on role and access requirements; and implement appropriate access controls using application facades.

Objective 3: Attendees will learn about web access gateways and their role in the application facade approach to multi-layer security.