• Apply access control mechanisms and identity governance mechanisms that today address people accessing IT applications, to people accessing industrial IoT, and to relationships between industrial objects
• Improve global cybersecurity of the middleware and application IoT layers
• Consider privacy risks as an integral part of the dynamic access control process

• Today, no protocol can deliver dynamic authorization based on context for both IT and OT (operational technologies) domains.
• Cloud computing infrastructures do not use dynamic access control, but static traditional mechanisms, despite the highly dynamic nature of cloud computing capabilities.
• As the number of connected devices increases more and more, the related security risks are more and more important.

Context-Aware Access Control tool

Product (integration into existing offer)

Evidian provides strong authentication management, enterprise single sign-on, web access management, identity management, role life cycle management, self-service portal, user provisioning, audit and reporting. Its solutions govern the accesses of more than 5 millions end-users every day, in the healthcare, finance, telco, government and industry sectors. Evidian dedicates a significant part of its revenue to research and development, and as such has led or participated in several collaborative European R&D projects.

Software tool: Context-aware access control and authorization mechanisms for smart IoT systems. The context-aware risk-based authorization server will be integrated in the Evidian standard offer as “an IAM gateway for Industrial IoT”.

Proprietary Software

Individual and specific KPIs for the solution (KPI to evaluate the success of the exploitation activity):

• Rate of progress in the Life Cycle Management cycle:
  • 100% = GO for General Shipment max 6 months after the end of the project
  • 50% = GO for General Shipment between 6 and 12 months after the end of the project
  • 0% = 12 months after the end of the project there is still no GO for General Shipment
• % of successfull global validation tests
• Filed patents:
  • 100% = 2 patents
  • 50% = 1 patent
  • 0% = 0 patent

• MS 1 - Middle of ENACT's lifetime: Testing new technology is under progress and TRL 3 reached. Partial results promoted towards Product Line Management. Step 1 in the company Product Life Cycle Management process: formal decision to include in the official roadmap.
• MS 2 - End of ENACT: Step 2 of the Product Life Cycle Management: GO for industrialization and announcement. TRL 6/7 reached for some parts TRL8/9. Product management team prepares sales and training material, Delivery team prepares software distribution, Support team prepares helpdesk processes. Revenue increase.
• MS 3 - After end of ENACT (2 years): Step 3 of the Life Cycle Management (max 6 months after the end of the project): GO for General Shipment. Press release and communications about the new product offer, now on sale.
• MS 4 - 5 years later: Deployment of the solution at key customers in the manufacturing sector, acquisition of new customers in other sectors of Industry. Praised by analysts as a major European vendor for IoT security.

• The resulting IAM offer will deliver new access control mechanisms for authorizing access to industrial objects, with ad-hoc protocols, while still being able to address traditional access to IT applications.
• The resulting IAM offer will in addition secure the access to applications and APIs.
• The authorization decisions will take privacy risk values into account. Consent management will be enforced by the resulting IAM offer.

Evidian, now a member of the ATOS Group, is a French Independent Software Vendor with a worldwide presence based on subsidiaries and a network of 70 partners. It is the European leader in identity and access management software, with 18 years experience. Evidian identity and access management solutions help more than 5,000,000 users in more than 900 organizations throughout the world improve their agility, enhance security and comply with laws and regulations, while reducing costs.

End Users

• Manufacturing (equipements for smart buildings, car manufacturers, aeronautics)
• Healthcare domain (hospitals, telemedecine environments)
• Transport
• Utilities

Cybersecurity products / Identity & Access Management

Channels that will be used to promote the solution:

• Mailing and web advertizing
• Twitter (@evidian) and LinkedIn. YouTube channel (EvidianIAM).
• Major events and exhibitions such as Infosecurity (UK and Belgium), Gartner IAM Summit (UK), European Identity Conference (Germany), Les Assises (France), and Japan IT Week / Information Security Expo
• Publications in specialized magasins (e.g. DSIH or MySIH in France for the healthcare market).
• Briefings with analysts (e.g. KuppingerCole, Gartner).

Channels that will be used to distribute the solution:

• Direct sales via the Evidian dedicated sales forces.
• Sales via the Evidian mother company Atos.
• Indirect sales via Evidian network or resellers and integrators.

Cost du bring product/service to the “market” (before Exploitation):

• Cost of 1 P.Y. for Product Management: define product pricing, train presales and support personnel
• Cost of 1 P.Y. for Product Marketing and Communication: build collaterals, deliver marketing materials, organize communication events

Main sources that would produce a cost for the development and deployment of the solution proposed:

• R&D Team: Development of the product
• Support & Maintenance team: Provides the customer with Support and Maintenance on the installed product. Two levels of support:
  • ndard support with remote assistance during business hours and SLA limited on reaction time.
  • tinum support, a personalized support with nomination of a Technical Support Account Manager, and specific SLA.
• sales & Marketing team
• Professional Services team: The Evidian Expertise Centre (ECC) makes their experts available for end users & partners. ECC can provide the folowing type of services:
  • Turnkey projects for end customer including: installation, configuration, customisation, training and rollout support,
  • Expertise for partners to securise their project or to customers that implement themself the product. The level of ECC implication depends on the maturity of the partner or customer.
  • Post implementation services; training the system operators, usage, maintenance in operational condition, etc.

Funding after the end of the project: product extensions will be funded by standard R&D budget, since the outcome of ENACT for Evidian will be a standard product in the offer.

Main sources of revenue:

• Licences: Perpetual Licenses on a One-Time Fee basis, aaS licences. The price is based on the number of users and then OPTIONS can be ordered. Minimal order is 100 users, with degressive pricing points at 500, 1000, 3000, 5000, 7500, 10000, 15000, 25000, 50000, 100000, 200000, 500000 and 1000000 users. Pricing for larger deployments and site licences are directly negotiated on a case by case basis. Special Pricing is proposed for external users, CUSTOMERS mitigating the price with a 0,25 ratio. Special Pricing is proposed for external users, BUSINESS PARTNERS mitigating the price with a 0,50 ratio.

• A global purchase order for the total number of users, rather than an incremental purchase;
• The fact that more than one product is ordered.

• Support & Maintenance: To benefit from updates, in the case of Perpetual Licenses, a customer must subscribe to a Standard Support & Maintenance contract which also gives access to a number of other Support & Maintenance services. List Price of the Standard Support & Maintenance contract is calculated at a yearly rate of 20% of the License Fee list price.
• POC: Proof of Concept in customer environment
• Professional Services: Evidian delivers a specific catalog of professional services for all these operations.