Identity Standards

  •  TYPE: Channel   DATES: May 14 - May 17, 2019
Event Channels

For the effective and secure Identity management platform, using proper standards, protocols and architectures are necessary. With the Increasing number of regulations and compliance issues, standardization remains an important challenge. Various open and proprietary solutions exist for tackling different challenges within an enterprise. Therefore, it is important to choose the right standard for your company depending on the business model and the necessity. For example, Federated Identity management tries to solve the problem of handling digital identities between a number different trusted domains. Although challenges such as implementation and compromised identities.

Sessions:

Blockchain ID: Current Status & Future Developments

Date: Tuesday, May 14, 2019 Time: 09:00-13:00 Location: AMMERSEE I

The application of Distributed Ledger Technology (DLT) is increasing year by year, be it in cross-border finance, health sector, supply chain, KYC and other areas. A number of Blockchain ID products both for public and permissioned ledgers have appeared on the marketplace and are already being implemented.  Companies face more difficulties to keep their data private and secure and find customer onboarding, challenging. Thus they look at the DLT to help them to solve these...

Insight and Influence on Important Internet Identity Standards

Date: Tuesday, May 14, 2019 Time: 09:00-13:00 Location: ALPSEE

OpenID Foundation Workshops provide insight and influence on important Internet identity standards. The workshops provide updates on the work happening within OpenID Foundation working groups as well as updates on the OpenID Certification Program. Leading technologists from Microsoft, Google, Amazon, Yubico, Verizon and others will update key issues and discuss how they help meet social, enterprise and government Internet identity challenges.

Welcome to the New World of Identity for the Digital Business

Date: Wednesday, May 15, 2019 Time: 11:00-12:00 Location: ALPSEE

Welcome to the New World of Identity for the Digital Business
Identity is the heart of the digital enterprise and the digital economy as a whole. Social Networks, music streaming, online banking, shopping, education and (increasingly) healthcare - without a login, you will be excluded from digital life. Bring-your-own-identity (BYOID) services, blockchain based self sovereign identity (SSI), social login, post password technolgies such as FIDO - an increasing number of promising concepts, technologies and standards are trying to bridge the gap between...

Panel: How Traditional IAM Will Change Within the next 5 Years
Will traditional Identity and Access Management solutions be relevant in the next 5 years? With the increase of cyber attacks & breaches as well as the rising number of IoT devices, IAM approaches will need to adapt to the growing challenges in the increasingly interconnected world. Using advanced technologies such as Artificial Intelligence and Machine Learning as well as leveraging big data will be necessary. Companies might need to re-evaluate their thinking and approach the customer...

Identity Is at the Center of Zero Trust, Not the Network

Date: Wednesday, May 15, 2019 Time: 11:00-12:00 Location: CHIEMSEE

Identity Is at the Center of Zero Trust, Not the Network

Panel: Placing Identity at the Center of Security Designs & Models
What does it mean to have identity at the center of your security infrastructure? At its core, it says that we have to build our solutions to always question who someone is, what they want to do. We can no longer blindly trust that just because they come from a known location those questions no longer matter. At the center of those questions is a critical concept: identity. At the center of those questions is one crucial idea: identity. Our solutions must continually validate the identity...

Making IAM Matter - The Hard Conversation

Date: Wednesday, May 15, 2019 Time: 12:00-13:00 Location: ALPSEE

Making IAM Matter - The Hard Conversation
All too often IAM efforts are driven by technology, lead to suboptimal value for the actual users and do not meet business needs. This presentation looks at starting IAM with the business case instead, focusing on several essential elements and using real-life experiences and good practices (some learned the hard way) to provide an illustration. The elements will include: getting to know your user, identifying a business strategy, uncovering business need and pain, and joining forces. Key...

BYOIDaaS: Automating IAM Infrastructure & Operations
IAM automation continues to progress as more and more organizations and vendors focus on making their security services consumable through self-service, APIs, and other low-cost/low-friction service delivery methods. But what is to be done about IAM infrastructure, deployments, and general operations tasks? Without paying for someone else to handle it via IDaaS? In this session Jon Lehtinen details how Thomson Reuters used containers, cloud services, & devops to build & launch a...

Panel: The Transformational Next Wave of IGA in the Enterprise
Identity governance and administration is being re-envisioned in the adoption of identity-as-a-service. While its core capabilities for access requests, provisioning, reporting, recertification etc., remain familiar, the adoption mindset in enterprises has evolved, as their use cases have evolved beyond earlier regulatory compliance drivers. The increasing sophistication of attacks and the diversity of the threat landscape has highlighted to many organizations that they should evaluate...

Harness Your Identity Analytics to Deliver Contextual Authentication

Date: Wednesday, May 15, 2019 Time: 12:00-13:00 Location: CHIEMSEE

Harness Your Identity Analytics to Deliver Contextual Authentication
Identity Analytics (IdA) has experienced tremendous growth within the cybersecurity community. Most of the work has focused on data mining to analyze existing user rights to reduce over-provisioning and improve privileged access management systems. But what about authentication systems that must make decisions using dynamic data that is created in real-time? Steve “Hutch” Hutchinson, GE’s Principal Cybersecurity Architect, will show how you can leverage your own hidden...

Panel: Transforming Secure Access to be Intelligent
When it comes to making access decisions, it’s all about acting smart. In the speed of today’s business agility requirements, we cannot stop users at the door all the time and ask for their ID. We need to know them. Intelligent Access provides the benefit of reducing friction AND adding security to protect applications and data that are critical to the business. It provides security and convenience, considering the needs of the modern workforce. In this session we will discuss a...

Panel: The Changing Landscape of Policy-driven Authorization: A Discussion of NextGen Use Cases

Date: Wednesday, May 15, 2019 Time: 14:30-15:30 Location: ALPSEE

Panel: The Changing Landscape of Policy-driven Authorization: A Discussion of NextGen Use Cases
Authorization has become a critical component of the Identity & Access Management landscape. Where identity lays the foundation, dynamic authorization helps ensure the right access at the right time to the right resources, ensuring secure collaboration between the IAM teams and the business. With the rapid change in business models and technology trends, it is imperative that authorization services keep pace to meet evolving requirements. This panel of experts should provide a...

Implementation of Role-Based Access Control in a Mid-sized Financial Institution
Managing accesses represents an incredible organizational challenge. The usual way is to grant rights on a case by case basis, complicating the task of security administrators, often by copying rights that similar employees currently have or had in the past. Over time, risk is that employees accumulate undue privileges or that accounts are forgotten and not deactivated, leading to a higher insider risk or account hijacking by external attackers. The risk is even higher with IT employees who...

Why Prevention No Longer Works? A New Approach Using AI for Identity Management

Rethinking Trust in Cloud Platforms: Secure and Trusted Out-Of-Band Data Acquisition

Date: Wednesday, May 15, 2019 Time: 14:30-15:30 Location: CHIEMSEE

Rethinking Trust in Cloud Platforms: Secure and Trusted Out-Of-Band Data Acquisition
The complexity and sophistication of modern malware are evolving rapidly. Malwares today are able to exploit both hardware and software to infiltrate systems and tamper with data used for management. The revelation of several attacks on host machines, highlights that anything with shared resources can be attacked.  In cloud environment, data management is done by a centralised server that maintains the state of each platform. However, this is not...

Navigating NIST Sp-800-63-3 Thanks to Practical xAL Cheat Sheets
Trust. Trust is the most fundamental notion in every one of our business interactions, whatever our needs are: low or high assurance. Do you know that, by June 2019, NIST SP-800-63-3 will celebrate its second birthday? It is a framework that improved lots of points over the previous LoA scale and gained a lot of maturity thanks to implementers, researchers, and confrontations to other Trust frameworks. Still you may find it hard to find your way wherever you try to be a compliant IAL2...

Fight Cyber Risks with Risk Aware DevOps Engineers!
To keep a customer’s trust risk and security is key for Financial Enterprises like ING. At the same time we want to work Agile in an BizDevOps format, because we know it gives us the increased velocity and quality of software we need. And this way of working leads to happier and therefore more productive employees. A separate security team that has to check all software before it goes into production would be a huge bottleneck, especially if you have...

A Hitchhiker's Guide to the Growing Pace and Innovation of Identity Services in the Mobile Industry

Date: Wednesday, May 15, 2019 Time: 15:30-16:30 Location: ALPSEE

A Hitchhiker's Guide to the Growing Pace and Innovation of Identity Services in the Mobile Industry
In these tempestuous times, Mobile Operators (MNOs) and the mobile industry are increasingly exploring ways in which they can help customers transact more safely online, and in particular through the provision of: - Authentication services - Identity claims verification (GDPR) - PSD2-compliant authorisation services - Network signals for mitigating fraud - Secure conversational commerce (chatbots) - Identity wallet/agent services This presentation will provide an update on the...

Bring-Your-Own-Identity to the Digital Enterprise
BYO-Scenarios promise borderless collaboration at low cost for employees, external staff, partners, customers and guests. We will take a brief look at these promises and do some reality-check on limitations and consequences. Key topics: Short check: Usability of Bring-your-own-Identity Compliance and some legal aspects: How much do we need to know? Some limitations given by cloud-providers and license agreements From encapsulated micro-environments to zero-trust-patterns:...

Clustering Methods Used for IAM Role Mining
Have you ever thought of a better way to do role modelling? The goal of this presentation is to show how Big Data analysis can be used to obtain a different and effective way of role modelling. Just like in traditional role mining, we take entitlement data from the source applications, but apply tools from the Big Data “world” and use these for analyzing the data. By comparing accounts and entitlements by definition of their similarity, it is possible to make a visual...

Stealing the Crown Jewels

Date: Wednesday, May 15, 2019 Time: 17:30-18:30 Location: ALPSEE

Stealing the Crown Jewels
Today most companies have PAM solutions in place to protect the most sensitive systems and information repositories. A correctly designed and implemented PAM system is a huge security asset but it also provides a very juicy target for not only hackers but also for fraudulent employees who wants to bypass the protections of the PAM system and commit the perfect crime with a built in alibi. This talk looks at the result from penetration testings of PAM systems at major enterprises and...

Panel: Leveraging Privileged Access Management Solutions for Enterprise
Compromising privileged accounts can lead to loss of valuable information. Therefore,  Privileged Access Management is becoming a top priority for enterprises.  Companies must implement solutions which reduce risk but also add business value, which can be difficult. Both, stakeholders and account managers need to be on board with this transition, before selecting a specific PAM tool. In this panel, speakers will discuss a potential PAM roadmap for an enterprise and specific...

Common Sense in the World of Cloud Governance and Security

Date: Wednesday, May 15, 2019 Time: 17:30-18:30 Location: CHIEMSEE

Common Sense in the World of Cloud Governance and Security
Planning for security and governance is essential for building robust cloud environments! Join Microsoft Azure MVP Thomas Janetscheck for this session to learn about how to secure Azure environments and how to circle around snares. We will first focus on cloud governance, what it is and why you need it and then dive deep into Azure Security Center, an AI and ML-based solution for securing IT infrastructures in the cloud and on premises. After this session you will have a good understanding...

Panel: How Cloud Access Control Enables Innovation & Security In the Digital Age
The transformation of the digital business world requires moving forward to new technologies and shifting the focus to agile and flexible environments. As the number of digital identities rises, the need to protect and manage how personal information is collected, used and distributed is higher than ever. Security technologies such as IoT, cloud access control, user behaviour analytics, multifactor authentication, and mobile threat defence are on the rise. Obtaining the cloud is not only...

Establishing an European Digital Identity Network Based on Trust and Standards

Date: Thursday, May 16, 2019 Time: 11:00-12:00 Location: AMMERSEE I

Establishing an European Digital Identity Network Based on Trust and Standards
Digital ID is a key control point in the digital economy. The barriers for registration and (strong) authentication of customers must be broken down so the best services will win. Currently hyper platforms dominate the ID market at the expense of user sovereignty. How can we return data sovereignty to the user and enable companies to create more innovative business models with a safe and fair usage of ID data? We need to create a European network for digital identities based on mutual trust...

As the World Turns: Real-World Identity Relationships Driving Data Decisioning
A massive new identity system-of-systems is emerging. Billions of previously isolated devices and cloud-native microservices are joining this digital ecosystem to serve organizations and individuals. In the meantime, many relationships in the real world can change in an instant, from device/user pairings and unpairings to business contract formations to marriages and divorces. Business decisions need to be made in near-real-time about everything: not just authorized access but consented...

Mobile Onboarding Using NFC and ePassports: The Final Step for a Digital Consumer Identity

Date: Thursday, May 16, 2019 Time: 11:00-12:00 Location: AMMERSEE II

Mobile Onboarding Using NFC and ePassports: The Final Step for a Digital Consumer Identity
Identity documents are increasingly used to verify someone’s identity online, e.g., to implement a Know Your Customer in the banking sector. Over the last year several European banks started leveraging the NFC capability of smartphones for this, including Rabobank, ING and DNB, as did the UK Home Office for the EU Settlement Scheme. Users hold their own smartphone to their ePassport to read and verify the embedded contactless RFID chip. Maarten will provide his view on why...

Panel: Consumer Identity - Delivering Value
There are new ways emerging to simplify customer journeys. These include increased security, thanks to blockchain and distributed technologies. These global technologies are of high value for underpinning cross-border commerce. What this means for consumers is that their personal identity management can now mirror their global connected digital lives. For businesses to take advantage of the new consumer identities, radical changes in customer on-boarding are needed. UX has...

So You Think You Can Two Factor
6 years. It took 6 long years, ever since the Mat Honan hack opened everyone’s eyes to the need for two factor authentication, for us to reach the point where every major company added two-factor as their solution to block account hacks. Yet the news is still full of stories about account takeovers and data breaches. What happened? Why did 2FA, as the geeks call it, not prove to be the one-stop security fix it was promised to be? The answer lies in understanding what it...

The Development of a 5G IAM Architecture

Date: Thursday, May 16, 2019 Time: 11:00-12:00 Location: ALPSEE

The Development of a 5G IAM Architecture
With the emergence of a more digitized world combined with the prospect of a broadband communication of 20 Gbps, the development of an Identity and Access Layer in 5G started with the vision of user’s identities in the center of a new value proposition. Identity as an abstraction layer in 5G bridges across domains, cross access technologies and between the network and Internet services focused on enhanced user experience as well as higher personalization of services that can only be...

Identity Across Things (and Individuals)

The T in IoT Security Stands for Human

Self-Sovereign Identity - We've Had It for Thousands of Years. so What's New?

Date: Thursday, May 16, 2019 Time: 11:00-12:00 Location: CHIEMSEE

Self-Sovereign Identity - We've Had It for Thousands of Years. so What's New?
Self-sovereign identity isn't new. It's just a new term. People having been carrying credentials around to prove who they are for thousands of years. When we entered the digital age, something weird happened. Our digital credentials became locked up inside databases owned by corporations and governments. We couldn't get at them, and instead had to get by with vastly inferior usernames and passwords.  Compared with physical passports, driving licenses or even business cards, today's...

An Identity Metasystem
In 2005, Kim Cameron proposed something called an identity metasystem that would serve as the infrastructure for the many context-specific identity systems we have. Such an identity metasystem would not only allow these various identity systems to interoperate but would, importantly, unify the user experience to ensure people were an integral part of the identity exchange and understood what was happening. Now, in 2019 we are on the verge of finally realizing this dream. This talk will talk...

Panel: Current Developments in Blockchain Ecosystem for Digital ID
The convergence of digital identity and blockchain technology has caught the imagination of governments, enterprises and developers around the world. Lots of approaches are being tried. But it only works if it all works together. The world needs a digital standard that is as ubiquitous as paper is in the physical world. We need the SMTP of identity that everyone can use, that is open and non-proprietary. This panel will be enlighten the audience about the development efforts that are under...

The OpenID Connect Self-Certification Program

Date: Thursday, May 16, 2019 Time: 12:00-13:00 Location: AMMERSEE I

The OpenID Connect Self-Certification Program
The OpenID Foundation has created a test and self-certification program for OpenID Connect protocol implementations to stimulate interoperability, deployment and robustness of these implementations. This presentation provides an introduction into the OpenID Foundation and the OpenID Connect self-certification program and will cover the following topics: - what is the OpenID Foundation and how does it compare to other standardization organizations - what is OpenID Connect self-certification...

OAuth 2.0 Security Reinforced
The OAuth working group recently decided to discourage use of the implicit grant. But that’s just the most prominent recommendation the working group is about to publish in the upcoming OAuth 2.0 Security Best Current Best Practice (https://tools.ietf.org/html/draft-ietf-oauth-security-topics), which will elevate OAuth security to the next level. The code flow shall be used with PKCE only and tokens should be sender constraint to just mention a few. Development of this enhanced...

Panel: Next Generation Authentication
Guaranteeing maximum security while providing your users with a frictionless experience is a persistent challenge. The more we shift into the digital environment, the more it requires every business to pay critical attention to user experience as boosting customer satisfaction by providing better usability and accessibility in the interaction with every aspect of a product is crucial. This is where next-generation authentication comes into play, decreasing disparities between security and...

The IAM Story of Merck, Sharp & Dohme

Date: Thursday, May 16, 2019 Time: 12:00-13:00 Location: AMMERSEE II

The IAM Story of Merck, Sharp & Dohme

Develop a Strategic Advantage Through Identity Proofing
Fraudulent transactions result in lost revenue and can expose an organization to legal fines and regulatory non-compliance. In this landscape managing customer registration and enrollment rates against fraud risk requires intelligent verification tools that are adaptive to business needs. This talk covers logic to rethink digital identity, a business case for developing an identity proofing function in your IAM stack and the best practices to develop a modern identity proofing...

Panel: Consumer, Business and the Real-World Challenges in CIAM

Why Governments are Still Important Even in a Self-Sovereign Context

Date: Thursday, May 16, 2019 Time: 12:00-13:00 Location: CHIEMSEE

Why Governments are Still Important Even in a Self-Sovereign Context
It’s always been true that identity is more to do with what other people say about you than what you say about yourself. Placing the user in control of their online identity means that we need the ability to reference authoritative sources of data related to those individuals. If we are to build that user centric and much needed version of Digital Identity then Self-sovereign identity, and its more modest Self-managed form, will need the support of Governments and...

Do People Really Want to Be in Charge of Their Identity?
Shared Ledger Technology is increasingly mature, but remains a relatively under-deployed technology in the digital identity space. The emergence of self-sovereign identity approaches, underpinned and powered by shared ledgers, offer new and exciting solutions to establishing digital identities. As both technologies gain greater mainstream focus, will the combination of the two approaches unlock genuinely consumer-focused identity solution? Moving away from large centrally managed...

Self-Sovereign Identity: A New Dawn for Shared Ledger Technologies?

A Digital Society Needs a Digital ID

Date: Thursday, May 16, 2019 Time: 14:30-15:30 Location: AMMERSEE I

A Digital Society Needs a Digital ID
Our world is becoming more digital and more mobile every day. The sensitivity of information being exchanged online grows rapidly and data privacy is a real concern to many people. How are we facing new challenges to keep pace with today's digital transformation? Getting rid of all paper flows, taking KYC-process to the next level, improve customers’ experience, introduce a safer way to login and confirm transactions, be compliant with EU regulations and PSD2.  Creating a digital...

How to Write a Good IAM Request for Proposal (RFP)
Do you want to hear how we read your RFP’s? As an IAM implementer, PwC reads many RFP’s and wonder why the clients put together the RFP’s  like  they do. In many  cases  clients write requirements which can’t be solved by standard IAM solutions on the market without customization, but  still  require that the solution should be as standard as possible. Or ask for testing that will cost a fortune, but require  low  price. The...

Using eIDAS to Drive Mass Adoption of Identity Solutions
With over 750.000  itsme  accounts being created in the first 19 months after the product launch in the small Belgian market, it is clear that the  itsme  Mobile Identity solution is getting mass adoption. Several key success factors were required to get there: the right consortium; a correct mix of product characteristics with appeal for each stakeholder (verified identity, privacy,  user friendliness , security); the setup of a strong ecosystem; but certainly also...

Balancing User Experience, Security and Privacy in SPA Applications

Date: Thursday, May 16, 2019 Time: 14:30-15:30 Location: AMMERSEE II

Balancing User Experience, Security and Privacy in SPA Applications
Single Page Applications that are consumer and business facing have seen unprecedented growth. This session will cover different aspects of SPA that enhance user experience and touch upon areas which cross cuts security to spur thinking around one of the hardest problems of balancing user experience with security.

How to Deal with Mobile Apps in Single Sign-On Environments
When it comes to integrating mobile apps into a single sign-on environment, there are often conflicting interests between designers, IT security, and what the end user really wants. What is the impact of a given Login procedure to security and usability? And which approaches are proven to be functional and secure? What reasonable compromise can satisfy ease-of-use and security requirements? Key takeaways: Learn how large-scale enterprises deal with these conflicts. - How to resolve the...

Revolutionizing How We Buy, Price, and Create Value for One Another

Date: Thursday, May 16, 2019 Time: 14:30-15:30 Location: CHIEMSEE

Revolutionizing How We Buy, Price, and Create Value for One Another
We present you with a comprehensive look into the future of commerce, encompassing the $5 trillion e-commerce and brick and mortar sectors. Our world will be defined by a decentralized platform in which customers will wield and monetize their personal data and behaviors. We discuss the details of how self-sovereign identity will enable dialogue between retailers and their individual customers. This "conversation" is at the core of how we will create value for one another. It will allow...

You Can’t Do PII on a Blockchain, so What Then Is It Good for in Identity?
Many viewpoints of the applicability of blockchain for consumer identity have been expressed. In particular, some express doubt about the viability of being able to reconcile GDPR’s right-to-be-forgotten with the immutable nature of blockchain. This is in fact true. However, there are still ways that blockchain can increase transaction integrity while also providing privacy-by-design leadership. Come join this session to learn about how blockchain is being used in the Canadian model...

A Macroeconomic Perspective on Blockchain
The Macro-Economic perspective of how Blockchain has potentially influenced various industries in a specific European Country. I could present various analyses that we are currently conducting, which includes and empirical analysis, cluster analysis, and a scenario analysis. With these results, it will help us to gain insight on what types of influences that Blockchain has had on the industry and potential future insights.  We are working on this study with the European Blockchain...

Digital Identity: A Prerequisite for Financial Inclusion and Good Governance? Lesotho Experiences Linking Foundational ID with Functional ID

Date: Thursday, May 16, 2019 Time: 15:30-16:30 Location: AMMERSEE I

Digital Identity: A Prerequisite for Financial Inclusion and Good Governance? Lesotho Experiences Linking Foundational ID with Functional ID

Making Standards Work in the Real World – Examples from Canada and Scotland
Standards are needed establish interoperable, ubiquitous and inclusive digital identity ecosystems. However, standards suggest that everyone's requirements are the same when they are not. Regulations, customer demographics and existing systems all determine what make work for an organisation. Different sectors, organisations and even services within an organisation can all be different. And yet there is a pressing need for standardisation in order to be able to realise the benefits of...

Canada's True North Strategy for Establishing Interoperability of Third Party Networks For Identity
Identity is best solved by a village that connects the best capabilities of the public and private sectors to grow economic opportunities. Governments hold the "book of names" for people and organizations that sets a legal foundation for identity verification. People and organizations perform most of their transactions outside of government contexts. These transactions form the basis of functional or "street" identity. The private sector needs to rely on the public sector for legal identity...

Disrupting the Identity Infrastructure? The Power of Microservice Paradigms to Accelerate Complex IT Solutions

Date: Thursday, May 16, 2019 Time: 15:30-16:30 Location: ALPSEE

Disrupting the Identity Infrastructure? The Power of Microservice Paradigms to Accelerate Complex IT Solutions
In today’s connected world, businesses are competing on speed and agility to meet tremendous expectations of customers. In order to achieve this level of agility, the underlying architecture needs to be dramatically different from what we know in the past. Lean, lightweight, and rapid development and deployments have taken over the way we look at software development. Microservices are able to fulfil this promise but change also the way on how Identity and Access Management is...

Agile IAM: Microservices for Delivering a Lean, Faster and Successful IAM
IAM deployments are traditionally considered complex implementations that require significant time, effort and investment on an on-going basis to match the rapidly changing business processes and operating environment of a dynamic organization. Conventional IAM deployments are largely software implementations that over a period of time become rather complicated to the extent of being unmanageable due to the amount of customizations and the business need to honour the legacy systems and...

Creating Rich, Valuable Credentials for People

Date: Thursday, May 16, 2019 Time: 15:30-16:30 Location: CHIEMSEE

Creating Rich, Valuable Credentials for People

Third Party Risk Management with Decentralized Identity & Verifiable Credentials
In regulated industries the dependency on suppliers for raw materials and services is very high, especially since there is little flexibility to switch away from qualified suppliers on short notice. Thus the concept of “Knowing your Supplier” is key for a reliable supply setup. This takes on even greater importance with the growing awareness of ethical, environmental and labor policies of individual supply chain partners. This presentation examines how Decentralized Identity and...

Developing National Digital Identity Initiatives & Ecosystem in the UK - Successes, Challenges & Learnings

Date: Thursday, May 16, 2019 Time: 17:00-18:00 Location: AMMERSEE I

Developing National Digital Identity Initiatives & Ecosystem in the UK - Successes, Challenges & Learnings
A perspective on the importance of understanding the needs of customers and users, and how the UK has broadened its national model as the social, economic, political and risk landscape has change markedly in the last 5 years. The UK government originally invested in the development of a digital identity initiative to enable citizens to prove their identity to log into government services. It has now broadened its strategy, its understanding of who its customers are, to focus on...

Panel: Myth Busting with ID Crowd and Friends
Synopsis: Since the days of our early ancestors, new frontiers have always been associated with myths, be them dragons, demons or wizards. The world of digital identity is no different, our twitter timelines are full jargon, acronyms and confusing terminology. Much of this is helpful but once in a while a misinformed opinion can take root and spread around the world before the facts have had a chance to get their boots on. This panel will debunk some common myths and...

Securing Microservices: Not as Easy as You Might Have Expected

Date: Thursday, May 16, 2019 Time: 17:00-18:00 Location: ALPSEE

Securing Microservices: Not as Easy as You Might Have Expected
Microservice architectures allow businesses to develop and deploy their applications in a much more flexible, scalable and convenient way – across multiple languages, frameworks and IT environments. However, new architectures require new tools and technologies, and those bring in new security challenges – and new skills to learn to fight off cyber-attacks efficiently. Like with any other new technology which developers, operations and security teams are only beginning to...

Securing APIs and Microservices with OAuth and OpenID Connect
Microservices present a new way of scaling API deployments, where each component is an island, performing a small but well defined task. These systems are quicker to develop and allow for a more agile way of working. As in most designs, security is not part of the original blueprint, which can lead to expensive and hard to manage security solutions. In this talk, Travis Spencer will illustrate how OAuth and OpenID Connect can be leveraged to create a unified distributed framework for...

API Security in a Microservices World
A microservice architecture brings new challenges to API Security and careful design needs to be applied at operations and development level to ensure corporate data is properly protected from unwanted access. In this session we explain what API security encompasses,  why API security needs to be considered as early as possible in the lifecycle of the microservices, how known standards such as OAuth and OpenID Connect can be leveraged to authenticate and authorize access to...

Managing Self-Sovereign Identities (a Relying Party Perspective)

Date: Thursday, May 16, 2019 Time: 17:00-18:00 Location: CHIEMSEE

Managing Self-Sovereign Identities (a Relying Party Perspective)
As the groundswell around the Self-Sovereign Identity (SSI) movement grows, it's important to consider what impacts it may have on existing businesses that want to adopt and support this new model of dealing with Identity. This talk will walk through the identity life-cycle at a relying party and discuss impacts and changes necessary to support SSI identities. Key takeaways: How the SSI model differs from current practice for Relying Parties Decisions Relying Parties should...

DID Resolution & DID Authentication
Decentralized Identifiers (DIDs) are a key building block of the emerging Self-Sovereign Identity (SSI) ecosystem. They are a new kind of identifier: Persistent, cryptographically verifiable, resolvable, and of course decentralized, i.e. independent of any central authority or intermediary. In this talk we will explore how DIDs function internally, how they can get registered and resolved, and how they can be used for authentication purposes (DID Auth). The talk will also give an update on...

Azure Infrastructure Security - Ultimate Security in the Cloud Era

Date: Friday, May 17, 2019 Time: 09:00-12:30 Location: AMMERSEE II

In today's cloud era, admins struggle to keep their IT infrastructures safe. Cloud security is a joint responsibility and what we need is a new approach! In this session, you will learn how to Securely deploy and maintain Azure infrastructure solutions, why automation is essential, what network security and encryption options you have, and how access control can prevent you from having sleepless nights. We will successfully attack an Azure environment live on stage, dive deep into...

Security Tour of Azure Active Directory Based on OAuth Grant Types

Date: Friday, May 17, 2019 Time: 13:30-16:00 Location: AMMERSEE II

This workshop will walk you through different security scenarios – SPAs, micro services (Service Fabric), PaaS exposure (public APIs for integration), coupled legacy projects, testing of the aforementioned, etc. We will fall in the decision tree of OAuth grant types, go for OpenId Connect, dive into Azure AD and Azure B2C excellence and limitations and get users there with Graph API (which one?). We will provide granular claims-based authorization on both app and user level. Single...

Quick Links

Stay Connected

Information

Munich, Germany

Congress

European Identity & Cloud Conference 2019

Language:
English
Registration fee:
€2100.00 $2625.00 S$3360.00 23100.00 kr
Mastercard Visa American Express PayPal INVOICE
Contact person:

Mr. Levent Kara
+49 211 23707710
lk@kuppingercole.com
  • May 14 - 17, 2019 Munich, Germany

Partners

The European Identity & Cloud Conference 2019 is proud to present a large number of partners
Learn more

How can we help you

Send an inquiry

Call Us +49 211 2370770

Mo – Fr 8:00 – 17:00