The Future of Identity

  • TYPE: Combined Session DATE: Thursday, May 12, 2016 TIME: 11:00-12:00 LOCATION: AMMERSEE II


We all know that Identity in the digital world is broken; and has been for some time. Passwords are well beyond their sell-by date, yet are still the only realistic game in town. Meanwhile Spam, Fraud, Phishing and Cyber Crime succeed by being able to steal identities and impersonate individuals. Credit Card fraud has hit an in excess of thirty billion US dollars per annum.

To date, all attempts of national or commercial solutions have started with grand intentions and then either failed (UK National Identity Card scheme), or has imploded into a method of “citizens” accessing a sub-set of government services.

If we are to have a more secure future, the key is to understand all the entities and attributes in a transaction chain (Cloud Security Alliance, “Guidance” Domain 12), and yet square the circle of trust, privacy, primacy, and usability.

Getting it right is critical as the industry grapples with the business issues around security surrounding de-perimeterization, BYOD, IoT and many more business problems. The solution lies in being able to make risk-based decisions based on the context of all the entities.

Starting with work from the Jericho Forum (part of the Open Group) and looking at why current identity solution fail. The Global Identity Foundation, a global not-for-profit organisation, has defined what we, the industry, need to come together to “do differently”. This is defined in what we call “Identity 3.0”
. It will then look at the learning from that work and the principles of Identity 3.0 (see Wikipedia) that flow from that, together with some practical examples of what could be securely enabled using this new framework.Finally, it will detail how this all comes together, with up to the minute examples of what partner organisation are envisaging doing to enable their businesses, for the new challenges that lie ahead.


Paul is Fellow Analyst at KuppingerCole and the CEO of the Global Identity Foundation, as well as a consulting CISO and was previously the Global CISO for AstraZeneca, Global CISO for ICI, Head of Information Security with a high security web hosting provider and Global Information Security...

The world of identity management changed forever on June 10, 2013 with the introduction of the Zero Trust architecture approach. First proposed by Forrester Research, this new "best practice" has "never trust, always verify" as its guiding principle. It takes the old model—"trust but verify"—and inverts it. As recent breaches have proven that when an organization trusts, it doesn’t verify.

Something is fundamentally broken in the world of information security. Despite countermeasures and controls, attackers continually breach our defenses and steal our identities. Forrester’s research shows the threat vectors expanding in which organized crime and nation-states are creating more significant, targeted attacks. This presentation goes beyond the security context, are speaks to organizations large and small, public and private that are looking for ways to reduce identity management costs while simplifying identity verification processes.

This presentation highlights new approaches to practical barriers in identity management like liability, insurance and changing regulations. It reviews the innovations in standards development, self-certification, and registration that are driving increased global adoption of identity services.

Key Takeaways:

  • Concept: This presentation will review the necessity and essential concepts of applying the Zero Trust Model of information security to identity management.
  • Architecture: This presentation will outline the key business, legal and technical components, capabilities, and standards of identity management that are changing identity services in a Zero Trust ecosystem.
  • Case Studies: In a series of case studies, we will highlight organizations that have adopted new concepts of the Zero Trust Model in their environment. Included in the case studies will be a discussion of best practices and benefits in the US, UK and Europe.


Don is President and Chairman of the Open Identity Exchange (OIX) a non-profit organization of leaders from competing sectors, including enterprise, data services, telecommunications, consulting services, SaaS, banking, retail and government. OIX is helping to build solutions to roadblocks for...

Log in to download the presentation:  


Session Links


European Identity & Cloud Conference 2016

Registration fee:
€1980.00 $2475.00 S$3168.00 21780.00 kr
Mastercard Visa American Express PayPal INVOICE
Contact person:

Mr. Levent Kara
+49 211 23707710
  • May 10 - 13, 2016 Munich, Germany