The Future of Identity
Facebook Twitter LinkedIn

The Future of Identity

Combined Session
Thursday, May 12, 2016 11:00—12:00
Location: AMMERSEE II

Identity 1.0 & 2.0 are dead, long live Identity 3.0

We all know that Identity in the digital world is broken; and has been for some time. Passwords are well beyond their sell-by date, yet are still the only realistic game in town. Meanwhile Spam, Fraud, Phishing and Cyber Crime succeed by being able to steal identities and impersonate individuals. Credit Card fraud has hit an in excess of thirty billion US dollars per annum.

To date, all attempts of national or commercial solutions have started with grand intentions and then either failed (UK National Identity Card scheme), or has imploded into a method of “citizens” accessing a sub-set of government services.

If we are to have a more secure future, the key is to understand all the entities and attributes in a transaction chain (Cloud Security Alliance, “Guidance” Domain 12), and yet square the circle of trust, privacy, primacy, and usability.

Getting it right is critical as the industry grapples with the business issues around security surrounding de-perimeterization, BYOD, IoT and many more business problems. The solution lies in being able to make risk-based decisions based on the context of all the entities.

Starting with work from the Jericho Forum (part of the Open Group) and looking at why current identity solution fail. The Global Identity Foundation, a global not-for-profit organisation, has defined what we, the industry, need to come together to “do differently”. This is defined in what we call “Identity 3.0”
. It will then look at the learning from that work and the principles of Identity 3.0 (see Wikipedia) that flow from that, together with some practical examples of what could be securely enabled using this new framework.Finally, it will detail how this all comes together, with up to the minute examples of what partner organisation are envisaging doing to enable their businesses, for the new challenges that lie ahead.

Identity 1.0 & 2.0 are dead, long live Identity 3.0
Presentation deck
Identity 1.0 & 2.0 are dead, long live Identity 3.0
Click here to download the slide deck. Please note that downloads are only available for event participants and subscribers. You'll need to log in to download it.
Paul Simmonds
Paul Simmonds
KuppingerCole
Paul is Fellow Analyst at KuppingerCole and the CEO of the Global Identity Foundation, as well as a consulting CISO and was previously the Global CISO for AstraZeneca, Global CISO for ICI, Head of...

New Tools & Rules in Internet Identity Management: Navigating a Zero Trust World

The world of identity management changed forever on June 10, 2013 with the introduction of the Zero Trust architecture approach. First proposed by Forrester Research, this new "best practice" has "never trust, always verify" as its guiding principle. It takes the old model—"trust but verify"—and inverts it. As recent breaches have proven that when an organization trusts, it doesn’t verify.

Something is fundamentally broken in the world of information security. Despite countermeasures and controls, attackers continually breach our defenses and steal our identities. Forrester’s research shows the threat vectors expanding in which organized crime and nation-states are creating more significant, targeted attacks. This presentation goes beyond the security context, are speaks to organizations large and small, public and private that are looking for ways to reduce identity management costs while simplifying identity verification processes.

This presentation highlights new approaches to practical barriers in identity management like liability, insurance and changing regulations. It reviews the innovations in standards development, self-certification, and registration that are driving increased global adoption of identity services.

Key Takeaways:

Don Thibeau
Don Thibeau
OpenID Foundation
Don is President and Chairman of the Open Identity Exchange (OIX) a non-profit organization of leaders from competing sectors, including enterprise, data services, telecommunications, consulting...
Subscribe for updates
Please provide your email address