Identity Standards & Self-Certification
- TYPE: Combined Session DATE: Thursday, May 17, 2018 TIME: 11:00-12:00 LOCATION: AMMERSEE II
Open standards like HTTP, OAuth, and OpenID Connect allow competing organizations to add value to their services, platforms, and products by ensuring interoperability across commercial, banking and government ecosystems.
Open standards can be a powerful tool set for developers. But identity systems require rules that address liability as well as ensure technical conformance. This presentation is a pragmatic look at ensuring conformance to open standards via self-certification using the groundbreaking OpenID Certification Program as a case study. We’ll look at how technology tools like standards and self-certification can be fit for purpose with governance rules that define the business, legal and technical requirements of identity systems. We'll pay particular attention to how trust frameworks assign and enforce liability in complex identity systems. We'll outline how registering trust frameworks ensure the transparency needed to build and maintain the trust needed in identity systems at scale.
The presentation concludes with presenting current, real world use-case of identity systems at scale. We'll highlight how technology tools and governance rules are enabling global identity projects by taking a close look at the Open Banking initiative in the UK. Open Banking is developing API specifications and standards to give UK consumers and businesses real control of their finances.
- A standard is only as good as its implementations. Therefore, the OpenID Foundation purposefully established a lightweight, low cost self-certification program to help ensure that high-quality OpenID Connect implementations became the norm in the marketplace.
- We’ll continue to look at how trust frameworks assign and enforce liability in complex identity systems building on prior presentations and discussions on this topic.
- Finally, we’ll take a close look at the Open Banking initiative in the UK where API specifications and standards are being developed to give UK consumers and businesses real control of their finances. The end goal is enabling the use of APIs to open up data, processes and business functions to an ecosystem of customers, employees, third-party developers, vendors and partners.
Implementing or moving to standards is rarely a straight forward effort; rather, the specific use cases of an organization require often more than current standards address. In the face of this gap, it's important to have a process for evaluating when and how to extend existing standards. In this talk we will cover this process in the context of real life examples.
- process to evaluate a use case's applicability to existing standards
- method/principles for extending standards
- example use cases and resolutions
- Registration fee:
- Contact person:
Mr. Levent Kara
+49 211 23707710
- May 15 - 18, 2018 Munich, Germany
The European Identity & Cloud Conference 2018 is proud to present a large number of partners