Open standards like HTTP, OAuth, and OpenID Connect allow competing organizations to add value to their services, platforms, and products by ensuring interoperability across commercial, banking and government ecosystems.
Open standards can be a powerful tool set for developers. But identity systems require rules that address liability as well as ensure technical conformance. This presentation is a pragmatic look at ensuring conformance to open standards via self-certification using the groundbreaking OpenID Certification Program as a case study. We’ll look at how technology tools like standards and self-certification can be fit for purpose with governance rules that define the business, legal and technical requirements of identity systems. We'll pay particular attention to how trust frameworks assign and enforce liability in complex identity systems. We'll outline how registering trust frameworks ensure the transparency needed to build and maintain the trust needed in identity systems at scale.
The presentation concludes with presenting current, real world use-case of identity systems at scale. We'll highlight how technology tools and governance rules are enabling global identity projects by taking a close look at the Open Banking initiative in the UK. Open Banking is developing API specifications and standards to give UK consumers and businesses real control of their finances.
Key Takeaways:
Implementing or moving to standards is rarely a straight forward effort; rather, the specific use cases of an organization require often more than current standards address. In the face of this gap, it's important to have a process for evaluating when and how to extend existing standards. In this talk we will cover this process in the context of real life examples.
Key Takeaways: