Authorization; Identity Relationships

  • TYPE: Expert Talk DATE: Thursday, May 17, 2018 TIME: 12:00-13:00 LOCATION: WINTER GARDEN
Experts Stage III


Over the last decade, IT has grown from being a support function to being at the core of any business. Car manufacturers are morphing into transportation service industries; IoT and mobile has evolved from a luxury item for the executive few to an indispensable accessory. Everything is digital: plane tickets, ledgers, medical records, bank accounts, education, credit checks, and even votes in some places.

With so many digital services being offered, so much data being generated, and so many different ways to consume it, it is easy to lose track of who’s got access to what let alone for what purpose. It’s equally hard to know who did access data about you.Yes, this is getting both personal and sensitive. The Equifax breach in 2017 was a stark reminder that collectively, we don’t have things under control: security checks have too often been built as independent silos each with its own access mechanisms.

Dynamic Authorization Management (DAM) can help us keep things under control. In this presentation, David will pull from his experiences over the last decade to illustrate how DAM can help simplify authorization management, enhance traditional access control mechanisms such as RBAC, enable new technologies e.g. microservices, and stay compliant with new rules and regulations such as GDPR and consent management.

The presentation will address existing authorization processes e.g. the joiner-mover-leaver process and how they can be simplified. It will also delve into how Dynamic Authorization Management can be used to enable a smoother, more secure digital transformation strategy by putting controls directly on the data and at the API level while letting business owners decide and implement their own business and authorization rules.

Key Takeaways:

  • Fundamentals of Dynamic Authorization Management
  • Using ABAC to simplify entitlement management
  • Beyond RBAC: the dynamics of attributes
  • APIs, microservices, and IoT, oh my!
  • Bridging the gap between IT and Business


David is the VP Customer Relations at Axiomatics AB, the leader in externalized authorization management. In his day-to-day job, David helps customers architect authorization solutions that enable secure data sharing in compliance with compliance and privacy regulations. David's main area of...

OAuth is well established as the go to protocol for API security, but there are still a few application types out there that struggle to securely fit into the OAuth story. This includes devices where user input is tricky, where data entry uses a tv remote control, and everyone gets to see you slowly type in your password. Or devices where there is no browser, where the dreaded Resource Owner Password Credentials grant type still reigns.

Finally, there is a solution, with the all new Device flow for OAuth, specially designed for browserless platforms or devices with limited input methods. In this talk we’ll see the device flow in action by extending IdentityServer 4, an open source OpenID Connect and OAuth written in .NET, and look at how it is an improvement on existing solutions using real world scenarios where it should be used.

Key Takeaways:

  • How existing methods for authorizing browserless or input constrained devices are just not secure enough
  • How the OAuth Device flow can provide a secure and simple user experience
  • How Single Sign On can be achieved for browserless devices


Scott Brady is a software developer and Pluralsight author specialising in identity and access management. Focusing on ASP.NET, Scott has increasingly found himself in undocumented territory, piecing together the facts and attempting to pass them on so that others don’t have to go through...

Even though it may currently seem that solving GDPR challenges is all we need to take care of - there are a few more challenges related to IAM and its infrastructures that need to be solved, whether related to Consumer or Enterprise Identities or IoT Devices and many more contexts.

For sure, there is no 'one size fits it all' solution, but some of the technologies and new paradigms will help shaping tomorrows landscape and its view on identities

Key Takeaways:

  • why on-premise data silos and warehouses have limited benefit
  • what it needs to hold only the relevant data for efficient management
  • how to gain a holistic view: Entities vs Identities


Thorsten has more than 20 years’ experience within the field of Directory Technologies, Identity Management and Data Privacy. As a technical trainer, consultant and developer he co-developed one of the first Identity Management Solutions which was fully driven by Entity-Relationship...

Log in to download presentations:  


Session Links

Munich, Germany


European Identity & Cloud Conference 2018

Registration fee:
€1980.00 $2475.00 S$3168.00 21780.00 kr
Mastercard Visa American Express PayPal INVOICE
Contact person:

Mr. Levent Kara
+49 211 23707710
  • May 15 - 18, 2018 Munich, Germany