Secure Identity Best Practice

  • TYPE: Combined Session DATE: Wednesday, May 15, 2019 TIME: 14:30-15:30 LOCATION: CHIEMSEE


The complexity and sophistication of modern malware are evolving rapidly. Malwares today are able to exploit both hardware and software to infiltrate systems and tamper with data used for management. The revelation of several attacks on host machines, highlights that anything with shared resources can be attacked. 
In cloud environment, data management is done by a centralised server that maintains the state of each platform. However, this is not an easy task when a machine is compromised. When the data acquisition software runs in the same domain as the malware, there is no guarantee that this data will not be tampered with. In particular, malware behaves different to when an observer-effect is detected. There is a visibility problem of how to securely acquire reliable data and infer the state of the system without leaving an observer effect? There is a need to rethink how to decentralise trust in complex platforms such as the cloud and use trusted method to prevent tampering with the data acquired for management. We solve the trust and visibility problem by acquiring physical memory out-of-band using a device from a new category of commercial-hardware (SmartNICs). Using this separate trust domain, we protect from tampering with the data being acquired. 
To that end we have developed an abstraction software that facilitates acquisition of segments from the physical memory. More importantly without the knowledge of host software (e.g. malware) of when segments of the physical memory are being acquired. An added benefit of our approach is the fact that SmartNICs are on the edge of the network, which makes this technology capable of doing more than just detection but also prevention. For instance, blocking the network when signs of compromise are detected.

Key takeaways:

  • In a cloud platform, the main execution domain (CPU) has a large attacks vector and there is a need for separate trust domains to guarantee the integrity of sensitive application such as application managing the infrastructure.
  • Using Out-of-band hardware mitigates the shortcomings associated with current methods to acquire data for management and limit malware ability to manipulate the data.
  • Isolating the data acquisition function using out-of-band hardware allows for dedicating the entire compute resources to users. With the increase of the I/O rate of operation (e.g. PCIe) this method is able to cope with the rapid changes happening in cloud machines, and scale in managing several virtual machines in one server.


Ahmad Atamli is the Chief Researcher and Architect of Security at Mellanox Technologies where he leads the security research and development of SmartNICs as a separate Trusted Domain for security applications. Prior to this role he worked as a security researcher at the University of Oxford...

Trust. Trust is the most fundamental notion in every one of our business interactions, whatever our needs are: low or high assurance.

Do you know that, by June 2019, NIST SP-800-63-3 will celebrate its second birthday? It is a framework that improved lots of points over the previous LoA scale and gained a lot of maturity thanks to implementers, researchers, and confrontations to other Trust frameworks.
Still you may find it hard to find your way wherever you try to be a compliant IAL2 compliant CSP to ensure a third party that your users are IAL3 proofed or authenticated through an AAL2 authenticator, etc.

Surely you know that you enrolled this user thanks to a photocopied electricity bill and authenticated him/her based on an Out-of-Band single factor device generating OATH compliant OTP tokens. Those are real life examples but you will have to find in which xAL box this may fit.
This specific situation was raised within IDPro and we formalized some cheat sheets for you to navigate the inherent difficulties such as:
• Main differences between levels of assurance;
• Differences and ways to categorized WEAK, LOW, STRONG, and SUPERIOR real-life identity evidences;
• Differences and ways to categorize real-life authenticators;
• Ways to map NIST xALs to other Trust frameworks categories.

By attending this session you will get a clearer, simpler, and more actionable picture of NIST SP-800-63-3 that will ease your path for your Vector of Trust journey.


To keep a customer’s trust risk and security is key for Financial Enterprises like ING. At the same time we want to work Agile in an BizDevOps format, because we know it gives us the increased velocity and quality of software we need. And this way of working leads to happier and therefore more productive employees. A separate security team that has to check all software before it goes into production would be a huge bottleneck, especially if you have some 150 teams building software. The only way we can maintain velocity without sacrificing our security demands is to have all DevOps teams take responsibility. Not just for the software they build and maintain, but also for the security aspects of those applications.

This can be easier said than done, especially in an Agile way of working. In this kind of environment the requirements of Risk management can easily be perceived as old fashioned and unnecessarily restrictive – a thing of the past when we still worked Waterfall. In addition, top down orders don’t work anymore. All work should be planned via the Backlog and team and Product Owner have the last word in deciding what is done in which sprint. And you can explain to the teams how important Risk and Security is, but if you can’t make it tangible are they going to remember that in the daily hectic?

To address these challenges we started our Risk Awareness Days program in 2017. During the year 5 days are set aside for all teams to work on the same Risk items. The topic for the day varies, depending on which risks are highest on the agenda at that time. Regardless of the topic a central theme is that if an engineer can engineer at a problem, he/she will understand and remember it better. And working on Risk and Security shouldn’t be a nuisance but rather a joy. After the first few days we came to a standard program that has the biggest positive effect. Both on the security awareness in the engineers mindset, but also in the number of concrete risks that were eliminated.

In this talk we discuss how we organise our Risk Awareness Days. We will take you through the standard program and why we chose this combination of increasing knowledge and practical engineering work. We discuss some of the topics we addressed, and some of the results that we can share.

Key takeaways:
• How to make IT Risk fun? 
• How to challenge your engineers to stay ahead of cyber criminals? 
• Can you be both Agile and in control of Risk and Security? 
• How do you make Risk Management meaningful? 
• Engineers should engineer – especially when dealing with Risk and Security


Jan-Joost stumbled into IT almost 20 years ago, starting on a temp job for 5 days that lasted 7 years. During these 20 years he has been mostly on the functional and process side of things, having worked as tester, designer, information analyst, project manager, application manager, change...

Léon Janson has been working within Risk management and IT at ING since the late nineties. He started at Credit Risk management where he developed and implemented a world-wide Credit Risk Reporting datawarehouse. Next he managed several IT Operations teams within the Retail bank. During...

Log in to download presentations:  


Session Links

Munich, Germany


European Identity & Cloud Conference 2019

Registration fee:
€2100.00 $2625.00 S$3360.00 23100.00 kr
Mastercard Visa American Express PayPal INVOICE
Contact person:

Mr. Levent Kara
+49 211 23707710
  • May 14 - 17, 2019 Munich, Germany