Innovation Best Practises
Facebook Twitter LinkedIn

Innovation Best Practises

Expert Talk
Wednesday, May 13, 2020 17:30—18:30
Location: EIC CAFÉ

tba


tba


First steps towards SSI under eIDAS and the European SSI Framework

One of the building blocks of any SSI solution is the Trust Framework it relies on. Trust Frameworks provide Verifiers with the means to trust the credentials and the issuers of those credentials, as a top human-layer that sits on top of all cryptographic and technical related layers.
The EBP has been working on deploying a first PoC of EBSI (European Blockchain Service Infrastructure) and ESSIF (European SSI Framework) use case, that sets the ground on how trust can be achieved within eIDAS on the near future.

To give some light into the overall solution, we would like to share our experience after participating in the making of the first ESSIF PoCs. 
First, we have helped to define the current ESSIF specs and contributed to the development of the first version that uses the existing eIDAS Trust Framework to proof the diplomas issuer’s identity in a Verifiable Credential workflow use case. In Europe, it’s still difficult for a student who has completed a degree in one university to validate it with another country’s university. We want to use an SSI solution with a common diploma schema to enable cross-border identity services. 

Second, we have participated on an SSI project with the European Commission and Microsoft that showcases a diploma’s issuance and verification between universities from different countries, which both have Decentralized Identifiers (DIDs) that enables them to interoperate into a typical Verifiable Credential exchange.

The proposed solution also innovates in the sense that we’ll demonstrate the interoperability of the use case among different ledgers and deployed solutions. One of the universities will have a DID provided using Sidetree, on a Bitcoin ledger, and the other will have a DID provided by ESSIF, on an Ethereum enterprise ledger. And we will present a student that owns a degree from the first university and will present it to the latter, which it will verify that it is issued by the first one to the correspondent user.

Key takeaways:

 

- Understand how EBSI and ESSIF will help companies achieve eIDAS-compliant SSI solutions.
- Demonstrate the use of EBSI through ESSIF use case.
- Show an actual use case of diplomas and ID exchange using W3C's verifiable credentials data format.
- Demonstrate interoperability of the current diplomas exchange between different SSI deployments, with different DID methods and different ledgers.

Xavier Vila Pueyo
Xavier Vila Pueyo
Validated ID
Xavier is Product Manager of the decentralized identity solution VidChain at Validated ID. Telecommunications Engineer at UPC Barcelona and Master of Information Security at Télécom...

Good Cyber Hygiene Keeps Privileged Accounts Clean

Even organizations with mature privileged and identity access management postures struggle to gain visibility into how attackers move laterally once inside the network. Credential harvesting, permission escalation, and other attacker techniques take advantage of organizational credentials that are constantly changing. In this presentation, we will outline some of the common high-risk accounts that tend to fall outside the scope of typical IAM/PAM solutions and how good cyber hygiene practices can help to identify and investigate the privilege abuse that enables attacks.

Gil Shulman
Gil Shulman
Illusive Networks
Gil Shulman is Illusive Networks’ VP of Products. Gil has over 20 years’ experience in the technology industry focusing on cyber defense. Before joining Illusive Networks, Gil worked...

Beyond Identity - the Bright Future of Authorization

Identity and Access Management has been at the heart of the digital transformation journeys in enterprises worldwide. We tackle problems such as: management of identities (on-boarding, off-boarding, identity merging), etc; binding the identity to the individual (authentication), and balancing acceptable friction with risk in authentication flows. But to what end? Why do we care about Identity? Of course, the answer is in front of us: Access Management.

However, we need more than Identity and Authentication to ensure we have an Access Management capability that meets today’s needs - multi-channel & mobile-first services, the API economy (e.g. Open Banking), user privacy regulations (e.g. GDPR, CCPA). Authorization - making sure the right users and systems have appropriate access to information and services, across a wide range of scenarios - is key, and Identity and Authentication are but one part of the bigger Authorization picture.

In this session, I'll discuss authorization in the context of typical enterprise access management scenarios. We’ll look at the evolution of authorization from traditional role-based access control, through today’s claims-based protocols to tomorrow’s highly granular and context-aware access control. Along the way, we'll look at emerging patterns such as "adaptive authentication" that are sometimes used to implement authorization, and see why true context-aware authorization might be a better solution.

Ewan Dawson
Ewan Dawson
Symphonic Software
Ewan Dawson is the Head of Engineering at Symphonic Software. He has 5 years experience building access control software, and developing integrated access control solutions for enterprise...
Subscribe for updates
Please provide your email address