IAM 2021 and Beyond
Facebook Twitter LinkedIn

IAM 2021 and Beyond

Combined Session
Tuesday, September 14, 2021 11:00—12:00
Location: ALPSEE

Future proofing national eID

How to future proof a national eID scheme where 13 registered commercial IdPs, 1 government IdP and several brokers operate?

This is a tale of taking the national eID from legacy frameworks to open standards and paper based OTPs to secure mobile apps. It's a complete mesh, but we made it work - come hear the lessons learned and how to use the tools we created.

Petteri Ihalainen
Petteri Ihalainen
National Cyber Security Centre, Finland
Mr. Ihalainen has extensive information security background having worked for organizations like SSH Communication Security, Ubisecure, EU Commission, Gemalto, and GlobalSign. During his career, he...

Identity Management as a Service - What it is and How to Build One

I considered myself quite an experienced programmer and having some expertise in Identity management when I was hired by Swedbank to work as full time Identity engineer. Besides projects, I had assignment to describe an architecture of the IAM as a service from my manager. Honestly, I had no clue about how to envision it. I tried to assemble standards and squeeze something out from practices and papers. But these were not really all my ideas and I did not feel much confident. But something started to happen in few last years when we had a very hard time implementing our IAM project (believe or not, it was successful). We had to answer hundred times to questions "why", "what" and "how". And finally the blueprint of the architecture of IAM as a service appeared from the mist. It is not one and only, because same size does not fit for all. Still, I do not agree that there are indefinite number of possible solutions. I think similar enterprises and engineers may find this presentation useful to draw their own blueprints.

IAM projects start usually from implementing baseline IAM processes - joiners, leavers, movers. Because this is what is usually most needed. But then you will get asked for more - identity data, events, other services. This is what makes up IAM as a service.

Neeme Vool
Neeme Vool
Neeme Vool is currently working as Software Engineer and Architect in the Digital Identity department at Swedbank. Small and professional team is implementing IAM processes for the whole big...

Better Living Through Centralized IAM Policy Decisions

You've spent years working to deliver true SSO and now your users have a single, simple authentication service to access any of their resources. That impressive UX curtain, however, hides behind it a multitude of distributed systems and platforms that each hold their own rules for providing access to their services. These systems are deployed both on-premises and in multiple cloud providers. They manage both coarse- and fined-grained authorization rules. They include modern tools but you’re still managing legacy systems as well. The situation is daunting. Your leadership wants metrics on system usage, HR needs reports to show that terminated users are removed everywhere, developers want to know how they should validate access, your auditors are asking how you are enforcing separation of duties, and the regulators are demanding that you provide proof that you are enforcing their framework policies. This session will provide you with practical solutions and implementation models to allow you to undo this Gordian knot of access points and centralize your policy management to provide standardization, visibility, security, and easier management of your access rules. You will come away with proven architectures and strategies that you can begin to implement within your own organization.

How to determine source systems for user and account profile data and configure them for real-time monitoring of lifecycle events
Configuring target systems and platforms for automated provisioning activities and identity relationship management within the ecosystem
Determining the proper decomposition of policy to govern lifecycle activities, automate access control functions, and ensure compliance to audit & regulatory requirements

Stephen Hutchinson
Stephen Hutchinson
Steve “Hutch” Hutchinson is the Principal Identity Architect for GE Digital. After cutting his teeth in C/C++ software development and network engineering, Hutch spent a decade as an...


On-Demand Access
Re-live EIC 2021
Watch more than 250 sessions on-demand
Download all available presentations
Subscribe for updates
Please provide your email address