Innovation Best Practises
Facebook Twitter LinkedIn

Innovation Best Practises

Combined Session
Tuesday, September 14, 2021 12:00—13:00
Location: EIC CAFÉ

One PAM - A Holistic Approach to PAM for the Shift to a Zero Trust Model

Join Peter Dulay, Symantec Identity Management Adoption Advisor, Broadcom, as he introduces One PAM, which brings together traditional proxy-based (credential vaulting) with agent-based (granular access controls) capabilities into one consolidated solution and approach, and how One PAM is better positioned to help customers shift to a Zero Trust model.  

Peter Dulay
Peter Dulay
Peter Dulay has over 25 years of information technology experience with 20+ years in Cyber Security. He has been advising customers worldwide including Fortune 500 companies in the area of Identity...

Continuous ZeroTrust as a Way To Know Your User

Organisations perceive their users through data. In the world of fewer and fewer opportunities for physical contact, identity verification is going all remote. All online service providers need to model the risks related to user impersonation and user manipulation attacks.
In this talk, we will dig through the classical methods of Knowing Your User through the static data:
Coupling the session with the device
Checking the network environment
Next, I will present manipulation methods related to data spoofing to express the business impact. Usual scenarios are primarily associated with rewards in the form of money for the attackers.
Time-series data analysis and the impact on the business and customer experience will be presented to show the way forward in the adaptive risk management context.
Finally, food for thought related to the standardisation of behavioural biometrics that is getting more and more attention as one of the defence methods will be shared to show that we need Zero Trust and a way to verify if and how the vendor products are working.

Static data can be easily spoofed. Dynamic data analysis (mainly in a time series manner) is the way to go.
Data resilience related to side-channel time series data analysis.
Zero Trust is also about not trusting your data sources and all the environment related to it.
Behavioural biometrics strives for standardisation.

Mateusz Chrobok
Mateusz Chrobok
I am following the data as a VP of Innovation in Revelock (formerly buguroo). Behavioural biometrics, ethical data processing and continuous authentication is my current focus. I am a Security geek...

Persistent digital reputation across industries, countries, and legal frameworks

Most of the facts about ourselves currently exist in paper-based format, centralized government-controlled repositories or belong to large platforms such as banks and social networks. In this presentation I will give overview of the history of trust mechanisms and how digital decentralized identity technology can improve it.

In particular, we will focus on 3 aspects:
1) What is trust and how it evolved over time
"Owning and exchanging trusted data is a millennia-old problem. From the oral speech to papyri, printing press and modern digital documents — it always was an integral part of any human organization. With the growth of modern technology, amount of data in the world skyrocketed — in the last 3 years alone we generated more data than during the rest of the history."

2) What are the most recent innovations in the space and how this technology is being applied to real world problems
"The promise of self-sovereign identity technology is to create universal portable lifelong digital identities and credentials. The economic benefits of this tech are realized through some of unique properties that SSI has:
- Reducing the cost of issuance and verification of data points and facts: $1 for print, delivery, storage and verification of a typical paper document vs $0.001 for digital verifiable credential.
- Data standardization: portable and universal data standards instead of point-to-point API integrations between hundreds of participants.
- Drastically decrease the possibility of fraud: cryptographic signatures are hundred times more secure than physical ones; decentralized encrypted storage is not as vulnerable as centralized gigantic databases.
- Unification of contexts: data from multiple sources can be combined in a single document to prove not only the content but also the audit trail of that data.
- Instant data privacy compliance: end customers are ultimately own and control access to their data, which makes SSI systems instantly complaint with most data protection regulations"

3) How can we use all of these learnings to create decentralized open protocol that will allow end users to build up persistent lifelong reputation

— How to build persistent digital decentralized reputation system in an open protocol format
— How to use mechanism design, game theory and crypto-economics to design decentralized governance for the protocol
— How such system can create trust and increate efficiency in the areas of Finance, Education and Recruitment

Stepan Gershuni
Stepan Gershuni
Decentralized Identity Foundation
Stepan is a technology executive with 10 years of experience in developing web and mobile products based on public cryptography, blockchain and digital identity technologies. Stepan worked as...


On-Demand Access
Re-live EIC 2021
Watch more than 250 sessions on-demand
Download all available presentations
Subscribe for updates
Please provide your email address