Zero Trust Trends & Best Practice
Facebook Twitter LinkedIn

Credentialing-enabled Zero Trust Architecture for API Endpoint-Security

Combined Session
Thursday, May 11, 2023 16:10—16:30

Traditional network security focuses on perimeter defenses, but many organisations, systems and processes no longer have a clearly defined network perimeter.

To protect a modern digital enterprise, companies need a comprehensive strategy for securely accessing their IT resources (e.g. applications, physical access control systems, portals, data resources, and devices) wherever they are located.

APIs in supply chains and cyber-physical systems (CPS) are proliferating exponentially across the technology landscape, creating a huge attack surface that security teams struggle to understand and defend.

Zero Trust Architecture (ZTA) refers to security concepts and threat models that no longer assume that actors, systems or services operating within the security perimeter are automatically trusted, but instead must verify everything and everyone who attempts to connect via an API to their systems resources before granting access.

Hence, ZTA is an important design philosophy to establish security mechanisms at the API layer of each individual IT resource for increasing API Endpoint Security in both, corporate infrastructures and open systems. Identity and authorization credentials as well as policies are a key enabler of securing the API endpoints.

These different ZTA approaches include:

1) ZTA Using Enhanced Identity Governance,
2) ZTA Using Micro-Segmentation, and
3) ZTA Using Network Infrastructure and Software Defined Perimeters.

Our presentation will demonstrate how Trust Frameworks and Identity Governance (1) are the foundational layer for a credentialing infrastructure. With this layer in place credentials can be used enable SW-defined perimeters (3).

We will provide in-depth insides how ecosystems solutions such as the Open Credentialing Initiative and Gaia-X are applying design patters using decentralized identity and verifiable credentials for (3).

Dr. Ignacio Alamillo-Domingo
Dr. Ignacio Alamillo-Domingo
Logalty Prueba por Interposicion SL
Ignacio is a Doctor in Law (UMU), with a PhD thesis related to the eIDAS Regulation, and holds a Degree in Law (UNED), a Diploma of Advanced Studies (UAB) and a Master in introduction to...
Matthias Buchhorn-Roth
Matthias Buchhorn-Roth
At Microsoft I help companies and organisations for their digital transformation, whereby I would be utilising my sound expertise in developing software products and IT projects, leading teams and...
Dr. Carsten Stöcker
Dr. Carsten Stöcker
Dr. Carsten Stöcker is co-founder and CEO of Spherity. Spherity is building decentralized digital identity management solutions to power the fourth industrial revolution.Carsten...


Hybrid Ticket
Experience the full conference
till March 31st
Whole conference (May 09-12, 2023)
Choose if you want to attend on-site or participate online
Access to live sessions, expo-area & networking events on-site
Access to online event platform to view live- & online streams
Access to the virtual expo area
(Video-) Chat and interact with all attendees on-site and online
Virtual Ticket
Full virtual experience
till March 31st
Whole conference (May 09-12, 2023) online
Access to online event platform to view live streams
Access to the virtual expo area
(Video-) Chat and interact with all attendees on-site and online
Have you participated in our events?
Contact us to get a special discount
Other ways to attend
Young Talents -
student program
Register and apply
Journalists &
Confirm press accreditation
Subscribe for updates
Please provide your email address