Identity Security I

Traditional federation agreements are relatively static. It takes some effort to onboard an IdP and RP to each other, but once that trust is established, it's good until some exceptional event breaks the federation.

But what about a more dynamic world, one where trust comes and goes based on context? What if users could be provisioned dynamically into a space based on trust from elsewhere? What if an isolated space could still function in a disconnected state and still have powerful security properties? What if these isolated spaces could reconnect to the network and provide audit capabilities and security signaling to other components throughout the wide ecosystem? And what if all of this could be built on a layer of trusted software that didn't rely on pre-placing keys or accounts ahead of time?

Come to this talk to learn about Federation Bubbles, the proof of concept being built out on top of a suite of technology including OpenID Connect, OAuth, SPIFFE, Verifiable Credentials, and more.

The risk of being digitally vulnerable, or not being able to access basic services, affects us all. There can be no doubt that enhancing accessibility features across digital access journeys is tremendously important in helping people simply and safely connect with the digital world. But this doesn’t go far enough.

What you’ll learn from this session: How can adaptive, connected, and balanced digital identity go further in addressing universal digital vulnerability at the root, making sure no one gets left behind.