Event Recording

Veni, Vidi, Vici: How AI will Shape the Future of IGA

Show description
Speaker
Cristiana Vicovan
Director of Product Management
EmpowerID
Cristiana Vicovan
Cristiana is an accomplished professional with a strong background in both chemistry and technology. She holds an MS in Chemistry, with a focus on green chemistry and sustainable materials, and multiple Product and Management Certifications. Her expertise in the field of IT has earned her...
View profile
Playlist
European Identity and Cloud Conference 2023
Event Recording
Navigating the Complexities of User and Group-Focused Authorization in Modern Applications
May 10, 2023

Authorization in modern applications is becoming increasingly complex, particularly when it comes to managing access to resources at the individual user and group levels. OAuth has become a widely-used standard for granting access to resources on behalf of a user, but it is not well-suited for these more nuanced use cases. In this talk, we will explore the confusion surrounding the use of OAuth for user and group-focused authorization in applications. We will discuss the standard meaning of authorization in OAuth, which is to grant access for an application to call APIs on behalf of the user, and how misusing OAuth for this purpose can lead to bad architecture and bloated JWT tokens. We will also introduce alternative standards like UMA (User-Managed Access) and GNAP (Group-Based Nested Access Protocol) as potential solutions for user and group-controlled resource delegation. These standards provide a more fine-grained and dynamic approach to access control and can be integrated with policies created by a PBAC (Policy-Based Access Control) server for a more comprehensive solution. Attendees will leave with a better understanding of the limitations of OAuth for user and group-focused authorization, and with a clear understanding of the potential of UMA and GNAP as solutions for these use cases.

Event Recording
FIDO à la Carte
May 12, 2023

Finding the right passwordless solution can be a daunting task. Searching the web for a passwordless authentication solution will present many options for various use cases. With so many options, how do you choose the solution that best meets your requirements?

This presentation will help guide you through the different FIDO standards, Passkeys and provide real-world examples of how they are being used today. We'll explore the benefits of FIDO, including increased security and improved user experience, and discuss the challenges and limitations.

If you're ready to say goodbye to passwords and embrace the future of passwordless authentication, join us and learn how to find the right FIDO solution for your passwordless needs.

Event Recording
Covering Your Customer Identity Needs - The Way Forward
May 12, 2023

The Art of CIAM is to converge user Experience (UX) , security and privacy in a way that is seamless and unobtrusive for the user. In this panel session we will discuss the role of decentralized technologies, biometrics, and AI in Digtal ID, allowing for more secure and efficient authentication processes. 

Event Recording
How Deepfakes Are Changing the Landscape of Identity Fraud and How Can We Prevent the Risks
May 11, 2023

Explore the latest developments in deepfake technology and its impact on identity fraud. With deepfakes becoming increasingly realistic and widespread, it is essential for businesses and organisations to understand the risks they pose and take action to mitigate them. Attendees will gain a comprehensive understanding of the risks posed by deepfakes to the identity verification industry and how to protect their organisations from them effectively. The session will feature expert insights and real-world examples of how businesses and organisations can implement deepfake detection technology and other measures to prevent identity fraud.

Event Recording
Solving a Logistical Nightmare: Imagining a Decentralized Identity Future at DB Schenker
May 10, 2023

IAM is hard enough without the additional complexities that logistics companies face. Warehouses need to be secure, but it’s difficult to find an identity solution that’s suitable for short-term staff who don’t have or can’t use computers, mobile devices, or biometrics in their work environment. Until recently Decentralized Identity has been stuff of dreams, but that is rapidly changing and the lines between identity and authentication blurring even more. In this session, we’ll explore how a future powered by Decentralized Identity is offering logistics giant DB Schenker a path to stronger security while maintaining productivity in its warehouses—providing a fast, flexible and interoperable way for workers to verify their identity.

Event Recording
EU Wallet – eIDAS 2.0: The New European Identity Framework is a Gamechanger
May 10, 2023

The existing eIDAS governance framework for digital identity is fragmented for different regulated markets in different EU countries. Today identity provider solutions for finance, healthcare and other regulated markets follow central approaches for the management of identities and consent in high secure data center environments and using legacy standards (e.g. OIDC, central public key infrastructure).

eIDAS 2.0 creates a EU wide identity ecosystem with adapted new standards, new stakeholders and a focus on using mobile devices. The existing roadmap allows to anticipate three to five years (or more) transition. For banking, insurance, healthcare or the public sector it is time to adopt these standards in their digital transformation strategy.

Based on the Gematik requirements for a federated identity provider with central OIDC compliant resource and authorization server Comuny shifted relevant identity provider functions (data storage + token generation) on the mobile device.

The speakers will describe challenges and solutions for this regulated market. They also discuss the chance to combine existing central OIDC flows with mobile decentral, wallet based principles as a bridge into the new eIDAS 2.0 governance framework. The audience will get a clear understanding about requirements, opportunities and practice details to create the transition into eIDAS 2.0 identity ecosystem.

Event Recording
How to Manage Complex Clouds Based on Cyber Resistance
May 12, 2023

You have probably heard about Cyber Resilience, and how about Cyber Resistance? What should be the differences between the two terms in the context of Cybersecurity? Cyber Resistance is the same or not?

Prioritizing where to focus efforts first when attack scenarios are almost endless is a complex task. There are often millions of potential attack paths. Most organizations do not know what those paths are or how to prioritize which ones to close first if they can be closed at all.

During this presentation, we will be understanding the differences between Cyber Resistance and Cyber resilience, and how we can apply both concepts to our current technology landscape, besides understanding how we can identify the High-Value Target (HVT) in your organization.

Event Recording
What to Consider When Selecting your Managed Identity Fabric
May 10, 2023

IDaaS, the SaaS-delivered IAM, helps organizations   releasing themselves from a considerable part of the burden that IAM brings. They don’t need to care for software installation and running servers. However, IDaaS is only part of the answer  here. Customers still must   managed and run their IAM environment.

This is where MSPs (Managed Service Providers) and their services come in . They help the organizations in managing major parts of IAM, from onboarding of systems to customization and configuration, but also for a good share of the business-oriented aspects.

MSPs also can help organizations in providing a real IDaaS in the sense of customers/tenants just ordering services, without even caring about the technology below. They buy the services delivered by an Identity Fabric that is built and run by their service provider (which then again might rely on one or more SaaS services).

In this panel, we will discuss how such a “managed Identity Fabric” can look like and what this means to both the MSPs and their tenants. We’ll specifically focus on what distincts such a managed Identity Fabric from just a standard IDaaS offering, and from a MSP operating the IAM the customer already has in place. We’ll discuss the main criteria and capabilities for selecting the managed Identity Fabric.

Event Recording
The Evolution of CIAM and What’s in Store for the Future of Identities
May 11, 2023

With digital transformation continuing to change the way customers interact with businesses, organizations need to provide a personalized, seamless and friction free experience to their customers to increase engagement and retain subscribers. All of this amidst a rapidly increasing threat landscape and a growing awareness of data privacy and ownership. Join James Lapalme from Entrust, to learn about the evolution of CIAM to meet the customer expectations of today, while looking ahead as to what the future of Identity holds.

Event Recording
Passwordless Primer
May 10, 2023

Passwordless authentication counts amongst the hot topics in IAM. In this session, the variants of passwordless authentication will be explained. Phishing resistance, device binding, secure elements, and many of the other technical aspects will be explained, put into context, and rated regarding their relevance for different use cases. The session also will discuss use cases and their specific needs, from simplified access to office solutions to a unified passwordless authentication for the entire IT environment.

Event Recording
Market Overview: Passwordless Authentication
May 10, 2023

This session will provide an overview of the market for Passwordless Authentication products and services and will present a compass to help you to find the Passwordless Authentication product or service that best meets your customers, partners, or workforce needs. KuppingerCole´s Alejandro Leal recently published a Leadership Compass for Passwordless Authentication and examined the market segment, vendor product and service functionality, relative market share, and innovative approaches to providing Passwordless Authentication solutions.

Event Recording
Lessons Learned from Implementing PBAC Solutions with OPA
May 10, 2023

During the last 3 years we have seen a significant uptake on decoupled authorizations solutions, the main drivers behind this is a move to the cloud, micros services and ZT implementations. In this speech Gustaf Kaijser will walk you through the feedback he has been getting from the organisations that have implemented OPA based solutions the last years, and the significant gains that they have seen in:

  • Automation of policy checks
  • Application development
  • Consistent policies across applications and infrastructure
  • Troubleshooting / Time to repairs
  • Cost of change
  • and audit