Event Recording

Pros & Cons of Anonymity and ZKP - Do we Know Them?

Show description
Speaker
John Erik Setsaas
Identity Expert
John Erik Setsaas
With over 25 years’ experience in digital identity, John Erik Setsaas is a pioneer in this space. He is a prolific speaker at fintech industry events around the world including Money20/20 Europe, idNext, MyData, Digital Finance World. Mobile World Congress, Trustech, KuppingerCole EiC and...
View profile
Playlist
European Identity and Cloud Conference 2023
Event Recording
The European Union Goes Decentralized - Standards and Technical Architecture Behind eIDAS V2
May 12, 2023

The European Union’s regulation on Digital Identity, eIDAS, is currently being overhauled to adopt decentralized identity principles. The goal is to provide all citizens and residents across the EU with highly secure and privacy preserving digital wallets that can be used to manage various digital credentials, from eIDs to diplomas to payment instruments. Decentralized identity principles aim at giving freedom of choice and control to the end-user. Ensuring security and interoperability, however, will be challenging — especially in the enormous scale in terms of users and use cases the EU is aiming at. The choices made in eIDAS will have a huge impact on digital identity in the EU and beyond.

The so-called “Architecture and Reference Framework” (ARF) defines the technical underpinnings of eIDAS v2. Many experts from the member states and the Commission have been working on this framework over the last year, trying to select the best combination of technologies and standards out of the enormous number available in the market today. This talk will introduce the ARF and explain what architectural patterns and technical standards are adopted and how the challenges mentioned above are addressed in order to leverage on the vision of the eIDAS v2 regulation.

Event Recording
Wallets and Beyond: How Mobile Operators Will Enable Tomorrow’s Identity
May 11, 2023

The digital identity paradigm looks set to evolve. Citizens might rely on digital identity wallets within a few years. As the metaverse and Web 3.0 take shape, users will need more than ever to trust who they interact with and be protected against fraud. How are mobile operators approaching these evolutions? This session will bring GSMA perspective on the mobile industry’s contribution to securing digital services, as the identity landscape shifts. Helene Vigue will share how tomorrow’s digital identity may build on mobile operators’ assets and services.

Event Recording
The Year of Connected Identity: Bringing it all Back Home
May 09, 2023

Cybersecurity practitioners agree that Identity is now at the heart of everything we do.  A variety of inescapable forces have brought us to this point and our success in the next years depends critically on how well we exploit the strategically placed Identity center piece.  Rising to this challenge requires our accumulated business analysis and deployment experience as well as the power of modern Identity platforms.  Critical to realizing this vision is an integrated set of connected identity services that communicate seamlessly within the identity fabric but also across the wider Cyber security ecosystem. One Identity lives and breathes connected Identity, and we are happy to share our experience helping organizations achieve value from connected identity security models.  Whether you are struggling to integrate your existing Identity silos, wondering what Zero Trust means for identity or looking to new Identity services like PBAC and decentralized identity, One Identity's innovative approach and design patterns shared in this session will be of interest.
Takeaways:

  • Connect your Identity services to each other
  • Connect your Identity Services to key systems and platforms
  • Exploit platform capabilities to ease integration
  • Go beyond point to point integrations...aim for High Value, Highly Secure Solutions
Event Recording
Beware of the Dark Side… Shining a Light on Supply Chain Security
May 10, 2023

How do we control what we do not see?

Supply chains are like that. The problem is that while you may have sight of your nearest third-party relationships, if you look further out to their relationships, things start to become a bit obscured. And that is where the risk lies.

In recent years Okta, Toyota and Morgan Stanley have all suffered data breaches that originated with an attack on the supply chain.

In this presentation, we explore the complex nature of supply chains/digital ecosystems and all the parties involved.  We’ll look at the pattern of some recent third-party attacks, examine their root cause and what lessons we can learn.

Finally, we'll explore the critical capabilities that are needed as the foundation for a solid third-party strategy; one that provides active, continuous monitoring while reducing the overhead for compliance.

Event Recording
Trust Inspiring CIAM – Essentials for a Secure, Experience-Driven Digital Business
May 12, 2023

Confusing Customer Identity Management (CIAM) with traditional Enterprise IAM comes at a high price: Applying internal regulatory compliance requirements and heavy security challenges to customer-focused interactions could easily limit user experience in a way that it measurably affects your digital business success, with dropped or interrupted transactions. Building Identity & Access around your customers' needs requires a profoundly different approach, which is on the one hand a trust-driven interaction experience with your brand, and on the other hand, complies with KYC and Cybersecurity requirements. In this session, we will give you an overview on the current state of CIAM and future developments you should include in your considerations before deciding on how to move forward.

Event Recording
Solving a Logistical Nightmare: Imagining a Decentralized Identity Future at DB Schenker
May 10, 2023

IAM is hard enough without the additional complexities that logistics companies face. Warehouses need to be secure, but it’s difficult to find an identity solution that’s suitable for short-term staff who don’t have or can’t use computers, mobile devices, or biometrics in their work environment. Until recently Decentralized Identity has been stuff of dreams, but that is rapidly changing and the lines between identity and authentication blurring even more. In this session, we’ll explore how a future powered by Decentralized Identity is offering logistics giant DB Schenker a path to stronger security while maintaining productivity in its warehouses—providing a fast, flexible and interoperable way for workers to verify their identity.

Event Recording
The Future of IAM & Cybersecurity is Policy-Based
May 12, 2023

There are several sessions at this year’s EIC looking at the roles of policies in IAM, for modernizing and efficiency gains in IGA, for authentication and fraud detection, and for authorization. In his keynote, Martin Kuppinger, Principal Analyst at KuppingerCole Analysts, will take a broader perspective and look at why the future of IAM and cybersecurity must and will be policy-based. This involves policies in IGA, policies in cybersecurity, hierarchies of policies, policies for application developers and IaaS administrators, policies in Zero Trust, overcoming static entitlements, policies in the context of DID (decentralized identities), and other topics. He also will discuss what needs to be done where, such as Policy Governance, Data Governance, and Policy Lifecycle Management, and why the shift to policy-based approaches requires a multi-speed approach, with policies in new digital services coming faster than policies for modernizing legacy IAM.

Event Recording
Zero Trust in an Industry Where Trust is Key
May 11, 2023

How does a Financial Institution deploy a Zero Trust Model where employees and consumers need access to so much vital data in near real time.

Event Recording
Avoiding Accidental Architecture - Implementing Graph-Based IAM & CIAM goes Beyond Better Access Control
May 11, 2023

Graph is having its moment and rightfully so. Regulatory challenges, overly complex authorization scenarios and retrofitting legacy programs to meet new business needs are squeezing businesses. Implementing a graph-based approach can remove these obstacles and reduce risk. 

But for many businesses, this is where graph-based implementations start and stop. 

In this session, we will discuss how to turnidentity data into identity knowledge and what that can deliver. We will dive into data models that drive contextual and real-time decisions - data models which are foundational for enabling complex authorization use cases and beyond. 

Finally, we will explore the benefits of graph-based deployments in your existing environments, including the value of a holistic and visually simplified data model and avoiding the accidental architecture challenge

Event Recording
Identity Governance with a Purpose – Deciding and Documenting Why Access is Granted
May 10, 2023

Deciding what constitutes appropriate access to sensitive information is a growing challenge for today’s enterprise. Whether it is regarding securing mission critical enterprise data or protecting the privacy of data gathered about the organization’s customers, an often-overlooked element is capturing and documenting the reasons why a given access request or entitlement is necessary and appropriate for the continued operation of the business.   Organizations are required to manage the data that they are entrusted with in a secure, purpose-based, and privacy-compliant manner.  Identity Governance processes can help the enterprise review the current state of access, make decisions regarding the validity of this access state, and attest to its accuracy.  Identity Governance processes are also ideally suited to also document the reasons why this access state is appropriate and necessary for business operations.

This session will cover how Identity Governance processes can help enterprises refine their security, make better access control decisions, and provide much clearer accountability around why access is granted – all in better alignment with Zero Trust initiatives.

Event Recording
FIDO2: The Train is Leaving the Station
May 11, 2023

The FIDO Alliance is working to change the nature of authentication with open standards that are more secure than passwords, simpler for consumers to use, and easier for service providers to deploy and manage. While initially focused on the consumer space FIDO2 holds advantages for the enterprise willing to break the mould on legacy authentication models.

This session will look at the components of a FIDO2 environment and investigate the options for FIDO deployments. A view of the possible future of FIDO will be discussed.

Event Recording
Zero Trust Applied for Access Management - How to Control and Monitor the User Access
May 12, 2023

UX with Security in Corporate and Customer Access but including a huge monitoring approach to have the effect of Zero Trust for the users. I will Mix CIAM, Access Management, IAG and UEBA