Event Recording

Beyond Zero Trust to Achieve Zero Friction

Show description
Joseph Carson
Chief Security Scientist & Advisory CISO
Joseph Carson
Joseph Carson is an award-winning cyber security professional and ethical hacker with more than 25 years’ experience in enterprise security specialising in blockchain, endpoint security, network security, application security & virtualisation, access controls and privileged access...
View profile
European Identity and Cloud Conference 2023
Event Recording
How do You Know Who to Trust?
May 10, 2023

OpenID Connect Federation enables trust establishment at scale and is being deployed to do so in Europe.

A key question when granting access to resources is “Who do you trust?”.  It’s often important to know who the party is that you’re interacting with and whether they’ve agreed to the terms and conditions that apply when accessing a resource.

OpenID Connect enables identities of participants to be securely established but doesn’t answer the question of whether a participant is trusted to access a resource such as your personal data.  A complementary mechanism is needed to do that.  In small-scale and static deployments, it’s possible to keep a list of the trusted participants.  However, in large-scale and dynamic deployments, that doesn’t scale.

This presentation will describe how the OpenID Connect Federation protocol enables scalable trust establishment with dynamic policies.  It does so by employing trust hierarchies of authorities, each of which are independently administered.  Examples of authorities are federation operators, organizations, departments within organizations, and individual sites.

Two OpenID Connect Federations are deployed in Italy, enabling secure access to digital services operated by Italian public and private services with Italian digital identities.  This presentation will also describe why OpenID Connect Federation was selected for them and how it meets their needs.  OpenID Connect Federation is being used by the GAIN PoC.  A public deployment is also being planned in Sweden.

Event Recording
Identity Governance with a Purpose – Deciding and Documenting Why Access is Granted
May 10, 2023

Deciding what constitutes appropriate access to sensitive information is a growing challenge for today’s enterprise. Whether it is regarding securing mission critical enterprise data or protecting the privacy of data gathered about the organization’s customers, an often-overlooked element is capturing and documenting the reasons why a given access request or entitlement is necessary and appropriate for the continued operation of the business.   Organizations are required to manage the data that they are entrusted with in a secure, purpose-based, and privacy-compliant manner.  Identity Governance processes can help the enterprise review the current state of access, make decisions regarding the validity of this access state, and attest to its accuracy.  Identity Governance processes are also ideally suited to also document the reasons why this access state is appropriate and necessary for business operations.

This session will cover how Identity Governance processes can help enterprises refine their security, make better access control decisions, and provide much clearer accountability around why access is granted – all in better alignment with Zero Trust initiatives.

Event Recording
State and Future of Digital Identity – Results from a KuppingerCole Study
May 10, 2023

KuppingerCole conducted a series of polls over the past months, gathering data about the state and future of IAM. Together with the ongoing market sizing analysis and predictions of the KuppingerCole analysts, we’ve created a study providing insight into our assessment of the current state of the IAM market as well as where we see the market evolving. Martin Kuppinger, Principal Analyst at KuppingerCole Analysts, and Marina Iantorno, Analyst at KuppingerCole Analysts, will present selected results from that study and share their perspectives on the evolution of the IAM market.

Event Recording
Lessons Learned from Implementing PBAC Solutions with OPA
May 10, 2023

During the last 3 years we have seen a significant uptake on decoupled authorizations solutions, the main drivers behind this is a move to the cloud, micros services and ZT implementations. In this speech Gustaf Kaijser will walk you through the feedback he has been getting from the organisations that have implemented OPA based solutions the last years, and the significant gains that they have seen in:

  • Automation of policy checks
  • Application development
  • Consistent policies across applications and infrastructure
  • Troubleshooting / Time to repairs
  • Cost of change
  • and audit
Event Recording
Closing Keynote
May 12, 2023
Event Recording
Best Practice: Empowering the Vision of the IoT with Decentralized IAM
May 11, 2023

How Self-Sovereign Identity (SSI) enables decentralized Identity and Access management for Things

  • The Challenges of IoT and Identity 
  • SSI key elements in a nutshell 
    • Decentralized Identifier (DID)
    • Verifiable Credentials (VC)
    • The role of blockchain / DLTs
    • How the elements work basically together
  • The SSI advantages / disadvantages in general and for IoT
  • Can SSI replace “traditional” Identity and access solutions and how? 
    • The IoT possibilities filancore enables with SSI

From SSI zero to hero – ETO`s digital & IoT transformation in practice

    • From or need to vision, strategy and IoT-SSI in operation
      • Our innovation, organization, and technology problems from back then
      • SSI as a competitive chance
    • ETO`s SSI strategy and roadmap – where we started, are and going
    • Our SSI High-Level Architecture and IoT product innovation(s) [decentralized IAM in use]
    • Our lessons learned and take-aways with SSI
Event Recording
Building the Roadmap for Your Future IAM | Workshop
May 09, 2023
Event Recording
Running Machine Learning Analytics On Traces
May 11, 2023

Let’s do things differently. To start with, let us view logs and traces as no different from any other data. The data an application indirectly generates when in use (the logs and traces) is no different from the data an application directly works with (input and output). So let’s keep them all together in a scalable cloud storage repository. Once it is there, it is just like any other big data. We need to analyze and apply intelligent monitoring to detect situations of interest. So we need to apply trained ML models to a stream of such data for immediate alerting when the traces indicate an unwanted behavior occurring or brewing. This talk will show how to harness existing technologies to do just that.

Event Recording
Market Overview: Identity Governance & Administration (IGA)
May 10, 2023

The Identity Governance and Administration (IGA) market is continuing to evolve through more integrated Identity Lifecycle Management and Access Governance solutions that are now increasingly aided by intelligent features. In this session, KuppingerCole´s Nitish Deshpande will share with you insights into the IGA market, providing you a compass to help you find the products that can meet the criteria necessary for successful IGA deployments.

Event Recording
A Sovereign Cloud for the German Government
May 11, 2023

You will learn about the Sovereign Cloud for the German Government, this solution is based on Azure and operated by Delos Cloud Gmbh

Event Recording
Hybrid IAM: Interoperable Verifiable Credentials for Workforce Identity
May 11, 2023

The past few years have seen a startling increase in decentralized technologies for Digital Identities. So far, much of their adoption has been limited to academic or proof-of-concept integrations (barring some shining examples) rather than consolidated production-ready use cases.

Generally, there isn't an enforced link between real-world and digital identities, and rightfully so. Still, enterprises' policies and regulations mandate companies to ensure restricted access to reserved data and undeniable attribution, which collides with general anonymity and distributed principles. Albeit SSI technologies aim at filling this gap with trusted-yet-privacy-preserving solutions, companies still need to consolidate digital identities and collapse them into a well-defined entity. We will talk about a hybrid approach to classic IAM for workforce management including W3C native credential integration with solidified and well-established SSO federations. In other words, delegate to the end users the choice of which identity technology to use as long as they can provide a trust chain that the companies can verify.

Event Recording
The Killer Credential - Spotting Verifiable Credentials That are Absolute Must-Haves for Every Party in an Ecosystem
May 10, 2023