Event Recording

How to Manage Complex Clouds Based on Cyber Resistance

Show description
Speaker
Filipi Pires
senhasegura PAM & Cloud Security Researcher
senhasegura
Filipi Pires
I’ve been working as Security and Threat Researcher and Cybersecurity Advocate at senhasegura, Founder at Black&White Technology, Snyk Ambassador, Application Security Specialist and Hacking is NOT a crime Advocate. International Speaker at Security and New technologies events in many...
View profile
Playlist
European Identity and Cloud Conference 2023
Event Recording
A 4 Year Journey Towards a Smooth and Strong e-Signing Solution in a Multi-National Insurance Company
May 10, 2023

A journey of the multi-national insurance company to find and introduce a smooth corporate e-signing solution, both legally and technically well-justified. A story of considering and aligning different dimensions to find a tiny path between legal trust and protection, technical constraints, smooth user experience, global EU Regulation (eIDAS) and country-specific local habits.

It was a huge puzzle to identify and solve all the critical actual and future needs of the different business use cases for e-signing across the company to come up with a singe corporate solution and move gradually away from the very fragmented and mainly technically driven landscape of signing solutions.

Traditionally those have been introduced as the ad-hoc remedy to some local needs in isolation from other initiatives and without proper validation of both short and long term legal impact to the company.

Event Recording
Wallets as a New Class of Super Apps in the Financial Industry and Beyond
May 11, 2023

Open banking has changed our world, enabling citizens and businesses to create a holistic view of our financial lives. “Superapps” will combine our digital identities with other domains.

Imagine a future where we can view, add, update, or remove our digital identity attributes as easily as we can manage these credentials in our physical wallets today. Further imagine that through the same lens, we can view and control which people and businesses have access to what identity data, for how long and for what purpose and attend to our financial business. “Superapps” will enable us to do exactly that as well as enable us to minimize attributes shared to suit the situational needs.

Beyond the self-evident value to us in terms of ease of use and control, imagine the efficacy that this approach will have on culling fraud when there is no need to expose all of our details with every interaction in the digital universe. Join the conversation to understand what public, private, and standards initiatives are available today and how these need to expand in support of “Superapps”.

Event Recording
When SSI Meets IoT: Challenges and Opportunities
May 11, 2023

In this session, I will first talk about the design considerations and challenges when applying SSI to IoT, followed by the description of an initiative for creating an embedded SDK for SSI. Finally, I will discuss new opportunities for building decentralized identity and access management solutions for IoT.

Event Recording
EU-US Data Transfers - Where are we now?
May 10, 2023
Event Recording
Verifiable Credentials for the Modern Identity Practitioner
May 10, 2023

You heard about Verifiable Credentials and decided to learn more. You found some stuff online, but despite knowing your way thru identity, you still can't really tell how they work in practice (wallets? presentations?) or how the boldest claims (no more centralized DBs! Apps cannot save PII!) will play out. This session will dive into VCs and separate the hype from their true, remarkable potential.

Event Recording
Trust Inspiring CIAM – Essentials for a Secure, Experience-Driven Digital Business
May 12, 2023

Confusing Customer Identity Management (CIAM) with traditional Enterprise IAM comes at a high price: Applying internal regulatory compliance requirements and heavy security challenges to customer-focused interactions could easily limit user experience in a way that it measurably affects your digital business success, with dropped or interrupted transactions. Building Identity & Access around your customers' needs requires a profoundly different approach, which is on the one hand a trust-driven interaction experience with your brand, and on the other hand, complies with KYC and Cybersecurity requirements. In this session, we will give you an overview on the current state of CIAM and future developments you should include in your considerations before deciding on how to move forward.

Event Recording
Digital Organizational Identity With the Verifiable Legal Entity Identifier (vLEI)
May 12, 2023

With heightened reliance on remotely delivered services and transactions, the need for safer and sounder digital identification and verification is required and will become the norm in the future. This especially is true looking forward to mandates for the adoption of zero trust frameworks in which digital credentials will be issued and then used for identification and operational purposes. GLEIF is committed to making concrete and lasting improvements to the process of identity verification by leveraging the Legal Entity Identifier (LEI) in digital tools. GLEIF has made the LEI verifiable by creating the vLEI (verifiable LEI) with digital credentials that deliver decentralized identification and verification for organizations as well as the persons who represent their organizations either in official or functional roles. GLEIF has made much progress on developing the governance, credentials and infrastructure since introducing the vLEI in 2020 and will share an updated at this progress in this session.

Event Recording
Wallets and Beyond: How Mobile Operators Will Enable Tomorrow’s Identity
May 11, 2023

The digital identity paradigm looks set to evolve. Citizens might rely on digital identity wallets within a few years. As the metaverse and Web 3.0 take shape, users will need more than ever to trust who they interact with and be protected against fraud. How are mobile operators approaching these evolutions? This session will bring GSMA perspective on the mobile industry’s contribution to securing digital services, as the identity landscape shifts. Helene Vigue will share how tomorrow’s digital identity may build on mobile operators’ assets and services.

Event Recording
FIDO2: The Train is Leaving the Station
May 11, 2023

The FIDO Alliance is working to change the nature of authentication with open standards that are more secure than passwords, simpler for consumers to use, and easier for service providers to deploy and manage. While initially focused on the consumer space FIDO2 holds advantages for the enterprise willing to break the mould on legacy authentication models.

This session will look at the components of a FIDO2 environment and investigate the options for FIDO deployments. A view of the possible future of FIDO will be discussed.

Event Recording
OpenWallet Deepdive
May 10, 2023
Event Recording
Weaving a Standards Framework for Non-Human Identities
May 11, 2023

We entrust workloads and devices with our most sensitive data, giving them access to far more information than the human on whose behalf it operates, if it is even operating on behalf of a human. Yet, managing these non-human identities and applying Zero Trust Policies to them is a Herculean task complicated by a heterogenous technology landscape, amplified by multi-cloud/multi-hybrid environments, exacerbated by critical skills shortages and magnified by exponential growth in workload and device identities.

It's the kind of problem standards excel at solving by creating interoperability layers between heterogenous environments, codifying the wisdom of the crowd to alleviate pressures on rare skills, and creating eco-systems of interoperable solutions that meet a common security bar.

Fortunately there are already several standards efforts that can help us manage non-human identities. But how are all these efforts related and how to we avoid replacing a patchwork of heterogenous solutions with a patchwork of heterogenous standards? Is it possible to craft a standards framework and connect all these efforts in a single identity trust fabric, and is that desirable? If we had such a framework, what would it look like?

In this talk we explore the benefits of weaving a standards framework for non-human identities by bringing together more than 18 standards from at least 7 standards bodies while identifying opportunities to align and connect them all to solve the emerging challenge of managing non-human identities at scale.

Event Recording
From Security & Compliance to Business Enablement
May 10, 2023