Event Recording

Demystifying Zero Trust

Show description
Speaker
Milad Aslaner
Head of Technology Advisory Group
SentinelOne
Milad Aslaner
Milad Aslaner has 15 years of international experience in cybersecurity. He has served as a trusted advisor for several global organizations across Oil & Gas, Financial Services, Public Sector, and Aviation industries, helping those modernize their cybersecurity strategy, security...
View profile
Playlist
European Identity and Cloud Conference 2022
Event Recording
Qualified electronic signatures in times of the eIDAS2-wallet - a Nordic-Baltic perspective
May 12, 2022

When dealing with digital identity, emphasis is often put on the identification and authentication part. An equally important aspect is digital signing (or more broadly: electronic signing). Qualified electronic signatures have the same legal status as handwritten signatures in the EU. In this session, we shall look at the advantages and challenges that come with them from a Nordic-Baltic perspective. What is their role today and in the future; both independently, and in connection with the upcoming eIDAS2-wallet? Concrete use cases will be demonstrated from the point of view of the citizen, the public sector and businesses.

Event Recording
All Other Identities - The Risk That Is Hiding in Plain Sight
May 12, 2022

For the last 30 years  virtually every  company, agency and organization has been forced to accept the risks associated with identity management and control for third parties and  all  the other identities that  are not  directly addressed by today's workforce or customer access management solutions. The universe of  "all other identities"  is enormous, numbering in the billions and  maybe even the trillions of distinct and unique identities. In the absence of solutions and processes to actively manage and control the identities of contractors, service providers, agencies, franchisees and  all  the possible variations of people,  devices  and entities that your organization interacts with, accepting risk but not being able to  mitigate  it has been the normal course of business. It is past time that these risks are acknowledged,  addressed,  and mitigated. Richard Bird explains the current state of third and n-th party identity risk, how to recognize it and what to do about it in this presentation on a new frontier in security and risk.

Event Recording
Kubernetes and Crossplane at Deutsche Bahn
May 12, 2022

This session will be about the journey of Kubernetes and Crossplane at Deutsche Bahn, to provide platform consumers with access to a unified API for deployments, infrastructure provisioning and applications in a manner that is independent from the cloud, addressing compliance and cross-cutting concerns while providing a Kubernetes "native" experience.

The journey has not been without challenges, where the platform team has managed technical and functional requirements including an access model in an enterprise environment, user expectations of cloud native infrastructure usage, and issues with excessive API load, shared resources, as well as controllers written by the team and open sourced along the way.

Event Recording
Deploying Open Policy Agent (OPA) at Scale and in Production
May 12, 2022

OPA is a fast rising star in the Authz market. In this deep dive we will cover lessons learned and best practice from early adopters on how to deploy OPA at scale and in production. How can you ensure consistent polices, how do you test and life cycle policies, how do connect with external data sources.

Event Recording
Enabling MFA and SSO for IoT and Constrained Devices
May 13, 2022
Event Recording
European Identity & Cloud Awards Ceremony
May 11, 2022

Once again, analysts from KuppingerCole come together to showcase outstanding Identity Management and Security projects, standards and people. The winners will be honored live on stage during the award ceremony.

Event Recording
Panel | How to improve customer IAM and CIAM
May 12, 2022
Event Recording
Credentials and Privacy - History and New Kinds of Cards
May 12, 2022

David will talk aboout a new technology that allows the person owning a public key to prove that they have memorized a passphrase, from which they could at any time easily compute the private key.
One example use is for votexx.org elections, which are conducted remotely without polling places. The ballot-casting in such elections is done by a signature that is publicly verifiable as corresponding to a particular public key posted in advance by the election authority. The voter registration authority would require a proof that the voter knows the corresponding passphrase and hence ensures that the voter has irrevocable access to the private key corresponding to the posted public key. This lets the voter give all of their keys (in an extreme case) to a vote buyer and/or coercer – while the voter is never able to give up knowledge of the passphrase and the ability that it confers to secretly cancel any vote made with the corresponding private key. This is just one example David will feature in his presentation.

Event Recording
Privacy Enhancing Mobile Credentials
May 12, 2022

The Kantara Initiative is developing a standard and requirements so that organizations can demonstrate to their stakeholders that their commitments to privacy and data protection go beyond transactional and technical trust. At the end of the day people trust, or don't trust, organizations - not the technologies that the organizations use. This session will provide you with an up-to-date report on the development of these standards and requirements and also provide you with an opportunity to provide input into their development.

Event Recording
Human-Centric Identity
May 12, 2022

Security vs experience. Platform vs best of breed. Fast vs thorough. The identity technology world forces us to make trade-offs. These difficult decisions are an endless exercise in technical and logistical nuances like developer and IT resources, product licenses, integrations, and deployment methods. 

Get ready! We are entering an era where IAM professionals can rise above those tradeoffs, and rapidly evolve from technical experts to experience artists by using solutions that customize, code, and integrate for you. This means humans can focus on what humans do best: creating amazing experiences, differentiating from competitors, reacting to market trends, leveraging innovations like decentralized identity and partnering with business owners to anticipate and exceed user expectations.

Event Recording
Identity Management in a Web 3.0 World
May 12, 2022

The third iteration of the Web, Web 3, aims to put more control over web content in users’ hands. It promises to be built on blockchain, eliminating all big intermediaries, including centralized governing bodies. The vision for a Web3 world is for people to control their own data and be able to bounce around from social media to email to shopping using a single personalized account, creating a public record on the blockchain of all of that activity. What does this mean from an identity management point of view? We will explore some important questions that should be addressed as the future of the internet unfolds, including the impact that limited oversight in crypto currency will have, including poor authentication; the role of decentralized identities and private key management; and finally, the privacy aspects of having transaction data on the blockchain and what that means for attackers that can potentially compile new identities or further identity theft as we know it today. Whether it is Web3 or beyond, these issues will be critical to build trust on the internet of the future.

Event Recording
Drone Pilot Credentialing for Air Safety
May 11, 2022

Drone operations are estimated to bring €10bn/yr to the EU economy by 2035. A critical e-Government issue is the ability to fly drones in regulated airspace around airports. Unauthorised drone operations in the flightpath of passenger aircraft can endanger lives and cause huge financial loss for airport operators. Heathrow Airport has invested >£10M in security systems to track and destroy unauthorised drones. Digitising the entire drone flight approvals process will involve many steps, but the major one we are addressing is verifying pilot training credentials. SSI could radically improve this currently cumbersome and low-trust process. In an Innovate-UK grant funded project (Fly2Plan), we developed an SSI PoC for a drone pilot training company to issue training certificates as verifiable credentials to drone pilots, which can be verified by Heathrow Airport. In this talk we present our learnings and future work.