KuppingerCole's Advisory stands out due to our regular communication with vendors and key clients, providing us with in-depth insight into the issues and knowledge required to address real-world challenges.
Compare solution offerings and follow predefined best practices or adapt them to the individual requirements of your company.
Meet our team of analysts and advisors who are highly skilled and experienced professionals dedicated to helping you make informed decisions and achieve your goals.
Meet our business team committed to helping you achieve success. We understand that running a business can be challenging, but with the right team in your corner, anything is possible.
David will talk aboout a new technology that allows the person owning a public key to prove that they have memorized a passphrase, from which they could at any time easily compute the private key.
One example use is for votexx.org elections, which are conducted remotely without polling places. The ballot-casting in such elections is done by a signature that is publicly verifiable as corresponding to a particular public key posted in advance by the election authority. The voter registration authority would require a proof that the voter knows the corresponding passphrase and hence ensures that the voter has irrevocable access to the private key corresponding to the posted public key. This lets the voter give all of their keys (in an extreme case) to a vote buyer and/or coercer – while the voter is never able to give up knowledge of the passphrase and the ability that it confers to secretly cancel any vote made with the corresponding private key. This is just one example David will feature in his presentation.
David will talk aboout a new technology that allows the person owning a public key to prove that they have memorized a passphrase, from which they could at any time easily compute the private key.
One example use is for votexx.org elections, which are conducted remotely without polling places. The ballot-casting in such elections is done by a signature that is publicly verifiable as corresponding to a particular public key posted in advance by the election authority. The voter registration authority would require a proof that the voter knows the corresponding passphrase and hence ensures that the voter has irrevocable access to the private key corresponding to the posted public key. This lets the voter give all of their keys (in an extreme case) to a vote buyer and/or coercer – while the voter is never able to give up knowledge of the passphrase and the ability that it confers to secretly cancel any vote made with the corresponding private key. This is just one example David will feature in his presentation.
CIEM adopts a zero trust approach to Identity and Access Management (IAM) for cloud infrastructures, making access risks visible and avoidable. In this panel session
Decentralized identity is an incredibly flexible technology that solves fundamental problems in the way we manage digital communication. But this capacity to do more than one thing at once can be a source of confusion: How do I actually build a decentralized or self-sovereign identity solution today? How do I put all the components together? In this session we use the framework of a Trusted Data Ecosystem to show how you can use decentralized identifiers, software agents, verifiable credentials, and the supporting infrastructure to verify data without having to check in with the source of data. We show how we used Trusted Data Ecosystems to deliver solutions to financial services, healthcare, and travel to global enterprises—and we give you a preview of what the next steps are for these technologies.
Resilience is defined as the dynamic process of encompassing positive adaptation within the context of adversity. Organizations today are under constant siege from any number of security threats. The only path to weathering this ongoing storm is to learn to intelligently adapt through the understanding of identity and the application of Zero Trust. In this presentation, we will illustrate how applying greater identity assurance and least privilege principles organizations can dramatically improve their overall cyber resilience.
Trust is not just technical, and it’s not just derived from a process or an organisation. The need for Trust is also variable based on the risk involved in a transaction or the risk appetite of the service provider. Sometimes trust is almost irrelevant. Digital doesn’t make things any easier as we often have multiple parties involved in the communication of trust from issuer to holder of credentials, and on to a relying service not to mention requirements for onboarding, verification, issuance, and authentication to name but a few along the way.
Emerging standards and relentless innovation make many things better, but they also introduce challenges when we want multiple systems to work together and for trust to be largely independent of the underlying technical stacks.
To make Trust work in diverse ecosystems we need clear rules of engagement that champion the needs of all participants and clearly define their responsibilities to one another, and to the wider legal and business ecosystems they ultimately interact with. Efforts in multiple jurisdictions in both the public and private sector are developing these rule sets right now – this is what we can learn from the rise of the Trust Framework.
As organizations are recovering from the pandemic, many of them embark on a digital transformation at high-speed. Investments to drive online business, powered by customer insights and an attractive user experience, yet secure and compliant to rules and regulations, have never been bigger.
NN, an international financial services firm with over 15,000 employees, is changing from a traditional insurance firm into a modern and online financial services firm that focuses on frequent and valuable customer interactions. NN is providing these online services across multiple channels in a secure and compliant manner while offering its customers an outstanding user experience. For this NN has implemented a robust innovative IAM platform that entails key functions like identification, verification, authentication and authorization, fit for the dynamics of the financial industry.
Join Ronald van der Rest & Bas Kerpel, who lead NN's IAM Platform Teams, as they explain how powerful Customer Identity & Access Management can be, when you are transforming your organization to become successful in doing business online. Ronald and Bas will share relevant insights into NN's IAM Platform and will touch especially on its identity orchestration capabilities.
This session is a continuation of the opening keynote by Martin Kuppinger on the future Composable Enterprise. Together we take a look at what powers the composable enterprise and which concepts and technologies can contribute to building a composable enterprise.
KuppingerCole proposes an engine that powers composable enterprises, made up of composable services, identities, and data. Since this journey towards becoming composable is intensely individual based on business goals and requirements, there countless ways of cultivating this modular trifecta. Therefore, this session identifies some of the building blocks that organizations use to cultivate interchangeability and agility to achieve their continually shifting business goals. These building blocks are modular themselves, allowing organizations to exercise different aspects to power composability.
Password-related attacks increased by a staggering 450% in 2020, with over 1.48 billion records breached worldwide. Meanwhile, the average cost of a password reset exceeds $50 USD. We all know that passwords fail to deliver adequate Zero-Trust security and cause unnecessary friction for both customers and the workforce. So why have passwords not receded into the background? What are the key challenges facing enterprise passwordless agendas? And how can modern identity and access management help us realise a blueprint for a passwordless reality?
Our headlines and podcasts are filled with the promise of web3. Positioned as a digital utopia that will foster and reward creativity whilst righting the wrongs of data equity. This new world, fusing our physical and digital – will be more immersive, collaborative and experiential than any technology we have known. However, along with the opportunities, it is already presenting new security, identity and privacy threats.
This presentation will explore where we are on the road to the omniverse. Both the opportunities to strengthen digital rights and decentralise identity, along with the very real threats that exploit digital trust. Understanding the weaknesses provides a window into the next wave of identity and security innovation.
As an incubator for innovation in air travel, Aruba has chosen to use verifiable digital credentials to manage entry requirements and health testing for travel to the island. This decentralized, open-source technology, which provides secure authentication while preserving traveler privacy, was developed by SITA and Indicio.tech and donated to Linux Foundation Public Health as Cardea. In this session, representatives from Aruba’s government, Indicio, and SITA will discuss why they chose a decentralized approach, how they created a trusted data ecosystem, and why the ability to verify personal data without having to check in with the source of that data will transform air travel, healthcare, and tourism