Event Recording

How to use the framework of a Trusted Data Ecosystem to simplify building decentralized identity solutions

Show description
Speakers
Heather Dahl
CEO
Indicio
Heather Dahl
Heather is Co-founder and CEO of Indicio, the market leading developer of enterprise-class verifiable data solutions that optimize your existing systems ensuring digital privacy, efficiency, and trust. Under her leadership, she has driven the company’s growth strategy and overseen its...
View profile
James Schulte
Vice President of Business Development
Indicio
James Schulte
As Vice President for Business Development at Indicio, James Schulte is creating the future of decentralized identity through the adoption of Trusted Digital Ecosystems. With an expansive knowledge of current applications deployments of verifiable credentials around the globe, James has...
View profile
Playlist
European Identity and Cloud Conference 2022
Event Recording
Connecting 10.000+ mobility companies and multi million customers
May 12, 2022
Event Recording
The Unique Challenges of Identity M&A in High-Growth Organizations
May 12, 2022

Mergers and acquisitions amongst large, globally-distributed organizations are notoriously complex, error-prone, and resource consuming. But did you know that merging smaller organizations comes with its own set of unique issues and risks? One year ago, Okta announced its acquisition of Auth0. Since then, the combined forces of their internal business systems teams have been working hard to bring the identity and compliance capabilities of the organizations together. The union of these two companies introduced some novel challenges- even for veteran practitioners with experience in IAM mergers at much larger organizations. In this talk Jon Lehtinen will take you on a guided tour of the Okta/Auth0 identity merger from a practitioner’s perspective, and share the learnings, the challenges, and the recommendations for other practitioners tasked with merging the IAM programs within smaller, high-growth companies.

Event Recording
Fraud Reduction Intelligence Platforms - an Overview
May 11, 2022
Event Recording
Key Requirements for Next Generation MFA
May 11, 2022

In this talk you will learn how MFA can be a foundation for your Zero Trust Initiative

Event Recording
Transatlantic SSI Interoperability: Building the Identity Layer for the Internet
May 12, 2022

Many decentralized identity infrastructures and ecosystems around the world are emerging, but how can we get to true global interoperability, where my digital identity works seamlessly across borders and across different use cases?

Two of the most prominent initiatives in the digital identity space right now are 1. the digital Permanent Resident Card use case supported by the U.S. Department of Homeland Security, and 2. the European Blockchain Service Infrastructure (EBSI) with its various pilot projects.

In this talk, we will look at the "Transatlantic SSI Interop" experiment conducted by an EU company (Danube Tech) and a US company (Digital Bazaar) that shows how such different initiatives can connect and interoperate.

Event Recording
Panel | B2B IAM
May 12, 2022
Event Recording
Solving "The Right to be Forgotten" for Blockchains
May 13, 2022

"The Right to be Forgotten" presents a conundrum to builders of blockchain solutions, because the focus of most blockchains is to create an indelible, permanent record. This makes "The Right to be Forgotten" appear irreconcilable with blockchains. I will present a solution to "The Right to be Forgotten" that can be applied to most every blockchain, subject to governance approval by the stakeholders. The solution does not violate the integrity of the blockchain record.

Event Recording
Game Theory: Will it put your mind at ease, or make you doubt your decision on where to run an IAM solution?
May 12, 2022
Event Recording
Interoperability Between Global Identity Networks
May 12, 2022
Event Recording
The Importance of a Centralized Access Management System
May 11, 2022
Event Recording
"The Great Resignation" Combined with an Explosion in IT Complexity - How Can IT Weather this Perfect Storm?
May 13, 2022
Event Recording
OAuth DPoP (Demonstration of Proof of Possession): How to Not Let Attackers Steal your OAuth Token
May 11, 2022

Most OAuth deployments today use bearer tokens – tokens that can be used by anyone in possession of a copy of them, with no way to distinguish between legitimate uses of them and those that stole them and used them for nefarious purposes. The solution to this is proof-of-possession tokens, where the legitimate client supplies cryptographic material to the issuer that is bound to the token, enabling it to cryptographically prove that the token belongs to it – something attackers cannot do because they don’t possess the proof-of-possession cryptographic material.

The OAuth DPoP (Demonstration of Proof of Possession) specification defines a simple-to-implement means of applying proof of possession to OAuth access tokens and refresh tokens. We will describe real attacks occurring every day against bearer tokens and how they are mitigated by DPoP, providing defense in depth and making real deployed systems substantially more secure with minimal implementation and complexity costs.

These attacks and mitigations are particularly relevant to high-value enterprise deployments, such as in the financial, manufacturing, critical infrastructure, and government sectors.