Event Recording

Identity in Polyglot Cloud Environments

Speaker
Paul Fisher
Lead Analyst
KuppingerCole
Paul Fisher
Paul Fisher is a Lead Analyst who researches primarily on cybersecurity and identity and access management (IAM). He also studies trends in AI, IoT and data governance for different industry sectors including automotive. Paul is responsible for managing relevant quantitative research at...
View profile
Playlist
European Identity and Cloud Conference 2022
Event Recording
Global Trust Frameworks Interoperability
May 12, 2022
Event Recording
The Changing Cyber Threat Landscape and its impact on IAM (I)
May 11, 2022
Event Recording
Attendees at the European Identity and Cloud Conference 2022
May 17, 2022
Event Recording
The Balance Between Decentralization and Efficiency
May 12, 2022

Currently, lots of topics are fast-moving in crypto. There is still a gap to be closed between non-crypto businesses and the application of blockchain technology. It is PolyCrypt's vision to realize the true power of decentralization – bringing privacy, speed, scalability and user freedom to the masses – as a frontier of innovation we passionately strive for excellence with no compromise on quality.

Event Recording
Game Theory: Will it put your mind at ease, or make you doubt your decision on where to run an IAM solution?
May 12, 2022
Event Recording
A Learning Agenda for Federal Identity
May 11, 2022
Event Recording
Challenges for Women in Identity and Security
May 12, 2022

It is well known that women face various challenges when working in the IT industry. These challenges lead to the fact that only about 20% of employees in IT are women. The situation in security and identity is even worse, as some studies have shown. "Women in Identity" is a global organization whose mission is to develop solutions with diverse teams. This presentation will look at the various WID initiatives on a global and local level that support women in the industry and create solutions “for everyone built by everyone”.

Event Recording
OAuth DPoP (Demonstration of Proof of Possession): How to Not Let Attackers Steal your OAuth Token
May 11, 2022

Most OAuth deployments today use bearer tokens – tokens that can be used by anyone in possession of a copy of them, with no way to distinguish between legitimate uses of them and those that stole them and used them for nefarious purposes. The solution to this is proof-of-possession tokens, where the legitimate client supplies cryptographic material to the issuer that is bound to the token, enabling it to cryptographically prove that the token belongs to it – something attackers cannot do because they don’t possess the proof-of-possession cryptographic material.

The OAuth DPoP (Demonstration of Proof of Possession) specification defines a simple-to-implement means of applying proof of possession to OAuth access tokens and refresh tokens. We will describe real attacks occurring every day against bearer tokens and how they are mitigated by DPoP, providing defense in depth and making real deployed systems substantially more secure with minimal implementation and complexity costs.

These attacks and mitigations are particularly relevant to high-value enterprise deployments, such as in the financial, manufacturing, critical infrastructure, and government sectors.

Event Recording
Enterprise Identity: A case study of the EU Gaia-X project
May 12, 2022
Gaia-X Federation Services is a European project that promotes innovation through data sharing and represents the next generation of the data infrastructure ecosystem. To see how we bring about an open, transparent, and secure digital ecosystem, we thus share a practical example and working code of the Gaia-X for the Notarization API.
The aim of this product is to establish digital trust in disclosed data (paper or electronic) for Gaia-X participants to use in the Gaia-X ecosystem. To reach this goal, an issuance module to transform data into digital verifiable credential (VC) is needed. With this component, certification institutions such as government, lawyers, etc. are able to prove the identity and provide data of any organization that desires to be a Gaia-X participant. Thus deliver the desired verified attestation as a digital representation.
This use case on enterprise identity is an example of a contribution to the meta-platform concept: a platform that enables and fosters participant-controlled value transfer across and among other platforms and participants. An open, interoperable, portable, decentralized identity framework is thus a prime candidate for becoming such a meta-platform and for leveraging this aggregate network effect.
Event Recording
Panel | B2B IAM
May 12, 2022
Event Recording
Kubernetes and Crossplane at Deutsche Bahn
May 12, 2022

This session will be about the journey of Kubernetes and Crossplane at Deutsche Bahn, to provide platform consumers with access to a unified API for deployments, infrastructure provisioning and applications in a manner that is independent from the cloud, addressing compliance and cross-cutting concerns while providing a Kubernetes "native" experience.

The journey has not been without challenges, where the platform team has managed technical and functional requirements including an access model in an enterprise environment, user expectations of cloud native infrastructure usage, and issues with excessive API load, shared resources, as well as controllers written by the team and open sourced along the way.

Event Recording
Fraud Reduction Intelligence Platforms - an Overview
May 11, 2022