Event Recording

Privacy and Data Protection. What is this Thing Called Privacy?

Speaker
Dr. Emilio Mordini
Scientific Director
NORIA
Dr. Emilio Mordini
Emilio Mordini is a clinical psychoanalyst, currently based in San Vito al Tagliamento (Italy). He is the Scientific Director of the Non-Profit Organization NORIA, which promotes and investigates ethics, culture and identity. Emilio has a background in medicine and philosophy. He is an expert on...
View profile
Playlist
European Identity and Cloud Conference 2022
Event Recording
Vampires & Cybersecurity: Using Deception to Increase Cyber Resilience
May 12, 2022

This presentation will explore adding deception as a component of a security-in-depth strategy to increase cyber resilience (in case the garlic, crosses, and wooden stakes are not effective). We will discuss whether you should invite attackers into your network. Much like with vampires, inviting attackers in can have serious repercussions. However, unlike vampires, cyber attackers do not need an invitation. Fortunately, deception within our networks can aid in identifying, delaying, and evicting unwanted guests, including insider threats (or vampires already amongst us). We will explore several deception use cases  that can dramatically increase cyber resilience without attracting more attackers.

Event Recording
Cloud Security Standards: Expectations, Benefits and Use Case
May 12, 2022
Event Recording
The Future of Digital ID in South Africa
May 12, 2022
Event Recording
Solving "The Right to be Forgotten" for Blockchains
May 13, 2022

"The Right to be Forgotten" presents a conundrum to builders of blockchain solutions, because the focus of most blockchains is to create an indelible, permanent record. This makes "The Right to be Forgotten" appear irreconcilable with blockchains. I will present a solution to "The Right to be Forgotten" that can be applied to most every blockchain, subject to governance approval by the stakeholders. The solution does not violate the integrity of the blockchain record.

Event Recording
Building Secure, Trusted and Interoperable Self-sovereign Identity with OpenID Connect
May 12, 2022

 

Event Recording
Certificate Based Authentication in a Cloud Native Environment - a Migration Journey from Handcrafted XML Signing to OpenID Connect
May 11, 2022

During this best practice session we will present you with hands-on experience from one of our financial services industry customers.

The company used a handcrafted xml signature mechanism to authenticate their business partners when initiating machine-to-machine communication to exchange data between data centers. When the customer decided to migrate to REST APIs in a cloud native setup, the existing mechanism was no longer fit for purpose. Together, we designed a solution to keep the benefits of certificate based authentication while establishing an interaction model conforming to the OpenID Connect standard. We implemented the mechanism based on the open source software Keycloak, successfully passed an external penetration test and have to this point authenticated hundres of thousands of sessions. After our session, attendees will

  • be familiar with standard conforming approaches to use OpenID Connect with certificates for authentication
  • be able to assess which parts of their authentication flow will benefit from using certificates
  • know relevant open source technologies and technical approaches to use in their own implementations
  • understand common pitfalls and relevant considerations when implementing the standards in a real-world, cloud based scenario
Event Recording
OAuth DPoP (Demonstration of Proof of Possession): How to Not Let Attackers Steal your OAuth Token
May 11, 2022

Most OAuth deployments today use bearer tokens – tokens that can be used by anyone in possession of a copy of them, with no way to distinguish between legitimate uses of them and those that stole them and used them for nefarious purposes. The solution to this is proof-of-possession tokens, where the legitimate client supplies cryptographic material to the issuer that is bound to the token, enabling it to cryptographically prove that the token belongs to it – something attackers cannot do because they don’t possess the proof-of-possession cryptographic material.

The OAuth DPoP (Demonstration of Proof of Possession) specification defines a simple-to-implement means of applying proof of possession to OAuth access tokens and refresh tokens. We will describe real attacks occurring every day against bearer tokens and how they are mitigated by DPoP, providing defense in depth and making real deployed systems substantially more secure with minimal implementation and complexity costs.

These attacks and mitigations are particularly relevant to high-value enterprise deployments, such as in the financial, manufacturing, critical infrastructure, and government sectors.

Event Recording
Enterprise Domain Annotation based Segregation of Duties strategies
May 12, 2022
Event Recording
Challenges for Women in Identity and Security
May 12, 2022

It is well known that women face various challenges when working in the IT industry. These challenges lead to the fact that only about 20% of employees in IT are women. The situation in security and identity is even worse, as some studies have shown. "Women in Identity" is a global organization whose mission is to develop solutions with diverse teams. This presentation will look at the various WID initiatives on a global and local level that support women in the industry and create solutions “for everyone built by everyone”.

Event Recording
Trends in Enterprise Authentication
May 11, 2022
Event Recording
IAM-Suites for Medium-Sized/Mid-market Organizations
May 11, 2022
Event Recording
The Changing Cyber Threat Landscape and its impact on IAM (I)
May 11, 2022