Event Recording

Protocol Independent Data Standards for Interoperability

Speaker
Nick Mothershaw
Chief Identity Strategist
The Open Identity Exchange
Nick Mothershaw
Nick is Chief Identity Strategist at the Open Identity Exchange, a community for all those involved in the ID sector to connect and collaborate, developing the guidance needed for inter-operable, trusted identities. Through OIX’s definition of, and education on, Trust Frameworks we create...
View profile
Playlist
European Identity and Cloud Conference 2022
Event Recording
OAuth DPoP (Demonstration of Proof of Possession): How to Not Let Attackers Steal your OAuth Token
May 11, 2022

Most OAuth deployments today use bearer tokens – tokens that can be used by anyone in possession of a copy of them, with no way to distinguish between legitimate uses of them and those that stole them and used them for nefarious purposes. The solution to this is proof-of-possession tokens, where the legitimate client supplies cryptographic material to the issuer that is bound to the token, enabling it to cryptographically prove that the token belongs to it – something attackers cannot do because they don’t possess the proof-of-possession cryptographic material.

The OAuth DPoP (Demonstration of Proof of Possession) specification defines a simple-to-implement means of applying proof of possession to OAuth access tokens and refresh tokens. We will describe real attacks occurring every day against bearer tokens and how they are mitigated by DPoP, providing defense in depth and making real deployed systems substantially more secure with minimal implementation and complexity costs.

These attacks and mitigations are particularly relevant to high-value enterprise deployments, such as in the financial, manufacturing, critical infrastructure, and government sectors.

Event Recording
Practicalities of Identity Proofing for Authentication
May 11, 2022
Event Recording
Challenges for Women in Identity and Security
May 12, 2022

It is well known that women face various challenges when working in the IT industry. These challenges lead to the fact that only about 20% of employees in IT are women. The situation in security and identity is even worse, as some studies have shown. "Women in Identity" is a global organization whose mission is to develop solutions with diverse teams. This presentation will look at the various WID initiatives on a global and local level that support women in the industry and create solutions “for everyone built by everyone”.

Event Recording
Security Improvement Through Visibility of Changes in Hybrid/Multi-Cloud Environments
May 11, 2022

Performing accidentally wrong or intentionally bad configuration changes by administrators, scripts or systems can lead to serious security vulnerabilities or unintentional visibility or leakage of data. This applies to on-premises systems, but especially to systems and applications in cloud environments.
With a comprehensive change auditing and reporting in hybrid environments, such critical changes and conditions can be quickly identified and remediated.
This session will deal with this topic in general and with a solution approach in particular.

Event Recording
IAM-Suites for Medium-Sized/Mid-market Organizations
May 11, 2022
Event Recording
Identity Ecosystems for a Better Customer Experience
May 11, 2022

Portable, verifiable and, most importantly, reusable representations of personal data can enable high-touch, high-trust and low-cost engagement between customers and networks of complementary service providers. The EU is already adjusting to the opportunities of Self-Sovereign Identity, but the private sector needs to demonstrate more high-value use cases in order to force beneficiary regulations and an enabling environment for the technology. The tools and techniques of Self-Sovereign Identity (SSI), including the no-code capabilities provided by ProofSpace, can be used to create trust networks within an organization’s existing technical infrastructure in order, for example, to verify that a credential shared by a customer was issued by a trusted partner. A valuable use case for this is re-usable Know Your Customer verification. Other high-value use cases for SSI trust networks include: networks of affiliated hospitality services referring and on-boarding customers; networks of educational institutions verifying academic credentials; networks of employers verifying employment histories; and web 3.0 and DAO communities verifying member reputation and voting rights for management and governance purposes. A brilliant case study for this is ProofSpace’s work with the pro-democracy opposition of Belarus, where Self-Sovereign Identity enables a decentralized and secure “virtual country”, offering private and public services to unite, serve and empower the pro-democracy community.

Event Recording
Enabling Digital Identity Ecosystems
May 13, 2022
Event Recording
Advocating for Decentralised Identity in Europe: 7 Lessons Learnt
May 10, 2022
Event Recording
Navigating the OT World – Selecting a Solution to Suit
May 13, 2022
Event Recording
Unified Endpoint Management: Practical Considerations
May 12, 2022
Event Recording
Kubernetes and Crossplane at Deutsche Bahn
May 12, 2022

This session will be about the journey of Kubernetes and Crossplane at Deutsche Bahn, to provide platform consumers with access to a unified API for deployments, infrastructure provisioning and applications in a manner that is independent from the cloud, addressing compliance and cross-cutting concerns while providing a Kubernetes "native" experience.

The journey has not been without challenges, where the platform team has managed technical and functional requirements including an access model in an enterprise environment, user expectations of cloud native infrastructure usage, and issues with excessive API load, shared resources, as well as controllers written by the team and open sourced along the way.

Event Recording
Demystifying CIEM for an Effective Multi-Cloud Security Enablement
May 11, 2022

As digital business pushes organizations towards an accelerated multi-cloud adoption, CIEM (Cloud Infrastructure Entitlements Management) emerges as a strong enabler for securing access and entitlements across an increasingly distributed cloud environment. Traditional PAM and IGA tools aren't natively designed to manage cloud infrastructure entitlements and therefore can't be easily re-purposed to discover and remediate excessive cloud permissions across multiple IaaS and PaaS platforms. The confusion arising from un-identically structured CSPs and misaligned cloud terminology is further aggravated by the quest of IAM, PAM and Cloud Security providers to enter CIEM space and capture market share.

In this session, we will focus on how the CIEM market has been evolving over the last few years to manage the critical cloud security gaps left unaddressed by CSPM (Cloud Security Posture Management) and CWP (Cloud Workload Protection) tools, and how CIEM complements these tools to offer a wholistic cloud security advantage. We will also discuss how CIEM addresses some of the most critical security tenets of your organization's cloud adoption program and future planning.

As for the key takeaways of this session, you will be able to understand and articulate:

  1. When and where does CIEM fit in your overall cloud security and access governance strategy?
  2. What are the critical capabilities of CIEM to help evaluate the right CIEM product for your multi-cloud environment?
  3. What are industry best practices for implementing and operationalizing CIEM for your cloud security and achieving faster ROI?