Event Recording

Transatlantic SSI Interoperability: Building the Identity Layer for the Internet

Show description
Speaker
Markus Sabadello
CEO
Danube Tech
Markus Sabadello
Markus Sabadello has been a pioneer and leader in the field of digital identity for many years and has contributed to cutting-edge technologies that have emerged in this space. He has been an early participant of decentralization movements such as the Federated Social Web, Respect Network, and...
View profile
Playlist
European Identity and Cloud Conference 2022
Event Recording
Making SSI accessible: IOTA technology, solutions and projects
May 12, 2022

Traditional identity and access management solutions built so far on the trust for selected identity providers and their adoption from an ecosystem of identity owners and identity verifiers. The decentralized identity paradigm is disrupting these ecosystems and required more democratic collaboration and competition among a number of identity and credential issuers, identity owners, and verifiers selecting and using them. This requires not only to design and implement new technologies but also to identify new business opportunities and business models. Collaboration, experimentation, and evaluation are the road to adoption, and the EU collaborative H2020 research and innovation framework offers the opportunity to de-risk such collaborations, in favor of innovation.

Event Recording
Panel | Deliver on the Promise of an Identity Fabric: The Power of Data
May 11, 2022

Digital identities of consumers, customers, business partners, employees, but also devices, things, or services are at the core of the digital business.  Unfortunately, most digital identities reside in siloes. Building a modern Identity Fabric that delivers seamless yet secure and controlled access from everyone and everything to every service requires breaking down the legacy identity siloes, and building a modern, flexible, identity data foundation.

Event Recording
Why KYC Isn’t Enough
May 11, 2022
Event Recording
Building Secure, Trusted and Interoperable Self-sovereign Identity with OpenID Connect
May 12, 2022

 

Event Recording
Denmark's 2022 brand new eID solution
May 11, 2022
Event Recording
OAuth DPoP (Demonstration of Proof of Possession): How to Not Let Attackers Steal your OAuth Token
May 11, 2022

Most OAuth deployments today use bearer tokens – tokens that can be used by anyone in possession of a copy of them, with no way to distinguish between legitimate uses of them and those that stole them and used them for nefarious purposes. The solution to this is proof-of-possession tokens, where the legitimate client supplies cryptographic material to the issuer that is bound to the token, enabling it to cryptographically prove that the token belongs to it – something attackers cannot do because they don’t possess the proof-of-possession cryptographic material.

The OAuth DPoP (Demonstration of Proof of Possession) specification defines a simple-to-implement means of applying proof of possession to OAuth access tokens and refresh tokens. We will describe real attacks occurring every day against bearer tokens and how they are mitigated by DPoP, providing defense in depth and making real deployed systems substantially more secure with minimal implementation and complexity costs.

These attacks and mitigations are particularly relevant to high-value enterprise deployments, such as in the financial, manufacturing, critical infrastructure, and government sectors.

Event Recording
Panel | PAM
May 12, 2022
Event Recording
IGA in the Financial Industry - Implementing IAM
May 12, 2022

Field report from a compliance-driven implementing of a full-blown IGA system at a German finance corporation.

Event Recording
Human-Centric Identity
May 12, 2022

Security vs experience. Platform vs best of breed. Fast vs thorough. The identity technology world forces us to make trade-offs. These difficult decisions are an endless exercise in technical and logistical nuances like developer and IT resources, product licenses, integrations, and deployment methods. 

Get ready! We are entering an era where IAM professionals can rise above those tradeoffs, and rapidly evolve from technical experts to experience artists by using solutions that customize, code, and integrate for you. This means humans can focus on what humans do best: creating amazing experiences, differentiating from competitors, reacting to market trends, leveraging innovations like decentralized identity and partnering with business owners to anticipate and exceed user expectations.

Event Recording
Signing in the Rain: HTTP Message Signatures and Web Security
May 12, 2022

HTTP is an amazingly powerful protocol, and it's the lifeblood of the internet today. On the surface, it seems to be a simple protocol: send a request to a server and get back a response, and everything's structured in useful ways. HTTPS adds the TLS protocol to secure the connections between endpoints, protecting the messages with encryption and keeping them away from attacker's eyes. But what if you want to be sure the sender is the right sender, and what you see is what they sent? What if you've got a more complex deployment, with proxies and gateways in between your endpoints that mess with the contents of the message? What if you need assurances on the response as well as the request, and to tie them together? People have been trying to sign HTTP messages in various ways for a long time, but only recently has the HTTP Working Group picked up the problem. Come hear about the HTTP Message Signatures work from the draft specification's authors and see how it works, how to apply it, and talk about how it could change how we use the web.

Event Recording
Cloud 3.0: Decentralizing Cloud Storage with Web 3.0 and Analyzing Security Threats
May 12, 2022

We are in the mid of one of the most significant revolutions in the cloud and identity ecosystem since the last decade. With the dynamic transformation from Web2.0 to Web3.0, both the cloud as well as the identity ecosystem embrace themselves for a change in the way we perceived security. Blockchain is revolutionizing both the cloud industry as well as the financial sectors. In my talk, I will focus on the transformative impact of blockchain protocols like Filecoin and Storj which are playing a significant role in changing the way we have perceived cloud storage. Decentralized Cloud Storage will be the future for sustainable data storage in Web 3.0, in which we will move from a single service provider to create an ecosystem where anybody could be a cloud storage provider. Highly successful blockchain projects like Filecoin have been able to create such an ecosystem. But we are far away from attending the level of scale needed to reach out to every corner of the globe. Decentralized Cloud Storage poses a different set of security challenges and scalability issues. I will be presenting my research work which focuses on the new advances in tackling future security threats for decentralized cloud storage. Additionally, I will focus on discussing how to overcome scalability issues in the blockchain using the most advanced cryptographical tools knowns as zk-SNARKs.

Event Recording
Creative Disruption: How Web 3 Models are Capturing Markets & Customers
May 12, 2022

Web 3 businesses are gaining traction. Data and metrics around customers and markets show growing usage, early adoption and huge growth potential. Currently, these businesses built on decentralized networks are separate from traditional web 2 platforms. Will the 2 paths converge? Will there be a bridge from web2 to web3 and how might that hybrid work? A few use cases will be discussed with points of view around how this convergence could work.