Event Recording

There is No Consensus About Consent

Show description
Speaker
Dr. Steffo Weber
Director Customer Engineering
ForgeRock
Dr. Steffo Weber
Dr Steffo Weber is Director Customer Engineering at ForgeRock.  He studied Computer Science in Bonn with a focus on 'Theoretical Computer Science' and worked in areas such as security analysis/penetration tests and highly available and scalable internet architectures. He has been with...
View profile
Playlist
European Identity and Cloud Conference 2022
Event Recording
Making SSI accessible: IOTA technology, solutions and projects
May 12, 2022

Traditional identity and access management solutions built so far on the trust for selected identity providers and their adoption from an ecosystem of identity owners and identity verifiers. The decentralized identity paradigm is disrupting these ecosystems and required more democratic collaboration and competition among a number of identity and credential issuers, identity owners, and verifiers selecting and using them. This requires not only to design and implement new technologies but also to identify new business opportunities and business models. Collaboration, experimentation, and evaluation are the road to adoption, and the EU collaborative H2020 research and innovation framework offers the opportunity to de-risk such collaborations, in favor of innovation.

Event Recording
Self-Sovereign Identity for Legal Entities and their Representatives globally
May 12, 2022
Event Recording
Certificate Based Authentication in a Cloud Native Environment - a Migration Journey from Handcrafted XML Signing to OpenID Connect
May 11, 2022

During this best practice session we will present you with hands-on experience from one of our financial services industry customers.

The company used a handcrafted xml signature mechanism to authenticate their business partners when initiating machine-to-machine communication to exchange data between data centers. When the customer decided to migrate to REST APIs in a cloud native setup, the existing mechanism was no longer fit for purpose. Together, we designed a solution to keep the benefits of certificate based authentication while establishing an interaction model conforming to the OpenID Connect standard. We implemented the mechanism based on the open source software Keycloak, successfully passed an external penetration test and have to this point authenticated hundres of thousands of sessions. After our session, attendees will

  • be familiar with standard conforming approaches to use OpenID Connect with certificates for authentication
  • be able to assess which parts of their authentication flow will benefit from using certificates
  • know relevant open source technologies and technical approaches to use in their own implementations
  • understand common pitfalls and relevant considerations when implementing the standards in a real-world, cloud based scenario
Event Recording
The Digital Identity Shake-up we’ve been waiting for: How to Survive, and how to Thrive
May 11, 2022

 

Event Recording
SASE vs. Zero Trust: Perfect twins or antagonists?
May 11, 2022

The concepts behind Zero Trust and SASE are not new, but recent developments in technological capabilities, changes in the way people are working, accelerated adoption of cloud and Edge computing, and the continued evolution of cyberthreats have resulted in both rising in prominence.  

As organizations seek to improve their security capabilities, many are evaluating Zero Trust and SASE to determine whether to adopt either, one, or both.  Join this session to understand what each can potentially deliver and the exact nature of the relationship between them.   

Event Recording
Zero Trust at Siemens: Where the impossible and the doable shake hands
May 11, 2022

Two years ago, Siemens started a still going on process to change its security architecture to Zero Trust. Not an easy task for a company that big, widespread, and divers in products.

In this session program leads Thomas Müller-Lynch and Peter Stoll are talking about what they mean when talking about Zero Trust at Siemens, what everyone can learn from the approach Siemens is taking, and what they are planning as their next steps.

Event Recording
PAM for the People
May 12, 2022
The cyberssecurity approaches and strategies that works well for a multinational with a large and well funded cybersecurity department may not be as applicable for a mid sized company where the security department may be a single person.
Still if the partner company that delivers the cheese to a retailer falls to a cybersecurity attack there is simply no cheese to sell to the customers so the retailer not only looses money but also fails at their most basic task. So how do we as multinationals help our partners with implementing basic controls such as PAM in a way that works in their business reality?
In this session we will be looking at how you as a relatively cybersecurity mature company can do to help your less mature partners. It is also suitable for persons who has been asked to launch a cybersecurity or PAM program without been given the full resource to execute a full program.
Event Recording
Global AI Ethics and Governance
May 13, 2022

Recent years have seen significant Artificial Intelligence (AI) development across all domains of business and society. This panel aims to bring attention to societal impacts of AI – benefits and challenges, by bringing thought leaders and practitioners from different parts of the world to leverage diverse viewpoints around AI governance that continue to drive AI development across borders.

Event Recording
Best Practice: CIAM as Business Enabler for Digital Transformation
May 12, 2022
Event Recording
Protocol Independent Data Standards for Interoperability
May 12, 2022
Event Recording
Enabling MFA and SSO for IoT and Constrained Devices
May 13, 2022
Event Recording
Qualified electronic signatures in times of the eIDAS2-wallet - a Nordic-Baltic perspective
May 12, 2022

When dealing with digital identity, emphasis is often put on the identification and authentication part. An equally important aspect is digital signing (or more broadly: electronic signing). Qualified electronic signatures have the same legal status as handwritten signatures in the EU. In this session, we shall look at the advantages and challenges that come with them from a Nordic-Baltic perspective. What is their role today and in the future; both independently, and in connection with the upcoming eIDAS2-wallet? Concrete use cases will be demonstrated from the point of view of the citizen, the public sector and businesses.