Event Recording

Ethics in Security Design - For Digital Identity

Show description
Speaker
Drs. Henk Marsman
Principal Consultant
SonicBee
Drs. Henk Marsman
Henk Marsman is independent researcher on Digital Identity and Ethics as well as principal consultant with SonicBee, an IAM Advisory Organization. Before that Henk was Global Service Owner Identity and Access Management at Rabobank and prior to that senior advisor and lead of the Deloitte IAM...
View profile
Playlist
European Identity and Cloud Conference 2023
Event Recording
Defining the Protocol for Internet-Scale Digital Trust
May 10, 2023

The Trust Over IP Foundation (ToIP) is focused on the centerpiece of the ToIP stack: the trust spanning protocol that will do for identity interchange what the Internet Protocol did for data interchange. This panel will explore how this will enable ubiquitous, trusted, interoperable identity exchange.

The internet was designed without a trusted identity layer to connect physical entities to the digital world. This layer is now emerging in the form of decentralized digital identity systems based on digital wallets and digital credentials. ToIP was founded by a pan-industry group of leading organizations with a mission to provide a robust, common set of standards forming a complete architecture for internet-scale digital trust. The ToIP Technical Architecture Specification V1 was completed earlier this year. Now ToIP is focusing on the keystone to ubiquitous identity, the ToIP Trust Spanning Protocol. This protocol will do for identity interchange what the Internet protocol did for data interchange.

This interactive panel, moderated by ToIP’s Executive Director, will explore the views of its member organizations for a lively and engaging debate on how we finally establish trust in the digital age. Come to this panel to understand the why, how, and when of this new protocol.

Event Recording
Access Management Trends in a Connect Anywhere World
May 11, 2023

The combined impact of the pandemic driven shift to remote work with a connect-anywhere paradigm and the ongoing digital business transformation has inspired a higher awareness of cybersecurity concerns, requiring a profound change in the way we define Access Management. 

New contact-free onboarding experiences from the workforce to the customers; the need for managing human-to-device relationships; passwordless authentication as the new normal; decentralized identities as a new way for dealing with identities; the impact of policy based access; the convergence of IGA and Access Management: All these are just some of the trends we observe. In this session, we will talk about the Access Management trends and provide guidance on how to leverage and extend your existing Access Management towards a future-proof Access Management.

Event Recording
The Killer Credential - Spotting Verifiable Credentials That are Absolute Must-Haves for Every Party in an Ecosystem
May 10, 2023
Event Recording
Spicing up Authorization - A Zanzibar inspired approach
May 11, 2023

As a global OEM of highly critical and complex industrial devices, managing access to hundreds of millions of IIoT device resources spread across customer sites all around the globe is already a challenging task.  
Use cases for providing a digital service platform need to address end customers accessing devices owned by themselves as well as priviledged access for in house and third party analytics applications and serice personnel. A combination of requirements for excelent user experience, authorization management and high performance for cross-tenant queries for endless scenarios can become a nightmare.  
The task was to analyze the access requirements, abstract them and then deploy a “Zanzibar” inspired approach to manage access authorizations with a swift and reliable backend architecture, able to handle millions of information assets to be protected against unauthorized access.  
Creating a mere access model does not do the full trick - it has to be cleverly designed into data storage structures and queries to achive the required performance goals!  
The talk quickly introduces the problem set and then dives deeper into how to implement data storage optimization magic to get quick response times and swift adjustments of authorizations.

Event Recording
The Art of Creating a Framework for Responsible AI
May 11, 2023
Event Recording
The eID Threat Landscape – Stay Ahead of the Fraudsters
May 10, 2023

Cash grab-robberies are out, online fraud is in. When multinational hacker groups target senior and vulnerable citizens as a business model.

Learn how BankID is fighting fraud and helps you stay on top by identifying, preventing and notifying you of fraudulent usage in real time, while preserving top user experience.

The dream of tomorrows digitalized society is already a reality. Sweden is one of the world’s most digital and innovative societies. The fast and secure digital identification provided by BankID is a corner stone in this, to many, futuristic ecosystems. Many shops and stores do not accept cash and the amount of cash is low, something that inflicts digital threat. Studies shows a steep growth curve of digital fraud in several markets. In some places, fraud has surpassed drugs in turnover and profitability and fraud factories are popping up globally. Talented social engineering fraudsters and patterns with efficient crime-as-a service software, modus and tools. Fraud schemes including native and international fraud clusters targeting Swedish bank customers.

Learn more around the Risk and Anti-fraud toolset in the BankID Identity Platform. Digital identity is an area where the need for innovation is extensive. Whatever future eID scenario you discuss, security is always at the core.

Event Recording
Building a Secure Digital Experience Without Friction
May 10, 2023

As the number of digital touchpoints in the customer journey increases, IT teams rely on customer identity to optimize security and user experience. However, ensuring one doesn't overshadow the other often requires multiple integrations and custom development, creating internal friction and slowing innovation.

In this talk, Sadrick Widmann, CEO at cidaas, will explain how to remove barriers and improve cross-functional collaboration to bring seamless, secure customer experiences to market faster.

Event Recording
Market Overview: Identity Governance & Administration (IGA)
May 10, 2023

The Identity Governance and Administration (IGA) market is continuing to evolve through more integrated Identity Lifecycle Management and Access Governance solutions that are now increasingly aided by intelligent features. In this session, KuppingerCole´s Nitish Deshpande will share with you insights into the IGA market, providing you a compass to help you find the products that can meet the criteria necessary for successful IGA deployments.

Event Recording
A 4 Year Journey Towards a Smooth and Strong e-Signing Solution in a Multi-National Insurance Company
May 10, 2023

A journey of the multi-national insurance company to find and introduce a smooth corporate e-signing solution, both legally and technically well-justified. A story of considering and aligning different dimensions to find a tiny path between legal trust and protection, technical constraints, smooth user experience, global EU Regulation (eIDAS) and country-specific local habits.

It was a huge puzzle to identify and solve all the critical actual and future needs of the different business use cases for e-signing across the company to come up with a singe corporate solution and move gradually away from the very fragmented and mainly technically driven landscape of signing solutions.

Traditionally those have been introduced as the ad-hoc remedy to some local needs in isolation from other initiatives and without proper validation of both short and long term legal impact to the company.

Event Recording
Modern Authorization: The Next IAM Frontier
May 10, 2023

Identity and access have always been joined at the hip. In the age of LDAP, authenticated users were granted permissions based on group membership. But this mechanism hasn’t transferred into the federated identity landscape.

Instead, modern identity systems try to generalize permissions into scopes that are embedded into access tokens. But this doesn’t facilitate fine-grained authorization - a “read:document” scope doesn’t typically mean the user can access every document!

While identity has moved to the cloud, we still don’t have fine-grained, scalable mechanisms for generalizing authorization. So every application builds its own, and IT ends up administering every application differently.

Fixing this is arguably the most pressing challenge for the IAM industry. In this talk, we propose a set of principles, inspired by zero-trust and the latest work in cloud-native authorization, that should underlie the solutions we build:

  1. Support for fine-grained authorization (both ABAC and ReBAC), delivering on the principle of least privilege. Google’s Zanzibar provides an important blueprint.
  2. Managing authorization policy-as-code, enabling separation of duties and policy-based access management. Open Policy Agent is a good building block.
  3. Performing real-time access checks for continuous verification. This function should be downstream from authentication.
  4. Collecting fine-grained decision logs, providing the underpinning for comprehensive offline auditing and access analysis.
Event Recording
Market Overview CIAM: Customer Identity & Access Management
May 12, 2023

This session provides an overview of the CIAM solution market and provides you with a compass to help finding the solution that best meets your needs. In a recent Leadership Compass, KuppingerCole´s Senior Analyst John Tolbert examined the CIAM market segment, product/service functionality, relative market share, and innovative approaches to providing SOAR solutions.

Event Recording
The Human Factor & Access Governance
May 11, 2023

One of the fundamental problems of identity and access governance lies in very unclear relationships between real business needs, access policies and decision making about allowing certain action on the assets. For years we are trying to develop access policies which at the same time corresponds to business expectations, digital security rules and regulations, and people-centric to minimize deviations.
In this session, we will discuss human factor in IGA program and how to provide human factor analytics in access governance using new three-dimensional model called NPR (need, policy and resolution). We will show how NPR reports will help the organization to determine necessary adjustments of the policies and their implementation in Identity Governance workflows and processes to improve maturity, decrease risk of breaches, policy deviations by users and cost of managing and enforcing policies also known as Costidity. We will also show the sample reports based on data from higher education customer.