Event Recording

The European Union Goes Decentralized - Standards and Technical Architecture Behind eIDAS V2

Show description
Speakers
Dr. Torsten Lodderstedt
Managing Director
yes IDP GmbH
Dr. Torsten Lodderstedt
Dr.-Ing. Torsten Lodderstedt is managing director at yes with more than 15 years experience in running large scale consumer identity services. In his previous positions, he helped organisations in public, banking, railway communication, and telecommunication domains to implement...
View profile
Paolo De Rosa
Government Identity expert
Paolo De Rosa
Paolo is currently working as external consultant for the European Commision by developing the European Digital Identity Wallet. For the past 15 years Paolo has been designing and building secure and privacy oriented digital infrastructures in the private and public sector based on Open Source...
View profile
Kristina Yasuda
Identity Standards Architect
Microsoft
Kristina Yasuda
Kristina is an Identity Standards Architect at Microsoft, known for her work on standards in decentralized identity ecosystem: as an editor of OpenID for Verifiable Credentials specifications in OIDF, Selective Disclosure for JWTs draft in IETF, JWT-VC Presentation Profile in DIF; as a chair of...
View profile
Playlist
European Identity and Cloud Conference 2023
Event Recording
Building Identity Bridges: Where Digital Identity and People's Expectations Meet.
May 11, 2023

This presentation will bring together and report on experiences in developing identity and privacy standards that are technically feasible but that also address the lived experience of people trying to negotiate a complicated digital identity space.

This will include an update on the Kantara Initiative Privacy Enhancing Mobile Credentials Work Group, as well as identity consideration in some recent virtual care and electronic health records standards. This will consider the impact of self-sovereign identity on the possibilities for reclaiming individual autonomy.

Event Recording
Enforcing Decentralized Authorization in a Multi-Platform API Landscape at Scale
May 10, 2023

Authorization (AuthZ) and Authentication (AuthN) go hand in hand in ensuring zero-trust in your system landscape. But while scaling identity can be done by centralizing it in an IAM solution, centralizing authorization is seldom a scalable solution. Increased latency, varying requirements and maintainability are all key reasons to want a more decentralized solution that can adapt and scale.

In this talk we will describe how to use Open Policy Agent (OPA) to achieve decentralized authorization in a multi-platform API landscape, including both modern and legacy platforms, while simultanously ensuring centralized compliance controls and enforcement.

Event Recording
Access Management Trends in a Connect Anywhere World
May 11, 2023

The combined impact of the pandemic driven shift to remote work with a connect-anywhere paradigm and the ongoing digital business transformation has inspired a higher awareness of cybersecurity concerns, requiring a profound change in the way we define Access Management. 

New contact-free onboarding experiences from the workforce to the customers; the need for managing human-to-device relationships; passwordless authentication as the new normal; decentralized identities as a new way for dealing with identities; the impact of policy based access; the convergence of IGA and Access Management: All these are just some of the trends we observe. In this session, we will talk about the Access Management trends and provide guidance on how to leverage and extend your existing Access Management towards a future-proof Access Management.

Event Recording
The Human Factor & Access Governance
May 11, 2023

One of the fundamental problems of identity and access governance lies in very unclear relationships between real business needs, access policies and decision making about allowing certain action on the assets. For years we are trying to develop access policies which at the same time corresponds to business expectations, digital security rules and regulations, and people-centric to minimize deviations.
In this session, we will discuss human factor in IGA program and how to provide human factor analytics in access governance using new three-dimensional model called NPR (need, policy and resolution). We will show how NPR reports will help the organization to determine necessary adjustments of the policies and their implementation in Identity Governance workflows and processes to improve maturity, decrease risk of breaches, policy deviations by users and cost of managing and enforcing policies also known as Costidity. We will also show the sample reports based on data from higher education customer.

Event Recording
Zero Trust Applied for Access Management - How to Control and Monitor the User Access
May 12, 2023

UX with Security in Corporate and Customer Access but including a huge monitoring approach to have the effect of Zero Trust for the users. I will Mix CIAM, Access Management, IAG and UEBA

Event Recording
IAM Across Hybrid On-Premises and Cloud Resources
May 10, 2023

We will be discussing an identity fabric model that allow for growth, ease of integration, and a way to future proof your organization.

Event Recording
How Deepfakes Are Changing the Landscape of Identity Fraud and How Can We Prevent the Risks
May 11, 2023

Explore the latest developments in deepfake technology and its impact on identity fraud. With deepfakes becoming increasingly realistic and widespread, it is essential for businesses and organisations to understand the risks they pose and take action to mitigate them. Attendees will gain a comprehensive understanding of the risks posed by deepfakes to the identity verification industry and how to protect their organisations from them effectively. The session will feature expert insights and real-world examples of how businesses and organisations can implement deepfake detection technology and other measures to prevent identity fraud.

Event Recording
Convergence Across Identity, Authentication and Open Banking
May 10, 2023

To date, the world has progressed identity, authentication, and open banking as disparate initiatives. While strengthening each of these independently has indisputably contributed to growing trust, bolstering data privacy, and mitigating the security risks that are today inherent in our every digital interaction, this ‘divide-and-conquer’ approach is unlikely to be sufficient to propel us to the best possible economic and user experience outcomes.

Join this panel of experts to understand how some of today’s most respected thought leaders suggest how convergence across identity, authentication, and open banking can accelerate our journey to a trusted digital marketplace- our collective North Star.

The whole is indeed much larger than the sum of the parts. Join us-

Event Recording
Cyber Criminals by Design – Using Digital Twins to Understand Misbehavior
May 11, 2023

A digital twin is a virtual representation of a real-life subject. This mapping encompasses its entire lifecycle, is updated from real-time data, and uses simulation, machine learning, and reasoning to support decision-making.

Human beings and their behavior can also be copied and simulated by digital twins. During the last talk at the EIC conference, we already looked at the threats, challenges and opportunities creating digital twins in cybersecurity.
This time we want to discuss how we can dive into a world through a digital twin of a cybercriminal to change perspectives and to understand the cybercriminals behavior.
Imagine having a tool that can perform these simulations at the highest level. Why not use it to our own advantage?
A digital twin that not only simulates the approach and behavioral patterns of cyber criminals but can also predict ahead of time. What if we can turn the tables on cybercriminals by fighting fire with fire?

Event Recording
CIAM-as-a-Service for 50 Million Customers at OLX Group Europe
May 12, 2023

Still developing CIAM in-house? Discover the realities of serving 50 million customers using Hosted Customer Identity and Access Management (CIAM) as a service (SaaS) from a vendor.

Customer Identity and Access Management is one of the most critical platform components. How big of a risk would it be for the large enterprise to delegate it to the vendor solution? And how much risk would it be to not do it?

In 2019 our Eastern Europe business was struggling with Accounts Takeovers where botnets of 1 million IPs total size were involved in massive credential stuffing attacks. And we decided to replace all our legacy auth with a vendor solution.

In this session we will go through the key moments of such transition and the key learnings from the past 4 years. We won’t miss the aspect of value proposition, customer experience, real cost and return on such an investment.

Event Recording
Going Native... with Mobile App Authentication
May 10, 2023

Today, industry best practice requires that the user experience for authentication and authorization require the user to use some form of browser to interact with the Authorization Server. From a product perspective, this creates a disjointed user experience and while there are good reasons for requiring the use of a browser component this is a very common discussion between product and security when designing a mobile app. This talk will propose an industry standard way to allow for native user experiences while covering the pros, cons and implications of doing so.

Event Recording
Assignment Based Access
May 10, 2023

In the current economical climate many companies are facing the need to restructure the operations to ensure efficieny and profitability.

This does in some cases result in layoffs but is also means that projects are cancelled and the staff that was assigned to these projects are freed up for other efforts. In IAM terms the results is a lot of movers in the organisation which traditionally has been a usecase that has been challenging to efficiently support.

How do we help the business and support the need for assignment based access to ensure efficient usage of staff? This talk will look at the lessons learned from implementing assigned based access at a global retailer. It may also include Swedish meatballs, flatpack furniture and moose hunting towers.