KuppingerCole's Advisory stands out due to our regular communication with vendors and key clients, providing us with in-depth insight into the issues and knowledge required to address real-world challenges.
Compare solution offerings and follow predefined best practices or adapt them to the individual requirements of your company.
Meet our team of analysts and advisors who are highly skilled and experienced professionals dedicated to helping you make informed decisions and achieve your goals.
Meet our business team committed to helping you achieve success. We understand that running a business can be challenging, but with the right team in your corner, anything is possible.
We will be discussing an identity fabric model that allow for growth, ease of integration, and a way to future proof your organization.
We will be discussing an identity fabric model that allow for growth, ease of integration, and a way to future proof your organization.
In this Session we will look at the business and security benefits of moving to policy-based access controls (PBAC), how this supports a Zero Trust approach to security, and how PBAC can be practical and scalable in hybrid and multi-cloud IT environments. We will look at some of the main authorization use cases that are driving change in enterprise architecture teams. We will also share recommendations on how organizations can improve security, enhance brand trust, and deliver better user experiences.
The EU funded Next Generation Internet (NGI) Atlantic project "Next Generation SSI Standards" and the Walmart funded Jobs for the Future (JFF) Plugfest, both have the same aim of fostering wide scale adoption of Verifiable Credentials. They are doing this by funding global interworking of Verifiable Credentials products from many different suppliers located in Europe, the USA and Asia. The NGI Atlantic project is committed to using the OpenID for Verifiable Credentials (OIDC4VCs) draft standard specifications, whilst JFF is allowing the 30+ participants to decide amongst themselves which protocols to use. Three protocol suites have been chosen: OIDC4VCs, VC-API with CHAPI, and DIDComm.
This presentation will provide an overview of the two projects, will provide an overview of the 3 protocol suites that have been chosen, and will present the results of the interworking trials.
The NGI Atlantic project will finish in December 2022, and besides interworking trials, will deliver an open source test suite that suppliers can use to test their implementations for conformance to the OIDC4VCs protocol suit for both credential issuing and verification. Some tests are being added to the W3C CCG Traceability test suite (written in POSTMAN) and some are being added to the Open ID Foundation's existing OpenID Connect conformance test suite (written in Java).
The JFF Plugfest will finish in 1Q2023. In November 2022 each VC Issuing software supplier must demonstrate the issuing of a verifiable credential to the wallets of at least two different wallet software providers, whilst each wallet software provider must obtain a verifiable credential from at least two other VC Issuing software providers. In February 2023 VC wallets must demonstrate the presentation of a Verifiable Presentation/Verifiable Credential to at least two different verification software suppliers, and each verifier must demonstrate that it is capable of accepting a VP/VC from at least two different wallets.
The success of these projects should catapult the acceptance of inter-workable verifiable credential products to the market.
Decentralized Identity is about to change the way we do IAM in enterprises. It is not just about the C-identities (consumers, customers, citizens). This raises two questions: What do to differently in IAM, to leverage the potential of decentralized identities? And what not to do anymore, because it is becoming legacy? IAM, without any doubt, will change fundamentally. But is it about rip-and-replace of IAM and in particular IGA, or about complementing it? In this panel, we dive into this decentralized lake of innovation, new standards, products, vendors and start-ups in order to find out how to benefit from DIDs in the enterprise.
Are there interoperability models and how could a longer-term migration scenario look like? What about Identity Workflow Orchestration? Join this great panel session to discuss the way forward for workforce identity.
In 1994, Italian physicist Cesare Marchetti discovered something: cities expand as a function of transportation speed. In short, “transportation is the lifeblood of a city.” Innovation in transportation has driven the expansion of cities—from small, walkable areas to the sprawling, car-based metropolises, presenting a challenge for urban planners.
Identity in the modern organization faces a similar challenge: if transportation is the lifeblood of cities, then identity is the lifeblood of organizations. And our organizations are not ancient, walkable Rome, but modern, sprawling Atlanta—with identities and resources widely strewn around the globe.
Like urban planners, we face a nearly-intractable challenge: how can we provide access to resources and data easily while still meeting the stringent demands of security and compliance?
Thankfully, there appears to be a solution for both urban planning *and* identity, albeit from an unexpected source: Ordinary slime mold. Aka, “The Blob.”
We’ll learn from this simple organism, describe how its simple actions create complex systems that solve these sorts of “unsolvable” problems, and see how the Blob might “think” about identity.
In this session, KuppingerCole´s Paul Fisher will give an overview of the market for Privilege Access Management (PAM) platforms and provide a compass to help buyers find the product that best meets their needs. KuppingerCole examines the market segment, vendor capabilities, relative market share, and innovative approaches to providing PAM solutions. He will also explain how the new Pamocracy is affecting the market.
Sure, MFA goes a long way in preventing account takeover but it is only one layer. Using AI to look at identity data to evaluate risk can add an additional layers – not only to prevent takeover but mitigate the impact once a takeover happened.
Privilege escalation is also one of the most common techniques attackers use to discover and exfiltrate sensitive valuable data. From a hacker’s perspective, privilege escalation is the art of increasing privileges from the initial access, which is typically that of a standard user or application account, all the way up to administrator, root, or even full system access. With NT AuthoritySystem access or on Linux the root account, attackers have full access to one system. With Domain Administrator access, they own the entire network.
• Top Methods of Privilege Escalation on Windows and Linux
• Common Tools used to identify Privilege Escalation
• And more...
In 2005, Kim Cameron excitedly told me about digital identity and set my life on a course to “Build the Internet’s missing identity layer”. In this talk I’ll tell key stories from my identity journey – stories of the people, ideas, and lessons learned along the way. I’ll speak of technology and collaboration, usability and business models, solving problems people actually have, and building new ecosystems. Come with me on this journey of exploration, trials, triumphs, and humor as I recount touchstones of the human endeavor that is digital identity.
The European Union’s regulation on Digital Identity, eIDAS, is currently being overhauled to adopt decentralized identity principles. The goal is to provide all citizens and residents across the EU with highly secure and privacy preserving digital wallets that can be used to manage various digital credentials, from eIDs to diplomas to payment instruments. Decentralized identity principles aim at giving freedom of choice and control to the end-user. Ensuring security and interoperability, however, will be challenging — especially in the enormous scale in terms of users and use cases the EU is aiming at. The choices made in eIDAS will have a huge impact on digital identity in the EU and beyond.
The so-called “Architecture and Reference Framework” (ARF) defines the technical underpinnings of eIDAS v2. Many experts from the member states and the Commission have been working on this framework over the last year, trying to select the best combination of technologies and standards out of the enormous number available in the market today. This talk will introduce the ARF and explain what architectural patterns and technical standards are adopted and how the challenges mentioned above are addressed in order to leverage on the vision of the eIDAS v2 regulation.
There are clear battle lines drawn between the centralised and decentralised worlds, but how much of this is ideology and how much is simply a misunderstanding of how services are delivered, rights protected, and trust established? Both models have advantages and disadvantages but that doesn’t mean that one should simply replace the other.
Governments need data about us to plan services such as where schools and hospitals should be built or where the most vulnerable in society are so that they can be supported. That data can also be used to cause harm, but technology alone will not solve the problems of control, protection of basic rights, and the delivery of fair and fraud resistant services.
In this session Adam Cooper seeks to identify the real questions we should be asking and provides his own insights based on over a decade of working with governments, citizens, and the private sector to deliver better outcomes for all of us.