Event Recording

From Local to Global: ABB's New Platform-First IGA Program

Show description
Stefan Lindner
Global Identity and Access Manager
Stefan Lindner
Stefan Lindner, Global Identity and Access Manager, has approximately 20 years’ experience with ABB, focused strongly on implementation of ITSM frameworks for country, regional and global environments. For the last three years, he’s focused strongly on Identity and Access Management...
View profile
European Identity and Cloud Conference 2023
Event Recording
Better Safe than Sorry: A Peek into the Future with IGA
May 10, 2023

Engineers across organizations struggle with increased anxiety and stress every time they hit the push button to make complex system changes. One mistake can hinder business as usual, introduce unnecessary risks, and cause non-compliance with policies that can cripple the whole organization.

Simulations could be the answer engineers are looking for. They are used in various fields to study complex systems and help engineers create hypothetical scenarios to see the impact of certain changes before implementing them.

In this presentation, the Evolveum Development Team Leader, Katarina Bolemant, will explain the motivation and common pain points of deploying an IGA solution. She will show you the endless possibilities of using simulations to evaluate the impact of changes and how to identify potential issues and reduce the risks of errors. Using simulations will lift the burden off engineers’ shoulders, increase confidence in their decisions, and build stronger relationships with other stakeholders.

Offer a peek into the future, and both technical personnel and decision makers will appreciate you for providing the possibility to review the simulated results and make necessary adjustments before implementing changes in the production environment.

Event Recording
Policy Based Authorization Architecture Considerations
May 10, 2023

Policy Based Authorization is becoming the new normal when it comes to identity-centric access controls. However, there is no standard approach to PBAC deployment that fits all use cases. In this session we will look at PBAC requirements for common use cases such as microservices, cloud, API, data & analytics.

Event Recording
Privileged Access Management – Moving from Cost to Service Centre
May 11, 2023

A standardized approach to control privileged accounts can be valued as a profitable internal service.
While implementing Privileged Access Management (PAM) DKB concentrates on what kind of service delivery a PAM implementation can provide to its customers (our employees) to connect benefits for end-users and address identity security at the same time.
We call that Privileged Access Security Service.
From a technical and IAM point of view identity security can only be achieved by securing the respective digital identities and the assigned user accounts in the corresponding target systems.
In the area of IAM/PAM a comprehensive compliance level automatically results in a higher maturity of our information security management. Therefore, we reduce the non-financial risks not only by complying with regulatory requirements but also by adding effective security concepts – such as zero trust or least privilege – to our IAM/PAM ecosystem.
In this session the DKB approach to handle identities and accounts in the context of a Privileged Access Security Service will be presented.

Event Recording
The Art of Privilege Escalation - How Hackers Become Admins
May 11, 2023

Privilege escalation is also one of the most common techniques attackers use to discover and exfiltrate sensitive valuable data. From a hacker’s perspective, privilege escalation is the art of increasing privileges from the initial access, which is typically that of a standard user or application account, all the way up to administrator, root, or even full system access. With NT AuthoritySystem access or on Linux the root account, attackers have full access to one system. With Domain Administrator access, they own the entire network.

• Top Methods of Privilege Escalation on Windows and Linux
• Common Tools used to identify Privilege Escalation
• And more...

Event Recording
Best Practice: Empowering the Vision of the IoT with Decentralized IAM
May 11, 2023

How Self-Sovereign Identity (SSI) enables decentralized Identity and Access management for Things

  • The Challenges of IoT and Identity 
  • SSI key elements in a nutshell 
    • Decentralized Identifier (DID)
    • Verifiable Credentials (VC)
    • The role of blockchain / DLTs
    • How the elements work basically together
  • The SSI advantages / disadvantages in general and for IoT
  • Can SSI replace “traditional” Identity and access solutions and how? 
    • The IoT possibilities filancore enables with SSI

From SSI zero to hero – ETO`s digital & IoT transformation in practice

    • From or need to vision, strategy and IoT-SSI in operation
      • Our innovation, organization, and technology problems from back then
      • SSI as a competitive chance
    • ETO`s SSI strategy and roadmap – where we started, are and going
    • Our SSI High-Level Architecture and IoT product innovation(s) [decentralized IAM in use]
    • Our lessons learned and take-aways with SSI
Event Recording
City of The Hague: Adding Access Control to Microservice Architectures for ZTA
May 10, 2023

The Common Ground movement of the Dutch municipalities is developing innovative solutions for greater interoperability. An important part of this is the data landscape, where functionality is accessed through microservice API’s. In the analysis of this architecture, one aspect is barely touched upon: The Access Control aspect in API’s is not appropriately co-developed.

The Municipality of The Hague has performed a Proof Of Architecture (the POA) to demonstrate that it is possible to unlock an existing API in which access is not explicitly modeled, or that still uses traditional Role Based Access Control methods internally, restricting interoperability across contexts.

The POA is done in an effective and efficient way through innovative 'zero trust architecture' concepts, such as Policy Based Access Control. Security and privacy are thus demonstrably realized in accordance with legal requirements. The POA proves that it is technically feasible to add input-filtering of access requests to ignore the restricting RBAC method and thereby open doors for municipalities for interoperability in an autonomous and secure way.

During the presentation the working principles of API access from a perspective of Identity & Access Management are explained, but also how these principles can be applied in practice in an existing application landscape.

The presentation will be a joint presentation between the lead architect of the City of The Hague, Jan Verbeek, and access strategist André Koot.

Event Recording
Decentralized Identity: The Way Forward
May 10, 2023

Decentralized Identity is enabling individuals and organizations to have control over their own personal data, providing self-sovereignty, privacy and security. But, is a relatively new concept with high development and standardization dynamics. In this session we will look into what we should do today to take full advantage of this promising concept.

Event Recording
IGA Everywhere - Creating your Future Security Ecosystem
May 10, 2023

Identity Governance and Administration (IGA)is a core component of Identity and Access Management (IAM) infrastructure and refers to integrated solutions that combine Identity Lifecycle Management (ILM) and Access Governance. IGA helps to cut costs, increase security, improve compliance, and give users access to the IT resources they need.

Depending on maturity in terms of IAM, some organizations may need to bolster their capabilities in ILM while others need to focus on Access Governance. But most organizations are looking for a comprehensive IGA solution, that combines traditional User Access Provisioning (UAP) and Identity and Access Governance (IAG).

Event Recording
Lessons Learned from More Than 6 years of CIAM in a Media Company
May 10, 2023

As an international media company we’ve been dealing with rapid digital transformation for a bunch of years now. One of the corner stones of our strategy is identity & access management for millions of users and customers. Over the last 6 years we’ve gone through many iterations of our Identity platform; from a fully managed SaaS platform to our own custom built solution. In this talk we’ll share our journey with you and highlight some of the challenges we’ve faced, how we’ve dealt with them and why we believe our homegrown platform has been the right choice for the company.

Event Recording
Trends in Passwordless Authentication for CIAM
May 11, 2023

Passwordless helps in reducing ATO fraud, provides better security, and smoother experience. But the passwordless approach for each organization and region is fundamentally different, in large part because the journeys or flows that your customers will take are unique. In this session Huzefa Olia will talk about the various options that an organization can introduce for Passwordless access for their customers. 

Event Recording
Building a Secure Digital Experience Without Friction
May 10, 2023

As the number of digital touchpoints in the customer journey increases, IT teams rely on customer identity to optimize security and user experience. However, ensuring one doesn't overshadow the other often requires multiple integrations and custom development, creating internal friction and slowing innovation.

In this talk, Sadrick Widmann, CEO at cidaas, will explain how to remove barriers and improve cross-functional collaboration to bring seamless, secure customer experiences to market faster.

Event Recording
Safeguarding IoT/OT/IIoT Devices, Their Identities and Communication with Autonomous Networking
May 11, 2023

Autonomous networking aims at the appropriate handling of the growing number of devices, machine, sensors and components for which authentication and authorization must be ensured, i.e., identities must exist. The initial provision of such identities, but also the handover and onboarding into the respective operational environment (WiFi, smart home, factory floor) require scalable, automated, end-to-end secured procedures and concepts to facilitate trusted communication, but also e.g., the provision of made-to-measure updates.
Making IoT/OT/IIoT identities and networks secure by design is essential. ACP (Autonomic Control Planes) and BRSKI (Bootstrapping Remote Secure Key Infrastructure) lay one foundation for achieving this.