Event Recording

The Killer Credential - Spotting Verifiable Credentials That are Absolute Must-Haves for Every Party in an Ecosystem

Speaker
Eve Maler
CTO
ForgeRock
Eve Maler
Eve Maler is ForgeRock’s CTO. She is a globally recognized strategist, innovator, and communicator on digital identity, security, privacy, and consent, with a passion for fostering successful ecosystems and individual empowerment. She has 20 years of experience innovating and leading...
View profile
Playlist
European Identity and Cloud Conference 2023
Event Recording
Market Overview: Identity Governance & Administration (IGA)
May 10, 2023

The Identity Governance and Administration (IGA) market is continuing to evolve through more integrated Identity Lifecycle Management and Access Governance solutions that are now increasingly aided by intelligent features. In this session, KuppingerCole´s Nitish Deshpande will share with you insights into the IGA market, providing you a compass to help you find the products that can meet the criteria necessary for successful IGA deployments.

Event Recording
Cyber Insurance: Results from a Recent Survey
May 12, 2023

After several tumultuous years, the cyber insurance safety net is in question as costs rise and coverage contracts. Research conducted with IT security professionals to understand the real-life experiences companies have in obtaining and using cyber insurance.In this session we’ll unpack the survey findings and put them in context. Join the discussion to prepare for your next cyber insurance assessment so you end up with coverage and rates that accurately reflect your organization’s risk profile.

Joe Carson will talk about

  • The factors driving the skyrocketing costs of cyber insurance
  • The role Boards of Directors play in driving demand for cyber insurance
  • Fine print to check before finalizing your cyber insurance policy

And help you find answers to these questions

  • What security controls do cyber insurance companies expect you to have?
  • What cyber incidents are excluded from cyber insurance policies?
  • What recovery costs does cyber insurance cover?
Event Recording
Three Years is a Long Time in Identity
May 10, 2023

Landing in a new organisation with a declared objective to transform the way customer identity was done but no mandate was daunting. Being able to look back three years later and tick of an infrastructure consolidation, the deployment of a central authorisation solution, being on the precipice of participating in a Digital ID scheme, and having the Chief Digital Officer shouting from the rooftops about a universal login is priceless. Come along to hear me talk about some critical success factors, calculated risks, fortunate circumstances, and the incredible support of some incredible people helped make this happen. I’ll also touch on my personal journey from an engineering role to a product person to illustrate the increasing maturity levels we went through.

Event Recording
The eID Threat Landscape – Stay Ahead of the Fraudsters
May 10, 2023

Cash grab-robberies are out, online fraud is in. When multinational hacker groups target senior and vulnerable citizens as a business model.

Learn how BankID is fighting fraud and helps you stay on top by identifying, preventing and notifying you of fraudulent usage in real time, while preserving top user experience.

The dream of tomorrows digitalized society is already a reality. Sweden is one of the world’s most digital and innovative societies. The fast and secure digital identification provided by BankID is a corner stone in this, to many, futuristic ecosystems. Many shops and stores do not accept cash and the amount of cash is low, something that inflicts digital threat. Studies shows a steep growth curve of digital fraud in several markets. In some places, fraud has surpassed drugs in turnover and profitability and fraud factories are popping up globally. Talented social engineering fraudsters and patterns with efficient crime-as-a service software, modus and tools. Fraud schemes including native and international fraud clusters targeting Swedish bank customers.

Learn more around the Risk and Anti-fraud toolset in the BankID Identity Platform. Digital identity is an area where the need for innovation is extensive. Whatever future eID scenario you discuss, security is always at the core.

Event Recording
Lessons Learned from Projects Using Verifiable Credentials in the Education Industry
May 12, 2023

I will talk about lessons learned from several projects which tried to adopt verifiable credentials as learning credentials in educational institutes such as interoperability with the OpenBadge credentials.

Event Recording
eIDAS 2.0 & Digital Identity Wallet Readiness: What Your Organisation Needs to Know About Digital Identity Wallets
May 12, 2023

The revision of the eIDAS regulation introduces new requirements, challenges as well as opportunities for organisations. In this talk Adrian Doerk provides a structured guidance of aspects organisations need to be aware of to be well positioned in the market. After a general introduction to the eIdAS ecosystem, the focus will be on organisations who want to issue and verify qualified electronic attestation of attributes to/from the European Digital Identity Wallet. 

Event Recording
Urban Planning and Identity with Slime Mold or: How I learned to Stop Worrying and Learn from the Blob
May 10, 2023

In 1994, Italian physicist Cesare Marchetti discovered something: cities expand as a function of transportation speed. In short, “transportation is the lifeblood of a city.” Innovation in transportation has driven the expansion of cities—from small, walkable areas to the sprawling, car-based metropolises, presenting a challenge for urban planners.

Identity in the modern organization faces a similar challenge: if transportation is the lifeblood of cities, then identity is the lifeblood of organizations. And our organizations are not ancient, walkable Rome, but modern, sprawling Atlanta—with identities and resources widely strewn around the globe.

Like urban planners, we face a nearly-intractable challenge: how can we provide access to resources and data easily while still meeting the stringent demands of security and compliance?

Thankfully, there appears to be a solution for both urban planning *and* identity, albeit from an unexpected source: Ordinary slime mold. Aka, “The Blob.”

We’ll learn from this simple organism, describe how its simple actions create complex systems that solve these sorts of “unsolvable” problems, and see how the Blob might “think” about identity.

Event Recording
Machine Learning in IAM & IGA
May 11, 2023

This presentation will provide an overview of the terminology and basics of AI and ML in the context of Identity and Access Management (IAM) and Identity Governance and Administration (IGA). It will explore a number of current use cases for leveraging ML in IAM, demonstrating the benefits of automation and enhanced security that ML can bring to identity management. The presentation will conclude with strategic considerations for using ML in IAM, highlighting the importance of considering business value, available data, and existing technologies when implementing ML-based solutions for identity management.

Event Recording
Current Work and Future Trends in Selective Disclosure
May 11, 2023

There’s a lot of foundational work happening in the space of Selective Disclosure (SD) right now. Selective Disclosure enables you to have a token with many claims (say, an ISO Mobile Drivers’ License (mDL)), and only release the claims necessary to the interaction – for instance, your birthdate but not your home address.  Selective Disclosure enables Minimal Disclosure.  This is sometimes realized using Zero Knowledge Proofs (ZKPs) but that’s not always necessary.

In decentralized identity ecosystems, users hold their own credentials to share them with others when needed. One key requirement for these credentials is selective disclosure: instead of sharing the entire credential, users should be able to share only the minimal amount of information necessary for a given use case. This is where SD-JWT comes in.
SD-JWT (Selective Disclosure JWT) is a new format for enabling selective disclosure in JWTs. It is based on the JOSE family of standards for signing and encryption, making it easy to understand and implement.
Developed by the IETF OAuth Working Group, SD-JWT is not limited to verifiable credentials, but can be used universally to provide selective disclosure for any JWT.

Due to its simplicity, SD-JWT has quickly gained traction, with several implementations already available and ongoing adoption as an important building block in both commercial and public projects. In this talk, we will introduce the concepts behind SD-JWT and provide a detailed overview of its capabilities and benefits. We will also discuss the current state of SD-JWT adoption and future directions for its development.

Some of the current work pertinent to Selective Disclosure is:

Event Recording
Identity Governance with a Purpose – Deciding and Documenting Why Access is Granted
May 10, 2023

Deciding what constitutes appropriate access to sensitive information is a growing challenge for today’s enterprise. Whether it is regarding securing mission critical enterprise data or protecting the privacy of data gathered about the organization’s customers, an often-overlooked element is capturing and documenting the reasons why a given access request or entitlement is necessary and appropriate for the continued operation of the business.   Organizations are required to manage the data that they are entrusted with in a secure, purpose-based, and privacy-compliant manner.  Identity Governance processes can help the enterprise review the current state of access, make decisions regarding the validity of this access state, and attest to its accuracy.  Identity Governance processes are also ideally suited to also document the reasons why this access state is appropriate and necessary for business operations.

This session will cover how Identity Governance processes can help enterprises refine their security, make better access control decisions, and provide much clearer accountability around why access is granted – all in better alignment with Zero Trust initiatives.

Event Recording
SAP Transformation and IGA
May 10, 2023

Various large organizations typically have invested heavily in SAP as well as IGA. There comes a point where the two systems start overlapping functionalities. This session will provide a viewpoint on an integrated IGA approach based on organization needs.

Event Recording
Biometrics for Identity Assurance
May 10, 2023

In many respects, identity programs are inherently vulnerable because they often rely on something that is shareable; something that a person knows or something that they have. 

Join iProov to hear how biometrics can improve security for both digital and physical access.  Included in this presentation will be guidance on: aligning biometrics to high-risk inflection points in the identity lifecycle; important considerations for inclusivity; and how to mitigate the risk of generative AI in modern attack methodologies.