KuppingerCole's Advisory stands out due to our regular communication with vendors and key clients, providing us with in-depth insight into the issues and knowledge required to address real-world challenges.
Meet our team of analysts and advisors who are highly skilled and experienced professionals dedicated to helping you make informed decisions and achieve your goals.
Meet our business team committed to helping you achieve success. We understand that running a business can be challenging, but with the right team in your corner, anything is possible.
In this session, Martin Kuppinger, Principal Analyst at KuppingerCole Analysts look at the potential of utilizing DID approaches within the enterprise. This session will look at the business benefits, the steps involved, important considerations, challenges, pitfalls, and recommendations for implementing decentralized identity. Martin will explain the potential and look at how this will impact existing technologies such as IGA, PAM, and Access Management, and how this relates to other trends such as WfA, BYOD, Policy-based Access, and more. He also will outline where interoperability and standards must further evolve to enable organizations in re-inventing their IAM, without ripping everything apart. He will discuss the steps involved, important considerations, challenges, pitfalls, and recommendations for implementing decentralized identity in the enterprise.
After several tumultuous years, the cyber insurance safety net is in question as costs rise and coverage contracts. Research conducted with IT security professionals to understand the real-life experiences companies have in obtaining and using cyber insurance.In this session we’ll unpack the survey findings and put them in context. Join the discussion to prepare for your next cyber insurance assessment so you end up with coverage and rates that accurately reflect your organization’s risk profile.
Joe Carson will talk about
And help you find answers to these questions
Identity Governance and Administration (IGA) is critical for ensuring the security of an organization, but it can also be a complex and time-consuming process. Join us for an engaging conversation on how Identity Governance and Administration Bot Flow (IGABotFlow) is revolutionizing the IGA field. This new approach combines the power of low-code orchestration, bot technologies, and a visual interface to simplify the management of access to sensitive information and resources while improving security.
"Citizen developers" will learn how to use IGABotFlow to automate complex business processes, including identity-related tasks, with low code visual tools. Additionally, attendees will discover how bots can proactively monitor and respond to events and changes in data, performing tasks and interacting with users without explicit requests. IGABotFlow is a game-changer in the field of identity governance and access management. Attendees will learn about the use cases where this technology could make a difference in their organization.
The EU funded Next Generation Internet (NGI) Atlantic project "Next Generation SSI Standards" and the Walmart funded Jobs for the Future (JFF) Plugfest, both have the same aim of fostering wide scale adoption of Verifiable Credentials. They are doing this by funding global interworking of Verifiable Credentials products from many different suppliers located in Europe, the USA and Asia. The NGI Atlantic project is committed to using the OpenID for Verifiable Credentials (OIDC4VCs) draft standard specifications, whilst JFF is allowing the 30+ participants to decide amongst themselves which protocols to use. Three protocol suites have been chosen: OIDC4VCs, VC-API with CHAPI, and DIDComm.
This presentation will provide an overview of the two projects, will provide an overview of the 3 protocol suites that have been chosen, and will present the results of the interworking trials.
The NGI Atlantic project will finish in December 2022, and besides interworking trials, will deliver an open source test suite that suppliers can use to test their implementations for conformance to the OIDC4VCs protocol suit for both credential issuing and verification. Some tests are being added to the W3C CCG Traceability test suite (written in POSTMAN) and some are being added to the Open ID Foundation's existing OpenID Connect conformance test suite (written in Java).
The JFF Plugfest will finish in 1Q2023. In November 2022 each VC Issuing software supplier must demonstrate the issuing of a verifiable credential to the wallets of at least two different wallet software providers, whilst each wallet software provider must obtain a verifiable credential from at least two other VC Issuing software providers. In February 2023 VC wallets must demonstrate the presentation of a Verifiable Presentation/Verifiable Credential to at least two different verification software suppliers, and each verifier must demonstrate that it is capable of accepting a VP/VC from at least two different wallets.
The success of these projects should catapult the acceptance of inter-workable verifiable credential products to the market.
OpenID Connect Federation enables trust establishment at scale and is being deployed to do so in Europe.
A key question when granting access to resources is “Who do you trust?”. It’s often important to know who the party is that you’re interacting with and whether they’ve agreed to the terms and conditions that apply when accessing a resource.
OpenID Connect enables identities of participants to be securely established but doesn’t answer the question of whether a participant is trusted to access a resource such as your personal data. A complementary mechanism is needed to do that. In small-scale and static deployments, it’s possible to keep a list of the trusted participants. However, in large-scale and dynamic deployments, that doesn’t scale.
This presentation will describe how the OpenID Connect Federation protocol enables scalable trust establishment with dynamic policies. It does so by employing trust hierarchies of authorities, each of which are independently administered. Examples of authorities are federation operators, organizations, departments within organizations, and individual sites.
Two OpenID Connect Federations are deployed in Italy, enabling secure access to digital services operated by Italian public and private services with Italian digital identities. This presentation will also describe why OpenID Connect Federation was selected for them and how it meets their needs. OpenID Connect Federation is being used by the GAIN PoC. A public deployment is also being planned in Sweden.
Web3 is a revolutionary changing aspect of technology in the current era but protecting Web3 will be a challenge considering how smart contracts are challenging. New businesses utilizing blockchain technology are more focused on business while their different assets need eyes, such as the most vulnerable DApps and Web3 services.
Decentralized applications, commonly referred to as dApps, are not controlled by a single point of authority. Instead, they run on a blockchain or a P2P network, making them more complex and riskier than traditional applications.
In this talk, we'll discuss how hackers are utilizing their techniques to attack web3 and smart contracts and what are best practices for enterprises to prepare for the challenge.
Identity Governance and Administration (IGA)is a core component of Identity and Access Management (IAM) infrastructure and refers to integrated solutions that combine Identity Lifecycle Management (ILM) and Access Governance. IGA helps to cut costs, increase security, improve compliance, and give users access to the IT resources they need.
Depending on maturity in terms of IAM, some organizations may need to bolster their capabilities in ILM while others need to focus on Access Governance. But most organizations are looking for a comprehensive IGA solution, that combines traditional User Access Provisioning (UAP) and Identity and Access Governance (IAG).
As a global OEM of highly critical and complex industrial devices, managing access to hundreds of millions of IIoT device resources spread across customer sites all around the globe is already a challenging task.
Use cases for providing a digital service platform need to address end customers accessing devices owned by themselves as well as priviledged access for in house and third party analytics applications and serice personnel. A combination of requirements for excelent user experience, authorization management and high performance for cross-tenant queries for endless scenarios can become a nightmare.
The task was to analyze the access requirements, abstract them and then deploy a “Zanzibar” inspired approach to manage access authorizations with a swift and reliable backend architecture, able to handle millions of information assets to be protected against unauthorized access.
Creating a mere access model does not do the full trick - it has to be cleverly designed into data storage structures and queries to achive the required performance goals!
The talk quickly introduces the problem set and then dives deeper into how to implement data storage optimization magic to get quick response times and swift adjustments of authorizations.
In this talk, Krishna Balan Kannappan will describe Kone´s path to a holistic and integrated Identity Security infrastructure.
Privilege Access Management:
DevSecops model is used for Development, automated deployments, Security Scans and automated Testing.
The existing eIDAS governance framework for digital identity is fragmented for different regulated markets in different EU countries. Today identity provider solutions for finance, healthcare and other regulated markets follow central approaches for the management of identities and consent in high secure data center environments and using legacy standards (e.g. OIDC, central public key infrastructure).
eIDAS 2.0 creates a EU wide identity ecosystem with adapted new standards, new stakeholders and a focus on using mobile devices. The existing roadmap allows to anticipate three to five years (or more) transition. For banking, insurance, healthcare or the public sector it is time to adopt these standards in their digital transformation strategy.
Based on the Gematik requirements for a federated identity provider with central OIDC compliant resource and authorization server Comuny shifted relevant identity provider functions (data storage + token generation) on the mobile device.
The speakers will describe challenges and solutions for this regulated market. They also discuss the chance to combine existing central OIDC flows with mobile decentral, wallet based principles as a bridge into the new eIDAS 2.0 governance framework. The audience will get a clear understanding about requirements, opportunities and practice details to create the transition into eIDAS 2.0 identity ecosystem.
Data is Power. And as a popular comic superhero said, with power comes more responsibility. For companies offering digital services, the responsibility lies in storing the customer data securely. Growing number of global privacy regulations underpin this responsibility.
More and more organizations are using specialized Customer Identity and Access Management (CIAM) solutions which enable them to consolidate the data of existing customers while offering new and innovative ways to acquire new ones. CIAM tools can be used to prevent fraud, monitor suspicious activity as well as generate important business reports and statistics.
CIAM market is growing yearly but remains the most innovative in various IAM disciplines in to meet the fast-changing digital business demand. Utilizing modern, flexible, and scalable CIAM platforms will enable organizations to combine good customer experience with strong data security. Certainly, a recipe for a successful online enterprise!
This talk will give insights on how to strategize your CIAM journey and shed light on some pain points companies face when embarking on this exciting adventure.