Event Recording

Touchstones Along My Identity Journey

Show description
Dr. Michael B. Jones
Building the Internet’s Missing Identity Layer
OpenID Foundation
Dr. Michael B. Jones
Michael B. Jones is on a quest to build the Internet’s missing identity layer. He is an editor of the OpenID Connect specifications, IETF OAuth specifications, including JSON Web Token (JWT) and DPoP , the IETF JSON Object Signing and Encryption (JOSE)   specifications,...
View profile
European Identity and Cloud Conference 2023
Event Recording
Finding the Signal Through the Noise in Web3(++) Identity
May 11, 2023

2022 brought a lot of activity in web3/crypto identity solutions: Soul Bound Tokens, Verifiable Credentials, and even web5?! In this year-in-review we'll examine the varying approaches, the problems they were trying to solve, and discuss how this can inform all of our user-centric identity efforts.

Event Recording
Enforcing Decentralized Authorization in a Multi-Platform API Landscape at Scale
May 10, 2023

Authorization (AuthZ) and Authentication (AuthN) go hand in hand in ensuring zero-trust in your system landscape. But while scaling identity can be done by centralizing it in an IAM solution, centralizing authorization is seldom a scalable solution. Increased latency, varying requirements and maintainability are all key reasons to want a more decentralized solution that can adapt and scale.

In this talk we will describe how to use Open Policy Agent (OPA) to achieve decentralized authorization in a multi-platform API landscape, including both modern and legacy platforms, while simultanously ensuring centralized compliance controls and enforcement.

Event Recording
Navigating B2B2X Complexity with Identity-Centric Personas and Policy-based Access controls
May 10, 2023

As ecosystems of customers, workforce, partners and suppliers become increasingly intertwined, companies face the challenge of managing access consistently. Companies often install different access systems for different populations, with different types of accounts and different lifecycle management.

This session presents an approach whereby different populations can be managed with a single system and a single user profile. Key in this approach is that the user profile indicates to which population (or more than one population) the user belongs. The approach also enables delegated administration and temporary accounts in a very intuitive way.

Event Recording
Covering Your Customer Identity Needs - The Way Forward
May 12, 2023

The Art of CIAM is to converge user Experience (UX) , security and privacy in a way that is seamless and unobtrusive for the user. In this panel session we will discuss the role of decentralized technologies, biometrics, and AI in Digtal ID, allowing for more secure and efficient authentication processes. 

Event Recording
Is FIDO Ready for Enterprise Deployment?
May 11, 2023

With the ever-increasing number of cyber-attacks, level of fines and unstable geopolitical climate, organizations are looking to better protect themselves against data breach by deploying phishing resistant authentication for their workforce.

FIDO combines the benefits of high security with a standards-based approach, but with its background in the consumer world, including privacy by design, how does it fit into an enterprise deployment with the increased demand for identity management?

This session will discuss:

  1. What do enterprises require for high-assurance credential management?
  2. How can FIDO meet these needs?
  3. Options for integrating FIDO into existing IDAM solutions
Event Recording
Safeguarding IoT/OT/IIoT Devices, Their Identities and Communication with Autonomous Networking
May 11, 2023

Autonomous networking aims at the appropriate handling of the growing number of devices, machine, sensors and components for which authentication and authorization must be ensured, i.e., identities must exist. The initial provision of such identities, but also the handover and onboarding into the respective operational environment (WiFi, smart home, factory floor) require scalable, automated, end-to-end secured procedures and concepts to facilitate trusted communication, but also e.g., the provision of made-to-measure updates.
Making IoT/OT/IIoT identities and networks secure by design is essential. ACP (Autonomic Control Planes) and BRSKI (Bootstrapping Remote Secure Key Infrastructure) lay one foundation for achieving this.

Event Recording
Identity Inclusion – Why it Matters
May 09, 2023

The cornerstone of the digital world is trust and key to that experience is a secure and verifiable digital identity. More than one billion people worldwide lack a basic verifiable identity. Without recognizable and consistent proof of identity there can be no financial, health, citizen, or digital inclusion. Women in Identity is a not-for-profit organization championing diversity and inclusion in the identity sector.  Women in Identity enables change through awareness from our research projects (such as the code of conduct) and through our sponsors and members.  In this keynote the chair and vice chair of the Board will share insights on the impact of identity exclusion and provide practical and pragmatic ways organizations and individuals can help drive Identity inclusion. 

Event Recording
The Invisible Man Paradox
May 12, 2023

How changing requirements for a seamless yet secure customer experience affect your Customer Identity solution

Today's consumers live parallel lives, with one foot in the physical world and the other foot leaving many digital footprints across the internet. In the physical world, trust is easier to build and identity is easier to validate. In the digital world the consumer is The Invisible Man - more difficult to interact and connect with but wanting a simple, effortless digital experience with impeccable security. 

In this session, we will explore how identity is the link between both worlds and is the centre of every great customer experience. From providing delightful experiences to ensuring security and privacy, we will show how the right Identity Solution resolves the Invisible Man paradox, building connection and trust in the digital world. 

Event Recording
Cyber-Defense Strategies to Protect Cloud Resources & Identities
May 10, 2023

Cyberattacks continue to increase in volume and sophistication, targeting everything owned, managed, and serviced from the cloud. Attackers have also realigned their efforts, focusing on staying undetected, quickly monetizing exploitations, and publicly shaming organizations after successful breaches. BeyondTrust Chief Security Officer (CSO), Morey J. Haber will offer best practices for minimizing these increasingly exploited cloud attack vectors. Join him to learn cutting edge strategies for building the optimal cloud defense for your organizations unique cloud environment and identities.

Event Recording
Verifiable Digital Credentials: Comparison of Characteristics, Capabilities and Standardization of Emerging Formats and Issuance Protocols
May 10, 2023

In 2022, several standards organizations and open source groups made great progress defining protocol specifications and code for the issuance of digital credentials. In this session, learn about and discuss some of the emerging issuance protocols, and compare their features, capabilities and trade offs.

Event Recording
Enforce a faster sign-in with Biometrics and Pin – even for legacy apps of a DAX company
May 11, 2023

Join this session if you want to learn how a globally operating science and technology company introduced a faster and phishing-resistant sign-in – driven by the open-industry standard FIDO.

Employees use Biometrics or Pin, instead of Password & SMS, Call or App.

A “Detached Authentication” feature enables apps without FIDO/WebAuthn support and allow us to globally enforce the phishing-resistant sign-in – without fallback to other MFA methods.

Identity Verification is required for the registration and recovery of Biometrics or Pin. SaaS or self-developed identity verification methods can be used and combined.

The infrastructure for authentication and registration of Biometrics and Pin runs in a self-hosted environment. It allows us to stay true to our principles: Own Identities, Credentials and Authentication.

# What makes it unique

Passwordless Sign-in
– Biometrics of device-in-use 

Biometrics sign-in available for all apps
Detached Authentication for apps without WebAuthn

Biometrics sign-in enforced for all users
No SMS, Call or Authentication Apps

Onboarding, Registration, Recovery, Password Reset
– Self-services secured with identity verification

Centrally stored FIDO-Credentials for multiple IdPs
Self-hosted infrastructure with IdP plugins

Event Recording
Centralized eID May be the Target of the Next Nordstream Pipeline Attack
May 11, 2023

With the vast centralization of government digitization in general, and issuance and operation of Digital Identity services in particular, the Nordic countries have made themselves unnecessarily vulnerable to attacks by actors such as those with the resources to blow up the Nordstream pipelines in the Baltic Sea.

With the new Danish digital identity, MitID, as an example, I will discuss

  1. How governments and/or banks centrally attempt to strike a balance between vulnerability and user adoption,
  2. Why compliance and certification may only take you so far, and finally,
  3. How concepts such as wallets and Verifiable Credentials may decentralize the digital identity ecosystem not only for increased privacy but also for more robust and secure infrastructures less prone to attacks by bad actors.