Event Recording

Open Banking and Open Data - Global State of Play. Current Trends and Recent Developments

Show description
Dima Postnikov
Head of Identity Strategy and Architecture
Dima Postnikov
Experienced Identity Architect focusing on anything identity, privacy, trust ecosystems design and identity standards development. 
View profile
European Identity and Cloud Conference 2023
Event Recording
Cyber Insurance as a Damage Mitigation Strategy
May 12, 2023

Digital transformation came with a wide range of advantages, but it also opened the door to potential cyberattacks. Every organization faces the risk to be the target of a cybercrime, but the transition to business digitalization leaves a greater room to present vulnerabilities in the system, and if attackers happen to identify them, the attack will occur. The world is changing rapidly, and companies must change with it, and so insurers see their possibility to break into the market. Is it worth to have a cyber-insurance policy? Does it cover all the damages? What is the extent of insurers responsibilities and the company one? Could these cases go to court and under what conditions? 

Event Recording
Cyber Insurance: Results from a Recent Survey
May 12, 2023

After several tumultuous years, the cyber insurance safety net is in question as costs rise and coverage contracts. Research conducted with IT security professionals to understand the real-life experiences companies have in obtaining and using cyber insurance.In this session we’ll unpack the survey findings and put them in context. Join the discussion to prepare for your next cyber insurance assessment so you end up with coverage and rates that accurately reflect your organization’s risk profile.

Joe Carson will talk about

  • The factors driving the skyrocketing costs of cyber insurance
  • The role Boards of Directors play in driving demand for cyber insurance
  • Fine print to check before finalizing your cyber insurance policy

And help you find answers to these questions

  • What security controls do cyber insurance companies expect you to have?
  • What cyber incidents are excluded from cyber insurance policies?
  • What recovery costs does cyber insurance cover?
Event Recording
High-security & interoperable OAuth 2: What's the latest?
May 10, 2023

OAuth is a widely used authorization framework that enables third-party applications to access resources on behalf of a user. However, it has been historically difficult to meet very high security and interoperability requirements when using OAuth. Daniel and Joseph have spent much of the last five years working to improve the state of the art and will present the latest developments in the field.

There are challenges when trying to achieve high security and interoperability with OAuth 2: Many potential threats need to be addressed, some not part of the original OAuth threat model. To seamless authorizations, optionality must be minimized OAuth itself and also in any extensions

Six years ago, the IETF OAuth working group started work on the Security Best Current Practice document and more recently on OAuth 2.1. Meanwhile, the OpenID Foundation has created FAPI1 and FAPI2 security profiles.

We will introduce these specifications and help you understand the focus of each document and when to use which. We show how to achieve on-the-wire interoperability and high security through the use of techniques like asymmetric client authentication and sender-constraining via DPoP and MTLS. We highlight the benefits for implementers and the role of conformance testing tools.

Event Recording
Real-time Fraud Detection - Challenges and Solutions
May 12, 2023

Fraud can be considerably reduced via speed, scalability, and stability. Investigating fraudulent activities, using fraud detection machine learning is crucial where decisions need to be made in microseconds, not seconds or even milliseconds. This becomes more challenging when things get demanding and scaling real-time fraud detection becomes a bottleneck. The talk will address these issues and provide solutions using the Hazelcast Open Source platform.

Event Recording
IGA Everywhere - Creating your Future Security Ecosystem
May 10, 2023

Identity Governance and Administration (IGA)is a core component of Identity and Access Management (IAM) infrastructure and refers to integrated solutions that combine Identity Lifecycle Management (ILM) and Access Governance. IGA helps to cut costs, increase security, improve compliance, and give users access to the IT resources they need.

Depending on maturity in terms of IAM, some organizations may need to bolster their capabilities in ILM while others need to focus on Access Governance. But most organizations are looking for a comprehensive IGA solution, that combines traditional User Access Provisioning (UAP) and Identity and Access Governance (IAG).

Event Recording
Navigate the DR (Detection & Response) Jungle: EDR, EPDR, XDR, NDR, MDR, ITDR
May 11, 2023

ITDR: Is this really something new, given that around 80% of the cyberattacks are identity-related, from password phishing to bypassing MFA? Is it a separate discipline or just a part of XDR (Extended Detection and Response)? Or a new name for what Access Management and FRIP already do?

As always, there is something new and relevant in this. The fundamental question for many organizations will be on how to address the identity threat challenge best. Does it require new or different tools, or just a different use of what is already there? What to look for specifically? And how to reduce the risk of identity-based attacks? Is ITDR the core, or better identity protection? These questions will be answered in this session to help you navigating through the buzzword jungle.

Event Recording
From A (ACLs) to Z (Zanzibar): Standardizing Access Policies with IDQL/Hexa
May 10, 2023

The adoption of multiple clouds is accelerating across all industries. While multi-cloud brings many benefits, it also results in new challenges. Organizations must manage platform-specific access policies in the bespoke policy syntax of each cloud.
Security and risk gaps arise between cloud identity systems due to the increased policy fragmentation and technical complexity that can obscure visibility and make it difficult to determine who has access to what.
These challenges grow exponentially when you consider the various access policies (and system languages) associated with each data, network, and platform layer (and vendor) in an organization’s tech stack.
This session will describe an open-source solution to multi-cloud access policy fragmentation: Identity Query Language (IDQL) and Hexa Orchestration. IDQL and Hexa are two sides of the same coin that together perform policy orchestration across incompatible cloud platforms.
IDQL is the universal declarative policy language that can be translated into a target system's proprietary or bespoke access policy format. Hexa is the open-source reference software that brings IDQL to life and makes it operational in the real world by connecting to target systems and performing the three main functions of discovery, translation, and orchestration.
Hexa Policy Orchestration was recently accepted as a Cloud Native Computing Foundation (CNCF) sandbox project. The session will include a technical review of Hexa plus a demonstration of current capabilities.

Event Recording
Assignment Based Access
May 10, 2023

In the current economical climate many companies are facing the need to restructure the operations to ensure efficieny and profitability.

This does in some cases result in layoffs but is also means that projects are cancelled and the staff that was assigned to these projects are freed up for other efforts. In IAM terms the results is a lot of movers in the organisation which traditionally has been a usecase that has been challenging to efficiently support.

How do we help the business and support the need for assignment based access to ensure efficient usage of staff? This talk will look at the lessons learned from implementing assigned based access at a global retailer. It may also include Swedish meatballs, flatpack furniture and moose hunting towers.

Event Recording
Why Policy-Based Authorization is Critical for Identity First Security
May 09, 2023

The enterprise perimeter is now its data objects, APIs, applications, and its users are now the workforce, customers, partners and in many cases, machines. In this new, decentralized, and highly segmented world, CISOs and IAM leaders find themselves struggling with multiple systems and interfaces that control the most basic question: Who has access to what and when? 

In this session, we will present a new architecture for Identity First Security based on Centralized Access and Authorization Policy Management Platform, and discuss pro and cons, specific real-world implementations.

Event Recording
When will my Digital ID Wallet Work all Over the World?
May 11, 2023

When I travel aboard or do business with someone from outside my country, my payment cards and phone work across international boundaries. When will my Digital ID do the same?

This presentation will share how OIX’s work on Global Interoperability, part of the GAIN initiative, is defining how this will be possible through smart digital IDs or wallets that dynamically adapt to the policy rules of each new trust framework they encounter in a way that works seamlessly for the end user.

So, when I fly to the EU from the US my Digital ID from my US based wallet provider reads the rules of the EU trust framework and simply adapts. I don’t need to get a new local Digital ID for my visit to the EU. The EU trust framework policy rules will be described using a new globally applicable Open Policy Rules Exchange Framework that allows all frameworks to publish their policy characteristics in a standard machine-readable way.

My digital ID wallet contains key ‘golden credentials’ that should be accepted all over globe: passport, driving licence, bank account, telco account and my digital national ID card. Each trust framework will value these differently in its own Assurance Policy, which can also be published via the policy rule exchange framework. To make this work, new proofing and data content standards for some of the golden credentials will be required.

Technically, exchange of policy rules will be a decentralized approach, where policy rules are shared directly from each trust framework only to wallets they trust. The presentation will also outline the technical architecture to underpin this, and how the Open Policy Rules Exchange Framework will fit as a policy component as part of the Open Wallet Foundation architecture.

OIX is working with and analysing various trust frameworks around the global to create the Open Policy Rules framework, including the UK, Canada, EU, Australia, Singapore, MOSIP and Bank ID Sweden.

Come and find out more about how OIX’s vision of allowing us all to have a trusted Digital ID that can be accepted anywhere in the world can be achieved.

Event Recording
May 09, 2023

The act of identifying oneself to a website or service is a ceremony so common that we don’t often pay attention to it. The muscle memory we have built up over years of performing this ceremony over and over, day after day, obscures both potential changes to this not-always-so-simple act and ways we could make these ceremonies easier and more effective. 

In this talk, Ian Glazer, will:

  • Give an overview of the many kinds of user-facing ceremonies 
  • How these ceremonies are changing
  • How they could change even more and the implications for end-users
Event Recording
All the IAMs - Modern Convergence of Digital Identity for Different Populations
May 09, 2023