So to understand these three topics a little better, we have organized some help for us. For the first topic, we have a true heavy weight of the identity and security industry. Please welcome co-founder and principal Analyst of Kuppinger called Martin. Kuppinger.
Thank you. Be I'm, I'm not exactly sure how I should take this heavyweight thing. At least I'm down over last couple of weeks. So, but anyway.
Well, Martin identity fabrics, I think that's written on your forehead. How would you identify, or how would you define identity fabrics for those who didn't go to the, the workshop in this morning? I think you were focusing on it. Yeah. How would you describe it to the people who are not familiar with it?
How would I describe it? So maybe let's start with where did this concept evolve from? It was really from stepping back in in various conversations and thinking about what is the real trouble of identity management. It's providing access to everyone and everything in a seamless yet secure yet well government manner to every type of resource, system, service, whatever. And what we do need in between our different services. So there are capabilities we put together into services and in some way. So this term fabric, you can understand it as a fabric in that sense, or you can understand it as something that produces or mesh in that sense or a production that it's both, it's bringing together all these different identity services, the mesh aspect, and it produces its cares for that we really can execute on that. And this is the, the foundation. And I believe also from, from modern, well probably modern 3D in identity management, the broad identity space that we need to have a sort of a bit more holistic and comprehensive perspective on identity management. And this is the fabric which we can evolve, where we can transform into from our legacy. Im into modernization. It's as a mesh, it's very much based on APIs, on integration, but also on exposing APIs so that digital service can consume identity services. Not just we create a user account somewhere in a target system, but a system can ask the identity fabric for a service. So this is the, I would say the bigger picture in a nutshell. So
Can we say it's on the strategic level or is it really technical?
It is both. It is strategic in the sense of it helps creating a blueprint, an overall picture, and identity management. It is on the concrete level because there's the methodology behind to sort of make this work in practice. So how to build your own fabric from the bigger picture to the concrete roadmap to the implementation. What are the things you should care for? What is it? What makes other fabric? This is all in that at different levels and it has proven to be very well suited to what organizations need. So I've seen quite a number of identity management blueprints of organizations that resemble very much in the laughters the identity fabric picture.
And who in an organization would be main operator consume or, or concerned with this?
That's a good question because I, I think I talked about every human, every, so everyone and everything. So it's not just enterprise or workforce identity management. I think this is very important and there truly is a blurring line to some of the other key themes like decentralized identities. So it is something which impacts everyone because we look at identities of customers and consumers, of partners, of employees of services and things and so on. So human silicon identities, so to speak. And so it concerns everyone usually from an organizational perspective because it's part of identity, it's part in that case since part of cybersecurity, it is the cso, which plays a very vital role in that because I am usually nowadays is part of the CSO domain, but it also means we need to engage with the business, take digital services. When we expose API's, digital services, we are talking with all the business units that are building digital services. So at the end, it's a joint effort.
Okay. Joint matter and a business process. Yes. Is that correct?
Yes. It it, it must fit to that business process. And they are processes also. You know, I believe for instance, when we bring together some things like decentralized identity and the identity fabric and traditional things, we can improve a lot of processes and save a lot of cost for instance, for onboarding. So there is a huge potential and we definitely must not only see this as an administrative tool anymore. I
Have, I have also one question. You, I know you had a four hours workshop this morning. Any particular outcome, what you would like to share with everyone?
First huge interest in this workshop. I think what really came up again and again, this policy-based access. So moving away from steady entitlements towards policy-based access towards something we can do dynamic at runtime across a range of domain domains from digital services. Very simple with OPA or policy agent to how do we implement this for the legac piece of our it.
All right, so thanks. Thanks Martin. Welcome please thank Martin everyone for his insights. Thank
So for the second topic which goes beyond item access of the enterprise, so beyond the enterprise saying decentralized, please welcome, help me to welcome Daniel Gol Schneider on stage. Welcome Daniel.
So welcome. Daniel, you also had an interesting workshop, which I was one hour able to attend this morning with the Open Wallet Foundation, which you founded and which you are running. And you told us about the status quo. What is the mission of the Open Wallet Foundation?
Okay. So that's understood you are not a wallet, but you are doing some development I learned. Yes. So what is the status?
So here at eic, we have actually announced the first two code contributions in the SD jot space. And there will be quite a few more. The idea is that the open wallet foundation is not trying to act as a king maker. We're not saying this is a good credential format and that's a bad credential format or this is a great protocol and this not so much. We're trying to bring developers together that care about specific technologies, whether that's iso, mdl, mdoc, whether that's verifiable credentials or a non-res or SD jobs or MDs and vs tokenization for credit cards. The idea is to bring developers together that share a goal of creating great reference software for those standards.
Okay. And what is your outlook? Do you think that, at what time do you think that wallets or decentralized identity or ssi, I'm just juggling all together. I know there is a difference, but when do you expect this will be the preliminary main way of managing identity?
I think that's in
That's a good question. I mean, who here is using Apple Pay, Google Pay, Samsung Pay? Can you raise your hands if you do so? Man, that's probably more than 50%, quite a bit more than 50%. And I mean that's relatively new. We believe that what's happened with Apple Pay and Google Pay and Samsung Pay is going to happen with identity as well. The digital wallet is going to become as important, if not more important than the physical wallet that you carry. So in our opinion in you know, the next five years, the digital wallet is going to pervade almost every aspect from payments to identity, to gaining access to your car or gaining access to a hotel room. The wallet is going to be in the center and the question is, what's the right paradigm to create wallets? And we believe fundamentally that we should do this together for-profit companies, non-profits as well as government officials.
And you're also working together with other organizations?
Yes, we're working together with quite a few. So we launched the Open Wallet Foundation with 40 members, 20 of which are for profit companies and 20 members are nonprofit. A lot of those are SDOs. So we work, for instance, with the Open ID Foundation, the Decentralized Identity Foundation Trust over IP Hyperledger. And the idea is to ensure that we can really work hand in glove. You know, we don't try to create standards. So every time someone mentions something at the Open Wallet Foundation and says, Hey, should we tweak that standard a little bit? The idea is that we can say this is a wonderful idea, but you should do that at the Open ID Foundation because they maintain this standard. Conversely, if you are at a standardization organization and someone says, shouldn't we have great reference code for that standard? We hope that they're going to mention the Open Wallet Foundation and then we can take care of that.
Daniel, thanks for this.
Thank you very much.
Please give Danielle big hand for his inside. And then of course, the other big topic of this conference no surprise is ai and we have one chap who would like to make us a little familiar with that topic. Please welcome Scott David on scuba. You go first.
Yes. Well, I have one big question. Yes. We talk about AI and it, the term tends to be used everywhere, even when it's just rule-based access or whatever everyone calls everything. Yeah. Ai. And we're talking about generative ai. Could you tell me the difference or define generative ai?
Well, you know, it's, it's interesting. I, years ago I was at a Frisbee team with Peter Norwig, and some of you may know his name used at Google and ran their research for many years, AI leader. And he said to me 15 years ago, and I was having lunch with him and he said, AI has become, and this is 15 years ago, had become more like chemistry where if you, in a, in a chemistry, you walk into a lab, it has a certain aroma, people are wearing white jackets. So he said it's really important to think of AI not as one thing as many things. And so I think one of the, there was an article in Nature magazine recently that alluded to the fact that LLMs are ba bottom up, but they're top-down models. And I think one of the things that's gonna be really important is for us to be aware of those differences. The, the large language models, they're statistical, so they're doing averages kind of, and distributions of the positions of words relative to each other. So in a way that's, I think some people call it a kneeling, it's taking human with the way humans communicate and using that as a basis for the generation of what we are looking at as ideas. And so it's important for us to understand if and when we're seeing something beyond a parroting back of what we was fed in, in the information.
Okay. And on a scale of the development of generative ai, let's say it's like if we compare it to the life era of a human person, what's the age? Would it be a toddler, would it be a grownup or a teenager? It's as, as in your view,
Zygote. I was a zygote.
Yes. For those of you aren't biologists a very early instantiation of a living thing. So I think we're really at the very, very early period of it. And but, but unlike a biological human, the generation will be really quick. I think we're gonna see, and I'll allude to this in in my presentation in a few minutes, a very, we're on the steep part of an exponential curve now. And so not with, it's not gonna be a linear growth in any way. And I think that's something we really need to prepare for, is to understand how to address the very, very dynamic changes we're gonna see.
Thank you. You're going to refer to this in your Yes, indeed. Coming upcoming? Yep. Keynote. Keynote. Yes.