KuppingerCole's Advisory stands out due to our regular communication with vendors and key clients, providing us with in-depth insight into the issues and knowledge required to address real-world challenges.
Compare solution offerings and follow predefined best practices or adapt them to the individual requirements of your company.
Meet our team of analysts and advisors who are highly skilled and experienced professionals dedicated to helping you make informed decisions and achieve your goals.
Meet our business team committed to helping you achieve success. We understand that running a business can be challenging, but with the right team in your corner, anything is possible.
Various large organizations typically have invested heavily in SAP as well as IGA. There comes a point where the two systems start overlapping functionalities. This session will provide a viewpoint on an integrated IGA approach based on organization needs.
Various large organizations typically have invested heavily in SAP as well as IGA. There comes a point where the two systems start overlapping functionalities. This session will provide a viewpoint on an integrated IGA approach based on organization needs.
You heard about Verifiable Credentials and decided to learn more. You found some stuff online, but despite knowing your way thru identity, you still can't really tell how they work in practice (wallets? presentations?) or how the boldest claims (no more centralized DBs! Apps cannot save PII!) will play out. This session will dive into VCs and separate the hype from their true, remarkable potential.
Open Banking is a true global movement that has already been implemented in many countries and being implemented in many others in the next few years. While the overall objective of Open Banking is the same, every implementation is different. This session will provide an overview of analysis of different ecosystems, different approaches to implementation, industry standards used, best (and worst) practices and potential future developments.
Identity and API security are key building blocks for any trust ecosystem supporting Open Banking. We will explore why every Open Data project becomes an identity initiative.
Italy has two National Digital Identity schemes, namely: SPID and CieID (leveraging the national ID card). Both of them are based on SAML2 and are on their way to supporting OpenID Connect. The reasons for this decision are numerous, and they are primarily related to OpenID Connect Core features such as flexibility, ease of implementation, better support for mobile applications, and widespread adoption, particularly in the private sector. To manage this transition, we considered several documents by the OAuth working group describing security best Current Practices and the OpenID Foundation specifying a profile for iGov and a framework for federation. In particular, the latter defines a hierarchical federation model with high security, interoperability, scalability, and transparency based on dynamic delegation mechanisms; Italy is an enthusiastic early adopter.
In this talk, we introduce the Italian OpenID Connect profile based on the iGov and federation profiles and explain the main security measures that we considered within our design from the aforementioned standards and available best current practices. We also discuss how the Italian OpenID Connect profile contributes to the iGov and OpenID Connect Federation documents. We conclude the presentation with a brief discussion of eIDAS 2.0 and some of the ongoing preliminary works in the context of the Italian digital identity ecosystem to move toward an SSI-based solution using the Italian OpenID Connect profile as a starting point.
With the ever-increasing number of cyber-attacks, level of fines and unstable geopolitical climate, organizations are looking to better protect themselves against data breach by deploying phishing resistant authentication for their workforce.
FIDO combines the benefits of high security with a standards-based approach, but with its background in the consumer world, including privacy by design, how does it fit into an enterprise deployment with the increased demand for identity management?
This session will discuss:
The Trust Over IP Foundation (ToIP) is focused on the centerpiece of the ToIP stack: the trust spanning protocol that will do for identity interchange what the Internet Protocol did for data interchange. This panel will explore how this will enable ubiquitous, trusted, interoperable identity exchange.
The internet was designed without a trusted identity layer to connect physical entities to the digital world. This layer is now emerging in the form of decentralized digital identity systems based on digital wallets and digital credentials. ToIP was founded by a pan-industry group of leading organizations with a mission to provide a robust, common set of standards forming a complete architecture for internet-scale digital trust. The ToIP Technical Architecture Specification V1 was completed earlier this year. Now ToIP is focusing on the keystone to ubiquitous identity, the ToIP Trust Spanning Protocol. This protocol will do for identity interchange what the Internet protocol did for data interchange.
This interactive panel, moderated by ToIP’s Executive Director, will explore the views of its member organizations for a lively and engaging debate on how we finally establish trust in the digital age. Come to this panel to understand the why, how, and when of this new protocol.
Holcim is the Global leader in innovation and sustainable and building solutions and we are offering different digital solutions to the partners (Customers, suppliers, carriers...) making business with us. The identity among those solutions definitely need to be centralized under a CIAM solution mainly focused in the Business to Business setup in order to improve management, customer experience and compliance with regulations. During this session, it will be shared the main pain points and the lessons learnt after more than one year rolling out a CIAM program.
Authorization in modern applications is becoming increasingly complex, particularly when it comes to managing access to resources at the individual user and group levels. OAuth has become a widely-used standard for granting access to resources on behalf of a user, but it is not well-suited for these more nuanced use cases. In this talk, we will explore the confusion surrounding the use of OAuth for user and group-focused authorization in applications. We will discuss the standard meaning of authorization in OAuth, which is to grant access for an application to call APIs on behalf of the user, and how misusing OAuth for this purpose can lead to bad architecture and bloated JWT tokens. We will also introduce alternative standards like UMA (User-Managed Access) and GNAP (Group-Based Nested Access Protocol) as potential solutions for user and group-controlled resource delegation. These standards provide a more fine-grained and dynamic approach to access control and can be integrated with policies created by a PBAC (Policy-Based Access Control) server for a more comprehensive solution. Attendees will leave with a better understanding of the limitations of OAuth for user and group-focused authorization, and with a clear understanding of the potential of UMA and GNAP as solutions for these use cases.
To date, the world has progressed identity, authentication, and open banking as disparate initiatives. While strengthening each of these independently has indisputably contributed to growing trust, bolstering data privacy, and mitigating the security risks that are today inherent in our every digital interaction, this ‘divide-and-conquer’ approach is unlikely to be sufficient to propel us to the best possible economic and user experience outcomes.
Join this panel of experts to understand how some of today’s most respected thought leaders suggest how convergence across identity, authentication, and open banking can accelerate our journey to a trusted digital marketplace- our collective North Star.
The whole is indeed much larger than the sum of the parts. Join us-
Fraud is a major cost to businesses worldwide. Cybersecurity Ventures estimates that cybercrime costs will reach $10.5 trillion by 2025. Banking, finance, payment services, and retail are some of the most frequent objectives of fraudsters, as expected. However, insurance, gaming, telecommunications, health care, cryptocurrency exchanges, government assistance agencies, travel and hospitality, and real estate are increasingly targeted as cybercriminals have realized that most online services trade in monetary equivalents. In this session we will look at critical capabilities for FRIPs and provide an overview on the solution market.
This session will provide an overview of the market for Passwordless Authentication products and services and will present a compass to help you to find the Passwordless Authentication product or service that best meets your customers, partners, or workforce needs. KuppingerCole´s Alejandro Leal recently published a Leadership Compass for Passwordless Authentication and examined the market segment, vendor product and service functionality, relative market share, and innovative approaches to providing Passwordless Authentication solutions.
By now, organizations are well aware of the need for better protecting data and application with modern access management and authentication.
Thales and Microsoft partner to help organizations going passwordless to fight against phishing attacks. Thales and Microsoft experts Sarah Lefavrais and Thomas Detzner will talk about the role of Fido and other phishing resistant authentication methods like CBA in achieving Zero Trust approach.