Event Recording

Rogue on Steam? Risks and Rewards of a Seamless Digital Life in the Metaverse

Speaker
Katryna Dow
CEO & Founder
Meeco
Katryna Dow
Katryna Dow is the founder and CEO of  Meeco ; a personal data platform that enables people to securely exchange data via the API-of-Me with the people and organisations they trust  Katryna has been pioneering personal data rights since 2002, when she envisioned a time when...
View profile
Playlist
European Identity and Cloud Conference 2023
Event Recording
FIDO2: The Train is Leaving the Station
May 11, 2023

The FIDO Alliance is working to change the nature of authentication with open standards that are more secure than passwords, simpler for consumers to use, and easier for service providers to deploy and manage. While initially focused on the consumer space FIDO2 holds advantages for the enterprise willing to break the mould on legacy authentication models.

This session will look at the components of a FIDO2 environment and investigate the options for FIDO deployments. A view of the possible future of FIDO will be discussed.

Event Recording
Graph-Based Access Control: What, Why and How ?
May 11, 2023

“Graph-Based Access Control'' (GBAC) is a generic term that refers to the use of graphs and networked data to solve Identity and Access Control problems. You may have seen this before through the disguise of acronyms such as ReBAC (relationship-based), KBAC (knowledge-based), PBAC (policy-based), NGAC (Next-Generation), FGA (fine-grained), and even some implementations of ABAC (attribute-based). All of these terms refer to techniques that use graphs to enforce access-control for any level of coarseness.

In this session you will learn why all the latest Dynamic Authorization offerings on the market use GBAC in a way or another, and how you can successfully adopt the technique yourself. Graphs are becoming ubiquitous - one can just look at the rise of the GraphQL API model to witness their popularity first-hand. Through concrete, real-life examples we will showcase the use of graphs to solve common access problems using the same modern and future-proof techniques that you see in the current authorization market.

As a result, storing all identity data in graphs truly unlocks its full potential. Graphs are data-science and analytics enablers, and have the potential to transform the IAM practice from a cost centre to a true revenue generator. We’ll explore how this can happen for you too…

Event Recording
Decentralized Identity - Why is it all the Rage?
May 11, 2023

From digital identity to full scale digital trust, this session is perfect for anyone new to identity, as well as identity professionals who are trying to get a handle on what decentralization is all about and why it is so important for Internet-scale digital trust.

In this session, we will cover a brief history of how the identity landscape has gone through an evolution from the dreaded username and password, through centralized, federated and social logins, to now the need for decentralized solutions that support digital trust for both human and objects.

We will explain the various actors involved in a decentralized identity trust triangle, what role technology plays (e.g., digital wallets and digital credentials), and how governance of an ecosystem fits in to create the trust diamond. We will discuss various technical components that may be employed and what is required — and more importantly what is not? We will also present how decentralized trust solutions can support the trust of objects that have nothing to do with human identity, but are necessary to create a digital trust landscape that enables digital transactions to happen seamlessly, efficiently, and automatically.

We’ll also touch on how the traditional identity solutions and emerging decentralization can co-exist in context appropriate settings.

Event Recording
The European Union Goes Decentralized - Standards and Technical Architecture Behind eIDAS V2
May 12, 2023

The European Union’s regulation on Digital Identity, eIDAS, is currently being overhauled to adopt decentralized identity principles. The goal is to provide all citizens and residents across the EU with highly secure and privacy preserving digital wallets that can be used to manage various digital credentials, from eIDs to diplomas to payment instruments. Decentralized identity principles aim at giving freedom of choice and control to the end-user. Ensuring security and interoperability, however, will be challenging — especially in the enormous scale in terms of users and use cases the EU is aiming at. The choices made in eIDAS will have a huge impact on digital identity in the EU and beyond.

The so-called “Architecture and Reference Framework” (ARF) defines the technical underpinnings of eIDAS v2. Many experts from the member states and the Commission have been working on this framework over the last year, trying to select the best combination of technologies and standards out of the enormous number available in the market today. This talk will introduce the ARF and explain what architectural patterns and technical standards are adopted and how the challenges mentioned above are addressed in order to leverage on the vision of the eIDAS v2 regulation.

Event Recording
Cyber Insurance Claims & Denials
May 12, 2023
Event Recording
IGA Everywhere - Creating your Future Security Ecosystem
May 10, 2023

Identity Governance and Administration (IGA)is a core component of Identity and Access Management (IAM) infrastructure and refers to integrated solutions that combine Identity Lifecycle Management (ILM) and Access Governance. IGA helps to cut costs, increase security, improve compliance, and give users access to the IT resources they need.

Depending on maturity in terms of IAM, some organizations may need to bolster their capabilities in ILM while others need to focus on Access Governance. But most organizations are looking for a comprehensive IGA solution, that combines traditional User Access Provisioning (UAP) and Identity and Access Governance (IAG).

Event Recording
Identity Security Implementation and Deployment in KONE
May 11, 2023

In this talk, Krishna Balan Kannappan will describe Kone´s path to a holistic and integrated Identity Security infrastructure.

  • IDM Deployment in KONE includes Lifecycle management of KONE Internal Users and non person accounts. Automated Processes in IDM ensures that minimum accesses required for Internal Users are granted automatically based on User Attributes and all accesses are removed automatically when user leaves the organization. Non Person accounts are hardened automatically based on the usage.
  • Applications authorization is managed by IDM using various provisioning mechanisms.
  • Applications authentication is controlled by Azure AD, MFA enabled is mandated for all applications and end users.
  • Admin Accounts used for Accessing KONE Infrastructure and Workstations are managed in IDM(Microsoft recommended Tier based model is used).
  • Self Service allows Role Owners and Account Owners to Create Access Reviews, Manage Passwords, Manage Access.
  • KONE SOC team uses IDM for performing emergency actions to disable/enable/reset Password of AD Accounts.

Privilege Access Management:

  • KONE uses PRIVX as the PAM Solution for allowing access to Infrastructure. PAM is integrated with IDM for authorizations. PAM Solution ensures KONE Infratructure cannot be accessed outside PAM by access controls and continuous monitoring.
  • PAM Uses Separate MFA for added Security.
  • Automations are implemented to onboard/offboard Application servers into PAM

DevSecops model is used for Development, automated deployments, Security Scans and automated Testing.

Event Recording
How to Build Interoperable Decentralized Identity Systems with OpenID for Verifiable Credentials
May 10, 2023

OpenID for Verifiable Credentials (OID4VC) is a set of protocols that enables issuance and presentation of verifiable credentials expressed in any format including but not limited to W3C vc-data-model and ISO/IEC 18013-5 mDL. The power of the protocols lies in its demonstrated simplicity, security, and the implementer's ability to make choices across the tech stack - not just for credential formats, but also entity identifiers, trust model, crypto suites, revocation mechanism, etc. However, this also means that to be interoperable and enable certain use-cases(s), implementers need to agree on the sets of choices across the tech stack, usually referred to as interoperability profiles.

In this talk, we will share implementation experience of OID4VC specifications, and introduce existing interoperability profiles based on OID4VC. Of course we will also provide updates to OID4VC specifications, how they have evolved from the last year based on an overwhelming amount of implementation feedback.

Event Recording
Lessons Learned from Projects Using Verifiable Credentials in the Education Industry
May 12, 2023

I will talk about lessons learned from several projects which tried to adopt verifiable credentials as learning credentials in educational institutes such as interoperability with the OpenBadge credentials.

Event Recording
Hybrid IAM: Interoperable Verifiable Credentials for Workforce Identity
May 11, 2023

The past few years have seen a startling increase in decentralized technologies for Digital Identities. So far, much of their adoption has been limited to academic or proof-of-concept integrations (barring some shining examples) rather than consolidated production-ready use cases.

Generally, there isn't an enforced link between real-world and digital identities, and rightfully so. Still, enterprises' policies and regulations mandate companies to ensure restricted access to reserved data and undeniable attribution, which collides with general anonymity and distributed principles. Albeit SSI technologies aim at filling this gap with trusted-yet-privacy-preserving solutions, companies still need to consolidate digital identities and collapse them into a well-defined entity. We will talk about a hybrid approach to classic IAM for workforce management including W3C native credential integration with solidified and well-established SSO federations. In other words, delegate to the end users the choice of which identity technology to use as long as they can provide a trust chain that the companies can verify.

Event Recording
Lessons Learnt Rolling Out a B2B CIAM Program
May 12, 2023

Holcim is the Global leader in innovation and sustainable and building solutions and we are offering different digital solutions to the partners (Customers, suppliers, carriers...) making business with us. The identity among those solutions definitely need to be centralized under a CIAM solution mainly focused in the Business to Business setup in order to improve management, customer experience and compliance with regulations. During this session, it will be shared the main pain points and the lessons learnt after more than one year rolling out a CIAM program.

Event Recording
Opening Session
May 09, 2023