Event Recording

Interworking of Verifiable Credential Products

Show description
Speaker
Dr. David Chadwick
CEO
Truetrust Ltd
Dr. David Chadwick
David runs his own consultancy company, Truetrust Ltd. Prior to this he was Professor of Information Systems Security at the University of Kent, and then CEO of Verifiable Credentials Ltd (VCL), a university spin out that designed and built one of the world's first W3C Verifiable...
View profile
Playlist
European Identity and Cloud Conference 2023
Event Recording
Digital Organizational Identity With the Verifiable Legal Entity Identifier (vLEI)
May 12, 2023

With heightened reliance on remotely delivered services and transactions, the need for safer and sounder digital identification and verification is required and will become the norm in the future. This especially is true looking forward to mandates for the adoption of zero trust frameworks in which digital credentials will be issued and then used for identification and operational purposes. GLEIF is committed to making concrete and lasting improvements to the process of identity verification by leveraging the Legal Entity Identifier (LEI) in digital tools. GLEIF has made the LEI verifiable by creating the vLEI (verifiable LEI) with digital credentials that deliver decentralized identification and verification for organizations as well as the persons who represent their organizations either in official or functional roles. GLEIF has made much progress on developing the governance, credentials and infrastructure since introducing the vLEI in 2020 and will share an updated at this progress in this session.

Event Recording
Identity Security Implementation and Deployment in KONE
May 11, 2023

In this talk, Krishna Balan Kannappan will describe Kone´s path to a holistic and integrated Identity Security infrastructure.

  • IDM Deployment in KONE includes Lifecycle management of KONE Internal Users and non person accounts. Automated Processes in IDM ensures that minimum accesses required for Internal Users are granted automatically based on User Attributes and all accesses are removed automatically when user leaves the organization. Non Person accounts are hardened automatically based on the usage.
  • Applications authorization is managed by IDM using various provisioning mechanisms.
  • Applications authentication is controlled by Azure AD, MFA enabled is mandated for all applications and end users.
  • Admin Accounts used for Accessing KONE Infrastructure and Workstations are managed in IDM(Microsoft recommended Tier based model is used).
  • Self Service allows Role Owners and Account Owners to Create Access Reviews, Manage Passwords, Manage Access.
  • KONE SOC team uses IDM for performing emergency actions to disable/enable/reset Password of AD Accounts.

Privilege Access Management:

  • KONE uses PRIVX as the PAM Solution for allowing access to Infrastructure. PAM is integrated with IDM for authorizations. PAM Solution ensures KONE Infratructure cannot be accessed outside PAM by access controls and continuous monitoring.
  • PAM Uses Separate MFA for added Security.
  • Automations are implemented to onboard/offboard Application servers into PAM

DevSecops model is used for Development, automated deployments, Security Scans and automated Testing.

Event Recording
Biometrics for Identity Assurance
May 10, 2023

In many respects, identity programs are inherently vulnerable because they often rely on something that is shareable; something that a person knows or something that they have. 

Join iProov to hear how biometrics can improve security for both digital and physical access.  Included in this presentation will be guidance on: aligning biometrics to high-risk inflection points in the identity lifecycle; important considerations for inclusivity; and how to mitigate the risk of generative AI in modern attack methodologies.

Event Recording
FIDO 2: Zero Trust in Action with Passwordless Phishing Resistant Authentication
May 10, 2023

By now, organizations are well aware of the need for better protecting data and application with modern access management and authentication.
Thales and Microsoft partner to help organizations going passwordless to fight against phishing attacks. Thales and Microsoft experts Sarah Lefavrais and Thomas Detzner will talk about the role of Fido and other phishing resistant authentication methods like CBA in achieving Zero Trust approach.

Event Recording
Designing Your Future Identity Fabric Program
May 10, 2023

An Identity Fabric Program program moves beyond established tooling and focuses on outcomes and the elimination of technical debt or heavy customizations that hinder the organization’s ability to deploy at scale. Identity Fabrics shift the focus from tactical or manual operations to more strategic functions that are optimized to business objectives. Identity Fabrics are key to successful digital transformations and therefore a sustainable deployment strategy will deliver recognized business value and a significant competitive advantage.  

Event Recording
What’s Next In Enterprise Authorization
May 11, 2023

As organizations undergo digital transformation to zero-trust architectures, identity-driven security becomes a critical aspect. Beyond new authentication technologies, organizations must have strong authorization controls. Today, if and when an identity is compromised, the attacker can make lateral movements with very few restrictions and access a wide range of critical systems and information. Much of this over-permissive environment can be attributed to manual permissions management processes that are hard to maintain over time. Role-based Access Control (RBAC) and Attribute-based Access Control (ABAC), which underlie these manual processes, provide a good baseline for access security. However, their complexity grows over time and the management overhead they place oftentimes subvert the very goals of security and compliance they are deployed for. Just-In-Time Access Management (JITAM) represents a new robust and secure authorization strategy that can reduce the need for periodic access certifications and manual role administration, while providing auditability. Learn how the authorization space is rapidly changing from RBAC and ABAC to JITAM, and how it could benefit your organization.

Event Recording
Ceremonies
May 09, 2023

The act of identifying oneself to a website or service is a ceremony so common that we don’t often pay attention to it. The muscle memory we have built up over years of performing this ceremony over and over, day after day, obscures both potential changes to this not-always-so-simple act and ways we could make these ceremonies easier and more effective. 

In this talk, Ian Glazer, will:

  • Give an overview of the many kinds of user-facing ceremonies 
  • How these ceremonies are changing
  • How they could change even more and the implications for end-users
Event Recording
From Identity Theft to Identity Threat to Identity Security
May 10, 2023

Identity has been always an ambiguous term. Identities exist in a sociocultural and organizational context and in technical ones. We have Digital Identities and eIDs and not only do individuals have identities but so do organizations and non-humans, especially in technical contexts.

Identities had been always under threat, starting with theft of individuals’ identities and credentials in the physical world, such as credit cards and passports. However, these threats have not been on a large scale. We all know that this has changed dramatically with the digitization of everyone and everything. Social engineering, phishing emails, buying credentials in the dark web have become a serious threat to businesses and individuals. These threats have reached new heights with the numerous attacks on identity infrastructures, be it corporate directories or government eID infrastructure.

In this panel, we will explore the identity threats to individuals and organizations, how they are managed, and how identity security can be achieved from a prevention, detection, and management perspective.

Event Recording
Adaptive Protection for Identities
May 10, 2023

Decentralized Identity protection is important in data collaboration because it helps to protect the privacy and security of individuals and organizations involved in the supply chain. By ensuring that only authorized individuals have access to sensitive information, identity protection helps to prevent data breaches and other security incidents.  A chain of trust establishes a series of checks and verifications that ensure that the data being shared is accurate and trustworthy. This is critical in the context of supply chain regulations, where inaccurate or incomplete information can have serious consequences for compliance and risk management.

In the second part of the talk, we will explore the concept of adaptive protection for identities in Microsoft Purview. By using a combination of machine learning, behavioral analysis, and risk-based decision making, we can create a dynamic system that adapts to new threats in real time. This approach offers a more proactive and effective way to safeguard identities, and can be applied across a range of industries and contexts. Together, we can work to develop a more robust and resilient digital identity ecosystem that protects individuals and organizations alike.

Event Recording
Rogue on Steam? Risks and Rewards of a Seamless Digital Life in the Metaverse
May 10, 2023
Event Recording
Big Bang to the Cloud - Lessons Learned from a Successful Large-scale Production System Migration
May 10, 2023

Managing access is a critical capability for the IT infrastructure of any enterprise, especially when dealing with over 6,800 integrated applications used by millions of authentication requests. Due to the increasing demand for availability, scalability, and support for market-specific customizations, as well as the migration of more products and applications to the cloud, we had to migrate our infrastructure and application stack to the AWS cloud. This stack had been introduced in an on-premises setup in 2017 and now follows modern paradigms such as GitOps, Everything as Code, and highly automated processes based on Service Layers and ForgeRock. Our main concern was ensuring that the integrated application landscape remained functional during the migration without experiencing any impact or downtime.

During this presentation, we will share our experience and discuss the key takeaways from our successful large-scale production system migration to the cloud, including:

  • Understanding the target architecture for the migration project
  • Identifying the challenges that arise during cloud migration
  • Discovering strategies for minimizing the impact on integrated applications during the migration process.
Event Recording
Identity Data, Observability & Analytics - The Road to Identity First Security
May 10, 2023

Data is foundational to business intelligence - but how do you translate that into identity governance? Today’s enterprise has unprecedented levels of real-time, rich identity data across multiple parallel sources. More data leads to more predictive power in machine learning algorithms. These runtime data driven insights can become a central component to a systematic compliance and risk management strategy. This session will highlight how identity data can be used to uncover patterns, anomalies, and outliers and radically improve decision making, supporting your Identity First Security strategy.