Event Recording

What’s Next In Enterprise Authorization

Show description
Speaker
Atul Tulshibagwale
CTO
SGNL
Atul Tulshibagwale
Atul is a federated identity pioneer and the inventor of the Continuous Access Evaluation Protocol (CAEP), forming the basis of the Shared Signals and Events working group in the OpenID Foundation, which he co-chairs. Prior to joining SGNL, he was a technical leader at Google where he focused on...
View profile
Playlist
European Identity and Cloud Conference 2023
Event Recording
Architecting Identity-First Zero Trust Implementations
May 10, 2023

Zero Trust starts with Identity. It ends with authorization. And it is centered around policy-based controls for authentication, access, and more. IAM is ubiquitous in Zero Trust. Thus, every Zero Trust implementation must follow an identity-first approach.

In this session, we look at the intersection of IAM and Zero Trust, and provide a mapping of IAM capabilities to Zero Trust requirements. We also look at the need for modern IAM, from adaptive, passwordless authentication to continuous authentication, ITPR (Identity Threat Detection and Response), PBAM (Policy Based Access Management), but also Data Governance and the intersection of IAM and Code Security. This will help you in aligning your IAM and ZT strategies and give you a concrete understanding of technologies you will need (or not).

Event Recording
Trust Inspiring CIAM – Essentials for a Secure, Experience-Driven Digital Business
May 12, 2023

Confusing Customer Identity Management (CIAM) with traditional Enterprise IAM comes at a high price: Applying internal regulatory compliance requirements and heavy security challenges to customer-focused interactions could easily limit user experience in a way that it measurably affects your digital business success, with dropped or interrupted transactions. Building Identity & Access around your customers' needs requires a profoundly different approach, which is on the one hand a trust-driven interaction experience with your brand, and on the other hand, complies with KYC and Cybersecurity requirements. In this session, we will give you an overview on the current state of CIAM and future developments you should include in your considerations before deciding on how to move forward.

Event Recording
Convergence Across Identity, Authentication and Open Banking
May 10, 2023

To date, the world has progressed identity, authentication, and open banking as disparate initiatives. While strengthening each of these independently has indisputably contributed to growing trust, bolstering data privacy, and mitigating the security risks that are today inherent in our every digital interaction, this ‘divide-and-conquer’ approach is unlikely to be sufficient to propel us to the best possible economic and user experience outcomes.

Join this panel of experts to understand how some of today’s most respected thought leaders suggest how convergence across identity, authentication, and open banking can accelerate our journey to a trusted digital marketplace- our collective North Star.

The whole is indeed much larger than the sum of the parts. Join us-

Event Recording
Fraud Reduction Intelligence Platforms (FRIPs): Critical Capabilities & Market Overview
May 11, 2023

Fraud is a major cost to businesses worldwide. Cybersecurity Ventures estimates that cybercrime costs will reach $10.5 trillion by 2025. Banking, finance, payment services, and retail are some of the most frequent objectives of fraudsters, as expected. However, insurance, gaming, telecommunications, health care, cryptocurrency exchanges, government assistance agencies, travel and hospitality, and real estate are increasingly targeted as cybercriminals have realized that most online services trade in monetary equivalents. In this session we will look at critical capabilities for FRIPs and provide an overview on the solution market.

Event Recording
Is FIDO Ready for Enterprise Deployment?
May 11, 2023

With the ever-increasing number of cyber-attacks, level of fines and unstable geopolitical climate, organizations are looking to better protect themselves against data breach by deploying phishing resistant authentication for their workforce.

FIDO combines the benefits of high security with a standards-based approach, but with its background in the consumer world, including privacy by design, how does it fit into an enterprise deployment with the increased demand for identity management?

This session will discuss:

  1. What do enterprises require for high-assurance credential management?
  2. How can FIDO meet these needs?
  3. Options for integrating FIDO into existing IDAM solutions
Event Recording
Sri Lanka's Digital ID Program (National ID Implementation based on MOSIP)
May 12, 2023

Sri Lanka has successfully implemented a Digital ID POC based on the MOSIP platform.

Integration of all the platform components, from identity authentication to authentication services, to create an effective and efficient system with live use-cases.

Event Recording
Building reputation for blockchain wallets: Soulbound NFTs as on-chain verifiable credentials
May 11, 2023

There has been a heated discussion between how (not) to use verifiable credentials, decentralized identifier and soulbound tokens for building better digital identities. We believe there is room for both or even a merge of on- and off-chain technology.

Event Recording
Decentralized Identity - Why is it all the Rage?
May 11, 2023

From digital identity to full scale digital trust, this session is perfect for anyone new to identity, as well as identity professionals who are trying to get a handle on what decentralization is all about and why it is so important for Internet-scale digital trust.

In this session, we will cover a brief history of how the identity landscape has gone through an evolution from the dreaded username and password, through centralized, federated and social logins, to now the need for decentralized solutions that support digital trust for both human and objects.

We will explain the various actors involved in a decentralized identity trust triangle, what role technology plays (e.g., digital wallets and digital credentials), and how governance of an ecosystem fits in to create the trust diamond. We will discuss various technical components that may be employed and what is required — and more importantly what is not? We will also present how decentralized trust solutions can support the trust of objects that have nothing to do with human identity, but are necessary to create a digital trust landscape that enables digital transactions to happen seamlessly, efficiently, and automatically.

We’ll also touch on how the traditional identity solutions and emerging decentralization can co-exist in context appropriate settings.

Event Recording
Celebrating a Digital Age to Advance Digital Stages of Necessity
May 11, 2023

Samuel Devasahayam will discuss the past decade of identity sights through Microsoft’s lens, demonstrating that security in a digital age remains valuable, and detailing what these insights imply for the next decade to continue building customer trust and resilient infrastructures.

Event Recording
FIDO 2: Zero Trust in Action with Passwordless Phishing Resistant Authentication
May 10, 2023

By now, organizations are well aware of the need for better protecting data and application with modern access management and authentication.
Thales and Microsoft partner to help organizations going passwordless to fight against phishing attacks. Thales and Microsoft experts Sarah Lefavrais and Thomas Detzner will talk about the role of Fido and other phishing resistant authentication methods like CBA in achieving Zero Trust approach.

Event Recording
Identity Governance with a Purpose – Deciding and Documenting Why Access is Granted
May 10, 2023

Deciding what constitutes appropriate access to sensitive information is a growing challenge for today’s enterprise. Whether it is regarding securing mission critical enterprise data or protecting the privacy of data gathered about the organization’s customers, an often-overlooked element is capturing and documenting the reasons why a given access request or entitlement is necessary and appropriate for the continued operation of the business.   Organizations are required to manage the data that they are entrusted with in a secure, purpose-based, and privacy-compliant manner.  Identity Governance processes can help the enterprise review the current state of access, make decisions regarding the validity of this access state, and attest to its accuracy.  Identity Governance processes are also ideally suited to also document the reasons why this access state is appropriate and necessary for business operations.

This session will cover how Identity Governance processes can help enterprises refine their security, make better access control decisions, and provide much clearer accountability around why access is granted – all in better alignment with Zero Trust initiatives.

Event Recording
Zero Trust in an Industry Where Trust is Key
May 11, 2023

How does a Financial Institution deploy a Zero Trust Model where employees and consumers need access to so much vital data in near real time.