Event Recording

The Yin and Yang of Zero Trust Policy-Based Automation

Show description
Speaker
Patrick Parker
Founder and CEO
EmpowerID
Patrick Parker
Patrick Parker is the founder and CEO of EmpowerID, a company specializing in Identity and Access Management for over 20 years. He pioneered the unique use of Role and Attribute-Based Access Control within an Identity Orchestration framework to realize a modern and comprehensive vision of...
View profile
Playlist
European Identity and Cloud Conference 2023
Event Recording
CIAM, Wallets, Decentralized - Where is "Traditional" CIAM Heading?
May 12, 2023
Event Recording
Sri Lanka's Digital ID Program (National ID Implementation based on MOSIP)
May 12, 2023

Sri Lanka has successfully implemented a Digital ID POC based on the MOSIP platform.

Integration of all the platform components, from identity authentication to authentication services, to create an effective and efficient system with live use-cases.

Event Recording
Trust Inspiring CIAM – Essentials for a Secure, Experience-Driven Digital Business
May 12, 2023

Confusing Customer Identity Management (CIAM) with traditional Enterprise IAM comes at a high price: Applying internal regulatory compliance requirements and heavy security challenges to customer-focused interactions could easily limit user experience in a way that it measurably affects your digital business success, with dropped or interrupted transactions. Building Identity & Access around your customers' needs requires a profoundly different approach, which is on the one hand a trust-driven interaction experience with your brand, and on the other hand, complies with KYC and Cybersecurity requirements. In this session, we will give you an overview on the current state of CIAM and future developments you should include in your considerations before deciding on how to move forward.

Event Recording
Your Identity Is Not Self-Sovereign
May 12, 2023

Are we really in control of our identities, are they merely assigned to us, or is there something else at play?

The promise of a "self-sovereign identity" seems great: you know who you are, and through the magic of technology you can prove to everyone around you that you are who you say you are. The technology to enable this is being built and deployed, but is it the right solution? Even more fundamentally, is it the right model at all?

In this session, we'll examine the core concept of "self-sovereign" identity in the light of how society has historically viewed identity and how our digital systems have modeled identity in different ways over time.

Event Recording
Ditch Siloed IAM: Convergence, a Must For Identity Threat Detection & Response
May 09, 2023

An increase in the types of digital identities, coupled with multi-cloud adoption, has added complexity to managing identities and privileges. How does one get future-ready, to address these new-age challenges? An Identity-centric security strategy centers on effective governance with zero trust, that simplifies and unifies critical aspects of Access Management (AM), Identity Governance Administration (IGA) and Privileged Access Management (PAM). Join us to explore the benefits of a Converged Identity security approach that is outcome-driven, and looks to ditch the silos of key IAM components.

Event Recording
Passwordless Primer
May 10, 2023

Passwordless authentication counts amongst the hot topics in IAM. In this session, the variants of passwordless authentication will be explained. Phishing resistance, device binding, secure elements, and many of the other technical aspects will be explained, put into context, and rated regarding their relevance for different use cases. The session also will discuss use cases and their specific needs, from simplified access to office solutions to a unified passwordless authentication for the entire IT environment.

Event Recording
CAEP and Shared Signals - Past, Present and Future
May 10, 2023

What started as a simple blog post from Google has rapidly ballooned into an industry movement. Major vendors have implemented the Continuous Access Evaluation Protocol / Profile (CAEP) and analysts, practitioners and decision makers agree that it is critical to the future of zero-trust. This keynote, by the inventor of CAEP, goes into the pain points that led to the development of CAEP, the process to recast it as a part of the Shared Signals working group in the OpenID Foundation and the trends that make it an indispensable component of any zero-trust architecture. CAEP’s non-prescriptive nature makes it easy for anyone to implement their own policies and the Shared Signals Framework makes communicating changes efficient and nearly instantaneous. A future powered by Shared Signals and CAEP enables enterprises and vendors to break information silos to create a highly secure outcome.

Event Recording
Solving a Logistical Nightmare: Imagining a Decentralized Identity Future at DB Schenker
May 10, 2023

IAM is hard enough without the additional complexities that logistics companies face. Warehouses need to be secure, but it’s difficult to find an identity solution that’s suitable for short-term staff who don’t have or can’t use computers, mobile devices, or biometrics in their work environment. Until recently Decentralized Identity has been stuff of dreams, but that is rapidly changing and the lines between identity and authentication blurring even more. In this session, we’ll explore how a future powered by Decentralized Identity is offering logistics giant DB Schenker a path to stronger security while maintaining productivity in its warehouses—providing a fast, flexible and interoperable way for workers to verify their identity.

Event Recording
Cyber Criminals by Design – Using Digital Twins to Understand Misbehavior
May 11, 2023

A digital twin is a virtual representation of a real-life subject. This mapping encompasses its entire lifecycle, is updated from real-time data, and uses simulation, machine learning, and reasoning to support decision-making.

Human beings and their behavior can also be copied and simulated by digital twins. During the last talk at the EIC conference, we already looked at the threats, challenges and opportunities creating digital twins in cybersecurity.
This time we want to discuss how we can dive into a world through a digital twin of a cybercriminal to change perspectives and to understand the cybercriminals behavior.
Imagine having a tool that can perform these simulations at the highest level. Why not use it to our own advantage?
A digital twin that not only simulates the approach and behavioral patterns of cyber criminals but can also predict ahead of time. What if we can turn the tables on cybercriminals by fighting fire with fire?

Event Recording
High-security & interoperable OAuth 2: What's the latest?
May 10, 2023

OAuth is a widely used authorization framework that enables third-party applications to access resources on behalf of a user. However, it has been historically difficult to meet very high security and interoperability requirements when using OAuth. Daniel and Joseph have spent much of the last five years working to improve the state of the art and will present the latest developments in the field.

There are challenges when trying to achieve high security and interoperability with OAuth 2: Many potential threats need to be addressed, some not part of the original OAuth threat model. To seamless authorizations, optionality must be minimized OAuth itself and also in any extensions
used.

Six years ago, the IETF OAuth working group started work on the Security Best Current Practice document and more recently on OAuth 2.1. Meanwhile, the OpenID Foundation has created FAPI1 and FAPI2 security profiles.

We will introduce these specifications and help you understand the focus of each document and when to use which. We show how to achieve on-the-wire interoperability and high security through the use of techniques like asymmetric client authentication and sender-constraining via DPoP and MTLS. We highlight the benefits for implementers and the role of conformance testing tools.

Event Recording
The ID-Wallet in Germany’s eHealth Sector from Jan 1st 2024
May 12, 2023

Germany's healthcare sector will introduce its own ID wallet called "Sectoral IDP" for all statutorily insured persons on 01.01.2024. The issuers of the wallet are the health insurance companies, and approval will be granted in accordance with the extensive specifications of gematik (the regulatory authority). The ID attributes are issued by 2 issuers: PID and health insurer. The sectoral IDP is based on the OpenID Connect (core and Federation), Open Authorization 2.0 (OAuth 2) and JSON Web Token (JWT) standards. The presentation will describe the specific gematik requirements for product and operations of the ID wallet as well as their possible implementation. Despite the closed system in eHealth (Telematics Infrastructure) by definition, bridges to developments of ID wallets outside the sector such as EU, AML and eIDAS will be shown.

Event Recording
Entitlements - Claim vs. Reality
May 10, 2023

The claim or desire for authorizations, permissions and the rights set in practice often have a wide divergence. Typically, more rights are assigned unconsciously than were actually required.

The resulting vulnerabilities can have significant consequences therefore, it is essential to be able to monitor the true permissions at any time, regardless of how the permissions have been set. It is almost impossible to manage monitoring manually, even in small environments. Therefore, independent automatisms that can automatically explore, analyze and report the real settings are becoming a requirement.

In this session we will show you how Cygna Labs can support you in these challenging tasks and thereby ensure and improve security in your company.