CIS14: Identity at Scale: Bridging Gaps between Physical and Logical, Token and Cloud


Published on

Chris Corum, AVISIAN, Inc.
The place that physical access cards, prox badges, smart cards, and weigand protocols have in cloud identity, taking into consideration the knowledge gained from decades of experience.
issuing and lifecycle-managing strongly vetted credentials

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

CIS14: Identity at Scale: Bridging Gaps between Physical and Logical, Token and Cloud

  1. 1. Identity at scale: Bridging gaps between physical and virtual, token and cloud Chris Corum, AVISIAN Publishing @Avisian
  2. 2. - Some orgs strengthen, most do nothing - Single credential to access many sites - Host in house or go to cloud? - Forces align to kill the weak credential - Single purpose, weak credentials were issued by individual entities to protect access to their own stuff - Usage and value of ‘what we’re protecting’ rise, gives rise to hacking and breach culture - Users tire of mass single-use credentials earlyonmidphasecurrent Mass data breaches Cloning/ counterfeiting Password fatigueCostanza wallet Acronym soupSmart cards/2FA SSOFederation/NFC CISIDaaS UN/PWCards and badges
  3. 3. HAVE KNOW ARE HAVE KNOW ARE HAVE KNOW ARE Traditional authentication
  4. 4. Something you connected toSomething you used Something you tapped onSomething you drove Some place you went Some place you ate Some place you walked past Some place you tapped in Some place you parked Some way you type Some way you tap Some way you mouse over Some way you twist your deviceSomething you did Something else you did Something you did a few minutes ago Something your are about to do Something you know Something else you know Something you couldn’t know Something you used to know Some place you wentSome place you ate Some place you walked pastSome place you tapped inSome place you parked Some way you typeSome way you tapSome way you mouse over Some way you twist your device Somethingyouhave Somethingelseyouhave Somethinginhandset Something you are Something else you are Some other thing you are Something you connected to Something you used Something you tapped on Something you drove Somethingyoudid Somethingelseyoudid Somethingyoudidafewminutesago Somethingyourareabouttodo Some Some Somet Someth Somethingyouhave Somethingelseyouhave Somethinginhandset Next gen authentication
  5. 5. Coalescence not Convergence
  6. 6. Scalability Virtually boundless, Internet scale Bound by time and geography Issuance Directory or DB records with user-initiated lifecycle management Cryptographic tokens with expiry and lifecycle management Know the user Seldom seen, often self-asserted attributes Face-to-face vetting with verified attributes
  7. 7. Physical and digital took similar paths to reach point where a “net” of adaptive, continuous authentication can enable us to leapfrog convergence to coalescence if we bridge gaps to tap the strengths of both groups. Chris Corum, AVISIAN Publishing @Avisian