[Lithuania] DigiCerts and DigiID to Enterprise apps

OWASP EEE
OWASP EEEOWASP
DigiCerts and DigiID in Enterprise apps. So yesterday and so tomorrow. Martynas Savicka
Types of digital certificates: Certificate Authority (CA) certificates Server or client certificates Object signing certificates User certificates
Speed! Automation! Do more with less! Automation! Cost reduction! Automation! Increase performance! Automation! Innovation! Automation! Value! Business needs 2015, 2016, 2017… 2
Speed! Automation! Do more with less! Automation! Cost reduction! Automation! Increase performance! Automation! Innovation! Automation! InfoSec needs 2015, 2016, 2017… 2X Integrity Confidentiali ty Non repudiation Access control + Fight and pushback all this stuff 
Business processes @ applications
Digi ID & Digi Sign covers: Integrity [checked] Confidentiality [checked] Non-repudiation [checked]
Encryption costs close to nothing. Encrypt and let cavalierly rest. Goals? Sure. Compliance to: - standards - data classification requirements - data privacy
Any InfoSec will fall in love with end to end encrypted APP!
Data exchange is easy… until you hit into InfoSec (the one who thinks he is A Cavalierly) …
Digi Sign The document market. What market? ADOC [GGeDOC; GeDOC; BeDOC; CeDOC;] - Lithuania BDOC – current Estonian official format… DDOC - Legacy Estonian format EDOCs – current Latvian official format… PDF – this is just real simple pdf…
Containers ASiC Simple (ASiC-S). Single file object with either one signature file or one time assertion file. ASiC Extended (ASiC-E). Each signature is associated with all or part of the files in the container
What if I do not trust online DigiSign services? I really don’t!
Digi ID and Digi Sign hardware tokens advantages and disadvantages: Smart ID [Chip on smartcard] Mobile ID [SIM card] Token ID [USB token]
And what if we try to change the world? Once again.
Adopt it in Enterprise apps and give me some SECURITY AUTOMATION!
Thank You! Q/A‘s
1 of 16

[Lithuania] DigiCerts and DigiID to Enterprise apps

Download to read offline
Internet

DigiCerts and DigiID to Enterprise apps. So yesterday and so tomorrow. Martynas Savick.

OWASP EEE
OWASP EEEOWASP

Recommended

2015 Identity Summit - The Identity Broker as Driver for Growth by
2015 Identity Summit - The Identity Broker as Driver for Growth2015 Identity Summit - The Identity Broker as Driver for Growth
2015 Identity Summit - The Identity Broker as Driver for GrowthForgeRock
1.8K views31 slides
2015 Identity Summit - Tale of Two Views: B2C vs. B2E by
2015 Identity Summit - Tale of Two Views: B2C vs. B2E2015 Identity Summit - Tale of Two Views: B2C vs. B2E
2015 Identity Summit - Tale of Two Views: B2C vs. B2EForgeRock
1.5K views9 slides
2015 Identity Summit - OpenAM: Friends with benefits by
2015 Identity Summit - OpenAM: Friends with benefits2015 Identity Summit - OpenAM: Friends with benefits
2015 Identity Summit - OpenAM: Friends with benefitsForgeRock
2.5K views72 slides
Navigating the Digital Transformation Landscape by
Navigating the Digital Transformation LandscapeNavigating the Digital Transformation Landscape
Navigating the Digital Transformation LandscapeWSO2
432 views18 slides
2015 Identity Summit - CTO Innovation Center by
2015 Identity Summit - CTO Innovation Center2015 Identity Summit - CTO Innovation Center
2015 Identity Summit - CTO Innovation CenterForgeRock
1.5K views20 slides
Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident... by
Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...
Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...ForgeRock
302 views23 slides

More Related Content

What's hot

ForgeRock Open Identity Stack Summit - Kick-off by Mike Ellis by
ForgeRock Open Identity Stack Summit - Kick-off by Mike EllisForgeRock Open Identity Stack Summit - Kick-off by Mike Ellis
ForgeRock Open Identity Stack Summit - Kick-off by Mike EllisForgeRock
1.5K views10 slides
Identity Summit UK: HOW TO MAXIMIZE RETURN ON IDENTITY IN A BRAVE NEW WORLD by
Identity Summit UK: HOW TO MAXIMIZE RETURN ON IDENTITY IN A BRAVE NEW WORLDIdentity Summit UK: HOW TO MAXIMIZE RETURN ON IDENTITY IN A BRAVE NEW WORLD
Identity Summit UK: HOW TO MAXIMIZE RETURN ON IDENTITY IN A BRAVE NEW WORLDForgeRock
1.8K views17 slides
You Had Me at Hello: How Ulta Beauty Guests Benefit From Real-time Capabilities by
You Had Me at Hello: How Ulta Beauty Guests Benefit From Real-time CapabilitiesYou Had Me at Hello: How Ulta Beauty Guests Benefit From Real-time Capabilities
You Had Me at Hello: How Ulta Beauty Guests Benefit From Real-time CapabilitiesTIBCO Software
47 views29 slides
2015 Identity Summit - Stepping Up to New Data Protection Challenges by
2015 Identity Summit - Stepping Up to New Data Protection Challenges2015 Identity Summit - Stepping Up to New Data Protection Challenges
2015 Identity Summit - Stepping Up to New Data Protection ChallengesForgeRock
1.3K views21 slides
Amsterdam 2015 Identity Summit: Welcome and Keynote: Using Identity to Empowe... by
Amsterdam 2015 Identity Summit: Welcome and Keynote: Using Identity to Empowe...Amsterdam 2015 Identity Summit: Welcome and Keynote: Using Identity to Empowe...
Amsterdam 2015 Identity Summit: Welcome and Keynote: Using Identity to Empowe...ForgeRock
1.3K views16 slides
Agrello presentation for Blockchain Expo Berlin 2017 by
Agrello presentation for Blockchain Expo Berlin 2017Agrello presentation for Blockchain Expo Berlin 2017
Agrello presentation for Blockchain Expo Berlin 2017Hando Rand
1.2K views16 slides

What's hot(19)

ForgeRock Open Identity Stack Summit - Kick-off by Mike Ellis by ForgeRock
ForgeRock Open Identity Stack Summit - Kick-off by Mike EllisForgeRock Open Identity Stack Summit - Kick-off by Mike Ellis
ForgeRock Open Identity Stack Summit - Kick-off by Mike Ellis
ForgeRock1.5K views
Identity Summit UK: HOW TO MAXIMIZE RETURN ON IDENTITY IN A BRAVE NEW WORLD by ForgeRock
Identity Summit UK: HOW TO MAXIMIZE RETURN ON IDENTITY IN A BRAVE NEW WORLDIdentity Summit UK: HOW TO MAXIMIZE RETURN ON IDENTITY IN A BRAVE NEW WORLD
Identity Summit UK: HOW TO MAXIMIZE RETURN ON IDENTITY IN A BRAVE NEW WORLD
ForgeRock1.8K views
You Had Me at Hello: How Ulta Beauty Guests Benefit From Real-time Capabilities by TIBCO Software
You Had Me at Hello: How Ulta Beauty Guests Benefit From Real-time CapabilitiesYou Had Me at Hello: How Ulta Beauty Guests Benefit From Real-time Capabilities
You Had Me at Hello: How Ulta Beauty Guests Benefit From Real-time Capabilities
TIBCO Software47 views
2015 Identity Summit - Stepping Up to New Data Protection Challenges by ForgeRock
2015 Identity Summit - Stepping Up to New Data Protection Challenges2015 Identity Summit - Stepping Up to New Data Protection Challenges
2015 Identity Summit - Stepping Up to New Data Protection Challenges
ForgeRock1.3K views
Amsterdam 2015 Identity Summit: Welcome and Keynote: Using Identity to Empowe... by ForgeRock
Amsterdam 2015 Identity Summit: Welcome and Keynote: Using Identity to Empowe...Amsterdam 2015 Identity Summit: Welcome and Keynote: Using Identity to Empowe...
Amsterdam 2015 Identity Summit: Welcome and Keynote: Using Identity to Empowe...
ForgeRock1.3K views
Agrello presentation for Blockchain Expo Berlin 2017 by Hando Rand
Agrello presentation for Blockchain Expo Berlin 2017Agrello presentation for Blockchain Expo Berlin 2017
Agrello presentation for Blockchain Expo Berlin 2017
Hando Rand1.2K views
Consent 2.0: Applying User-Managed Access to the Privacy Challenge by ForgeRock
Consent 2.0: Applying User-Managed Access to the Privacy ChallengeConsent 2.0: Applying User-Managed Access to the Privacy Challenge
Consent 2.0: Applying User-Managed Access to the Privacy Challenge
ForgeRock2.4K views
TDI Startup InsurTech Award - DIG slides by The Digital Insurer
TDI Startup InsurTech Award - DIG slidesTDI Startup InsurTech Award - DIG slides
TDI Startup InsurTech Award - DIG slides
The Digital Insurer62 views
e-invoice integration by GhadaBadawi
e-invoice integratione-invoice integration
e-invoice integration
GhadaBadawi107 views
Navigating the Digital Transformation Landscape by WSO2
Navigating the Digital Transformation LandscapeNavigating the Digital Transformation Landscape
Navigating the Digital Transformation Landscape
WSO2461 views
Identity Summit UK: STEPPING UP TO NEW DATA PROTECTION CHALLENGES by ForgeRock
Identity Summit UK: STEPPING UP TO NEW DATA PROTECTION CHALLENGESIdentity Summit UK: STEPPING UP TO NEW DATA PROTECTION CHALLENGES
Identity Summit UK: STEPPING UP TO NEW DATA PROTECTION CHALLENGES
ForgeRock1.9K views
EBE 2020 The Evolution of E-commerce Systems by E-Commerce Berlin EXPO
EBE 2020 The Evolution of E-commerce SystemsEBE 2020 The Evolution of E-commerce Systems
EBE 2020 The Evolution of E-commerce Systems
E-Commerce Berlin EXPO109 views
Digital Identities in the Internet of Things - Securely Manage Devices at Scale by ForgeRock
Digital Identities in the Internet of Things - Securely Manage Devices at ScaleDigital Identities in the Internet of Things - Securely Manage Devices at Scale
Digital Identities in the Internet of Things - Securely Manage Devices at Scale
ForgeRock1.6K views
Kwikdesk Company Presentation - Rish Bhatia by Rish Bhatia
Kwikdesk Company Presentation - Rish BhatiaKwikdesk Company Presentation - Rish Bhatia
Kwikdesk Company Presentation - Rish Bhatia
Rish Bhatia687 views
Identity Summit 2015: EnerNOC Case Study: The Transformation of IAM for EnerN... by ForgeRock
Identity Summit 2015: EnerNOC Case Study: The Transformation of IAM for EnerN...Identity Summit 2015: EnerNOC Case Study: The Transformation of IAM for EnerN...
Identity Summit 2015: EnerNOC Case Study: The Transformation of IAM for EnerN...
ForgeRock3.4K views
McKesson Case Study: Pharmacy Systems & Automation by ForgeRock
McKesson Case Study: Pharmacy Systems & AutomationMcKesson Case Study: Pharmacy Systems & Automation
McKesson Case Study: Pharmacy Systems & Automation
ForgeRock5.6K views
Intergen Convergence 2017 - Bringing your people on the change journey by Intergen
Intergen Convergence 2017 - Bringing your people on the change journeyIntergen Convergence 2017 - Bringing your people on the change journey
Intergen Convergence 2017 - Bringing your people on the change journey
Intergen678 views
WSO2 Workshop , Sydney Australia. by Dassana Wijesekara
WSO2 Workshop , Sydney Australia.WSO2 Workshop , Sydney Australia.
WSO2 Workshop , Sydney Australia.
Dassana Wijesekara56 views
WSO2 Sydney Workshop 2018 by Dassana Wijesekara
WSO2 Sydney Workshop 2018WSO2 Sydney Workshop 2018
WSO2 Sydney Workshop 2018
Dassana Wijesekara55 views

Viewers also liked

[Bucharest] XML Based Attacks by
[Bucharest] XML Based Attacks[Bucharest] XML Based Attacks
[Bucharest] XML Based AttacksOWASP EEE
610 views25 slides
RESUME OF MAHFUZUR RAHMAN_Oct' 15 by
RESUME OF MAHFUZUR RAHMAN_Oct' 15RESUME OF MAHFUZUR RAHMAN_Oct' 15
RESUME OF MAHFUZUR RAHMAN_Oct' 15Mahfuzur Rahman
317 views7 slides
[Lithuania] Introduction to threat modeling by
[Lithuania] Introduction to threat modeling[Lithuania] Introduction to threat modeling
[Lithuania] Introduction to threat modelingOWASP EEE
444 views21 slides
[Russia] Give me a stable input by
[Russia] Give me a stable input[Russia] Give me a stable input
[Russia] Give me a stable inputOWASP EEE
335 views56 slides
[Bucharest] Catching up with today's malicious actors by
[Bucharest] Catching up with today's malicious actors[Bucharest] Catching up with today's malicious actors
[Bucharest] Catching up with today's malicious actorsOWASP EEE
431 views25 slides
[Cluj] CSP (Content Security Policy) by
[Cluj] CSP (Content Security Policy)[Cluj] CSP (Content Security Policy)
[Cluj] CSP (Content Security Policy)OWASP EEE
576 views13 slides

Viewers also liked(12)

[Bucharest] XML Based Attacks by OWASP EEE
[Bucharest] XML Based Attacks[Bucharest] XML Based Attacks
[Bucharest] XML Based Attacks
OWASP EEE610 views
RESUME OF MAHFUZUR RAHMAN_Oct' 15 by Mahfuzur Rahman
RESUME OF MAHFUZUR RAHMAN_Oct' 15RESUME OF MAHFUZUR RAHMAN_Oct' 15
RESUME OF MAHFUZUR RAHMAN_Oct' 15
Mahfuzur Rahman317 views
[Lithuania] Introduction to threat modeling by OWASP EEE
[Lithuania] Introduction to threat modeling[Lithuania] Introduction to threat modeling
[Lithuania] Introduction to threat modeling
OWASP EEE444 views
[Russia] Give me a stable input by OWASP EEE
[Russia] Give me a stable input[Russia] Give me a stable input
[Russia] Give me a stable input
OWASP EEE335 views
[Bucharest] Catching up with today's malicious actors by OWASP EEE
[Bucharest] Catching up with today's malicious actors[Bucharest] Catching up with today's malicious actors
[Bucharest] Catching up with today's malicious actors
OWASP EEE431 views
[Cluj] CSP (Content Security Policy) by OWASP EEE
[Cluj] CSP (Content Security Policy)[Cluj] CSP (Content Security Policy)
[Cluj] CSP (Content Security Policy)
OWASP EEE576 views
[Austria] Security by Design by OWASP EEE
[Austria] Security by Design[Austria] Security by Design
[Austria] Security by Design
OWASP EEE665 views
Dia da Música by Paulo Antunes
Dia da MúsicaDia da Música
Dia da Música
Paulo Antunes1.2K views
[Lithuania] I am the cavalry by OWASP EEE
[Lithuania] I am the cavalry[Lithuania] I am the cavalry
[Lithuania] I am the cavalry
OWASP EEE539 views
[Russia] Node.JS - Architecture and Vulnerabilities by OWASP EEE
[Russia] Node.JS - Architecture and Vulnerabilities[Russia] Node.JS - Architecture and Vulnerabilities
[Russia] Node.JS - Architecture and Vulnerabilities
OWASP EEE560 views
[Poland] It's only about frontend by OWASP EEE
[Poland] It's only about frontend[Poland] It's only about frontend
[Poland] It's only about frontend
OWASP EEE521 views
[Russia] MySQL OOB injections by OWASP EEE
[Russia] MySQL OOB injections[Russia] MySQL OOB injections
[Russia] MySQL OOB injections
OWASP EEE1.6K views

Similar to [Lithuania] DigiCerts and DigiID to Enterprise apps

Loqr by
LoqrLoqr
LoqrCaixa Geral Depósitos
227 views19 slides
Embed trust in your software & data by
Embed trust in your software & dataEmbed trust in your software & data
Embed trust in your software & dataStrategic Business & IT Services
93 views2 slides
Flyer Letter Gen Vasco by
Flyer Letter Gen VascoFlyer Letter Gen Vasco
Flyer Letter Gen VascoLeenVerleyen
170 views2 slides
ETDA Conference - Digital signatures: how it's done in PDF by
ETDA Conference - Digital signatures: how it's done in PDFETDA Conference - Digital signatures: how it's done in PDF
ETDA Conference - Digital signatures: how it's done in PDFiText Group nv
1K views69 slides
Secure your Business by
Secure your BusinessSecure your Business
Secure your BusinessVASCO Data Security
594 views16 slides
The Value of User and Data Centricity Beyond IoT Devices: Stein Myrseth and G... by
The Value of User and Data Centricity Beyond IoT Devices: Stein Myrseth and G...The Value of User and Data Centricity Beyond IoT Devices: Stein Myrseth and G...
The Value of User and Data Centricity Beyond IoT Devices: Stein Myrseth and G...ForgeRock
331 views33 slides

Similar to [Lithuania] DigiCerts and DigiID to Enterprise apps(20)

Loqr by Caixa Geral Depósitos
LoqrLoqr
Loqr
Caixa Geral Depósitos227 views
Embed trust in your software & data by Strategic Business & IT Services
Embed trust in your software & dataEmbed trust in your software & data
Embed trust in your software & data
Strategic Business & IT Services93 views
Flyer Letter Gen Vasco by LeenVerleyen
Flyer Letter Gen VascoFlyer Letter Gen Vasco
Flyer Letter Gen Vasco
LeenVerleyen170 views
ETDA Conference - Digital signatures: how it's done in PDF by iText Group nv
ETDA Conference - Digital signatures: how it's done in PDFETDA Conference - Digital signatures: how it's done in PDF
ETDA Conference - Digital signatures: how it's done in PDF
iText Group nv1K views
Secure your Business by VASCO Data Security
Secure your BusinessSecure your Business
Secure your Business
VASCO Data Security594 views
The Value of User and Data Centricity Beyond IoT Devices: Stein Myrseth and G... by ForgeRock
The Value of User and Data Centricity Beyond IoT Devices: Stein Myrseth and G...The Value of User and Data Centricity Beyond IoT Devices: Stein Myrseth and G...
The Value of User and Data Centricity Beyond IoT Devices: Stein Myrseth and G...
ForgeRock331 views
Encap security by Oslo Business Region
Encap security Encap security
Encap security
Oslo Business Region1.4K views
Digital Signatures: how it's done in PDF by iText Group nv
Digital Signatures: how it's done in PDFDigital Signatures: how it's done in PDF
Digital Signatures: how it's done in PDF
iText Group nv37.9K views
Digital Signatures in PDF: how it's done by Bruno Lowagie
Digital Signatures in PDF: how it's doneDigital Signatures in PDF: how it's done
Digital Signatures in PDF: how it's done
Bruno Lowagie1.1K views
IRMSummit Europe 2014 - Selected Highlights by twh4slide
IRMSummit Europe 2014 - Selected HighlightsIRMSummit Europe 2014 - Selected Highlights
IRMSummit Europe 2014 - Selected Highlights
twh4slide1K views
Mobile technologies know your customers by Myles Freedman
Mobile technologies know your customersMobile technologies know your customers
Mobile technologies know your customers
Myles Freedman116 views
Going beyond MFA(Multi-factor authentication)-Future demands much more by indragantiSaiHiranma
Going beyond MFA(Multi-factor authentication)-Future demands much moreGoing beyond MFA(Multi-factor authentication)-Future demands much more
Going beyond MFA(Multi-factor authentication)-Future demands much more
indragantiSaiHiranma197 views
Onegini Brochure by FinTech Belgium
Onegini BrochureOnegini Brochure
Onegini Brochure
FinTech Belgium182 views
Case StudyAutomotive - SSLVPN case study DIGIPASS BY VA by MaximaSheffield592
Case StudyAutomotive - SSLVPN case study DIGIPASS BY VACase StudyAutomotive - SSLVPN case study DIGIPASS BY VA
Case StudyAutomotive - SSLVPN case study DIGIPASS BY VA
MaximaSheffield5924 views
ForgeRock and Trusona - Simplifying the Multi-factor User Experience by ForgeRock
ForgeRock and Trusona - Simplifying the Multi-factor User ExperienceForgeRock and Trusona - Simplifying the Multi-factor User Experience
ForgeRock and Trusona - Simplifying the Multi-factor User Experience
ForgeRock581 views
Digital signature price in chennai by Sharpdigitalsignature
Digital signature price in chennaiDigital signature price in chennai
Digital signature price in chennai
Sharpdigitalsignature42 views
Digital signature certificate in chennai by Sharpdigitalsignature
Digital signature certificate in chennaiDigital signature certificate in chennai
Digital signature certificate in chennai
Sharpdigitalsignature41 views
Catalogue ditriot consulting by Ilyes Abdelmlak
Catalogue ditriot consultingCatalogue ditriot consulting
Catalogue ditriot consulting
Ilyes Abdelmlak2K views
The 10 most trusted authentication solution providers of 2021 by CIO Look Magazine
The 10 most trusted authentication solution providers of 2021The 10 most trusted authentication solution providers of 2021
The 10 most trusted authentication solution providers of 2021
CIO Look Magazine63 views
NUS-ISS Learning Day 2018- Harnessing the power of cloud solutions in urban a... by NUS-ISS
NUS-ISS Learning Day 2018- Harnessing the power of cloud solutions in urban a...NUS-ISS Learning Day 2018- Harnessing the power of cloud solutions in urban a...
NUS-ISS Learning Day 2018- Harnessing the power of cloud solutions in urban a...
NUS-ISS102 views

More from OWASP EEE

[Austria] ZigBee exploited by
[Austria] ZigBee exploited[Austria] ZigBee exploited
[Austria] ZigBee exploitedOWASP EEE
747 views48 slides
[Austria] How we hacked an online mobile banking Trojan by
[Austria] How we hacked an online mobile banking Trojan[Austria] How we hacked an online mobile banking Trojan
[Austria] How we hacked an online mobile banking TrojanOWASP EEE
654 views41 slides
[Poland] SecOps live cooking with OWASP appsec tools by
[Poland] SecOps live cooking with OWASP appsec tools[Poland] SecOps live cooking with OWASP appsec tools
[Poland] SecOps live cooking with OWASP appsec toolsOWASP EEE
461 views35 slides
[Cluj] Turn SSL ON by
[Cluj] Turn SSL ON[Cluj] Turn SSL ON
[Cluj] Turn SSL ONOWASP EEE
406 views16 slides
[Cluj] Information Security Through Gamification by
[Cluj] Information Security Through Gamification[Cluj] Information Security Through Gamification
[Cluj] Information Security Through GamificationOWASP EEE
585 views17 slides
[Cluj] A distributed - collaborative client certification system by
[Cluj] A distributed - collaborative client certification system[Cluj] A distributed - collaborative client certification system
[Cluj] A distributed - collaborative client certification systemOWASP EEE
163 views14 slides

More from OWASP EEE(17)

[Austria] ZigBee exploited by OWASP EEE
[Austria] ZigBee exploited[Austria] ZigBee exploited
[Austria] ZigBee exploited
OWASP EEE747 views
[Austria] How we hacked an online mobile banking Trojan by OWASP EEE
[Austria] How we hacked an online mobile banking Trojan[Austria] How we hacked an online mobile banking Trojan
[Austria] How we hacked an online mobile banking Trojan
OWASP EEE654 views
[Poland] SecOps live cooking with OWASP appsec tools by OWASP EEE
[Poland] SecOps live cooking with OWASP appsec tools[Poland] SecOps live cooking with OWASP appsec tools
[Poland] SecOps live cooking with OWASP appsec tools
OWASP EEE461 views
[Cluj] Turn SSL ON by OWASP EEE
[Cluj] Turn SSL ON[Cluj] Turn SSL ON
[Cluj] Turn SSL ON
OWASP EEE406 views
[Cluj] Information Security Through Gamification by OWASP EEE
[Cluj] Information Security Through Gamification[Cluj] Information Security Through Gamification
[Cluj] Information Security Through Gamification
OWASP EEE585 views
[Cluj] A distributed - collaborative client certification system by OWASP EEE
[Cluj] A distributed - collaborative client certification system[Cluj] A distributed - collaborative client certification system
[Cluj] A distributed - collaborative client certification system
OWASP EEE163 views
[Russia] Bugs -> max, time <= T by OWASP EEE
[Russia] Bugs -> max, time <= T[Russia] Bugs -> max, time <= T
[Russia] Bugs -> max, time <= T
OWASP EEE346 views
[Russia] Building better product security by OWASP EEE
[Russia] Building better product security[Russia] Building better product security
[Russia] Building better product security
OWASP EEE382 views
[Lithuania] Cross-site request forgery: ways to exploit, ways to prevent by OWASP EEE
[Lithuania] Cross-site request forgery: ways to exploit, ways to prevent[Lithuania] Cross-site request forgery: ways to exploit, ways to prevent
[Lithuania] Cross-site request forgery: ways to exploit, ways to prevent
OWASP EEE774 views
[Hungary] I play Jack of Information Disclosure by OWASP EEE
[Hungary] I play Jack of Information Disclosure[Hungary] I play Jack of Information Disclosure
[Hungary] I play Jack of Information Disclosure
OWASP EEE510 views
[Hungary] Survival is not mandatory. The air force one has departured are you... by OWASP EEE
[Hungary] Survival is not mandatory. The air force one has departured are you...[Hungary] Survival is not mandatory. The air force one has departured are you...
[Hungary] Survival is not mandatory. The air force one has departured are you...
OWASP EEE378 views
[Hungary] Secure Software? Start appreciating your developers! by OWASP EEE
[Hungary] Secure Software? Start appreciating your developers![Hungary] Secure Software? Start appreciating your developers!
[Hungary] Secure Software? Start appreciating your developers!
OWASP EEE237 views
[Bucharest] Your intents are dirty, droid! by OWASP EEE
[Bucharest] Your intents are dirty, droid![Bucharest] Your intents are dirty, droid!
[Bucharest] Your intents are dirty, droid!
OWASP EEE390 views
[Bucharest] #DontTrustTheDarkSide by OWASP EEE
[Bucharest] #DontTrustTheDarkSide[Bucharest] #DontTrustTheDarkSide
[Bucharest] #DontTrustTheDarkSide
OWASP EEE517 views
[Bucharest] From SCADA to IoT Cyber Security by OWASP EEE
[Bucharest] From SCADA to IoT Cyber Security[Bucharest] From SCADA to IoT Cyber Security
[Bucharest] From SCADA to IoT Cyber Security
OWASP EEE1.1K views
[Bucharest] Reversing the Apple Sandbox by OWASP EEE
[Bucharest] Reversing the Apple Sandbox[Bucharest] Reversing the Apple Sandbox
[Bucharest] Reversing the Apple Sandbox
OWASP EEE338 views
[Bucharest] Attack is easy, let's talk defence by OWASP EEE
[Bucharest] Attack is easy, let's talk defence[Bucharest] Attack is easy, let's talk defence
[Bucharest] Attack is easy, let's talk defence
OWASP EEE792 views

Recently uploaded

Affiliate Marketing by
Affiliate MarketingAffiliate Marketing
Affiliate MarketingNavin Dhanuka
17 views30 slides
How to think like a threat actor for Kubernetes.pptx by
How to think like a threat actor for Kubernetes.pptxHow to think like a threat actor for Kubernetes.pptx
How to think like a threat actor for Kubernetes.pptxLibbySchulze1
5 views33 slides
ATPMOUSE_융합2조.pptx by
ATPMOUSE_융합2조.pptxATPMOUSE_융합2조.pptx
ATPMOUSE_융합2조.pptxkts120898
35 views70 slides
hamro digital logics.pptx by
hamro digital logics.pptxhamro digital logics.pptx
hamro digital logics.pptxtupeshghimire
10 views36 slides
Marketing and Community Building in Web3 by
Marketing and Community Building in Web3Marketing and Community Building in Web3
Marketing and Community Building in Web3Federico Ast
14 views64 slides
The Dark Web : Hidden Services by
The Dark Web : Hidden ServicesThe Dark Web : Hidden Services
The Dark Web : Hidden ServicesAnshu Singh
14 views24 slides

Recently uploaded(6)

Affiliate Marketing by Navin Dhanuka
Affiliate MarketingAffiliate Marketing
Affiliate Marketing
Navin Dhanuka17 views
How to think like a threat actor for Kubernetes.pptx by LibbySchulze1
How to think like a threat actor for Kubernetes.pptxHow to think like a threat actor for Kubernetes.pptx
How to think like a threat actor for Kubernetes.pptx
LibbySchulze15 views
ATPMOUSE_융합2조.pptx by kts120898
ATPMOUSE_융합2조.pptxATPMOUSE_융합2조.pptx
ATPMOUSE_융합2조.pptx
kts12089835 views
hamro digital logics.pptx by tupeshghimire
hamro digital logics.pptxhamro digital logics.pptx
hamro digital logics.pptx
tupeshghimire10 views
Marketing and Community Building in Web3 by Federico Ast
Marketing and Community Building in Web3Marketing and Community Building in Web3
Marketing and Community Building in Web3
Federico Ast14 views
The Dark Web : Hidden Services by Anshu Singh
The Dark Web : Hidden ServicesThe Dark Web : Hidden Services
The Dark Web : Hidden Services
Anshu Singh14 views

[Lithuania] DigiCerts and DigiID to Enterprise apps

  • 1. DigiCerts and DigiID in Enterprise apps. So yesterday and so tomorrow. Martynas Savicka
  • 2. Types of digital certificates: Certificate Authority (CA) certificates Server or client certificates Object signing certificates User certificates
  • 3. Speed! Automation! Do more with less! Automation! Cost reduction! Automation! Increase performance! Automation! Innovation! Automation! Value! Business needs 2015, 2016, 2017… 2
  • 4. Speed! Automation! Do more with less! Automation! Cost reduction! Automation! Increase performance! Automation! Innovation! Automation! InfoSec needs 2015, 2016, 2017… 2X Integrity Confidentiali ty Non repudiation Access control + Fight and pushback all this stuff 
  • 6. Digi ID & Digi Sign covers: Integrity [checked] Confidentiality [checked] Non-repudiation [checked]
  • 7. Encryption costs close to nothing. Encrypt and let cavalierly rest. Goals? Sure. Compliance to: - standards - data classification requirements - data privacy
  • 8. Any InfoSec will fall in love with end to end encrypted APP!
  • 9. Data exchange is easy… until you hit into InfoSec (the one who thinks he is A Cavalierly) …
  • 10. Digi Sign The document market. What market? ADOC [GGeDOC; GeDOC; BeDOC; CeDOC;] - Lithuania BDOC – current Estonian official format… DDOC - Legacy Estonian format EDOCs – current Latvian official format… PDF – this is just real simple pdf…
  • 11. Containers ASiC Simple (ASiC-S). Single file object with either one signature file or one time assertion file. ASiC Extended (ASiC-E). Each signature is associated with all or part of the files in the container
  • 12. What if I do not trust online DigiSign services? I really don’t!
  • 13. Digi ID and Digi Sign hardware tokens advantages and disadvantages: Smart ID [Chip on smartcard] Mobile ID [SIM card] Token ID [USB token]
  • 14. And what if we try to change the world? Once again.
  • 15. Adopt it in Enterprise apps and give me some SECURITY AUTOMATION!