Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Using SSI for enterprise identity and access management

321 views

Published on

https://ssimeetup.org/using-ssi-enterprise-identity-access-management-sebastian-weidenbach-christopher-hempel-webinar-47/
Sebastian Weidenbach and Christopher Hempel from esatus AG will explain in this presentation why Self-Sovereign Identity (SSI) has great advantages to facilitate enterprise identity and access management. It will also go into detail about how a connection between existing identity and access management solutions and distributed identity ledgers can be implemented.

SSI enables users to create proofs over facts about themselves using a distributed ledger. In an enterprise context, this also means that an employee can send a proof to, for instance, a compatible file server containing data exclusively meant for the human resources department. If this proof is valid and contains the fact that the prover is a member of the human resources department, access can be granted automatically. The need for individual approval by a superior, common reason for the tiresome and expensive delay, is removed.

Switching enterprises’ IAM systems to SSI technology cannot realistically be done in one fell swoop, though, as migrating thousands of accounts and their privileges to a new system is an intimidating task. There are ways to connect SSI technology to existing IAM solutions, though, which are starting to enter the market using gateway components to connect the old and new worlds of identity.

Published in: Internet
  • Be the first to comment

  • Be the first to like this

Using SSI for enterprise identity and access management

  1. 1. Bring Your Own Identity Using Self-Sovereign Identity (SSI) technology for credential-based IT application access SSI Meetup 27th February 2020 CC BY-SA 4.0 SSIMeetup.org
  2. 2. 1. Empower global SSI communities 2. Open to everyone interested in SSI 3. All content is shared with CC BY SA Alex Preukschat @SSIMeetup @AlexPreukschat Coordinating Node SSIMeetup.org SSIMeetup objectives SSIMeetup.orgssimeetup.org · CC BY-SA 4.0 International
  3. 3. Our SSI journey and roadmap 3 Global use cases International upscaling of SSI use cases and infrastructure Local use cases Spread SSI in large companies for I&A Reach critical mass! Interconnect legal entities Simplify processes and landscapes Make people enthusiastic about it! Released under a Creative Commons license. (CC BY-SA 4.0). SSIMeetup.org
  4. 4. SSI – THE chance of revolutionizing I&A Fact-based. Flexible. Discreet. 4Released under a Creative Commons license. (CC BY-SA 4.0). SSIMeetup.org
  5. 5. SSI use cases for Identity & Access • Credentials lead to entitlements, also works for physical access • Credentials as primary source for facts • Use credentials externally • Cross-organizational onboarding and entitlements 5Released under a Creative Commons license. (CC BY-SA 4.0). SSIMeetup.org
  6. 6. Joint project Lissi • Cross-platform Wallet App • uses Aries Framework for .NET • Project partners: • Commerzbank, Commerz Real, Comdirect • Deutsche Bahn • Creditreform, Boniversum • Bundesdruckerei • ING • Authada • Hasso Plattner Institut • Main Incubator • esatus 6Released under a Creative Commons license. (CC BY-SA 4.0). SSIMeetup.org
  7. 7. An SSI-based Enterprise I&A Solution: Connecting legacy and SSI-native target systems 7Released under a Creative Commons license. (CC BY-SA 4.0). SSIMeetup.org
  8. 8. Rule Engine CrBAC Rule Engine ClaimRules (i.e.cr.employer=Acme) ContextRules (i.e.location,time) Digital Wallet Job Credential Project Cred. … proof Entitlements authorize authenticate Entitlement Sync 8 ✔ ✔ Released under a Creative Commons license. (CC BY-SA 4.0). SSIMeetup.org
  9. 9. Roles of Credential Based Access Management CREDENTIAL ISSUER Assigns & revokes credentials HR / Project Manager / … APPLICATION OWNER Manages APP entitlements, config & CrBAC rules RULE MANAGER Manages global CrBAC rules USER Owns credentials & answers proof requests for signon 9Released under a Creative Commons license. (CC BY-SA 4.0). SSIMeetup.org
  10. 10. Live Demo self-ssi.com @esatus_SeLF @esatusself 10 Twitter: LinkedIn: Released under a Creative Commons license. (CC BY-SA 4.0). SSIMeetup.org
  11. 11. Enterprise-ready component landscape 11Released under a Creative Commons license. (CC BY-SA 4.0). SSIMeetup.org
  12. 12. Book recommendation • Click Here to Kill Everybody: Security and Survival in a Hyper-connected World from Bruce Schneier ISBN: 978-0393608885 12Released under a Creative Commons license. (CC BY-SA 4.0). SSIMeetup.org
  13. 13. Thank you! 13Released under a Creative Commons license. (CC BY-SA 4.0). SSIMeetup.org
  14. 14. Pictures • SimpleIcon http://www.simpleicon.com/ (https://commons.wikimedia.org/wiki/File:Simpleicons_Interface_padlock-lock-shape.svg), „Simpleicons Interface padlock-lock-shape“, Color changed by esatus AG, https://creativecommons.org/licenses/by/3.0/legalcode • The Photographer (https://commons.wikimedia.org/wiki/File:Fingerprint_picture.svg), „Fingerprint picture“, Color changed by esatus AG, https://creativecommons.org/licenses/by-sa/3.0/legalcode • Aaron Dodson, from The Noun Project (https://commons.wikimedia.org/wiki/File:Checklist_Noun_project_5166.svg), „Checklist Noun project 5166“, Color changed by esatus AG, https://creativecommons.org/licenses/by/3.0/legalcode • Font Awesome by Dave Gandy - https://fortawesome.github.com/Font-Awesome (https://commons.wikimedia.org/wiki/File:Building_font_awesome.svg), „Building font awesome“, Color changed by esatus AG, https://creativecommons.org/licenses/by-sa/3.0/legalcode • mikicon (https://commons.wikimedia.org/wiki/File:Bust_(NP291570).png), „Bust (NP291570)“, Cutting by esatus AG, https://creativecommons.org/licenses/by-sa/3.0/legalcode • Hellerick (https://commons.wikimedia.org/wiki/File:BlankMap_-_World_-_Hellerick_polynomial_continent-based_projection.svg), „BlankMap - World - Hellerick polynomial continent-based projection“, Cutting and Color changed by esatus AG, https://creativecommons.org/licenses/by-sa/3.0/legalcode • Font Awesome Free 5.2.0 by @fontawesome - https://fontawesome.com (https://commons.wikimedia.org/wiki/File:Font_Awesome_5_solid_id-card.svg), https://creativecommons.org/licenses/by/4.0/legalcode • MGalloway (WMF) (https://commons.wikimedia.org/wiki/File:OOjs_UI_icon_key-ltr.svg), https://creativecommons.org/licenses/by-sa/4.0/legalcode • To Uyen, from The Noun Project (https://commons.wikimedia.org/wiki/File:Smartphone_icon_-_Noun_Project_283536.svg), „Smartphone icon - Noun Project 283536“, Added QR Code by esatus AG, https://creativecommons.org/licenses/by/3.0/us/deed.en • Google Inc. (https://commons.wikimedia.org/wiki/File:Ic_lock_open_48px.svg), https://creativecommons.org/licenses/by/4.0/legalcode Released under a Creative Commons license. (CC BY-SA 4.0). SSIMeetup.org

×