SlideShare a Scribd company logo
Senior Director of Security Architecture, WSO2
Identity is Eating the World!
Prabath Siriwardena (@prabath)
INFORMATION CARDS
NEW PARADIGM FOR AUTHENTICATION TO FIGHT
AGAINST PHISHING
BORN IN 2006 - DEAD IN 2011
CONTINUOUS / ADAPTIVE AUTHENTICATION
WSO2 IDENTITY SERVER TO SUPPORT ADAPTIVE
AUTHENTICATION IN 5.7.0
MFA COULD REDUCE THE ACCOUNT COMPROMISE BY 99.99%
90% GOOGLE USERS HAVE NOT ENABLED 2FA
CONTINUOUS AND ADAPTIVE AUTHENTICATION ARE THE THE NEXT
PHASE OF MFA
THE WORLD BEFORE 2005
THE RISE OF WEB 2.0 AND SOFTWARE-DRIVEN ECONOMY
NO PUBLIC FACEBOOK, NO YOUTUBE, NO INSTAGRAM,
NO WHATSAPP, NO TWITTER
1 BILLION OPENIDs BY 2009
WSO2 IDENTITY SERVER ENABLES OPENID LOGINS FOR 4M+
SAUDI CITIZENS
CALL FOR STANDARDS!
NO ONE IS USING OPENID TODAY, EXCEPT AMAZON
STANDARDS, CONSENSUS RULE!
STANDARDS ARE NOT HERE TO STAY FOREVER
OPENID CONNECT REPLACED OPENID
OAUTH 2.0 REPLACED OAUTH 1.0
SCIM REPLACED SPML
RIP XACML!
CUSTOM POLICY LANGUAGES FOR ACCESS CONTROL
ARE ON THE RISE
KEEP AN EYE ON OPA!
THE RISE OF OPENID CONNECT!
92% OF THE 8B+ AUTHENTICATION REQUESTS AZURE AD
HANDLED IN MAY 2018 WERE FROM OPENID CONNECT
ENABLED APPLICATIONS
SAML 2.0 STARTING TO FADE OUT
THE TCP/IP MOMENT OF IDENTITY
TCP/IP WAS A LUXURY IN EARLY 1980s BUT NO MORE!
SUPPORTING IDENTITY STANDARDS IS A MUST
NO IAM VENDOR TO GET COMPETITIVE ADVANTAGE BY
JUST SUPPORTING STANDARDS
ACQUISITIONS, MERGERS AND PARTNERSHIPS LEAD
TO BUSINESS GROWTH
BY 2020, 60% OF ALL DIGITAL IDENTITIES THAT INTERACT WITH
BUSINESSES WILL COME FROM EXTERNAL IDENTITY PROVIDERS
SILOS KILL GROWTH OPPORTUNITIES
OAUTH 2.0: THE LITTLE MAGICIAN
OAUTH 2.0 IS BECOMING THE GLUE FOR ALL IDENTITY INTERACTIONS
ENTERPRISES DIDN’T GO WITH OAUTH 1.0, BUT WITH OAUTH 2.0
THE RISE OF MOBILE IDENTITY
WSO2 IDENTITY SERVER ENABLES MOBILE CONNECT FOR MORE
THAN 800 MILLION SUBSCRIBERS IN INDIA
MOBILE CONNECT GETTING TRACTION IN EUROPE AND
ASIA PACIFIC
TURNS ALL MOBILE NETWORK OPERATORS INTO IDPs
IN 2017, THE NUMBER OF PEOPLE CONNECTED TO
MOBILE SERVICES SURPASSED 5 BILLION
IN 2025 IT IS EXPECTED THAT THIS NUMBER WILL REACH 5.9
BILLION, WHICH IS ALMOST 71% OF THE WORLD POPULATION
MOBILE ADOPTION IS UNSTOPPABLE
IDENTITY IS THE NEW MONEY
DAVID BIRCH WRITES THE BOOK, IDENTITY IS THE NEW
MONEY IN 2014
EVERYONE WE KNOW, IS NOW REPRESENTED BY
A 10 DIGIT NUMBER
MOBILE PHONE, WHICH IS TIED TO ONE’S IDENTITY ALSO
COULD ACT AS MONEY
AADHAAR PAY IS POWERED BY AADHAAR
1.2 BILLION AADHAAR NUMBERS
THE LARGEST DIGITAL IDENTITY SYSTEM ON EARTH
AADHAAR
AADHAAR COLLECTS NAME, DOB, GENDER, ADDRESS, MOBILE NUMBER,
EMAIL ALONG WITH FINGERPRINTS AND IRIS
AADHAAR PAY IS A DIGITAL PAYMENT PLATFORM FOR MERCHANTS
WENT LIVE IN APRIL 2017, WITH 20 BANKS IN INDIA
AADHAAR PAY
INTEGRATED AUTOMATED FINGERPRINT IDENTIFICATION SYSTEM
(IAFIS) RUN BY FBI HAS 70M+ CRIMINAL RECORDS ALONGSIDE
34M+ CIVIL RECORDS
NOT JUST AADHAAR!
PRIVACY IS MOSTLY ABOUT HOW MUCH CONTROL YOU HAVE
OVER YOUR OWN PERSONAL IDENTIFIABLE INFORMATION
ALEKSANDR KOGAN WAS ABLE TO GRAB PERSONAL DATA OF
87 MILLION FACEBOOK USERS AND LATER SHARE THEM WITH
CAMBRIDGE ANALYTICA
PRIVACY, NO MORE A LUXURY!
PRIVACY CONCERNS AND GROWING ANGER AGAINST
CENTRALIZED SYSTEMS ARE ON THE RISE!
THE RISE OF THE INTEREST ON SELF-SOVEREIGN IDENTITY
KILL THE KING!
CENTRALIZED | FEDERATED | USER CENTRIC |
SELF-SOVEREIGN
PATH TO SELF-SOVEREIGN IDENTITY
MICROSOFT PASSPORT IS ONE OF THE VERY FIRST
FEDERATED IDENTITY SYSTEMS ON THE WEB
ANY KIND OF A CENTRALIZED SYSTEM IS JUST A HONEY
POT AWAITING TO BE ATTACKED!
FACEBOOK, GOOGLE, MICROSOFT, YAHOO, ALL MANAGE
YOUR IDENTITY CENTRALLY
CAMBRIDGE ANALYTICA NEVER HAD TO INTRUDE FACEBOOK TO
GET HOLD OF PERSONAL DATA
PERSONAL DATA OF MORE THAN 143 MILLION AMERICAN RESIDENTS
WERE EXPOSED IN EQUIFAX ATTACK
BLURRED BORDERS
DNS IS A DISTRIBUTED, CENTRALIZED SYSTEM WHICH IS
GOVERNED BY ICANN
THE MANAGEMENT OF THE COUNTRY-TLDS OF AFGHANISTAN
AND IRAQ WERE REASSIGNED DURING THE WAR TIMES
WIKILEAKS WAS BLOCKED IN USA AFTER THE
DISCLOSURE OF DIPLOMATIC CABLES
MORE WORRIES ON CENTRALIZED TRUST!
THERE ARE MORE THAN 70 MILLION SMALL BUSINESS
ON FACEBOOK, USING IT ON A DAY TO DAY BASIS
WHAT IF FACEBOOK IS BANNED?
THE HOLDER IS THE OWNER OF THE
IDENTITY INFORMATION
DID OR THE DECENTRALIZED IDENTIFIER IS
A GLOBALLY UNIQUE IDENTIFIER
SELF-SOVEREIGN IDENTITY ARCHITECTURE
ESTABLISHES A LIFETIME PORTABLE
IDENTIFIER
BLOCKCHAIN 1.0 IS ABOUT CURRENCY
BLOCKCHAIN 2.0 IS ABOUT CONTRACTS
BLOCKCHAIN 3.0 IS ABOUT APPLICATIONS BEYOND
CURRENCY, FINANCE, AND MARKETS
BLOCKCHAIN GENERATIONS
THE ZOOKO’S TRIANGLE SAYS ANY IDENTIFIER CANNOT BE
UNIQUE, DECENTRALIZED AND HUMAN READABLE
ALL TOGETHER
BLOCKSTACK LETS YOU CREATE AN IDENTIFIER, WHICH IS
GLOBALLY UNIQUE, DECENTRALIZED AND HUMAN READABLE
UNIQUE, DECENTRALIZED AND MEMORABLE
BETTER AADHAAR WITH BLOCKCHAIN
BLOCKCHAIN HELPS TO MAKE AADHAAR TRANSPARENT AND
PUBLICLY AUDITABLE
ACCESS TO 1 BILLION IDENTITIES IN 10 MINUTES FOR RS. 500
1 IN 7 EMPLOYEES WOULD BE WILLING TO SELL THEIR LOGIN
CREDENTIALS FOR AS LITTLE AS $150
BRINGING BLOCKCHAIN IDENTITY TO THE REAL WORLD
ESTONIA KSI BLOCKCHAIN
STATE OF ILLINOIS
CANADA IS TESTING A DIGITAL IDENTITY SYSTEM BASED ON
BLOCKCHAIN
SINGAPORE
DUBAI
ID2020
MORE THAN 1.5B PEOPLE AROUND THE WORLD HAVE NO
PROPER LEGAL IDENTITY (IDENTIFIER)
PERSONAL, PRIVATE, PERSISTENT, PORTABLE IDENTIFIERS
LEGAL IDENTITY FOR ALL BY 2030
GIVING AN ID MEANS GIVING RIGHTS
TAKEAWAYS!
IDENTITY AND ACCESS MANAGEMENT IS A CROSS VERTICAL
DISCIPLINE AND A KEY ENABLER FOR DIGITAL TRANSFORMATION
STICK TO STANDARD BASED IAM FOR BETTER INTEROPERABILITY
AND FOR BEST PRACTICES
IDENTITY BASED PAYMENT SYSTEMS ARE ON THE RISE
MOBILE PHONE/SIM IS BECOMING AN INTEGRAL PART OF ONE’S
IDENTITY
LARGE SCALE NATIONAL DIGITAL IDENTITY SYSTEMS ARE ON
THE RISE
BLOCKCHAIN BASED IDENTITY SYSTEMS ARE USED BY
GOVERNMENTS. STILL EXPERIMENTAL AT THE ENTERPRISE LEVEL
IDENTITY IS EATING THE WORLD! NO ESCAPE! BE PREPARED!
MFA IS A MUST. THE NEXT SHIFT IS CONTINUOUS AND
ADAPTIVE AUTHENTICATION
TAKEAWAYS!
THANK YOU
wso2.com

More Related Content

Similar to Identity is Eating the World!

IE application 2016: Question J
IE application 2016: Question JIE application 2016: Question J
IE application 2016: Question JShreya_goenka
 
Biggest Data Breaches of 2016
Biggest Data Breaches of 2016Biggest Data Breaches of 2016
Biggest Data Breaches of 2016ThrottleNet, Inc
 
How the Internet is Redesigning Business by @JoeyShepp
How the Internet is Redesigning Business by @JoeySheppHow the Internet is Redesigning Business by @JoeyShepp
How the Internet is Redesigning Business by @JoeySheppEarthsite
 
BUILDING DIGITAL INFRASTRUCTURE FOR A BILLION
BUILDING DIGITAL INFRASTRUCTURE FOR A BILLIONBUILDING DIGITAL INFRASTRUCTURE FOR A BILLION
BUILDING DIGITAL INFRASTRUCTURE FOR A BILLIONindiastack
 
The 5 Immutable Laws of Attracting Millennials
The 5 Immutable Laws of Attracting MillennialsThe 5 Immutable Laws of Attracting Millennials
The 5 Immutable Laws of Attracting MillennialsBrent Kelly
 
Hoffman mars:new jersey.key
Hoffman mars:new jersey.keyHoffman mars:new jersey.key
Hoffman mars:new jersey.keyBob Hoffman
 
MBA in Social Media by @JoeyShepp of @Earthsite
MBA in Social Media by @JoeyShepp of @EarthsiteMBA in Social Media by @JoeyShepp of @Earthsite
MBA in Social Media by @JoeyShepp of @EarthsiteEarthsite
 
Blockchain Decentralised World
 Blockchain  Decentralised World Blockchain  Decentralised World
Blockchain Decentralised WorldMoldova ICT Summit
 
Blockchain Possibilities: Identity, Privacy, and Advertising
Blockchain Possibilities: Identity, Privacy, and AdvertisingBlockchain Possibilities: Identity, Privacy, and Advertising
Blockchain Possibilities: Identity, Privacy, and AdvertisingInês Almeida
 
Bitcoin, Ethereum, and Blockchain - Digital Literacy @ Columbia University Bu...
Bitcoin, Ethereum, and Blockchain - Digital Literacy @ Columbia University Bu...Bitcoin, Ethereum, and Blockchain - Digital Literacy @ Columbia University Bu...
Bitcoin, Ethereum, and Blockchain - Digital Literacy @ Columbia University Bu...Chris Castiglione
 
Payment Week - Andrew Barnes, Managing Director___Cashstar
Payment Week - Andrew Barnes, Managing Director___CashstarPayment Week - Andrew Barnes, Managing Director___Cashstar
Payment Week - Andrew Barnes, Managing Director___CashstarAndrew Barnes
 
Biggest Data Breaches of 2013
Biggest Data Breaches of 2013Biggest Data Breaches of 2013
Biggest Data Breaches of 2013Mihajlo Prerad
 
India's Data Dilemma with India Stack
India's Data Dilemma with India StackIndia's Data Dilemma with India Stack
India's Data Dilemma with India StackGramener
 
Digital Politics: A briefing on new media for the Victorian caucus.
Digital Politics: A briefing on new media for the Victorian caucus.Digital Politics: A briefing on new media for the Victorian caucus.
Digital Politics: A briefing on new media for the Victorian caucus.Tim Evans
 
Digital citizenship powerpoint poe
Digital citizenship powerpoint poeDigital citizenship powerpoint poe
Digital citizenship powerpoint poeRobert Tsiliiyiannis
 
Lalo Huber - El impacto de la Economía Digital - Econ2017
Lalo Huber - El impacto de la Economía Digital - Econ2017Lalo Huber - El impacto de la Economía Digital - Econ2017
Lalo Huber - El impacto de la Economía Digital - Econ2017Lalo Huber
 
Sustainable Media - How Social Media is the Ultimate Sustainability Technolog...
Sustainable Media - How Social Media is the Ultimate Sustainability Technolog...Sustainable Media - How Social Media is the Ultimate Sustainability Technolog...
Sustainable Media - How Social Media is the Ultimate Sustainability Technolog...Earthsite
 

Similar to Identity is Eating the World! (20)

IE application 2016: Question J
IE application 2016: Question JIE application 2016: Question J
IE application 2016: Question J
 
Biggest Data Breaches of 2016
Biggest Data Breaches of 2016Biggest Data Breaches of 2016
Biggest Data Breaches of 2016
 
How the Internet is Redesigning Business by @JoeyShepp
How the Internet is Redesigning Business by @JoeySheppHow the Internet is Redesigning Business by @JoeyShepp
How the Internet is Redesigning Business by @JoeyShepp
 
BUILDING DIGITAL INFRASTRUCTURE FOR A BILLION
BUILDING DIGITAL INFRASTRUCTURE FOR A BILLIONBUILDING DIGITAL INFRASTRUCTURE FOR A BILLION
BUILDING DIGITAL INFRASTRUCTURE FOR A BILLION
 
The 5 Immutable Laws of Attracting Millennials
The 5 Immutable Laws of Attracting MillennialsThe 5 Immutable Laws of Attracting Millennials
The 5 Immutable Laws of Attracting Millennials
 
Hoffman mars:new jersey.key
Hoffman mars:new jersey.keyHoffman mars:new jersey.key
Hoffman mars:new jersey.key
 
MBA in Social Media by @JoeyShepp of @Earthsite
MBA in Social Media by @JoeyShepp of @EarthsiteMBA in Social Media by @JoeyShepp of @Earthsite
MBA in Social Media by @JoeyShepp of @Earthsite
 
Blockchain Decentralised World
 Blockchain  Decentralised World Blockchain  Decentralised World
Blockchain Decentralised World
 
HighBlood deck
HighBlood deckHighBlood deck
HighBlood deck
 
Blockchain Possibilities: Identity, Privacy, and Advertising
Blockchain Possibilities: Identity, Privacy, and AdvertisingBlockchain Possibilities: Identity, Privacy, and Advertising
Blockchain Possibilities: Identity, Privacy, and Advertising
 
Bitcoin, Ethereum, and Blockchain - Digital Literacy @ Columbia University Bu...
Bitcoin, Ethereum, and Blockchain - Digital Literacy @ Columbia University Bu...Bitcoin, Ethereum, and Blockchain - Digital Literacy @ Columbia University Bu...
Bitcoin, Ethereum, and Blockchain - Digital Literacy @ Columbia University Bu...
 
Payment Week - Andrew Barnes, Managing Director___Cashstar
Payment Week - Andrew Barnes, Managing Director___CashstarPayment Week - Andrew Barnes, Managing Director___Cashstar
Payment Week - Andrew Barnes, Managing Director___Cashstar
 
Biggest Data Breaches of 2013
Biggest Data Breaches of 2013Biggest Data Breaches of 2013
Biggest Data Breaches of 2013
 
India's Data Dilemma with India Stack
India's Data Dilemma with India StackIndia's Data Dilemma with India Stack
India's Data Dilemma with India Stack
 
16 Trends for 2016
16 Trends for 201616 Trends for 2016
16 Trends for 2016
 
Read, Like & Shares.pptx
Read, Like & Shares.pptxRead, Like & Shares.pptx
Read, Like & Shares.pptx
 
Digital Politics: A briefing on new media for the Victorian caucus.
Digital Politics: A briefing on new media for the Victorian caucus.Digital Politics: A briefing on new media for the Victorian caucus.
Digital Politics: A briefing on new media for the Victorian caucus.
 
Digital citizenship powerpoint poe
Digital citizenship powerpoint poeDigital citizenship powerpoint poe
Digital citizenship powerpoint poe
 
Lalo Huber - El impacto de la Economía Digital - Econ2017
Lalo Huber - El impacto de la Economía Digital - Econ2017Lalo Huber - El impacto de la Economía Digital - Econ2017
Lalo Huber - El impacto de la Economía Digital - Econ2017
 
Sustainable Media - How Social Media is the Ultimate Sustainability Technolog...
Sustainable Media - How Social Media is the Ultimate Sustainability Technolog...Sustainable Media - How Social Media is the Ultimate Sustainability Technolog...
Sustainable Media - How Social Media is the Ultimate Sustainability Technolog...
 

More from Prabath Siriwardena

Microservices Security Landscape
Microservices Security LandscapeMicroservices Security Landscape
Microservices Security LandscapePrabath Siriwardena
 
Cloud Native Identity with SPIFFE
Cloud Native Identity with SPIFFECloud Native Identity with SPIFFE
Cloud Native Identity with SPIFFEPrabath Siriwardena
 
API Security Best Practices & Guidelines
API Security Best Practices & GuidelinesAPI Security Best Practices & Guidelines
API Security Best Practices & GuidelinesPrabath Siriwardena
 
Microservices Security Landscape
Microservices Security LandscapeMicroservices Security Landscape
Microservices Security LandscapePrabath Siriwardena
 
Blockchain-based Solutions for Identity & Access Management
Blockchain-based Solutions for Identity & Access ManagementBlockchain-based Solutions for Identity & Access Management
Blockchain-based Solutions for Identity & Access ManagementPrabath Siriwardena
 
OAuth 2.0 for Web and Native (Mobile) App Developers
OAuth 2.0 for Web and Native (Mobile) App DevelopersOAuth 2.0 for Web and Native (Mobile) App Developers
OAuth 2.0 for Web and Native (Mobile) App DevelopersPrabath Siriwardena
 
Identity Management for Web Application Developers
Identity Management for Web Application DevelopersIdentity Management for Web Application Developers
Identity Management for Web Application DevelopersPrabath Siriwardena
 
API Security Best Practices & Guidelines
API Security Best Practices & GuidelinesAPI Security Best Practices & Guidelines
API Security Best Practices & GuidelinesPrabath Siriwardena
 
Open Standards in Identity Management
Open Standards  in  Identity ManagementOpen Standards  in  Identity Management
Open Standards in Identity ManagementPrabath Siriwardena
 
Securing Single-Page Applications with OAuth 2.0
Securing Single-Page Applications with OAuth 2.0Securing Single-Page Applications with OAuth 2.0
Securing Single-Page Applications with OAuth 2.0Prabath Siriwardena
 
API Security : Patterns and Practices
API Security : Patterns and PracticesAPI Security : Patterns and Practices
API Security : Patterns and PracticesPrabath Siriwardena
 
Best Practices in Building an API Security Ecosystem
Best Practices in Building an API Security EcosystemBest Practices in Building an API Security Ecosystem
Best Practices in Building an API Security EcosystemPrabath Siriwardena
 
Connected Identity : The Role of the Identity Bus
Connected Identity : The Role of the Identity BusConnected Identity : The Role of the Identity Bus
Connected Identity : The Role of the Identity BusPrabath Siriwardena
 
Connected Identity : Benefits, Risks & Challenges
Connected Identity : Benefits, Risks & ChallengesConnected Identity : Benefits, Risks & Challenges
Connected Identity : Benefits, Risks & ChallengesPrabath Siriwardena
 
The Evolution of Internet Identity
The Evolution of Internet IdentityThe Evolution of Internet Identity
The Evolution of Internet IdentityPrabath Siriwardena
 
Next-Gen Apps with IoT and Cloud
Next-Gen Apps with IoT and CloudNext-Gen Apps with IoT and Cloud
Next-Gen Apps with IoT and CloudPrabath Siriwardena
 

More from Prabath Siriwardena (20)

Microservices Security Landscape
Microservices Security LandscapeMicroservices Security Landscape
Microservices Security Landscape
 
Cloud Native Identity with SPIFFE
Cloud Native Identity with SPIFFECloud Native Identity with SPIFFE
Cloud Native Identity with SPIFFE
 
API Security Best Practices & Guidelines
API Security Best Practices & GuidelinesAPI Security Best Practices & Guidelines
API Security Best Practices & Guidelines
 
Microservices Security Landscape
Microservices Security LandscapeMicroservices Security Landscape
Microservices Security Landscape
 
OAuth 2.0 Threat Landscape
OAuth 2.0 Threat LandscapeOAuth 2.0 Threat Landscape
OAuth 2.0 Threat Landscape
 
GDPR for Identity Architects
GDPR for Identity ArchitectsGDPR for Identity Architects
GDPR for Identity Architects
 
Blockchain-based Solutions for Identity & Access Management
Blockchain-based Solutions for Identity & Access ManagementBlockchain-based Solutions for Identity & Access Management
Blockchain-based Solutions for Identity & Access Management
 
OAuth 2.0 Threat Landscapes
OAuth 2.0 Threat LandscapesOAuth 2.0 Threat Landscapes
OAuth 2.0 Threat Landscapes
 
OAuth 2.0 for Web and Native (Mobile) App Developers
OAuth 2.0 for Web and Native (Mobile) App DevelopersOAuth 2.0 for Web and Native (Mobile) App Developers
OAuth 2.0 for Web and Native (Mobile) App Developers
 
Identity Management for Web Application Developers
Identity Management for Web Application DevelopersIdentity Management for Web Application Developers
Identity Management for Web Application Developers
 
API Security Best Practices & Guidelines
API Security Best Practices & GuidelinesAPI Security Best Practices & Guidelines
API Security Best Practices & Guidelines
 
Open Standards in Identity Management
Open Standards  in  Identity ManagementOpen Standards  in  Identity Management
Open Standards in Identity Management
 
Securing Single-Page Applications with OAuth 2.0
Securing Single-Page Applications with OAuth 2.0Securing Single-Page Applications with OAuth 2.0
Securing Single-Page Applications with OAuth 2.0
 
API Security : Patterns and Practices
API Security : Patterns and PracticesAPI Security : Patterns and Practices
API Security : Patterns and Practices
 
Best Practices in Building an API Security Ecosystem
Best Practices in Building an API Security EcosystemBest Practices in Building an API Security Ecosystem
Best Practices in Building an API Security Ecosystem
 
Connected Identity : The Role of the Identity Bus
Connected Identity : The Role of the Identity BusConnected Identity : The Role of the Identity Bus
Connected Identity : The Role of the Identity Bus
 
Connected Identity : Benefits, Risks & Challenges
Connected Identity : Benefits, Risks & ChallengesConnected Identity : Benefits, Risks & Challenges
Connected Identity : Benefits, Risks & Challenges
 
The Evolution of Internet Identity
The Evolution of Internet IdentityThe Evolution of Internet Identity
The Evolution of Internet Identity
 
Next-Gen Apps with IoT and Cloud
Next-Gen Apps with IoT and CloudNext-Gen Apps with IoT and Cloud
Next-Gen Apps with IoT and Cloud
 
Securing Insecure
Securing InsecureSecuring Insecure
Securing Insecure
 

Recently uploaded

UNIT – IV_PCI Complaints: Complaints and evaluation of complaints, Handling o...
UNIT – IV_PCI Complaints: Complaints and evaluation of complaints, Handling o...UNIT – IV_PCI Complaints: Complaints and evaluation of complaints, Handling o...
UNIT – IV_PCI Complaints: Complaints and evaluation of complaints, Handling o...Sayali Powar
 
Incoming and Outgoing Shipments in 2 STEPS Using Odoo 17
Incoming and Outgoing Shipments in 2 STEPS Using Odoo 17Incoming and Outgoing Shipments in 2 STEPS Using Odoo 17
Incoming and Outgoing Shipments in 2 STEPS Using Odoo 17Celine George
 
size separation d pharm 1st year pharmaceutics
size separation d pharm 1st year pharmaceuticssize separation d pharm 1st year pharmaceutics
size separation d pharm 1st year pharmaceuticspragatimahajan3
 
Open Educational Resources Primer PowerPoint
Open Educational Resources Primer PowerPointOpen Educational Resources Primer PowerPoint
Open Educational Resources Primer PowerPointELaRue0
 
2024_Student Session 2_ Set Plan Preparation.pptx
2024_Student Session 2_ Set Plan Preparation.pptx2024_Student Session 2_ Set Plan Preparation.pptx
2024_Student Session 2_ Set Plan Preparation.pptxmansk2
 
IATP How-to Foreign Travel May 2024.pdff
IATP How-to Foreign Travel May 2024.pdffIATP How-to Foreign Travel May 2024.pdff
IATP How-to Foreign Travel May 2024.pdff17thcssbs2
 
The basics of sentences session 4pptx.pptx
The basics of sentences session 4pptx.pptxThe basics of sentences session 4pptx.pptx
The basics of sentences session 4pptx.pptxheathfieldcps1
 
Dementia (Alzheimer & vasular dementia).
Dementia (Alzheimer & vasular dementia).Dementia (Alzheimer & vasular dementia).
Dementia (Alzheimer & vasular dementia).Mohamed Rizk Khodair
 
Telling Your Story_ Simple Steps to Build Your Nonprofit's Brand Webinar.pdf
Telling Your Story_ Simple Steps to Build Your Nonprofit's Brand Webinar.pdfTelling Your Story_ Simple Steps to Build Your Nonprofit's Brand Webinar.pdf
Telling Your Story_ Simple Steps to Build Your Nonprofit's Brand Webinar.pdfTechSoup
 
INU_CAPSTONEDESIGN_비밀번호486_업로드용 발표자료.pdf
INU_CAPSTONEDESIGN_비밀번호486_업로드용 발표자료.pdfINU_CAPSTONEDESIGN_비밀번호486_업로드용 발표자료.pdf
INU_CAPSTONEDESIGN_비밀번호486_업로드용 발표자료.pdfbu07226
 
Application of Matrices in real life. Presentation on application of matrices
Application of Matrices in real life. Presentation on application of matricesApplication of Matrices in real life. Presentation on application of matrices
Application of Matrices in real life. Presentation on application of matricesRased Khan
 
How to Break the cycle of negative Thoughts
How to Break the cycle of negative ThoughtsHow to Break the cycle of negative Thoughts
How to Break the cycle of negative ThoughtsCol Mukteshwar Prasad
 
50 ĐỀ LUYỆN THI IOE LỚP 9 - NĂM HỌC 2022-2023 (CÓ LINK HÌNH, FILE AUDIO VÀ ĐÁ...
50 ĐỀ LUYỆN THI IOE LỚP 9 - NĂM HỌC 2022-2023 (CÓ LINK HÌNH, FILE AUDIO VÀ ĐÁ...50 ĐỀ LUYỆN THI IOE LỚP 9 - NĂM HỌC 2022-2023 (CÓ LINK HÌNH, FILE AUDIO VÀ ĐÁ...
50 ĐỀ LUYỆN THI IOE LỚP 9 - NĂM HỌC 2022-2023 (CÓ LINK HÌNH, FILE AUDIO VÀ ĐÁ...Nguyen Thanh Tu Collection
 
ppt your views.ppt your views of your college in your eyes
ppt your views.ppt your views of your college in your eyesppt your views.ppt your views of your college in your eyes
ppt your views.ppt your views of your college in your eyesashishpaul799
 
Gyanartha SciBizTech Quiz slideshare.pptx
Gyanartha SciBizTech Quiz slideshare.pptxGyanartha SciBizTech Quiz slideshare.pptx
Gyanartha SciBizTech Quiz slideshare.pptxShibin Azad
 
How to the fix Attribute Error in odoo 17
How to the fix Attribute Error in odoo 17How to the fix Attribute Error in odoo 17
How to the fix Attribute Error in odoo 17Celine George
 
Post Exam Fun(da) Intra UEM General Quiz 2024 - Prelims q&a.pdf
Post Exam Fun(da) Intra UEM General Quiz 2024 - Prelims q&a.pdfPost Exam Fun(da) Intra UEM General Quiz 2024 - Prelims q&a.pdf
Post Exam Fun(da) Intra UEM General Quiz 2024 - Prelims q&a.pdfPragya - UEM Kolkata Quiz Club
 
Matatag-Curriculum and the 21st Century Skills Presentation.pptx
Matatag-Curriculum and the 21st Century Skills Presentation.pptxMatatag-Curriculum and the 21st Century Skills Presentation.pptx
Matatag-Curriculum and the 21st Century Skills Presentation.pptxJenilouCasareno
 
Advances in production technology of Grapes.pdf
Advances in production technology of Grapes.pdfAdvances in production technology of Grapes.pdf
Advances in production technology of Grapes.pdfDr. M. Kumaresan Hort.
 

Recently uploaded (20)

UNIT – IV_PCI Complaints: Complaints and evaluation of complaints, Handling o...
UNIT – IV_PCI Complaints: Complaints and evaluation of complaints, Handling o...UNIT – IV_PCI Complaints: Complaints and evaluation of complaints, Handling o...
UNIT – IV_PCI Complaints: Complaints and evaluation of complaints, Handling o...
 
Word Stress rules esl .pptx
Word Stress rules esl               .pptxWord Stress rules esl               .pptx
Word Stress rules esl .pptx
 
Incoming and Outgoing Shipments in 2 STEPS Using Odoo 17
Incoming and Outgoing Shipments in 2 STEPS Using Odoo 17Incoming and Outgoing Shipments in 2 STEPS Using Odoo 17
Incoming and Outgoing Shipments in 2 STEPS Using Odoo 17
 
size separation d pharm 1st year pharmaceutics
size separation d pharm 1st year pharmaceuticssize separation d pharm 1st year pharmaceutics
size separation d pharm 1st year pharmaceutics
 
Open Educational Resources Primer PowerPoint
Open Educational Resources Primer PowerPointOpen Educational Resources Primer PowerPoint
Open Educational Resources Primer PowerPoint
 
2024_Student Session 2_ Set Plan Preparation.pptx
2024_Student Session 2_ Set Plan Preparation.pptx2024_Student Session 2_ Set Plan Preparation.pptx
2024_Student Session 2_ Set Plan Preparation.pptx
 
IATP How-to Foreign Travel May 2024.pdff
IATP How-to Foreign Travel May 2024.pdffIATP How-to Foreign Travel May 2024.pdff
IATP How-to Foreign Travel May 2024.pdff
 
The basics of sentences session 4pptx.pptx
The basics of sentences session 4pptx.pptxThe basics of sentences session 4pptx.pptx
The basics of sentences session 4pptx.pptx
 
Dementia (Alzheimer & vasular dementia).
Dementia (Alzheimer & vasular dementia).Dementia (Alzheimer & vasular dementia).
Dementia (Alzheimer & vasular dementia).
 
Telling Your Story_ Simple Steps to Build Your Nonprofit's Brand Webinar.pdf
Telling Your Story_ Simple Steps to Build Your Nonprofit's Brand Webinar.pdfTelling Your Story_ Simple Steps to Build Your Nonprofit's Brand Webinar.pdf
Telling Your Story_ Simple Steps to Build Your Nonprofit's Brand Webinar.pdf
 
INU_CAPSTONEDESIGN_비밀번호486_업로드용 발표자료.pdf
INU_CAPSTONEDESIGN_비밀번호486_업로드용 발표자료.pdfINU_CAPSTONEDESIGN_비밀번호486_업로드용 발표자료.pdf
INU_CAPSTONEDESIGN_비밀번호486_업로드용 발표자료.pdf
 
Application of Matrices in real life. Presentation on application of matrices
Application of Matrices in real life. Presentation on application of matricesApplication of Matrices in real life. Presentation on application of matrices
Application of Matrices in real life. Presentation on application of matrices
 
How to Break the cycle of negative Thoughts
How to Break the cycle of negative ThoughtsHow to Break the cycle of negative Thoughts
How to Break the cycle of negative Thoughts
 
50 ĐỀ LUYỆN THI IOE LỚP 9 - NĂM HỌC 2022-2023 (CÓ LINK HÌNH, FILE AUDIO VÀ ĐÁ...
50 ĐỀ LUYỆN THI IOE LỚP 9 - NĂM HỌC 2022-2023 (CÓ LINK HÌNH, FILE AUDIO VÀ ĐÁ...50 ĐỀ LUYỆN THI IOE LỚP 9 - NĂM HỌC 2022-2023 (CÓ LINK HÌNH, FILE AUDIO VÀ ĐÁ...
50 ĐỀ LUYỆN THI IOE LỚP 9 - NĂM HỌC 2022-2023 (CÓ LINK HÌNH, FILE AUDIO VÀ ĐÁ...
 
ppt your views.ppt your views of your college in your eyes
ppt your views.ppt your views of your college in your eyesppt your views.ppt your views of your college in your eyes
ppt your views.ppt your views of your college in your eyes
 
Gyanartha SciBizTech Quiz slideshare.pptx
Gyanartha SciBizTech Quiz slideshare.pptxGyanartha SciBizTech Quiz slideshare.pptx
Gyanartha SciBizTech Quiz slideshare.pptx
 
How to the fix Attribute Error in odoo 17
How to the fix Attribute Error in odoo 17How to the fix Attribute Error in odoo 17
How to the fix Attribute Error in odoo 17
 
Post Exam Fun(da) Intra UEM General Quiz 2024 - Prelims q&a.pdf
Post Exam Fun(da) Intra UEM General Quiz 2024 - Prelims q&a.pdfPost Exam Fun(da) Intra UEM General Quiz 2024 - Prelims q&a.pdf
Post Exam Fun(da) Intra UEM General Quiz 2024 - Prelims q&a.pdf
 
Matatag-Curriculum and the 21st Century Skills Presentation.pptx
Matatag-Curriculum and the 21st Century Skills Presentation.pptxMatatag-Curriculum and the 21st Century Skills Presentation.pptx
Matatag-Curriculum and the 21st Century Skills Presentation.pptx
 
Advances in production technology of Grapes.pdf
Advances in production technology of Grapes.pdfAdvances in production technology of Grapes.pdf
Advances in production technology of Grapes.pdf
 

Identity is Eating the World!

  • 1. Senior Director of Security Architecture, WSO2 Identity is Eating the World! Prabath Siriwardena (@prabath)
  • 2. INFORMATION CARDS NEW PARADIGM FOR AUTHENTICATION TO FIGHT AGAINST PHISHING BORN IN 2006 - DEAD IN 2011
  • 3. CONTINUOUS / ADAPTIVE AUTHENTICATION WSO2 IDENTITY SERVER TO SUPPORT ADAPTIVE AUTHENTICATION IN 5.7.0 MFA COULD REDUCE THE ACCOUNT COMPROMISE BY 99.99% 90% GOOGLE USERS HAVE NOT ENABLED 2FA CONTINUOUS AND ADAPTIVE AUTHENTICATION ARE THE THE NEXT PHASE OF MFA
  • 4. THE WORLD BEFORE 2005 THE RISE OF WEB 2.0 AND SOFTWARE-DRIVEN ECONOMY NO PUBLIC FACEBOOK, NO YOUTUBE, NO INSTAGRAM, NO WHATSAPP, NO TWITTER
  • 5. 1 BILLION OPENIDs BY 2009 WSO2 IDENTITY SERVER ENABLES OPENID LOGINS FOR 4M+ SAUDI CITIZENS CALL FOR STANDARDS! NO ONE IS USING OPENID TODAY, EXCEPT AMAZON
  • 6. STANDARDS, CONSENSUS RULE! STANDARDS ARE NOT HERE TO STAY FOREVER OPENID CONNECT REPLACED OPENID OAUTH 2.0 REPLACED OAUTH 1.0 SCIM REPLACED SPML
  • 7. RIP XACML! CUSTOM POLICY LANGUAGES FOR ACCESS CONTROL ARE ON THE RISE KEEP AN EYE ON OPA!
  • 8. THE RISE OF OPENID CONNECT! 92% OF THE 8B+ AUTHENTICATION REQUESTS AZURE AD HANDLED IN MAY 2018 WERE FROM OPENID CONNECT ENABLED APPLICATIONS SAML 2.0 STARTING TO FADE OUT
  • 9. THE TCP/IP MOMENT OF IDENTITY TCP/IP WAS A LUXURY IN EARLY 1980s BUT NO MORE! SUPPORTING IDENTITY STANDARDS IS A MUST NO IAM VENDOR TO GET COMPETITIVE ADVANTAGE BY JUST SUPPORTING STANDARDS
  • 10. ACQUISITIONS, MERGERS AND PARTNERSHIPS LEAD TO BUSINESS GROWTH BY 2020, 60% OF ALL DIGITAL IDENTITIES THAT INTERACT WITH BUSINESSES WILL COME FROM EXTERNAL IDENTITY PROVIDERS SILOS KILL GROWTH OPPORTUNITIES
  • 11. OAUTH 2.0: THE LITTLE MAGICIAN OAUTH 2.0 IS BECOMING THE GLUE FOR ALL IDENTITY INTERACTIONS ENTERPRISES DIDN’T GO WITH OAUTH 1.0, BUT WITH OAUTH 2.0
  • 12. THE RISE OF MOBILE IDENTITY WSO2 IDENTITY SERVER ENABLES MOBILE CONNECT FOR MORE THAN 800 MILLION SUBSCRIBERS IN INDIA MOBILE CONNECT GETTING TRACTION IN EUROPE AND ASIA PACIFIC TURNS ALL MOBILE NETWORK OPERATORS INTO IDPs
  • 13. IN 2017, THE NUMBER OF PEOPLE CONNECTED TO MOBILE SERVICES SURPASSED 5 BILLION IN 2025 IT IS EXPECTED THAT THIS NUMBER WILL REACH 5.9 BILLION, WHICH IS ALMOST 71% OF THE WORLD POPULATION MOBILE ADOPTION IS UNSTOPPABLE
  • 14. IDENTITY IS THE NEW MONEY DAVID BIRCH WRITES THE BOOK, IDENTITY IS THE NEW MONEY IN 2014 EVERYONE WE KNOW, IS NOW REPRESENTED BY A 10 DIGIT NUMBER MOBILE PHONE, WHICH IS TIED TO ONE’S IDENTITY ALSO COULD ACT AS MONEY
  • 15. AADHAAR PAY IS POWERED BY AADHAAR 1.2 BILLION AADHAAR NUMBERS THE LARGEST DIGITAL IDENTITY SYSTEM ON EARTH AADHAAR AADHAAR COLLECTS NAME, DOB, GENDER, ADDRESS, MOBILE NUMBER, EMAIL ALONG WITH FINGERPRINTS AND IRIS
  • 16. AADHAAR PAY IS A DIGITAL PAYMENT PLATFORM FOR MERCHANTS WENT LIVE IN APRIL 2017, WITH 20 BANKS IN INDIA AADHAAR PAY
  • 17. INTEGRATED AUTOMATED FINGERPRINT IDENTIFICATION SYSTEM (IAFIS) RUN BY FBI HAS 70M+ CRIMINAL RECORDS ALONGSIDE 34M+ CIVIL RECORDS NOT JUST AADHAAR!
  • 18. PRIVACY IS MOSTLY ABOUT HOW MUCH CONTROL YOU HAVE OVER YOUR OWN PERSONAL IDENTIFIABLE INFORMATION ALEKSANDR KOGAN WAS ABLE TO GRAB PERSONAL DATA OF 87 MILLION FACEBOOK USERS AND LATER SHARE THEM WITH CAMBRIDGE ANALYTICA PRIVACY, NO MORE A LUXURY!
  • 19. PRIVACY CONCERNS AND GROWING ANGER AGAINST CENTRALIZED SYSTEMS ARE ON THE RISE! THE RISE OF THE INTEREST ON SELF-SOVEREIGN IDENTITY KILL THE KING!
  • 20. CENTRALIZED | FEDERATED | USER CENTRIC | SELF-SOVEREIGN PATH TO SELF-SOVEREIGN IDENTITY MICROSOFT PASSPORT IS ONE OF THE VERY FIRST FEDERATED IDENTITY SYSTEMS ON THE WEB
  • 21. ANY KIND OF A CENTRALIZED SYSTEM IS JUST A HONEY POT AWAITING TO BE ATTACKED! FACEBOOK, GOOGLE, MICROSOFT, YAHOO, ALL MANAGE YOUR IDENTITY CENTRALLY CAMBRIDGE ANALYTICA NEVER HAD TO INTRUDE FACEBOOK TO GET HOLD OF PERSONAL DATA PERSONAL DATA OF MORE THAN 143 MILLION AMERICAN RESIDENTS WERE EXPOSED IN EQUIFAX ATTACK BLURRED BORDERS
  • 22. DNS IS A DISTRIBUTED, CENTRALIZED SYSTEM WHICH IS GOVERNED BY ICANN THE MANAGEMENT OF THE COUNTRY-TLDS OF AFGHANISTAN AND IRAQ WERE REASSIGNED DURING THE WAR TIMES WIKILEAKS WAS BLOCKED IN USA AFTER THE DISCLOSURE OF DIPLOMATIC CABLES MORE WORRIES ON CENTRALIZED TRUST!
  • 23. THERE ARE MORE THAN 70 MILLION SMALL BUSINESS ON FACEBOOK, USING IT ON A DAY TO DAY BASIS WHAT IF FACEBOOK IS BANNED?
  • 24. THE HOLDER IS THE OWNER OF THE IDENTITY INFORMATION DID OR THE DECENTRALIZED IDENTIFIER IS A GLOBALLY UNIQUE IDENTIFIER SELF-SOVEREIGN IDENTITY ARCHITECTURE ESTABLISHES A LIFETIME PORTABLE IDENTIFIER
  • 25. BLOCKCHAIN 1.0 IS ABOUT CURRENCY BLOCKCHAIN 2.0 IS ABOUT CONTRACTS BLOCKCHAIN 3.0 IS ABOUT APPLICATIONS BEYOND CURRENCY, FINANCE, AND MARKETS BLOCKCHAIN GENERATIONS
  • 26. THE ZOOKO’S TRIANGLE SAYS ANY IDENTIFIER CANNOT BE UNIQUE, DECENTRALIZED AND HUMAN READABLE ALL TOGETHER BLOCKSTACK LETS YOU CREATE AN IDENTIFIER, WHICH IS GLOBALLY UNIQUE, DECENTRALIZED AND HUMAN READABLE UNIQUE, DECENTRALIZED AND MEMORABLE
  • 27. BETTER AADHAAR WITH BLOCKCHAIN BLOCKCHAIN HELPS TO MAKE AADHAAR TRANSPARENT AND PUBLICLY AUDITABLE ACCESS TO 1 BILLION IDENTITIES IN 10 MINUTES FOR RS. 500 1 IN 7 EMPLOYEES WOULD BE WILLING TO SELL THEIR LOGIN CREDENTIALS FOR AS LITTLE AS $150
  • 28. BRINGING BLOCKCHAIN IDENTITY TO THE REAL WORLD ESTONIA KSI BLOCKCHAIN STATE OF ILLINOIS CANADA IS TESTING A DIGITAL IDENTITY SYSTEM BASED ON BLOCKCHAIN SINGAPORE DUBAI
  • 29. ID2020 MORE THAN 1.5B PEOPLE AROUND THE WORLD HAVE NO PROPER LEGAL IDENTITY (IDENTIFIER) PERSONAL, PRIVATE, PERSISTENT, PORTABLE IDENTIFIERS LEGAL IDENTITY FOR ALL BY 2030 GIVING AN ID MEANS GIVING RIGHTS
  • 30. TAKEAWAYS! IDENTITY AND ACCESS MANAGEMENT IS A CROSS VERTICAL DISCIPLINE AND A KEY ENABLER FOR DIGITAL TRANSFORMATION STICK TO STANDARD BASED IAM FOR BETTER INTEROPERABILITY AND FOR BEST PRACTICES IDENTITY BASED PAYMENT SYSTEMS ARE ON THE RISE MOBILE PHONE/SIM IS BECOMING AN INTEGRAL PART OF ONE’S IDENTITY
  • 31. LARGE SCALE NATIONAL DIGITAL IDENTITY SYSTEMS ARE ON THE RISE BLOCKCHAIN BASED IDENTITY SYSTEMS ARE USED BY GOVERNMENTS. STILL EXPERIMENTAL AT THE ENTERPRISE LEVEL IDENTITY IS EATING THE WORLD! NO ESCAPE! BE PREPARED! MFA IS A MUST. THE NEXT SHIFT IS CONTINUOUS AND ADAPTIVE AUTHENTICATION TAKEAWAYS!