This document summarizes a presentation on reengineering digital identity. It discusses how digital identities have evolved in different contexts or "niches" like banking, retail, etc. due to different pressures. It argues federated identity often fails because identities are too specialized to their original context. The document advocates dropping down to the level of specific identity attributes ("assertions") rather than abstract identities, and letting relying parties define what attributes they need, as their requirements define an identity. It suggests taking an ecological/memetic view of digital identity evolution could improve federation by recognizing specialized contexts and allowing flexible recombination of identity attributes.
Innovation in the Digital Identity space is crucial for progress. Here’s a fact: a new identity is generated with every birth. Now consider this: by the time you finish your day today, a staggering 360,000 children will be eligible for an identity document.
Presented to students and faculty at Michigan State University as a guest lecturer on private blockchains being used in government and industry for Management 491.
This is the keynote presentation that I gave at MyData 2018. It explains the connection between identity and personal data. Some of my story of how I began working on identity 15 years ago. The Domains of Identity, My master's report is explained and then core components of Self-Sovereign Identity is explained. I conclude sharing some thoughts on how we work together to build alignment.
Become a blockchain expert and join the blockchain revolutionBlockchain Council
A blockchain expert is one who specializes in blockchain technology and helps businesses improve their business processes and models by incorporating blockchain in their businesses.Click here @http://bit.ly/2XbGczl
Innovation in the Digital Identity space is crucial for progress. Here’s a fact: a new identity is generated with every birth. Now consider this: by the time you finish your day today, a staggering 360,000 children will be eligible for an identity document.
Presented to students and faculty at Michigan State University as a guest lecturer on private blockchains being used in government and industry for Management 491.
This is the keynote presentation that I gave at MyData 2018. It explains the connection between identity and personal data. Some of my story of how I began working on identity 15 years ago. The Domains of Identity, My master's report is explained and then core components of Self-Sovereign Identity is explained. I conclude sharing some thoughts on how we work together to build alignment.
Become a blockchain expert and join the blockchain revolutionBlockchain Council
A blockchain expert is one who specializes in blockchain technology and helps businesses improve their business processes and models by incorporating blockchain in their businesses.Click here @http://bit.ly/2XbGczl
Why e-signatures will soon be used in every accountancy and legal practice. The first of two white papers which explore the current state of the market.
MyDocSafe is a technology firm that is building a digital office for a cloud-enabled professional service firm. With electronic signature and blockchain, MyDocSafe aims to transform the way documents are signed, verified and archived.
The future of digital identity initial perspectiveFuture Agenda
Our interconnected digital world has started to make a mockery of traditional forms of identification. Being asked to produce ‘two forms of ID; at least one from each of the two following lists’ already seems hopelessly anachronistic in a world of automated password-managers, RFID-driven payments systems, and bio-metric authenticators on our mobile phones. The idea of having a single digital identity (Digital ID) that can replace the need to hold a plethora of cards and documents, from your passport and driving license to your library card and even your CV, is not only one whose time has come, it is one that is all but presumed to exist already. Although it doesn’t quite yet.
This ‘initial perspective’ is intended to provide a provocation for thinking and deeper discussion about the impending implementation, and future, of Digital Identity and its role and value in society.
In addition, we are also undertaking a set of 5 expert workshops across 4 continents in Q4 2018 (London, Singapore, Sydney, San Francisco and Brussels). If you are interested in joining, we would welcome your feedback and contribution to help build a richer view. Do let us know.
Future of digital identity initial perspective - final lrFuture Agenda
Our interconnected digital world has started to make a mockery of traditional forms of identification. Being asked to produce ‘two forms of ID; at least one from each of the two following lists’ already seems hopelessly anachronistic in a world of automated password-managers, RFID-driven payments systems, and bio-metric authenticators on our mobile phones. The idea of having a single digital identity (Digital ID) that can replace the need to hold a plethora of cards and documents, from your passport and driving license to your library card and even your CV, is not only one whose time has come, it is one that is all but presumed to exist already. Although it doesn’t quite yet.
This ‘initial perspective’ is intended to provide a provocation for thinking and deeper discussion about the impending implementation, and future, of Digital Identity and its role and value in society.
In addition, we are also undertaking a set of 5 expert workshops across 4 continents in Q4 2018 (London, Singapore, Sydney, San Francisco and Brussels). If you are interested in joining, we would welcome your feedback and contribution to help build a richer view. Do let us know.
Imprima is pleased to present How AI is changing legal due diligence, published in association with Mergermarket. With the introduction of artificial intelligence to the legal sector over the past few years, this technology has been gradually changing the way that legal due diligence is conducted.
Exploring these trends, Mergermarket, on behalf of Imprima, spoke with five experts from the fields of law and technology to share their insights on the day-to-day use of artificial intelligence in legal due diligence processes and how this might continue to develop.
Points of discussion include:
• Software solutions have allowed for greater efficiency in legal due diligence processes. Typical pain points associated with legal due diligence include the amount of time needed to both compile and review countless documents. AI can prove a useful tool to help streamline this process. However, there are limits to what current technologies can achieve.
• Emerging AI technology is met with increasing enthusiasm. Law firms are showing willingness to adopt AI processes into their practices. While this is not yet universal, some clients are beginning to expect law firms to use tech-enabled processes and be able to offer innovative solutions.
• Is AI causing permanent changes to the legal workforce? While the fears that AI technology would automate job roles, and lead to mass redundancies in legal firms proved unfounded, it is true that adoption of these technologies could lead to major changes in the legal sector. It is unlikely that the need for new lawyers will ever be fully eliminated – rather that the nature of their work may change, as AI technologies allow lawyers to shift their focus to higher-value work.
Identity can seem deceptively simple. We know who we are. Sometimes we have to convince others of that fact and confirm other characteristics: our age, our qualifications, or our right to access some services or tools. This happens every day over the Internet, but in ways that are disorganized, redundant, and risky. The lack of reliable, universal standards puts our private information at risk of public dissemination, fraud or worse.
The pioneers developing the internet didn’t define nuanced standards for identity -- most everything was just username and passwords. Over the past 20 years we have seen a range of standards that solve some identity challenges, including SAML, LDAP, OpenID Connect, OAuth, SCIM, Information Cards, and FIDO. None of them have comprehensively addressed the challenge of identity at internet scale.
A new set of standards is emerging that creates an infrastructure for self-sovereign identity that can scale. This talk looks forward to help you think ahead and prepare for this new infrastructure. We will walk through standards that together create a new identity infrastructure that leverages the blockchain. This isn’t about what you can implement tomorrow to solve your employee identity challenges or manage customer accounts. It will instead prepare you for the coming changes and help you play a role in shaping them.
http://www.cxounplugged.com
A research whitepaper published in November by Ovum and commissioned by Logicalis, revealed a great many interesting BYOD trends – many of which were highlighted in a recent CXO post (BYOD Research) by Ian Cook. Perhaps the most startling, however, was the very low proportion of ‘BYOD-ers’ who have signed corporate BYOD policies.
How do you balance the need for collaboration with security for SharePoint? This presentation focuses on the technical aspects of SharePoint security. In particular, this presentation identifies the key steps to securing SharePoint, including: (1) How SharePoint is architected and the inherent security gaps (2) How to protect SharePoint from the insider threat (3) How to stop hackers from breaking externally facing SharePoint deployments.
Blockchain for Business: What, How, Why & USE CASESmichaelmcgowan27
What is so special about Blockchain? How does this ledger really work? Why would I even consider using Blockchain? Find answers to these questions. More importantly, find real USE CASES where Blockchain is being used in the market place.
Top 10 reasons to get a blockchain expert certificationBlockchain Council
blockchain expert certification that stands out is the Certified Blockchain Expert certification offered by the Blockchain Council. Blockchain Council operates on the mission of educating people and creating awareness among businesses, enterprises, developers, and society in the blockchain sphere.
CIS13: Managing Mobility with Identity StandardsCloudIDSummit
Paul Madsen, Senior Technical Architect, Ping Identity
Whether you manage the device (not a good idea), the applications on it or the business data those applications download and store—knowing who the employee is is fundamental. Let’s talk about how identity standards like SAML, SCIM, OAuth and OpenID Connect can work together to get your identities from where you keep them to where they're needed.
CIS13: Don't Panic! How to Apply Identity Concepts to the BusinessCloudIDSummit
Pamela Dingle, Technical Director, Ping Identity
Applying concepts of identity and access to real world business situations is really just a case of knowing where one's towel is. Once you have a working, accurate identity lifecycle, and the tools to leverage that lifecycle across business domains, the last thing to do is to apply those tools to the problems at hand. Pamela Dingle will walk you through real world use cases and discuss how everything works together, so that your organization can do its very best to figure out the right questions to ask for success (of course we already know the answer is 42).
Why e-signatures will soon be used in every accountancy and legal practice. The first of two white papers which explore the current state of the market.
MyDocSafe is a technology firm that is building a digital office for a cloud-enabled professional service firm. With electronic signature and blockchain, MyDocSafe aims to transform the way documents are signed, verified and archived.
The future of digital identity initial perspectiveFuture Agenda
Our interconnected digital world has started to make a mockery of traditional forms of identification. Being asked to produce ‘two forms of ID; at least one from each of the two following lists’ already seems hopelessly anachronistic in a world of automated password-managers, RFID-driven payments systems, and bio-metric authenticators on our mobile phones. The idea of having a single digital identity (Digital ID) that can replace the need to hold a plethora of cards and documents, from your passport and driving license to your library card and even your CV, is not only one whose time has come, it is one that is all but presumed to exist already. Although it doesn’t quite yet.
This ‘initial perspective’ is intended to provide a provocation for thinking and deeper discussion about the impending implementation, and future, of Digital Identity and its role and value in society.
In addition, we are also undertaking a set of 5 expert workshops across 4 continents in Q4 2018 (London, Singapore, Sydney, San Francisco and Brussels). If you are interested in joining, we would welcome your feedback and contribution to help build a richer view. Do let us know.
Future of digital identity initial perspective - final lrFuture Agenda
Our interconnected digital world has started to make a mockery of traditional forms of identification. Being asked to produce ‘two forms of ID; at least one from each of the two following lists’ already seems hopelessly anachronistic in a world of automated password-managers, RFID-driven payments systems, and bio-metric authenticators on our mobile phones. The idea of having a single digital identity (Digital ID) that can replace the need to hold a plethora of cards and documents, from your passport and driving license to your library card and even your CV, is not only one whose time has come, it is one that is all but presumed to exist already. Although it doesn’t quite yet.
This ‘initial perspective’ is intended to provide a provocation for thinking and deeper discussion about the impending implementation, and future, of Digital Identity and its role and value in society.
In addition, we are also undertaking a set of 5 expert workshops across 4 continents in Q4 2018 (London, Singapore, Sydney, San Francisco and Brussels). If you are interested in joining, we would welcome your feedback and contribution to help build a richer view. Do let us know.
Imprima is pleased to present How AI is changing legal due diligence, published in association with Mergermarket. With the introduction of artificial intelligence to the legal sector over the past few years, this technology has been gradually changing the way that legal due diligence is conducted.
Exploring these trends, Mergermarket, on behalf of Imprima, spoke with five experts from the fields of law and technology to share their insights on the day-to-day use of artificial intelligence in legal due diligence processes and how this might continue to develop.
Points of discussion include:
• Software solutions have allowed for greater efficiency in legal due diligence processes. Typical pain points associated with legal due diligence include the amount of time needed to both compile and review countless documents. AI can prove a useful tool to help streamline this process. However, there are limits to what current technologies can achieve.
• Emerging AI technology is met with increasing enthusiasm. Law firms are showing willingness to adopt AI processes into their practices. While this is not yet universal, some clients are beginning to expect law firms to use tech-enabled processes and be able to offer innovative solutions.
• Is AI causing permanent changes to the legal workforce? While the fears that AI technology would automate job roles, and lead to mass redundancies in legal firms proved unfounded, it is true that adoption of these technologies could lead to major changes in the legal sector. It is unlikely that the need for new lawyers will ever be fully eliminated – rather that the nature of their work may change, as AI technologies allow lawyers to shift their focus to higher-value work.
Identity can seem deceptively simple. We know who we are. Sometimes we have to convince others of that fact and confirm other characteristics: our age, our qualifications, or our right to access some services or tools. This happens every day over the Internet, but in ways that are disorganized, redundant, and risky. The lack of reliable, universal standards puts our private information at risk of public dissemination, fraud or worse.
The pioneers developing the internet didn’t define nuanced standards for identity -- most everything was just username and passwords. Over the past 20 years we have seen a range of standards that solve some identity challenges, including SAML, LDAP, OpenID Connect, OAuth, SCIM, Information Cards, and FIDO. None of them have comprehensively addressed the challenge of identity at internet scale.
A new set of standards is emerging that creates an infrastructure for self-sovereign identity that can scale. This talk looks forward to help you think ahead and prepare for this new infrastructure. We will walk through standards that together create a new identity infrastructure that leverages the blockchain. This isn’t about what you can implement tomorrow to solve your employee identity challenges or manage customer accounts. It will instead prepare you for the coming changes and help you play a role in shaping them.
http://www.cxounplugged.com
A research whitepaper published in November by Ovum and commissioned by Logicalis, revealed a great many interesting BYOD trends – many of which were highlighted in a recent CXO post (BYOD Research) by Ian Cook. Perhaps the most startling, however, was the very low proportion of ‘BYOD-ers’ who have signed corporate BYOD policies.
How do you balance the need for collaboration with security for SharePoint? This presentation focuses on the technical aspects of SharePoint security. In particular, this presentation identifies the key steps to securing SharePoint, including: (1) How SharePoint is architected and the inherent security gaps (2) How to protect SharePoint from the insider threat (3) How to stop hackers from breaking externally facing SharePoint deployments.
Blockchain for Business: What, How, Why & USE CASESmichaelmcgowan27
What is so special about Blockchain? How does this ledger really work? Why would I even consider using Blockchain? Find answers to these questions. More importantly, find real USE CASES where Blockchain is being used in the market place.
Top 10 reasons to get a blockchain expert certificationBlockchain Council
blockchain expert certification that stands out is the Certified Blockchain Expert certification offered by the Blockchain Council. Blockchain Council operates on the mission of educating people and creating awareness among businesses, enterprises, developers, and society in the blockchain sphere.
CIS13: Managing Mobility with Identity StandardsCloudIDSummit
Paul Madsen, Senior Technical Architect, Ping Identity
Whether you manage the device (not a good idea), the applications on it or the business data those applications download and store—knowing who the employee is is fundamental. Let’s talk about how identity standards like SAML, SCIM, OAuth and OpenID Connect can work together to get your identities from where you keep them to where they're needed.
CIS13: Don't Panic! How to Apply Identity Concepts to the BusinessCloudIDSummit
Pamela Dingle, Technical Director, Ping Identity
Applying concepts of identity and access to real world business situations is really just a case of knowing where one's towel is. Once you have a working, accurate identity lifecycle, and the tools to leverage that lifecycle across business domains, the last thing to do is to apply those tools to the problems at hand. Pamela Dingle will walk you through real world use cases and discuss how everything works together, so that your organization can do its very best to figure out the right questions to ask for success (of course we already know the answer is 42).
Ron Carpinella
Traditional data aggregators have pursued business models and partnerships in the same way for a very long time. However, they are progressively unable to adapt to the demands of Internet services for identity information, consumer insight and permission. What are the alternatives and how do the existing models need to change?
CIS13: How Enterprises Go Mobile: An Introduction to MobileITCloudIDSummit
Josh Sirota, Principal Architect, MobileIron
Enterprises are embracing mobile, but have a lot of different strategies and a lot of different needs from their management tools. IT pros need to understand BYOD and COPE, MDM, MAM and MIM. It's a lot to take in. We will discuss the current state of the Mobile IT industry, the ways that enterprises "go mobile", and what the best-of-breed IT management tools can do to help enterprises achieve their visions and needs.
CIS14: Identity Management is a People Problem (But It Shouldn’t Be!)CloudIDSummit
Nishant Kaushik, Identropy
A look at how the business of identity management is changing to push more and more functionality into the background, leaving people with a simpler, more satisfying, experience that still manages to give enterprises the security they are looking for .
CIS13: Avoiding the Pitfalls of Managing IAM for a Hybrid EnvironmentCloudIDSummit
Chris Bauserman, Senior Director of Product Marketing, Cloud and SaaS, SailPoint
This session will discuss how next-generation IAM strategies can holistically address the security and compliance requirements of mission-critical applications and data that span an enterprise's data center, cloud and mobile environments.
Chris Bauserman will also provide technical insights to help attendees answer these questions:
· How do I provide full account lifecycle management?
· How do I ensure consistency across provisioning and runtime access?
· How do I provide a single-point for end user self-service?
· How do I efficiently and securely manage a bridge to on-prem IT?
· How do I implement audit, governance and compliance?
CIS13: Impact of Mobile Computing on ITCloudIDSummit
Ashish Jain, Director of Product Management, VMware
Mobile computing and business functions moving to public cloud have resulted in a diverse set of devices and applications entering the workplace. In this session we will look at the latest industry trends, new use cases and scenarios and what are some of the tools available to address these new challenges.
CIS14: The Very Latest in Authorization StandardsCloudIDSummit
Gerry Gebel, Axiomatics
Update on the latest trends and happenings regarding authorization standards and commentary on projections on this topic for the coming year, including status of the JSON and REST profiles for XACML (it’s not just XML anymore), scenarios where OAuth and XACML can coexist, and what NIST’s published report on ABAC is all about.
CIS13: Don't Let Mobile be the Achilles Heel for Your Enterprise SecurityCloudIDSummit
Michael Sutton, Vice President of Security Research, Zscaler
Nothing will more dramatically alter the enterprise security landscape than mobile devices, especially those that are employee owned (BYOD). While mobile devices can greatly improve employee productivity, they don't play nice with legacy enterprise security controls. Are you stuck choosing between the lesser of two evils—lowering security by permitting mobile access or maintaining the status quo by banishing mobile access altogether? Despite the many hurdles that today's mobile OS's pose for enterprise security, with the right policies and technologies, it’s possible to ensure that mobile employees are just as secure as those sitting at their desks.
CIS13: Security's New Normal: Is Cloud the Answer?CloudIDSummit
Sally Hudson, Research Director, Security Products and Services, IDC
This session will look at cloud benefits and challenges from a security standpoint and present customer trends and concerns from IDC's demand-side research programs. Special emphasis will be placed on identity issues as they relate to cloud, social and mobile concerns and how they map to the agendas, policies and budgets of the IT enterprise.
CIS13: Policy Enabled Access Control: Meeting “Need to Share” Business Requir...CloudIDSummit
Gerry Gebel, President, Axiomatics Americas
The most important, sensitive and valuable information your organization manages is exactly what your partners, customers and internal teams require access to. How do you implement this need-to-share business model without disclosing too much data and running afoul of laws, regulations or internal business rules? This session will describe how access policies and attributes are combined to provide a flexible and effective authorization solution.
CIS13: Identity—The Great Enabler of NextCloudIDSummit
Andre Durand, Chief Executive Officer, Ping Identity
Every decade, a new computing paradigm comes along that is so big, so powerful and potentially so disruptive that it
challenges everything we thought we knew. Andre will explore these disruptions that are occurring simultaneously: cloud, social, mobile, and big data. It’s time to re-think everything we thought we knew about security, control, governance and privacy—enter Identity.
CIS13: From Governance to Virtualization: The Expanding Arena of Privileged I...CloudIDSummit
Russell Miller, Director, Solutions Marketing, CA
Securing privileged identities is essential to reducing the risk of not only insider attacks, but from outsiders as well. Learn how to expand your thinking about privileged identities to address the latest trends and threats.
CIS13: A Question of Scale: Mapping Authentication to the Modern Computing Ec...CloudIDSummit
Rajiv Dholakia, Vice President, Products, Nok Nok Labs
Authentication is the ignition key to the modern computing environment. As computing platforms evolve from desktop to mobile and embedded devices, the authentication methods need to adapt to meet these new requirements of flexibility and scale. This session will review these emerging technologies, solution patterns and share initiatives to simplify strong authentication at scale. If you are invested in federation technologies, operate identity services, this talk will provide a roadmap towards a robust and flexible infrastructure that can withstand the rapid evolution of authentication technologies, device form-factors, use cases and emergent risks.
John DaSilva, Ping Identity
Scott Tomlinson, Ping Identity
A detailed overview of PingAccess, giving you insight into Ping Identity’s next-generation web access management solution to solve your access management challenges.
Shifting Risks and IT Complexities Create Demands for New Enterprise Security...Booz Allen Hamilton
Holistic Cyber Risk Management Programs in the Financial Industry Must "Predict and Prevent" in Today's Complex Threat Environment, says new White Paper.
Transformation from Identity Stone Age to Digital IdentityIJNSA Journal
Technological conversion, political interests and Business drivers has triggered a means, to establish individual characterization and personalization. People started raising concerns on multiple identities managed across various zones and hence various solutions were designed. Technological advancement has brought various issues and concerns around Identity assurance, privacy and policy enabled common Authentication framework. A compressive framework is needed to established common identity model to address national needs like standards, regulation and laws, minimum risk, interoperability and to provide user with a consistent context or user experience.
This document focuses on Transformation path of identity stone age to Identity as in state. It defines a digital identity zone model (DIZM) to showcase the Global Identity defined across the ecosystem. Also, provide insight of emerging Technology trend to enable Identity assurance, privacy and policy enabled common Authentication framework.
It is shocking to note that about 3.5 billion people saw their
personal data stolen in the top two of the 15 biggest breaches
of this century alone. With the average cost of a data breach
exceeding $8 million, it is no wonder that safeguarding
confidential business and customer information has become
more important than ever. Furthermore, with stricter laws and governance requirements, data security is now everyone’s
responsibility across the entire enterprise.
However, that is easier said than done, and for that reason, an
an increasing number of organizations are relying heavily on data masking to proactively protect their data, avoid the cost of security breaches, and ensure compliance.
A1 - Cibersegurança - Raising the Bar for CybersecuritySpark Security
In the past few years, a new approach to cybersecurity has emerged, based on the analysis of data on successful attacks. In this approach, continuous diagnostics and mitigation replace the reactive network security methods used in the past. The approach combines continuous monitoring of network health with relatively straightforward mitigation strategies. The strategies used in this approach reduce the opportunities for attack and force attackers to develop more sophisticated (and expensive) techniques or to give up on the target. In combination, continuous monitoring and mitigation strategies provide the basis for better cybersecurity.
Crossing the streams: How security professionals can leverage the NZ Privacy ...Chris Hails
Security professionals often struggle with the ‘double intangibility’ of security - the intangibility of risk and intangibility of protection.
Changes hearts and minds often requires legislation and new compliance frameworks to motivate investment.
New Zealand's new Privacy Act comes into play on 1st December 2020 and there are ways security professionals can leverage new aspects including mandatory breach notifications to focus efforts on securing personal information and preventing privacy harms.
How digital identities will help realise the true potential of DeFiOliviaJune1
For all the advantages that DeFi provides to fill the void left by conventional banking, it also poses considerable risks.
First, there's the threat of regulation. Legislators will eventually join the party. Unregulated industries with millions of dollars in daily transactions are ripe for fraud. High-profile cases with nameless founders don't imply effective self-regulation.
This Frost & Sullivan analyst report reveals how the legal and threat environment, combined with BYOD and cost factors, make multi-factor, risk-based authentication the logical approach to solving the security challenges posed by threat actors.
This thought leadership is a report detailing how Blockchain can be industrialized in ASEAN and how its potential can be unlocked across organizations.
The report also clearly illustrates the implications of Blockchain, its key developments, how it impacts countries across ASEAN and a five-point test for assessing the fit of Blockchain for specific processes, all serving to provide meaningful insights into the current state of the FinTech industry in the ASEAN region.
Top 6 Reasons You Should Attend Cloud Identity Summit 2016CloudIDSummit
The Cloud Identity Summit was founded by Ping Identity with support from industry leaders in 2010 to bring together the brightest minds across the identity and security industry. Today the event is recognized as the world’s premier identity industry conference and includes tracks from industry thought leaders, CIOs and practitioners. Cloud Identity Summit serves as a multi-year roadmap to deploy solutions that are here today but built for the future. For more info, go to www.cloudidentitysummit.com.
Be apart of the convo on Twitter: @CloudIDSummit + #CISNOLA
CIS 2015 Mobile Security, Identity & Authentication: Reasons for Optimism - R...CloudIDSummit
In an ever interconnected and inter-reliant world, the state of security has been a cause for deep pessimism. In the midst of all the gloom, there is good cause for optimism.
With some fits and starts, the building blocks for transforming mobile security are taking shape at every level from the processor, to the chipset to special purpose hardware to operating systems and protocols that address use cases from device integrity to user authentication to payments.
How do we think about security, privacy, identity and authentication in this world? This talk will provide a rapid overview of some selected building blocks and some practical examples that are now deployed at scale to illustrate the coming wave and how you as a practitioner or customer can participate and position yourself for maximum benefit.
CIS 2015 Deploying Strong Authentication to a Global Enterprise: A Comedy in ...CloudIDSummit
Does anybody remember seeing a big red button with the word “PANICK!” written on it? I know it was around here somewhere. Also, there’s all these cats running pell-mell around the place, can someone give me a hand in herding them?
In this real-world case study, come and learn how a Fortune 100 with a diverse and extremely mobile work-force was able to turn up strong authentication protections for our critical cloud resources, and how the IT department lived to tell the tale. You’ll hear about the technical implementation of strong authentication enforcement, and how we made key design decisions in the ongoing balancing act between security and user experience, and how we managed up-and-down the chain from executive stakeholders to the boots-on-the-ground who were being asked to join us on this new security adventure.
CIS 2015 Without Great Security, Digital Identity is Not Worth the Electrons ...CloudIDSummit
This session will review digital identity’s transition from vulnerable authentication methods and what Microsoft and others are doing to address the hard problems associated with managing and protecting digital identities.
CIS 2015 Mergers & Acquisitions in a Cloud Enabled World - Brian PuhlCloudIDSummit
You'll laugh, you'll cry, and you might even pick up a useful nugget or two listening to a real-world enterprise IT architect share the experiences of the past year trying to support his business migrating to cloud services, and sharing the lessons learned from trying to integrate 2 hybrid enterprises into a single, streamlined company. You'll hear where the cloud came through for us, and how we often had to fall back to on-prem services such as FIM, Ping Federate, and ADFS to make the glue which binds it all together.
A "from the trenches" view into how GE is using federation standards to abstract & harden our growing cloud WAM platform. Topics covered: GE's approach to OpenID Connect for cross platform authentication (web, mobile), 2) GE's API management platform for API publishing, subscription & security, 3) how the two work together, 4) lessons learned & areas for improvement.
CIS 2015 What I Learned From Pitching IAM To My CIO - Steve ToutCloudIDSummit
The IAM program needs to align behind the shift towards ITaaS, building the platform for execution and supporting transformation and migration activities. CIOs should keep informed through a relevant IAM capability roadmap in order to make calculated decisions on where investments should be made. Ongoing investments in the IAM program are crucial in order to fill capability gaps, keep up-to-date with support and license agreements and make opportunistic progress on the strategic roadmap. In this talk, Steve discusses recent experiences and lessons learned in preparing for and pitching VMware’s CIO on enterprise IAM program initiatives.
CIS 2015 How to secure the Internet of Things? Hannes TschofenigCloudIDSummit
Companies and researchers are exploring ways to make software and hardware development easier for the masses. Soon you will be able to build your own autonomous drone, create a sensor that assess the watering needs of your plants, and develop a cat tracking device with minimal coding and hardware skills.
What is the place of security and privacy in this exciting development?
Are we building the next generation of Internet security vulnerabilities right now?
In his talk Hannes Tschofenig will highlight challenges with Internet of Things, what role standardization plays, and what contributions ARM, a provider of microprocessor IP, is making to improve IoT security.
CIS 2015 The IDaaS Dating Game - Sean DeubyCloudIDSummit
The IDaaS (identity as a service) market segment continues to grow in popularity, and the scope of its vendor's capabilities continue to grow as well. It's still not a match for everyone, however. Join identity architect Sean Deuby for an overview of the most popular IDaaS deployment scenarios, scenarios where IDaaS has a tougher time meeting customer requirements, and whether your company is likely to find its perfect IDaaS mate.
CIS 2015 SSO for Mobile and Web Apps Ashish JainCloudIDSummit
In the past Enterprise Mobility Management (EMM) has focused primarily on MDM, MAM and MCM. Recently there has been a lot of focus on the fourth pillar of EMM - Mobile Identity Management (MIM). This session will cover the primary use cases and discuss current solutions available for managed/un-managed, internal/public and mobile/web apps for iOS/Android devices.
The Industrial Internet, the Identity of Everything and the Industrial Enterp...CloudIDSummit
This talk will review the breadth of the Internet of Things (IoT), the challenges of Identity Management and the IoT and the impact to Industrial Enterprise.
CIS 2015 SAML-IN / SAML-OUT - Scott Tomilson & John DasilvaCloudIDSummit
Are you in a situation where you have two business units (maybe because of a merger) that have their own Federation solutions and now you need to share access to SaaS resources among the 2 workforces. But you don't want to have to setup to separate SaaS connections to the same vendor and you want to manage this connection on premises instead of in the Cloud. We can help with that, come see how!
CIS 2015 Session Management at Scale - Scott Tomilson & Jamshid KhosravianCloudIDSummit
Centralized session management has long been a goal of Web Access Management systems: the idea that one session can give end users access to dozens of protected applications with a seamless SSO experience, and terminating it (either by the end user themselves, or by an administrator) cuts off access instantly. It’s a nice dream isn’t it? Turns out that while most WAM products claim they can do this, when deployment time comes around (especially in globally distributed organizations) serious security and scalability challenges emerge that make it unfeasible. In this “session”, come and learn our vision for deploying session management at scale and see how Ping Identity has implemented it in our Federated Access Management solution.
CIS 2015 So you want to SSO … Scott Tomilson & John DasilvaCloudIDSummit
Are you asking yourself how do I take my inhouse application and make it available to internal users, partners or customers using SSO and access management technologies? Oh, and you don't want it to be a 6 month project? No problem. Come and find out how to leverage your existing investments and move to modern standards like OpenID Connect, without having to rip and replace infrastructure. Learn the capabilities and tradeoffs you can make to deploy the right level of identity and access management infrastructure to match your security needs.
CIS 2015 Identity Relationship Management in the Internet of ThingsCloudIDSummit
Devices need owners, people need confidence in device authenticity, data needs to persist in systems long after devices change hands, and access needs to be authorized selectively. That's a lot to ask; even if emerging web identity and security technologies are simpler than the models of yesteryear, IoT devices have complicating limitations when it comes to processing power, memory, user interface, and connectivity. But many use cases span web and IoT environments, so we must try! What are the specific requirements? What elements of web technologies can we borrow outright? What elements may need tweaking?
The Metaverse and AI: how can decision-makers harness the Metaverse for their...Jen Stirrup
The Metaverse is popularized in science fiction, and now it is becoming closer to being a part of our daily lives through the use of social media and shopping companies. How can businesses survive in a world where Artificial Intelligence is becoming the present as well as the future of technology, and how does the Metaverse fit into business strategy when futurist ideas are developing into reality at accelerated rates? How do we do this when our data isn't up to scratch? How can we move towards success with our data so we are set up for the Metaverse when it arrives?
How can you help your company evolve, adapt, and succeed using Artificial Intelligence and the Metaverse to stay ahead of the competition? What are the potential issues, complications, and benefits that these technologies could bring to us and our organizations? In this session, Jen Stirrup will explain how to start thinking about these technologies as an organisation.
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfPeter Spielvogel
Building better applications for business users with SAP Fiori.
• What is SAP Fiori and why it matters to you
• How a better user experience drives measurable business benefits
• How to get started with SAP Fiori today
• How SAP Fiori elements accelerates application development
• How SAP Build Code includes SAP Fiori tools and other generative artificial intelligence capabilities
• How SAP Fiori paves the way for using AI in SAP apps
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionAggregage
Join Maher Hanafi, VP of Engineering at Betterworks, in this new session where he'll share a practical framework to transform Gen AI prototypes into impactful products! He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex ProofsAlex Pruden
This paper presents Reef, a system for generating publicly verifiable succinct non-interactive zero-knowledge proofs that a committed document matches or does not match a regular expression. We describe applications such as proving the strength of passwords, the provenance of email despite redactions, the validity of oblivious DNS queries, and the existence of mutations in DNA. Reef supports the Perl Compatible Regular Expression syntax, including wildcards, alternation, ranges, capture groups, Kleene star, negations, and lookarounds. Reef introduces a new type of automata, Skipping Alternating Finite Automata (SAFA), that skips irrelevant parts of a document when producing proofs without undermining soundness, and instantiates SAFA with a lookup argument. Our experimental evaluation confirms that Reef can generate proofs for documents with 32M characters; the proofs are small and cheap to verify (under a second).
Paper: https://eprint.iacr.org/2023/1886
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™UiPathCommunity
In questo evento online gratuito, organizzato dalla Community Italiana di UiPath, potrai esplorare le nuove funzionalità di Autopilot, il tool che integra l'Intelligenza Artificiale nei processi di sviluppo e utilizzo delle Automazioni.
📕 Vedremo insieme alcuni esempi dell'utilizzo di Autopilot in diversi tool della Suite UiPath:
Autopilot per Studio Web
Autopilot per Studio
Autopilot per Apps
Clipboard AI
GenAI applicata alla Document Understanding
👨🏫👨💻 Speakers:
Stefano Negro, UiPath MVPx3, RPA Tech Lead @ BSP Consultant
Flavio Martinelli, UiPath MVP 2023, Technical Account Manager @UiPath
Andrei Tasca, RPA Solutions Team Lead @NTT Data