UMA - An Open Standard for Consent-Driven Personal Data Sharing

•Download as PPTX, PDF•

0 likes•119 views

The document discusses privacy drivers and features related to personal data sharing, including transparency, consent, and access of personal data. It describes technology features like implicit and explicit consent approaches as well as open standards for identity, access control, and consent. The document also presents solutions for privacy challenges involving identity, access, and consent and provides an example use case for a healthcare platform.

Technology

© 2016 ForgeRock. All rights reserved.
Chris Adriaensen
Senior Customer Engineer
chris.adriaensen@forgerock.com
@chrisadriaensen | @ForgeRock
An Open Standard
for Consent-Driven
Personal Data Sharing
© 2017 ForgeRock. All rights reserved.

© 2016 ForgeRock. All rights reserved.
© 2017 ForgeRock. All rights reserved.
FEATURE
Privacy Approaches
Manual
TRANSPARENCY
Request Implicit
CONSENT
ACCESS SHARINGDATA
3

© 2016 ForgeRock. All rights reserved.
Requesting PartyClientsResources AccessResource Owner
User Interface
(GUI / PUI)
Application Interface
(REST / SOAP)
User Interface
(GUI / PUI)
Application
4
Privacy Architecture
© 2017 ForgeRock. All rights reserved.

© 2016 ForgeRock. All rights reserved.
Resource Owner
User Interface
(GUI / PUI)
Requesting PartyClientsResources Access
User Interface
(GUI / PUI)
Application Interface
(REST / SOAP)
Application
5
Privacy Challenge
© 2017 ForgeRock. All rights reserved.
?
IDIDIDID
ID
ID
ID
ID
ID
?
IDIDIDID

© 2016 ForgeRock. All rights reserved.
Requesting Party
User Interface
(GUI / PUI)
Resource Owner
User Interface
(GUI / PUI)
ClientsResources Access
Application Interface
(REST / SOAP)
Application
6
Transparency Identity Solution
© 2017 ForgeRock. All rights reserved.
ID
ID
ID
ID
ID
ID
ID
ID
IdentityID

© 2016 ForgeRock. All rights reserved.
CONSUMERENTERPRISE
OASIS
9
Open Standards
© 2017 ForgeRock. All rights reserved.
IETF, OIDF & KANTARA
OIDC
Identity
Federation
UMA
Access
Federation
OAuth
Access
Control Consent
Security Scalability
Browser
Client
Generic
Client
Statefull
Design
Stateless
Design
XML /
SOAP
JSON /
REST
JWT
Identity
2000+ 2010+
SAML
Identity
Federation
XACML
Access
Federation
WS-*
Access
SAML
Identity

© 2016 ForgeRock. All rights reserved. 10
OAuth 2.0 Standard
© 2017 ForgeRock. All rights reserved.
Resource
Server
Authorization
Server
Resource
Owner
Client
Access Validate
Manage
Authorize
Control
Owner-to-App
Sharing
Synchronous
Consent
Access
Integration
Access
Tokens

© 2016 ForgeRock. All rights reserved. 11
User Managed Access Standard
© 2017 ForgeRock. All rights reserved.
Resource
Server
Authorization
Server
Requesting
Party
Client
Authorize
Access Protect
Resource
Owner
Manage Manage
Control
Negotiate
Owner-to-Party
Sharing
Asynchronous
Consent
Access
Federation
Access
Tokens

© 2016 ForgeRock. All rights reserved. 14
SolutionChallenge
Health Care Platform
Smart Devices
Unified Identity Platform
Patient Security
Patient Privacy
Patient Satisfaction
Patient Consent
Identity of Things
Patient Relationships
Single Patient View
© 2017 ForgeRock. All rights reserved.
“We are now able to design
innovative data-sharing and
consent technologies into our
HealthSuite Digital Platform
that make it possible to foster
consumer and patient trust.”
Jeroen Tas, CEO, Healthcare
Informatics Solutions & Services

© 2016 ForgeRock. All rights reserved. 15
DEMO
Session
© 2017 ForgeRock. All rights reserved.

© 2016 ForgeRock. All rights reserved.
Chris Adriaensen
Senior Customer Engineer
chris.adriaensen@forgerock.com
@chrisadriaensen | @ForgeRock
© 2017 ForgeRock. All rights reserved.
End of
SHOW

OAuth has become a central security component with respect to a modern REST-based architecture - and several extensions have since been developed, like JWT, OpenID Connect and UMA, to provide a broader coverage. Both server and client development need a good understanding of these concepts to guarantee end-to-end security. In this talk Chris will guide us through the current landscape of OAuth and zoom in on mature (like JWT and OpenID Connect) and uprising extensions (like UMA and Proof of Possession) - but also how to interface with a SOAP-based architecture (like SAML). Don’t forget to bring a towel - but what about silver shoes?

Internet of Things Security & Privacy

Chris Adriaensen

The Future is Now: What’s New in ForgeRock Identity Management

ForgeRock

The Future is Now: What’s New in ForgeRock Access Management

ForgeRock

The Future is Now: The ForgeRock Identity Platform, Early 2017 Release

ForgeRock

The ForgeRock Identity Platform is trusted by companies around the world to be their foundation for digital transformation. ForgeRock extends their leadership in this space with the latest release of the ForgeRock Identity Platform, featuring advanced capabilities to meet the needs of today’s consumer facing digital services. In this webinar, learn how new features improve customer engagement and insight, offer greater privacy controls, extend security and usability for internet of things (IoT), enable DevOps and dynamic architectures, and more.

Sydney Identity Summit: Addressing the New Threat Landscape with Continuous S...

ForgeRock

Sydney Identity Unconference Introduction and Highlights

ForgeRock

NYC Identity Summit Business Day: Continuous Security

ForgeRock

Identity doesn’t just represent a person: in the age of the internet of things, every individual device, machine, appliance, you-name-it that’s connected to the internet has an identity. With a Digital Identity System of Record in place, you can establish secure relationships between the digital identities of people, people and things, and between things themselves. Across the board, from utilities to services and everything in between, secure smart devices can now improve the quality and responsiveness of products and services we use.

The Business Ecosystem is a Neighborhood - ForgeRock Identity Live Austin 2017

ForgeRock

Lisa O'Connor, Global Security R&D Lead at Accenture Technology Labs - Businesses operate in a digital ecosystem that’s ever more connected, collaborative and complex. That means becoming a “self-sustaining enterprise.” What does this mean? Think about the business ecosystem as a neighborhood. A self-sustaining enterprise understands and responds to who’s moving in and out, what they’re doing, and what threats they present. Understand and navigate new relationships in order to perform as effectively as possible while managing risk at an optimal level.

Beyond username and password it's continuous authorization webinar

ForgeRock

Legacy access management using simple usernames and passwords at the 'digital front door' is not enough in today's connected-everywhere mobile environment. Wouldn't it be better if access decisions were made at the moment each access attempt is made for every resource? And wouldn't it be even better if policies considered real-time and historical user and session data to assess risk, and reacted accordingly by scaling authentication requirements up or down dynamically? In this webinar, learn how the ForgeRock Identity Platform can do this and much more, to keep your users happy and your data secure.

NYC Identity Summit Tech Day: Authorization for the Modern World

ForgeRock

Identity Objects in Mirror Are Closer Than They Appear - Identity Live 2017 -...

ForgeRock

Daniel Raskin, SVP Product Management, ForgeRock - The identity world is evolving … again. The growth of IoT endpoints is outpacing the scale of standard identity platforms. More non-traditional things are now given digital identities. New device protocols force identity platforms to become proficient in "foreign languages," in order to communicate with next-generation devices and services. The identity use case of yesteryear is gone: We need to reinvent what a typical identity deployment looks like. In this session, we will explore this changed world and discuss how identity needs to adapt.

NYC Identity Summit Tech Day: Best Practices for API Security

ForgeRock

ForgeRock Gartner 2016 Security & Risk Management Summit

ForgeRock

Digital growth demands identity management. Digital identities allow companies to identify and engage with their customers across devices, from laptops to mobiles, tablets, connected cars, healthcare wearables, and connected home devices. Companies cannot take advantage of mobile, cloud, or Internet of Things (IoT) innovations without a scalable, replicable identity strategy. This session is designed to help you understand the essentials of customer-focused identity and how it helps you engage with your customers.

ForgeRock Platform Release - Summer 2016

ForgeRock

The Relationship Model

Chris Adriaensen

Internet of Things Security & Privacy

Chris Adriaensen

Digital Trust: How Identity Tackles the Privacy, Security and IoT Challenge

ForgeRock

In this webinar, learn how the ForgeRock Identity Platform and its new User-Managed Access capabilities make it easier for organizations to establish trusted digital relationships with customers, embrace IoT initiatives, and address rapidly changing data privacy regulations. Learn more about ForgeRock Access Management: https://www.forgerock.com/platform/access-management/ Learn more about ForgeRock Identity Management: https://www.forgerock.com/platform/identity-management/

NYC Identity Summit Tech Day: ForgeRock Identity Platform Overview

ForgeRock

Identity Tech Talks #3 FIDO futur of authentication

Leonard Moustacchis

Sydney Identity Summit: Doing Authorisation, Consent and Delegation Right wit...

ForgeRock

Sydney Identity Summit: The Future's So Bright, I Gotta Wear Shades

ForgeRock

Technical Case Study: McKesson - Employing the Open Identity Stack

ForgeRock

ForgeRock: Identity Relationship Management is the Foundation for Your Digita...

ForgeRock

Traditional enterprise identity management systems are not designed for the new generation of omni-channel initiatives that improve customer experience and drive revenue. Scale and elasticity, advanced authentication and authorization, open source, DevOps, REST, PaaS, microservices, and API security are just a few of the modern services required to build a next generation digital business. Come to this session to learn how ForgeRock can drive success for the modern application developer and digital business owner.

User-Managed Access: Why and How? - Access Control in Digital Contract Contexts

ForgeRock

Web application firewall advanced

Web Application Scanning

The Future of Digital Identity in the Age of the Internet of Things

ForgeRock

Identity Live Sydney 2017 - Daniel Raskin

ForgeRock

You still need to protect employees in the digital age, but the real opportunity for digital transformation lies in using identity not just to protect employees, but to get to know, interact with, and connect to prospects and customers across any channel–whether cloud, social, mobile, or the Internet of Things (IoT). Customer Identity Management requires going above and beyond a secure login. From a security perspective, you need continuous security that follows the user throughout their entire session. And as customers share data, from demographics to preferences to buying habits, you can use it to create authentic, engaging customer experiences that lead to lasting customer relationships. Better yet, you can earn customer trust while meeting privacy regulations like GDPR, by giving customers control over who has access to their data and for how long.

Identity Live London 2017 | Daniel Raskin

ForgeRock

What's hot

Identity Live London 2017 | Ashley Stevenson

ForgeRock

The Business Ecosystem is a Neighborhood - ForgeRock Identity Live Austin 2017

ForgeRock

Beyond username and password it's continuous authorization webinar

ForgeRock

NYC Identity Summit Tech Day: Authorization for the Modern World

ForgeRock

Identity Objects in Mirror Are Closer Than They Appear - Identity Live 2017 -...

ForgeRock

NYC Identity Summit Tech Day: Best Practices for API Security

ForgeRock

ForgeRock Gartner 2016 Security & Risk Management Summit

ForgeRock

ForgeRock Platform Release - Summer 2016

ForgeRock

The Relationship Model

Chris Adriaensen

Internet of Things Security & Privacy

Chris Adriaensen

Digital Trust: How Identity Tackles the Privacy, Security and IoT Challenge

ForgeRock

NYC Identity Summit Tech Day: ForgeRock Identity Platform Overview

ForgeRock

Identity Tech Talks #3 FIDO futur of authentication

Leonard Moustacchis

Sydney Identity Summit: Doing Authorisation, Consent and Delegation Right wit...

ForgeRock

Sydney Identity Summit: The Future's So Bright, I Gotta Wear Shades

ForgeRock

Technical Case Study: McKesson - Employing the Open Identity Stack

ForgeRock

ForgeRock: Identity Relationship Management is the Foundation for Your Digita...

ForgeRock

User-Managed Access: Why and How? - Access Control in Digital Contract Contexts

ForgeRock

Web application firewall advanced

Web Application Scanning

The Future of Digital Identity in the Age of the Internet of Things

ForgeRock

What's hot (20)

Identity Live London 2017 | Ashley Stevenson

The Business Ecosystem is a Neighborhood - ForgeRock Identity Live Austin 2017

Beyond username and password it's continuous authorization webinar

NYC Identity Summit Tech Day: Authorization for the Modern World

Identity Objects in Mirror Are Closer Than They Appear - Identity Live 2017 -...

NYC Identity Summit Tech Day: Best Practices for API Security

ForgeRock Gartner 2016 Security & Risk Management Summit

ForgeRock Platform Release - Summer 2016

The Relationship Model

Internet of Things Security & Privacy

Digital Trust: How Identity Tackles the Privacy, Security and IoT Challenge

NYC Identity Summit Tech Day: ForgeRock Identity Platform Overview

Identity Tech Talks #3 FIDO futur of authentication

Sydney Identity Summit: Doing Authorisation, Consent and Delegation Right wit...

Sydney Identity Summit: The Future's So Bright, I Gotta Wear Shades

Technical Case Study: McKesson - Employing the Open Identity Stack

ForgeRock: Identity Relationship Management is the Foundation for Your Digita...

User-Managed Access: Why and How? - Access Control in Digital Contract Contexts

Web application firewall advanced

The Future of Digital Identity in the Age of the Internet of Things

Similar to UMA - An Open Standard for Consent-Driven Personal Data Sharing

Identity Live Sydney 2017 - Daniel Raskin

ForgeRock

Identity Live London 2017 | Daniel Raskin

ForgeRock

Identity Live Sydney 2017 - Ashley Stevenson

ForgeRock

Victor Ake and Chris Kawalek - ForgeRock Identity Live 2017 - Dusseldorf

ForgeRock

Microservices architecture

Daniel Foo

Connected Car: Putting Digital Identity Behind the Wheel

ForgeRock

A modern connected vehicle is no longer just a car with a built-in wireless access point – it is a complex network of multiple interconnected systems from different vendors that are constantly communicating with each other as well as with various external parties, both consumer-facing and industrial. Each connected car is a rolling IoT ecosystem where industrial applications and protocols coexist with consumer-grade apps and services.

Security On The Edge - A New Way To Think About Securing the Internet of Things

ForgeRock

ForgeRock proposes a new approach for IoT security, where identity principles are used to ensure the authenticity of IoT devices and their communications. We call this upcoming technology, ForgeRock Edge Security. Using secure, standards-based tokens and providing comprehensive, policy-based controls for controlling access to data from devices, this is the next generation of IoT edge security. With examples from industrial and automotive IoT environments, learn how this new way of providing security “on the edge” can provide a rock solid layer of security for your IoT deployments.

Soup to Nuts: Identity Federation for AWS

Amazon Web Services

AWS offers customers multiple solutions for federating identities on the AWS Cloud. In this session, we will embark on a tour of these solutions and the use cases they support. Along the way, we will dive deep with demonstrations and best practices to help you be successful managing identities on the AWS Cloud. We will cover how and when to use Security Assertion Markup Language 2.0 (SAML), OpenID Connect (OIDC), and other AWS native federation mechanisms. You will learn how these solutions enable federated access to the AWS Management Console, APIs, and CLI, AWS Infrastructure and Managed Services, your web and mobile applications running on the AWS Cloud, and much more.

Identity Live Paris 2017 | Monetising Digital Customer Relationships

ForgeRock

By Steve Ferris SVP Global Customer Success, ForgeRock, Alain Barbier Principal Customer Engineer, ForgeRock, Leonard Moustacchis Senior Customer Engineer, ForgeRock You still need to protect employees in the digital age, but the real opportunity for digital transformation lies in using identity not just to protect employees, but to get to know, interact with, and connect to prospects and customers across any channel–whether cloud, social, mobile, or the Internet of Things (IoT). Customer Identity Management requires going above and beyond a secure login. From a security perspective, you need continuous security that follows the user throughout their entire session. And as customers share data, from demographics to preferences to buying habits, you can use it to create authentic, engaging customer experiences that lead to lasting customer relationships. Better yet, you can earn customer trust while meeting privacy regulations like GDPR, by giving customers control over who has access to their data and for how long.

Peer-to-Server Media in WebRTC (Enterprise Connect 2014)

Dialogic Inc.

WebRTC is designed to be a peer-to-peer technology where media go directly from one client to another. However, WebRTC does allow Peer-to-Server flows and many uses are in fact optimized by server-side media processing technology. This short presentation describes server-side WebRTC media processing uses cases, provides real-world WebRTC deployment examples, and discusses WebRTC gateway models. Presented by Chad Hart at Enterprise Connect

An Approach for Multi-Tenancy Through Apache Knox

DataWorks Summit/Hadoop Summit

Abstract: As organizations start to roll out or migrate data driven applications to Apache Hadoop, there are times when they have conflicting needs to leverage their full co-mingled data sets in Hadoop while providing isolation of sections of such co-mingled data to a specific customer. Serving multiple customers in this manner is a typical multi-tenant usecase and one that can be challenging in Apache Hadoop. This presentation walks through a number of patterns that can be leveraged for providing isolation of tenants based on the composability of Apache Knox for: * Authentication/Federation Providers * KnoxSSO * Identity Assertion * Tenant specific topologies With these patterns, Knox can provide an infrastructure for robust tenant isolation and access control for application UIs and REST APIs for your data landscape, when suitably coupled with a cluster that has carefully considered infrastructure including: * Kerberos * Tenant specific user accounts, OUs and Groups within LDAP * Authorization Policy that is aware of the tenant specific groups, Summary: We will walk through some of the patterns that have been used to enable such a multi-tenant environment as well as the specific considerations for topology, access control and user accounts involved with creating such an environment.

Webinar: Identity Wars: The Unified Platform Awakens

ForgeRock

In this webinar from November 2015, John Barco (VP of Product Management) and Tim Sedlack (Sr. Product Manager) take you on a journey: A long time ago in a technology sector far, far away, organizations were promised a unified platform for centralizing identity and integrating it into resources everywhere. But this promise was never realized. Instead, organizations were forced down a dark path to implement a piecemeal identity infrastructure that was painful, with massive integration costs. Finally, the wait is over. In this webinar, we will provide an overview of ForgeRock's unified platform and highlight all the common services provided across the end-to-end solution to make your life easier. Learn more about ForgeRock Access Management: https://www.forgerock.com/platform/access-management/ Learn more about ForgeRock Identity Management: https://www.forgerock.com/platform/identity-management/

DeveloperWeek 2015 - WebRTC - Where to start and how to scale

Dialogic Inc.

Directory Services with the ForgeRock Identity Platform - So What’s New?

ForgeRock

Let’s be frank. Your identity platform is only as good as its foundation. “Identity done right” gets done wrong without a rock-solid directory to store and access all that identity data. While certainly not a sexy topic… directory is your plumbing making it a critical aspect regardless of its appeal. Good news for you however, either way you look at it our Directory Services, built from the OpenDJ project, is the gold standard: decades of telco experience led us to develop a high-performance, web-scale directory, delivering throughput in the tens-of-thousands of logins per second. We’re not s*itting you when we say we’ve got a lot of experience where the Sun don’t shine! Webinar Highlights: - Intro to the ForgeRock Identity Platform - New features available in the release - What does performance, scalability, and high availability to manage data for hundreds of millions of users, devices, and things look like? Learn more about ForgeRock Access Management: https://www.forgerock.com/platform/access-management/ Learn more about ForgeRock Identity Management: https://www.forgerock.com/platform/identity-management/

Trust No One: The New Security Model for Web APIs - SecTor talk by Greg Kliew...

CA API Management

New FIDO Specifications Overview -FIDO Alliance -Tokyo Seminar -Nadalin

FIDO Alliance

Webinar: "Entitlements: Taking Control of the Big Data Gold Rush"

ForgeRock

Information is the new currency and as more “things” come online the volume of data will dramatically increase. Typically, this data is stored in multiple repositories and different personas have different levels of access. In this webinar, which was recorded on August 18th, 2015, you can learn how to answer key questions to today’s tough challenges: How do we keep sensitive data, secure it and make it accessible? How do we manage authorization policies related to this data? How do we manage entitlements for not only web apps, but also users, devices and things? ForgeRock’s Senior Software Developer, Andy Forrest, discussed the challenges and solutions surrounding Entitlements.

Serverless Software Architecture - Gears 17

Tars Joris

Pre-Con Ed: How to Provide Mobile Users With a Convenient, Yet Secure, Sessio...

CA Technologies

The ForgeRock Identity Platform Extends CIAM, Fall 2017 Release

ForgeRock

Similar to UMA - An Open Standard for Consent-Driven Personal Data Sharing (20)

Identity Live Sydney 2017 - Daniel Raskin

Identity Live London 2017 | Daniel Raskin

Identity Live Sydney 2017 - Ashley Stevenson

Victor Ake and Chris Kawalek - ForgeRock Identity Live 2017 - Dusseldorf

Microservices architecture

Connected Car: Putting Digital Identity Behind the Wheel

Security On The Edge - A New Way To Think About Securing the Internet of Things

Soup to Nuts: Identity Federation for AWS

Identity Live Paris 2017 | Monetising Digital Customer Relationships

Peer-to-Server Media in WebRTC (Enterprise Connect 2014)

An Approach for Multi-Tenancy Through Apache Knox

Webinar: Identity Wars: The Unified Platform Awakens

DeveloperWeek 2015 - WebRTC - Where to start and how to scale

Directory Services with the ForgeRock Identity Platform - So What’s New?

Trust No One: The New Security Model for Web APIs - SecTor talk by Greg Kliew...

New FIDO Specifications Overview -FIDO Alliance -Tokyo Seminar -Nadalin

Webinar: "Entitlements: Taking Control of the Big Data Gold Rush"

Serverless Software Architecture - Gears 17

Pre-Con Ed: How to Provide Mobile Users With a Convenient, Yet Secure, Sessio...

The ForgeRock Identity Platform Extends CIAM, Fall 2017 Release

Recently uploaded

Generating a custom Ruby SDK for your web service or Rails API using Smithy

g2nightmarescribd

Have you ever wanted a Ruby client API to communicate with your web service? Smithy is a protocol-agnostic language for defining services and SDKs. Smithy Ruby is an implementation of Smithy that generates a Ruby SDK using a Smithy model. In this talk, we will explore Smithy and Smithy Ruby to learn how to generate custom feature-rich SDKs that can communicate with any web service, such as a Rails JSON API.

Elevating Tactical DDD Patterns Through Object Calisthenics

Dorra BARTAGUIZ

After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!

LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...

DanBrown980551

Do you want to learn how to model and simulate an electrical network from scratch in under an hour? Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)! During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook. PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides: - A fully editable and extendable library for grid component modelling; - Visualization tools to display your network; - Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses; The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well. What you will learn during the webinar: - For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills; - For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.

Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...

Jeffrey Haguewood

Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows. We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases. This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams. Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.

PCI PIN Basics Webinar from the Controlcase Team

ControlCase

GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...

Sri Ambati

State of ICS and IoT Cyber Threat Landscape Report 2024 preview

Prayukth K V

The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development. The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers: State of global ICS asset and network exposure Sectoral targets and attacks as well as the cost of ransom Global APT activity, AI usage, actor and tactic profiles, and implications Rise in volumes of AI-powered cyberattacks Major cyber events in 2024 Malware and malicious payload trends Cyberattack types and targets Vulnerability exploit attempts on CVEs Attacks on counties – USA Expansion of bot farms – how, where, and why In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East Why are attacks on smart factories rising? Cyber risk predictions Axis of attacks – Europe Systemic attacks in the Middle East Download the full report from here: https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/

JMeter webinar - integration with InfluxDB and Grafana

RTTS

Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application. In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics. Length: 30 minutes Session Overview ------------------------------------------- During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana: - What out-of-the-box solutions are available for real-time monitoring JMeter tests? - What are the benefits of integrating InfluxDB and Grafana into the load testing stack? - Which features are provided by Grafana? - Demonstration of InfluxDB and Grafana using a practice web application To view the webinar recording, go to: https://www.rttsweb.com/jmeter-integration-webinar

From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...

Product School

Epistemic Interaction - tuning interfaces to provide information for AI support

Alan Dix

Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024 https://alandix.com/academic/papers/synergy2024-epistemic/ As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.

Leading Change strategies and insights for effective change management pdf 1.pdf

OnBoard

From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...

Product School

Encryption in Microsoft 365 - ExpertsLive Netherlands 2024

Albert Hoitingh

To Graph or Not to Graph Knowledge Graph Architectures and LLMs

Paul Groth

FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf

FIDO Alliance

UiPath Test Automation using UiPath Test Suite series, part 4

DianaGray10

Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap. The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies. Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques What will you get from this session? 1. Insights into SAP testing best practices 2. Heatmap utilization for testing 3. Optimization of testing processes 4. Demo Topics covered: Execution from the test manager Orchestrator execution result Defect reporting SAP heatmap example with demo Speaker: Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP

Transcript: Selling digital books in 2024: Insights from industry leaders - T...

BookNet Canada

The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more. Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/ Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.

The Art of the Pitch: WordPress Relationships and Sales

Laura Byrne

Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes? All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.

Essentials of Automations: Optimizing FME Workflows with Parameters

Safe Software

Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place. Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects. Here’s what you’ll gain: - Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows. - Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy. - Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency. - Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity. We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic. Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.

Mission to Decommission: Importance of Decommissioning Products to Increase E...

Product School

Recently uploaded (20)

Generating a custom Ruby SDK for your web service or Rails API using Smithy

Elevating Tactical DDD Patterns Through Object Calisthenics

LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...

Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...

PCI PIN Basics Webinar from the Controlcase Team

GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...

State of ICS and IoT Cyber Threat Landscape Report 2024 preview

JMeter webinar - integration with InfluxDB and Grafana

From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...

Epistemic Interaction - tuning interfaces to provide information for AI support

Leading Change strategies and insights for effective change management pdf 1.pdf

From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...

Encryption in Microsoft 365 - ExpertsLive Netherlands 2024

To Graph or Not to Graph Knowledge Graph Architectures and LLMs

FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf

UiPath Test Automation using UiPath Test Suite series, part 4

Transcript: Selling digital books in 2024: Insights from industry leaders - T...

The Art of the Pitch: WordPress Relationships and Sales

Essentials of Automations: Optimizing FME Workflows with Parameters

Mission to Decommission: Importance of Decommissioning Products to Increase E...

UMA - An Open Standard for Consent-Driven Personal Data Sharing

1. © 2016 ForgeRock. All rights reserved. Chris Adriaensen Senior Customer Engineer chris.adriaensen@forgerock.com @chrisadriaensen | @ForgeRock An Open Standard for Consent-Driven Personal Data Sharing © 2017 ForgeRock. All rights reserved.

2. © 2016 ForgeRock. All rights reserved. BUSINESS DRIVERS TECHNOLOGY FEATURES PRIVACY Transparency Visualization of Personal Data Smart Things Explosion of Personal Data Customer Relationship Management Consent Access of Personal Data Regulation Government & Industry Bodies Privacy Drivers & Features © 2017 ForgeRock. All rights reserved. 2

4. © 2016 ForgeRock. All rights reserved. Requesting PartyClientsResources AccessResource Owner User Interface (GUI / PUI) Application Interface (REST / SOAP) User Interface (GUI / PUI) Application 4 Privacy Architecture © 2017 ForgeRock. All rights reserved.

5. © 2016 ForgeRock. All rights reserved. Resource Owner User Interface (GUI / PUI) Requesting PartyClientsResources Access User Interface (GUI / PUI) Application Interface (REST / SOAP) Application 5 Privacy Challenge © 2017 ForgeRock. All rights reserved. ? IDIDIDID ID ID ID ID ID ? IDIDIDID

6. © 2016 ForgeRock. All rights reserved. Requesting Party User Interface (GUI / PUI) Resource Owner User Interface (GUI / PUI) ClientsResources Access Application Interface (REST / SOAP) Application 6 Transparency Identity Solution © 2017 ForgeRock. All rights reserved. ID ID ID ID ID ID ID ID IdentityID

7. © 2016 ForgeRock. All rights reserved. Requesting Party User Interface (GUI / PUI) Resource Owner User Interface (GUI / PUI) ClientsResources Access Application Interface (REST / SOAP) Application 7 Consent Access Solution © 2017 ForgeRock. All rights reserved. ID ID ID ID ID IDID Access ID ID Identity

8. © 2016 ForgeRock. All rights reserved. © 2017 ForgeRock. All rights reserved. FEATURE Privacy Approaches Manual TRANSPARENCY Request Implicit CONSENT Strategy Explicit API’s SSH, LDAP, SQL, SOAP & REST Automated SOAP & REST ACCESS SHARINGDATA Portal 8

9. © 2016 ForgeRock. All rights reserved. CONSUMERENTERPRISE OASIS 9 Open Standards © 2017 ForgeRock. All rights reserved. IETF, OIDF & KANTARA OIDC Identity Federation UMA Access Federation OAuth Access Control Consent Security Scalability Browser Client Generic Client Statefull Design Stateless Design XML / SOAP JSON / REST JWT Identity 2000+ 2010+ SAML Identity Federation XACML Access Federation WS-* Access SAML Identity

10. © 2016 ForgeRock. All rights reserved. 10 OAuth 2.0 Standard © 2017 ForgeRock. All rights reserved. Resource Server Authorization Server Resource Owner Client Access Validate Manage Authorize Control Owner-to-App Sharing Synchronous Consent Access Integration Access Tokens

11. © 2016 ForgeRock. All rights reserved. 11 User Managed Access Standard © 2017 ForgeRock. All rights reserved. Resource Server Authorization Server Requesting Party Client Authorize Access Protect Resource Owner Manage Manage Control Negotiate Owner-to-Party Sharing Asynchronous Consent Access Federation Access Tokens

12. © 2016 ForgeRock. All rights reserved. Requesting PartyClientsResources AccessResource Owner User Interface (GUI / PUI) Application Interface (REST / SOAP) User Interface (GUI / PUI) Application 12 Consent Standards © 2017 ForgeRock. All rights reserved. OAuth 2.0 Device Flow OAuth 2.0 A/I Grant User Managed Access OpenIDConnect

13. © 2016 ForgeRock. All rights reserved. © 2017 ForgeRock. All rights reserved. FEATURE Privacy Approaches Manual TRANSPARENCY Request Implicit CONSENT Strategy Explicit API’s SSH, LDAP, SQL, SOAP & REST Standards SCIM, SAML & OpenID Connect OAuth 2.0 & OpenID Connect Automated UMA SOAP & REST ACCESS SHARINGDATA Portal 13

14. © 2016 ForgeRock. All rights reserved. 14 SolutionChallenge Health Care Platform Smart Devices Unified Identity Platform Patient Security Patient Privacy Patient Satisfaction Patient Consent Identity of Things Patient Relationships Single Patient View © 2017 ForgeRock. All rights reserved. “We are now able to design innovative data-sharing and consent technologies into our HealthSuite Digital Platform that make it possible to foster consumer and patient trust.” Jeroen Tas, CEO, Healthcare Informatics Solutions & Services

UMA - An Open Standard for Consent-Driven Personal Data Sharing

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to UMA - An Open Standard for Consent-Driven Personal Data Sharing

Similar to UMA - An Open Standard for Consent-Driven Personal Data Sharing (20)

More from Chris Adriaensen

More from Chris Adriaensen (7)

Recently uploaded

Recently uploaded (20)

UMA - An Open Standard for Consent-Driven Personal Data Sharing