On the other side of the rising digital business transformation, there are the individuals in many different roles, like consumers, patients, citizens, clients etc., and their also rising need for privacy and security. Putting humans into full control of their resources and personally identifiable data, which today are scattered across the whole internet, is a fundamental request for privacy in a connected world and already is or sooner or later will be a vital element of most privacy legislations around the world . User empowerment is counterbalancing the digital business and therefore requiring businesses to implement privacy into the fundamental design of their services.
In this track, we will evaluate all available privacy standards and practices, look at early adopters and put together the building blocks of a user managed digital business world where privacy is integrated by design.
After attending this block of sessions you will be able to
- Describe the building blocks of user empowerment.
- Discuss the changing relationship between consumer identity and enterprise identity.
- Describe approaches to internet scale authentication and authorization.
- Describe the mechanics of Open ID Connect and OAuth 2.0
- Describe Life Management in the Finance & Insurance Industry
This block of sessions qualifies for up to 5 Group Learning based CPEs depending on the number of sessions you attended.
Designing the Privacy-Aware Internet: Standards, Trust Frameworks, Encryption, Protocols
The lack of control over the flow of personally identifiable data is becoming the most serious inhibitor for the digital economy, further strenghtening the need for standards, technologies and frameworks for secure and transparent data sharing methods. In this session we will move together through the existing building blocks for empowering the user to take full control over his data and create an image on how they fit together.
Extending the Power of Consent with User-Managed Access and OpenUMA
Existing notice-and-consent paradigms of privacy have begun to fail dramatically — and as recent Pew surveys have demonstrated, people have begun to (ahem) notice. The discipline of privacy engineering aspires to “craft”, but finds it hard to break out the “compliance” rut. The User-Managed Access (UMA) standard and the OpenUMA open-source project are stepping into the breach with two essential elements that change the game: asynchronous consent and centralized consent management.
Crossing The Chasm: Bridging The Divide Between Consumer Identity And Identity In The Enterprise
Consumer identity marches to the beat of a different drum. It does its own thing regardless of enterprise norms and expectations. So how do you solve a problem like consumer identity?
This session take an insightful look at the changing identity landscape and explores the widening gap between consumer and enterprise identity. It talks about the challenges we face as we try to bridge the gap between the carefully controlled enterprise and the complexity of consumers.
Idemix: Secure, Attribute-Based Authentication
Identity mixer allows users to authenticate without identifying themselves by revealing only the required attributes. In this talk, we will present the different features of identity mixer, and give an overview on the possible cryptographic realisations of these features.
uProve: The Pricipal of Minimal Disclosure at Work
U-Prove is a cryptographic technology that allows users to take control over their data and minimally disclose certified information about themselves when interacting with online resource providers. U-Prove provides a superset of the security features of Public Key Infrastructure (PKI), and also provide strong privacy protections by offering superior user control and preventing unwanted user tracking.
In his presentation, Ronny Bjones from Microsoft will describe uProve and talk about the deployment of uProve in Life Management use cases