European Identity & Cloud Conference 2015
05.05. – 08.05.2015, Munich, Germany


The convergence of Cloud, Mobile & Social, together with the digital transformation of enterprises, is creating a complex new landscape of challenges, which is dominated by many-to-many relationships. 

Forever gone now are the days where Information Security used to be seen as a primarily technical matter. Identity & Access Management (IAM)  today first and foremost is an organizational challenge and is in need for a leadership that understands the governance approach to meet the challenges of digital risk. This track will help you prepare for the digital transformation to many-to-many multi-channel and billion-device IAM.  

Best Practice

06.05.2015 14:30-15:30

Identity @ The Guardian – SSO at Web Scale

The Guardian’s web and mobile application usage rates are experiencing explosive growth.  This growth is driven by an increased consumption of news online.  Today’s users have high expectations in terms of usability, security and performance.  This session aims to highlight the challenges that Identity faces and will discuss the technology that can be used to keep pace in this fast moving development environment.

Topics covered will be:

  • Cloud technology and the importance of scalability.
  • Security versus usability trades offs and compromises.
  • Multi device Identity support.
  • Continuous delivery.
  • Data driven development and lean principles.

Rethinking Digital Identity: The Australian Government Story

The Australian Government’s coordinated approach to digital identity started in the business-to-government domain, with the creation of a whole-of-government credential (AUSkey) and trust broker (VANguard) in 2007. A separate process occurred in the citizen-to-government domain (myGov) in 2013.

This case study examines the policy decisions leading to the creation of these systems, and the technical challenges and compromises that followed. This includes the decision to use digital certificates for business transactions, but username/password-based credentials for citizens. It also explains the delay between centralizing business-to-government and citizen-to-government authentication, partly due to the Australian public’s rejection of nationalized identity in the Australia Card.

At a more technical level, it also discusses multiple exposed and exploited security flaws, which threatened the security benefits of this centralized authentication.

Finally, the case study details the changing environment of digital identity, and the technical and policy questions currently being uncovered by the Australian Government in its quest to have all 50,000+ transaction-per-annum systems available end-to-end digitally.

Key takeaways:

  1. Understanding Australia’s approach to digital identity and where it is heading under the Australian Government’s digital policy agenda, with comparisons to other countries
  2. Appreciation of the hidden security costs of centralized authentication, and the effect of failures
  3. Demonstration of how the differences between various authentication and identity domains can necessarily lead to significantly different outcomes and technologies, in the whole-of-government space

FIDO Alliance: Simplifying User Authentication

06.05.2015 15:30-16:30

The Death of the Password – Is It Finally Coming True?

“Death of the Password” announcements have been around for a decade or more, but none of them have come true. The FIDO Alliance (Fast Identity Online), founded in 2012, with a member list reading like the Internet Who-isWho, has been gaining so mcuch traction with its proposed standard security protocol, that this time chances are great that the password based authentication will be killed. In this session we will talk about the concept behind the FIDO protocol and understand the benefits the FIDO standard can create inside and outside the enterprise.

Privilege Management

06.05.2015 17:30-18:30

Privilege Management Use Cases

In this session,we will walk through major use cases for Privilege Management. Which are the most common use cases, what to look at in particular and which specific features to stress-test in a PoC?

The Snowden Effect: Why seeing is believing

We pride ourselves on being proactive in dealing with external threats to our data. But why is our approach to the insider threat so much more reactive and forensic? Have we considered that being able to actively monitor and take action where privileged users behaviour is identified as risky might help us prevent this kind of data loss? Thinking beyond log management to identify behaviour.

Key Takeaways:

  • Understanding the benefits of real-time monitoring.
  • Considering which parts of their organization are most and risk and might benefit from real-time monitoring.
Seraphinite AcceleratorBannerText_Seraphinite Accelerator
Turns on site high speed to be attractive for people and search engines.