Upload File

2015 identity summit - stepping up to new data protection challenges

  • Home
  • Software
  • 2015 Identity Summit - Stepping Up to New Data Protection Challenges
21
STEPPING UP TO NEW DATA PROTECTION CHALLENGES USER-MANAGED ACCESS FOR GENUINE CONSENT Markus Weber

Upload: forgerock

Post on 14-Apr-2017

1.129 views

Category:

Software


2 download

Report

TRANSCRIPT

Page 1: 2015 Identity Summit - Stepping Up to New Data Protection Challenges

STEPPING UP TO NEWDATA PROTECTION CHALLENGES

USER-MANAGED ACCESS FOR GENUINE CONSENT

Markus Weber

Page 2: 2015 Identity Summit - Stepping Up to New Data Protection Challenges
Page 3: 2015 Identity Summit - Stepping Up to New Data Protection Challenges

67% of individuals are willing to share data

with companies.

It drops to 27% if the business is sharing

data with a third party.

- Accenture

Page 4: 2015 Identity Summit - Stepping Up to New Data Protection Challenges

The Impending Problem

Management

Management

Management

Data

Authorization

Data

Authorization

Data

Authorization

Copyright © Identity Summit 2015, all rights reserved.

Page 5: 2015 Identity Summit - Stepping Up to New Data Protection Challenges

The Impending Problem

Management

Data

Authorization

Data

Authorization

Data

Authorization

Copyright © Identity Summit 2015, all rights reserved.

Page 6: 2015 Identity Summit - Stepping Up to New Data Protection Challenges

UMA: User-Managed Access

Copyright © Identity Summit 2015, all rights reserved.

Is a standard built on OAuth2 Delivers externalized authorization Provides digital consent control to end users Allows to share data and revoke access to data

Page 7: 2015 Identity Summit - Stepping Up to New Data Protection Challenges

Why the need for UMA?OAuth2 focuses on authorizing the sharing of my data with me!

OAuth2OAuth2

OAu

th2 O

Auth2

OAuth2OAuth2

Copyright © Identity Summit 2015, all rights reserved.

Page 8: 2015 Identity Summit - Stepping Up to New Data Protection Challenges

Why the need for UMA?UMA allows me to authorize the sharing of my data with me and others

UMA

UMA

UMA UMA

UMA

UMAUMA

UMA

UMA UMA

UMA

UMAUMA

Copyright © Identity Summit 2015, all rights reserved.

Page 9: 2015 Identity Summit - Stepping Up to New Data Protection Challenges

Why the need for UMA?UMA extends authorization of share or don’t share

and includes fine-grained controls

OAuth2 UMA – Fine-Grained Controls

Copyright © Identity Summit 2015, all rights reserved.

Page 10: 2015 Identity Summit - Stepping Up to New Data Protection Challenges

Why the need for UMA?UMA extends authorization to include scopes – View, Download, Transmit

Copyright © Identity Summit 2015, all rights reserved.

Page 11: 2015 Identity Summit - Stepping Up to New Data Protection Challenges

Why the need for UMA?Externalizes authorization to a centralized hub!

One place to rule them all!

Copyright © Identity Summit 2015, all rights reserved.

Page 12: 2015 Identity Summit - Stepping Up to New Data Protection Challenges

The mechanism:

federated authorization

on top of OAuth

Copyright © Identity Summit 2015, all rights reserved.

Page 13: 2015 Identity Summit - Stepping Up to New Data Protection Challenges

This isn’t just slideware!We built this technology into our

products – and will demo it

Copyright © Identity Summit 2015, all rights reserved.

Page 14: 2015 Identity Summit - Stepping Up to New Data Protection Challenges

ForgeRock is delivering two key UMA components not long from now

(client)

OpenAM 13-basedUMA Provider

OpenIG 4-basedUMA Protector

Copyright © Identity Summit 2015, all rights reserved.

resource server authorization server

Page 15: 2015 Identity Summit - Stepping Up to New Data Protection Challenges

Demo

Copyright © Identity Summit 2015, all rights reserved.

Page 16: 2015 Identity Summit - Stepping Up to New Data Protection Challenges

Copyright © Identity Summit 2015, all rights reserved.

iSee TV

Angela

Eric

Child Regular☐ Adult

Page 17: 2015 Identity Summit - Stepping Up to New Data Protection Challenges

Copyright © Identity Summit 2015, all rights reserved.

iSee TV

Angela

Zachary

Child☐ Regular☐ Adult

Page 18: 2015 Identity Summit - Stepping Up to New Data Protection Challenges

Copyright © Identity Summit 2015, all rights reserved.

iSpyCamera

Angela

Brittany

View Move☐ On/Off

Page 19: 2015 Identity Summit - Stepping Up to New Data Protection Challenges

Why is it valuable to use a standard fornext-generation digital consent?

Copyright © Identity Summit 2015, all rights reserved.

Page 20: 2015 Identity Summit - Stepping Up to New Data Protection Challenges

ForgeRock helps you deliver customer consent and delegation

capabilities for successfuldigital transformation in aprivacy-sensitive world

Copyright © Identity Summit 2015, all rights reserved.

Page 21: 2015 Identity Summit - Stepping Up to New Data Protection Challenges

THANKS!

Markus Weber (@MWAtForgeRock)


Callcredit's Fraud Summit 2016 - Identity verification stream

Backstage Tour of Identity - London Identity Summit

Identity Summit UK: HOW TO MAXIMIZE RETURN ON IDENTITY IN A BRAVE NEW WORLD

Bit trade labs sovereign identity fintech summit 2016

Sydney Identity Summit: Case Study: TomTom

NYC Identity Summit Tech Day: ForgeRock DevOps/Cloud Strategy

OAuth 101 & Secure APIs 2012 Cloud Identity Summit

A Backstage Tour of Identity - Paris Identity Summit 2016

NYC Identity Summit Tech Day: ForgeRock Identity Platform Overview

Sydney Identity Summit: Compound Eye: An Approach To A National Identity Ecosystem

Sydney Identity Summit: Know (and Serve) Your Customers

Analyst Keynote: Putting Customers First Requires Innovation and Identity - Paris Identity Summit 2016

COLORID CAMPUS IDENTITY SUMMIT EMERGING IDENTITY …

NYC Identity Summit Business Day: Continuous Security

Identity Summit UK: KEYNOTE: ‘USING IDENTITY TO EMPOWER CIOS’

Identity Summit 2015: 2Keys Canadian Digital Identity

Cloud Identity Summit - Fuz1on Presentation

Stepping Razor in Orbit: Postmodern Identity and Political ...faculty.winthrop.edu/kosterj/WRIT510/readings/POliticsinNeuromanc… · Stepping Razor in Orbit: Postmodern Identity

Identity: The Future's So Bright, I Gotta Wear Shades - Paris Identity Summit 2016

2015 Identity Summit - OpenAM: Friends with benefits

NYC Identity Summit Business Day: "Identity - The Future's So Bright I Gotta Wear Shades!"

Gartner Identity & Access Management Summit 2011imagesrv.gartner.com/summits/docs/emea/identity-access/iam11... · Gartner Identity & Access Management Summit 2011 ... Gartner Identity

Modern Identity: Heterogeneity and Distance (Cloud Identity Summit Keynote)

Sask 3.0 Summit Digital Identity - D. Nikolejsin

Identity Summit 2015: CONTINUOUS IDENTITY PROTECTION FOR THE IDENTITY PLATFORM

Gartner Identity & Access Management summit 2014 · 3 Gartner Identity & Access Management Summit 2014 ... 2 Gartner Identity & Access Management Summit 2014 ... SailPoint’s …

Stepping Razor in Orbit: Postmodern Identity and Political

2015 Identity Summit: How to Maximize Return on Identity in a Brave New World

Gartner Identity & Access Management Summit 20132 Gartner Identity & Access Management Summit 2013 The Nexus of Forces – mobile, cloud, information and social – brings new challenges

Customer Identity Builds Digital Trust - London Identity Summit

Stepping into the light HIMSS Executive Leadership Summit Stacey Lally, NHS Leadership Academy

Importance of Brand Identity. 2014 Cleveland Nonprofit Marketing Summit

Keynote : Customer Identity Builds Digital Trust - Paris Identity Summit

Identity: The Future's So Bright, I Gotta Wear Shades - London Identity Summit

Sydney Identity Summit: Using Identity to Build Digital Trust (Mike Ellis Intro)