YoVDO

Authz is the New Authn - Trust Elevation with UMA and OpenID Connect

Offered By: LASCON via YouTube

Tags

LASCON Courses Cryptography Courses OpenID Connect (OIDC) Courses Risk Mitigation Courses Wearables Courses Smart Cards Courses

Course Description

Overview

Explore the concept of trust elevation in online identity management through this 41-minute LASCON conference talk. Delve into the importance of increased trust in mitigating fraud risks during online interactions. Learn about the limitations of proprietary Web Access Management systems and discover how OAuth2 profiles like UMA (User-Managed Access) and OpenID Connect offer standardized approaches for inter-domain trust elevation. Gain insights into the Enterprise UMA use case and explore useful OpenID Connect features for creating centralized authentication policies. Cover topics such as mobile devices, tokens, cryptography, smart cards, wearables, risk mitigation strategies, and industry standards. Examine the challenges faced in identity management and consider potential solutions, including centralization and open-source alternatives.

Syllabus

Introduction
Overview
About me
About Authz
Mobile devices
Tokens
Crypto
Smart cards
Wearables
Pill
Google Knows
Risk Mitigation
NIST
Microsoft
Lack of standards
SOAP
OpenID Connect
UMA
User Claims
Contact Class Reference
Client Requests
Client Preferences
ACR
Trust Elevation
UDP
New challenges
Quick idea
Centralization
Free opensource


Taught by

LASCON

Related Courses

Comparing WAF and RASP - Why?
LASCON via YouTube API Security - Is it the New Application Attack Surface and How to Secure at Enterprise Scale
LASCON via YouTube Privacy Impact Assessments - How Much Privacy Is Enough?
LASCON via YouTube Your Frontier Defense - Understanding Web Application Firewalls
LASCON via YouTube Doing This One Crazy Thing Will Change Your AppSec Program Forever
LASCON via YouTube