How Google Turned Me into My Mother - The Proxy Paradox in Security

Explore the challenges of security and privacy in the digital age through this thought-provoking keynote from Security BSides London. Delve into the complexities of delegation and proxy activities online, examining how current Identity and Access Management (IAM) models fall short in addressing real-world scenarios of legal, fiduciary, and minor representation. Discover the growing gap between security measures and rapidly advancing technology, particularly in consumer devices and the Internet of Things. Learn about the need for change in security practices to accommodate all members of society, including incapacitated adults and those with power of attorney. Gain insights into the difficulties of managing multiple digital identities, working across organizations, and navigating the consumer world of e-discovery and account takeovers. Understand the concept of "ostensible separation of duties" and its implications for institutional readiness. Hear a personal anecdote about Gmail accounts and Google's response to proxy issues. Conclude with recommendations for standardization and the concept of a "digital concierge" to address these pressing security and privacy concerns.

Introduction
Legal implications
Durable power of attorney
Proxy vs delegation
Rolebased access control
The old way
Working for multiple organizations
Context
Validation
Who are you
What you can do
A game of Clue
Enterprise roles and entitlements
What people have to deal with
The consumer world
Ediscovery
Consumers
incapacitated adults
creating a second email address
taking over my parents account
my dad
elegance of programming
insecurities
Mr Roberts
Taking over someones accounts
Institutions are not ready
Ostensible separation of duties
When parents are wavering
How Google turned me into my mother
My Gmail accounts
What happened
Email address
The problem
Googles response
How do we deal with this
Recommendations
standardization
digital concierge