Episode 75: Trinsic’s pivot from SSI to identity acceptance
SSI adoption has been slow for years. Trinsic has iterated a great deal in the space and settled on a new business model in identity acceptance. Riley will walk us through lessons learned and how it led them to disrupt the identity verification market.
Episode 74: Cedarling Launch
It’s been a long journey, but the first commercial release of Cedarling is finally here! Join Mike and Mike for a quick tour and demonstration of the Cedarling!
Episode 73: The Future of AuthZ, from A to Z
Summarizing lessons learned from a year of editing the free weekly AuthZ.substack.com newsletter, and my personal
thoughts on the future of DecentIAM.com, this talk tackles
• Why will we need AuthZ?
• What problems will it solve?
• How soon will it be adopted?
Episode 72: Intro to MOSIP for foundational national identity
The Gates Foundation and other donors are funding the open source MOSIP platform to provide some of the tools nations need to build a foundational identity system–a key enabler for digital public infrastructure. Making a foundational identity offering accessible in nations with significant ethnic and regional diversity is especially challenging. This discussion will introduce some of the basic features of MOSIP and how it’s used as part of Ethiopia’s National ID program.
Episode 71: ConnectID – one year on
Building a new ecosystem is not for a faint hearted but it is possible if you work with the industry, international standards bodies, and global identity community. The conversation will cover what worked and what didn’t; what is next for ConnectID?
Episode 70: Removing Cloud Providers From the Zero Trust Equation
SPIFFE is a framework to generate identities for software systems in dynamic and heterogeneous environments. SPIFFE Verifiable Identity Documents (SVIDs) enable us to be explicit about the trust we place in systems. However, the degree of trust we can place in SVIDs relies heavily on the soundness of the data gathering and verification process during node attestation. By leveraging confidential computing technologies, specifically Confidential Virtual Machines (CVMs) we can track platform information directly in hardware, including firmware, boot loader, and kernel images, which are then signed with a key rooted inside the CPU itself. By incorporating hardware-protected platform information directly into the SVID generation process, we can significantly enhance the confidence placed in the resulting identity documents. Additionally, consumers of these SVIDs will be able to assert these properties before placing trust in a system.
Episode 68: UN and OpenWallet Digital Public Infrastructure Collaboration
The UN sees public sector adoption of open source software as playing a key role in governments’ digital transformation. The OpenWallet Forum, building on the success of the OpenWallet Foundation, will offer a platform for multistakeholder cooperation to integrate wide-ranging requirements from governments and companies into coordinated policies and technical standards for digital wallets. The forum will also be supported by the UN International Computing Centre (UNICC) and the Government of Switzerland.
Episode 67: Unraveling the 6Ws of Identity Security with ObserveID
Traditionally, identity security has primarily focused on addressing three of the six Ws – Who, What, and Why. However, ObserveID takes identity security to the next level by delving into the When’s, the Where’s, and the What’s. By considering not just “Who” has access and “What” actions they perform, but also “When” these actions occur and “Where” they take place, ObserveID employs a comprehensive approach that significantly reduces the surface attack area and enhances overall security. This thorough examination of the timing, location, and specific activities associated with user identities enables a more precise and dynamic implementation of access control and monitoring, strengthening an organization’s defenses against both external and internal threats, and ensuring a more resilient and adaptive security posture.
Episode 66: Demystifying Non-Human Identity Management
In today’s digital landscape, the rise of Cloud, SaaS, Generative AI, and data-driven automation has led to the proliferation of Non-Human Identities (NHIs) within organizations. These digital entities—such as service accounts, access keys, and API tokens—play a crucial role in driving business operations, but also introduce a growing attack vector. Mismanaged NHIs have contributed to 85% of security breaches, including ransomware attacks, where weak NHIs are exploited to access critical data. Organizations need an enterprise-wide Non-Human Identity strategy, without which they risk exposing themselves to security breaches or outages originating from inefficient administration of NHIs. Join the conversation to discuss best practices for discovering, securing, and managing the Non-Human Identities in your environment.
Episode 65: Improving bank mobile security
Identerati are excited about the potential for EU identity wallets. But less obvious is what the proponents intend to do to enable PAYMENTS. Identity and payments have different functional requirements, making it challenging creating a “unified” standard without ending up with an unimplementable “frankenwallet”. This episode will discuss an idea for a different kind of Payment Authorization Wallet, uniquely targeting payments, that it is based on Deterministically Encoded CBOR rather than JSON.