Chris Corum, AVISIAN, Inc.
The place that physical access cards, prox badges, smart cards, and weigand protocols have in cloud identity, taking into consideration the knowledge gained from decades of experience.
issuing and lifecycle-managing strongly vetted credentials
08448380779 Call Girls In Civil Lines Women Seeking Men
CIS14: Identity at Scale: Bridging Gaps between Physical and Logical, Token and Cloud
1. Identity at scale:
Bridging gaps between physical and virtual,
token and cloud
Chris Corum, AVISIAN Publishing
chris@avisian.com
@Avisian
2. - Some orgs strengthen, most do nothing
- Single credential to access many sites
- Host in house or go to cloud?
- Forces align to kill the weak credential
- Single purpose, weak credentials
were issued by individual entities
to protect access to their own stuff
- Usage and value of ‘what we’re
protecting’ rise, gives rise to hacking
and breach culture
- Users tire of mass single-use credentials
earlyonmidphasecurrent
Mass data
breaches
Cloning/
counterfeiting
Password fatigueCostanza wallet
Acronym soupSmart cards/2FA
SSOFederation/NFC
CISIDaaS
UN/PWCards and badges
4. Something you connected toSomething you used
Something you tapped onSomething you drove
Some place you went
Some place you ate
Some place you walked past
Some place you tapped in
Some place you parked
Some way you type
Some way you tap
Some way you mouse over
Some way you twist your deviceSomething you did
Something else you did
Something you did a few minutes ago
Something your are about to do
Something you know
Something else you know
Something you couldn’t know
Something you used to know
Some place you wentSome place you ate
Some place you walked pastSome place you tapped inSome place you parked
Some way you typeSome way you tapSome way you mouse over
Some way you twist your device
Somethingyouhave
Somethingelseyouhave
Somethinginhandset
Something you are
Something else you are
Some other thing you are
Something you connected to
Something you used
Something you tapped on
Something you drove
Somethingyoudid
Somethingelseyoudid
Somethingyoudidafewminutesago
Somethingyourareabouttodo
Some
Some
Somet
Someth
Somethingyouhave
Somethingelseyouhave
Somethinginhandset
Next gen
authentication
7. Scalability
Virtually boundless,
Internet scale
Bound by time and
geography
Issuance
Directory or DB records
with user-initiated
lifecycle management
Cryptographic tokens with
expiry and lifecycle
management
Know the user
Seldom seen, often
self-asserted attributes
Face-to-face vetting with
verified attributes
8. Physical and digital took similar paths to reach point where a
“net” of adaptive, continuous authentication
can enable us to leapfrog convergence to coalescence if we
bridge gaps to tap the strengths of both groups.
Chris Corum, AVISIAN Publishing
chris@avisian.com
@Avisian