©2005-9 Arctec Group Identity is the New Currency Presentation by Gunnar Peterson @oneraindrop
CIS13: Identity is the New Currency
Jul 16, 2015
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
©2005-9 Arctec Group
Identity is the New Currency
Presentation by Gunnar Peterson @oneraindrop
©2005-9 Arctec Group
About the speaker
• Gunnar Peterson – Managing Principal, Arctec Group – Twitter @oneraindrop – Editor Build Security In software security column for IEEE Security & Privacy Journal
(www.computer.org/security) – Primary and contributing author for DHS/CERT Build Security In portal on Web Services
security, Identity, and Risk management (https://buildsecurityin.us-cert.gov/daisy/bsi/home.html)
– Project lead, OWASP Top Ten Web Services, OWASP XML Security Gateway Evaluation Criteria project Associate editor Information Security Bulletin (www.chi-publishing.com)
– Contributor Web Application Firewall Evaluation Criteria (http://www.webappsec.org/projects/wafec/)
– IANS Faculty member – Securosis Contirbuting Analyst – Microsoft MVP – Visiting Scientist, Carnegie Mellon University, Software Engineering Institute – Blog: (http://1raindrop.typepad.com) – Slides/presentations (http://www.arctecgroup.net/articles.htm)
1. Problem statement
The Hardest Question I’ve Ever Been Asked
2. Lesson from Mahogany Row
Source: Robert Garigue http://1raindrop.typepad.com/1_raindrop/2007/02/thinking_about_.html
3. Taking Yes for an Answer
4. Identity is the New Currency
Some things we do today
1. Up front integration Automated Provisioning Stronger authentication
2. Backend integration Force reauthentication Integration to fine grained authorization
3. Keep malicious actors at bay TLS/SSL OAuth revocation
©2005-9 Arctec Group
5. How well positioned are we for other trends?
6. We still have more to learn from cheeseburgers
©2005-9 Arctec Group
• …”let’s collectively build security in” – Gunnar Peterson
• Blog: http://1raindrop.typepad.com • Web: http://www.arctecgroup.net • Twitter: @oneraindrop • Email: [email protected]
“Everything we think of as a computer today is really just a device that connects to the big computer that we are all collec;vely building”
Related Documents
