SlideShare a Scribd company logo

OpenID in the Digital ID Landscape: A Perspective From the Past to the Future

Nat Sakimura
Nat Sakimura

Digital identity has been under a constant evolution for the last 30 years. It started from a simple access control via user account within a system to a shared credential among the systems, then to the federated identity and bring-your-own-identity (BYOI). Modern usages are not only for access control but include such purposes like digital on-boarding (account opening), employee and customer relationship management. Among the many technologies out there, OpenID seems to have gained popularity in the market that you are probably using it without knowing it. This session explains the positioning of OpenID in the digital ID landscape and explores the future potential for both corporations and individuals.

Technology
1 of 54
Download to read offline
Nomura Research Institute OpenID in the digital ID landscape: a perspective from the past to the future Nat Sakimura (@_nat_en) Research Fellow, Nomura Research Institute Chairman of the board, OpenID Foundation www.kuppingercole.com _nat_en https://nat.Sakimura.org/youtube.php https://www.linkedin.com/in/natsakimura https://nat.sakimura.org Nomura Research Institute
Nomura Research Institute
Nomura Research Institute
Nomura Research Institute Open, Sesame! (Source)Albert Robida (1848-1926) - public domain An example of long-term weak shared key
Nomura Research Institute Rome 5 (Source)Roman soldiers on the cast ofTrajan's Column in theVictoria and Albert museum, London.– public domain Shared weak symmetric key, rotated daily with ACK based key delivery protocol
Nomura Research Institute MIT’s CTSS system (1961) used LOGIN & PASSWORD – An example of individual password 6 (Source) http://en.wikipedia.org/wiki/IBM_7090#mediaviewer/File:IBM_7094_console2.agr.JPG
Nomura Research Institute Per System identity 7 Service 1 Service 2 Service N
Nomura Research Institute 8
Nomura Research Institute 9 IDENTITY Nomura Research Institute
Nomura Research Institute 10 Real Name Professional qualification department Geo-location Employee number Entity Identity
Nomura Research Institute 11 Real Name Professional qualification department Geo-location Employee number Entity Authenticated IdentityAuthentication Server Provides claims username password Geo-location Device info Etc. Identity Register Verification (authenticatio n)
Nomura Research Institute 12 (source)Created by the author based on ISO/IEC 24760-1 Identity management framework: Part1 Unknown※ Established Active Archived Suspended suspend reactivate maintain delete archive activate adjust register Re-establish delete Identity Management
Nomura Research Institute 13 Real Name Professional qualification department Geo-location Employee number Entity Authenticated IdentityAuthentication Server Provides claims username password Geo-location Device info Etc. Identity Register Verification (AuthN)
Nomura Research Institute Per System identity 14 Service 1 IR Service 2 Service N IR IR
Nomura Research Institute Shared identity 15 Service 1 Service 2 Service N IR IR
Nomura Research Institute 16
Nomura Research Institute Shared identity 17 Service 1 Service 2 Service N IR IR password
Nomura Research Institute Federated identity 18 Service 1 Service 2 Service N IdP IR Get Token ID Token ID Token
Nomura Research Institute 19 OpenID Authentication 2.0 (key=value) 2002 2005 20142012 SAML 2.0 (XML, XML SIG, SOAP) SAML 1.0 2007 OAuth 1.0 (Key=value)
Nomura Research Institute 20 2007 2008
Nomura Research Institute 21
Nomura Research Institute 22
Nomura Research Institute 23
Nomura Research Institute 24
Nomura Research Institute 25
Nomura Research Institute 26
Nomura Research Institute 27 Nat Sakimura (NRI) John Bradley (Mercenary working for NRI) Breno de Madeiros (Google)
Nomura Research Institute Early design decisions: 1. No canonicalization 2. ASCII Armoring 3. JSON 4. REST 28 JSON Simple Signature (JSS) & Encryption (JSE)
Nomura Research Institute Then, there was a parallel work Magic Signature & JSON Token 29 John Panzer Dirk Balfanz
Nomura Research Institute And there came Mike Jones  “You guys should come together and standardize it at IETF. Don’t worry. I can take care of the editing!” 30 JSON Simple Signature (JSS) & Encryption (JSE) Magic Signature & JSON Tokens JWx
Nomura Research Institute JWx JWS: JSON Web Signature JWE: JSON Web Encryption JWT: JSON Web Token etc. 31
Nomura Research Institute Early design decisions: 1. No canonicalization 2. ASCII Armoring 3. JSON 4. REST 5. JWx 32 Dick Hardt Allen Tom
Nomura Research Institute Early design decisions: 1. No canonicalization 2. ASCII Armoring 3. JSON 4. REST 5. JWx 6. Base on OAuth WRAP 33 2.0
Nomura Research Institute 34 OAuth 2.0 OpenID Authentication 2.0 (key=value) 2002 2005 2012 SAML 2.0 (XML, XML SIG, SOAP) SAML 1.0 2007 2014 OpenID Connect (JSON, JWS, REST) OAuth 1.0 Dave Recordon
Nomura Research Institute 35 Nomura Research Institute HTTPS OAuth 2.0 JWS/JWE/JWKS ID Token
Nomura Research Institute Over 90% of Azure AD App Authentication are Over OpenID Connect as of April 2018 36 Alex Simmons at EIC 2018
Nomura Research Institute 37 OpenID Financial-grade API (FAPI) Security Profile https://www.openbanking.org.uk/provider-categories/account-providers/ ABN AMRO Bank NV AIB Group (UK) plc Bank of Cyprus UK Ltd Bank of Ireland (UK) Plc Bank of Scotland plc Barclays Bank Plc Clydesdale Bank PLC HSBC UK Bank Plc ICBC (London) plc Lloyds Bank PLC etc…
Nomura Research Institute That is perfectly fit for not only Enterprise access control Real Name Professional qualification department Geo- location Employee number Entity Authenticated IdentityAuthentication Server Provides Claims username password Geo-location Device info Etc. Identity Register AuthN Log Audit Anomaly Detection Resource PolicyPAP PDP PEP metadata PEP2 Admin ID Token
Nomura Research Institute Employee Relationship Management (ERM) But also …
Nomura Research Institute Customer Relationship Management (CRM) 40 Including Customer on-boarding … and
Nomura Research Institute Social & Bank Identities 41 BYOID
Nomura Research Institute Host your own IdP on-premise / cloud 42
Nomura Research Institute It can be on your local machine 43
Nomura Research Institute Self-issued OP – Never taken away 44 HOSTED ON YOUR LOCAL MACHINE. NO NEED FOR IDP DISCOVERY BECAUSE IT IS LOCAL. USER IDENTIFIER IS THE HASH OF THE PUBLIC KEY GENERATED BY THE SOFTWARE.
Nomura Research Institute 3 Claims Models Simple AggregatedDistributed 45
Nomura Research Institute Simple Claims 46 ID Token IdP Client
Nomura Research Institute Aggregated claims 47 Signed Claims (Token) Signed Claims (Token) ID Token IdP Claims Provider Claims Provider Client Claims are Verifiable
Nomura Research Institute Distributed Claims 48 Signed Claims (Token) ID Token including pinters ClientClaims are Verifiable
Nomura Research Institute An example of on- going activities on the claims-set 49  Minimum Viable eKYC Framework (eID/KYC Expert Group @ EC)
Nomura Research Institute CIBA: Client Initiated Backchannel Authentication -- O2O: Online Authentication for Offline Transaction  Use-case 1: Customer authentication @ Call centers 50
Nomura Research Institute 51Trusted Personal Data Management Service (TPDMS) - Consent Management  Worked on by Japanese government.  Ethical Assistance to combat “Over consenting”  Note: Cambridge Analytica incident happened because of “over consent”  Public comment period for the certification scheme started Nov. 22.  Expected to find the first certified service by the end of March.  ISO/IEC 29100, 29134, 29184, 27552  Kantara Initiative Consent Receipt
Nomura Research Institute Projected Landscape 52 Signed Claims (Token) Signed Claims (Token) ID Token Access Token IdP Claims Provider Claims Provider Client Keys Keys eKYC Continuous AuthN + Risk Info FAPI+CIBA Consent Management (Ethical Assistance)
Nomura Research Institute 52
Nomura Research Institute OpenID in the digital ID landscape: a perspective from the past to the future Nat Sakimura (@_nat_en) Research Fellow, Nomura Research Institute Chairman of the board, OpenID Foundation www.kuppingercole.com _nat_en https://nat.Sakimura.org/youtube.php https://www.linkedin.com/in/natsakimura https://nat.sakimura.org

Recommended

Luiz eduardo. introduction to mobile snitch
Luiz eduardo. introduction to mobile snitchLuiz eduardo. introduction to mobile snitch
Luiz eduardo. introduction to mobile snitchYury Chemerkin
 
Cyber crime &_info_security
Cyber crime &_info_securityCyber crime &_info_security
Cyber crime &_info_securityEr Mahendra Yadav
 
SoDA v2 - Named Entity Recognition from streaming text
SoDA v2 - Named Entity Recognition from streaming textSoDA v2 - Named Entity Recognition from streaming text
SoDA v2 - Named Entity Recognition from streaming textSujit Pal
 
Wikileaks: secure dropbox or leaking dropbox?
Wikileaks: secure dropbox or leaking dropbox?Wikileaks: secure dropbox or leaking dropbox?
Wikileaks: secure dropbox or leaking dropbox?hackdemocracy
 
Bar Camp 11 Oct09 Hacking
Bar Camp 11 Oct09 HackingBar Camp 11 Oct09 Hacking
Bar Camp 11 Oct09 HackingBarcamp Kerala
 
IoTNEXT 2016 - SafeNation Track
IoTNEXT 2016 - SafeNation TrackIoTNEXT 2016 - SafeNation Track
IoTNEXT 2016 - SafeNation TrackPriyanka Aash
 
fingerprinting blackhat by pseudor00t
fingerprinting blackhat by pseudor00tfingerprinting blackhat by pseudor00t
fingerprinting blackhat by pseudor00tpseudor00t overflow
 
Structural Biology in the Clouds: A Success Story of 10 years
Structural Biology in the Clouds: A Success Story of 10 yearsStructural Biology in the Clouds: A Success Story of 10 years
Structural Biology in the Clouds: A Success Story of 10 yearsAlexandreBonvin2
 

Recommended

Luiz eduardo. introduction to mobile snitch
Luiz eduardo. introduction to mobile snitchLuiz eduardo. introduction to mobile snitch
Luiz eduardo. introduction to mobile snitchYury Chemerkin
 
Cyber crime &_info_security
Cyber crime &_info_securityCyber crime &_info_security
Cyber crime &_info_securityEr Mahendra Yadav
 
SoDA v2 - Named Entity Recognition from streaming text
SoDA v2 - Named Entity Recognition from streaming textSoDA v2 - Named Entity Recognition from streaming text
SoDA v2 - Named Entity Recognition from streaming textSujit Pal
 
Wikileaks: secure dropbox or leaking dropbox?
Wikileaks: secure dropbox or leaking dropbox?Wikileaks: secure dropbox or leaking dropbox?
Wikileaks: secure dropbox or leaking dropbox?hackdemocracy
 
Bar Camp 11 Oct09 Hacking
Bar Camp 11 Oct09 HackingBar Camp 11 Oct09 Hacking
Bar Camp 11 Oct09 HackingBarcamp Kerala
 
IoTNEXT 2016 - SafeNation Track
IoTNEXT 2016 - SafeNation TrackIoTNEXT 2016 - SafeNation Track
IoTNEXT 2016 - SafeNation TrackPriyanka Aash
 
fingerprinting blackhat by pseudor00t
fingerprinting blackhat by pseudor00tfingerprinting blackhat by pseudor00t
fingerprinting blackhat by pseudor00tpseudor00t overflow
 
Structural Biology in the Clouds: A Success Story of 10 years
Structural Biology in the Clouds: A Success Story of 10 yearsStructural Biology in the Clouds: A Success Story of 10 years
Structural Biology in the Clouds: A Success Story of 10 yearsAlexandreBonvin2
 
DEFCON 23 - Patrick Mcneil and Owen - sorry wrong number
DEFCON 23 - Patrick Mcneil and Owen - sorry wrong numberDEFCON 23 - Patrick Mcneil and Owen - sorry wrong number
DEFCON 23 - Patrick Mcneil and Owen - sorry wrong numberFelipe Prado
 
Fundamentals of Network security
Fundamentals of Network securityFundamentals of Network security
Fundamentals of Network securityAPNIC
 
Sneak Peek into the Future with Prof. Indranil Sengupta, IIT Kharagpur
Sneak Peek into the Future with Prof. Indranil Sengupta, IIT KharagpurSneak Peek into the Future with Prof. Indranil Sengupta, IIT Kharagpur
Sneak Peek into the Future with Prof. Indranil Sengupta, IIT KharagpurPriyanka Aash
 
From Thousands of Hours to a Couple of Minutes: Automating Exploit Generation...
From Thousands of Hours to a Couple of Minutes: Automating Exploit Generation...From Thousands of Hours to a Couple of Minutes: Automating Exploit Generation...
From Thousands of Hours to a Couple of Minutes: Automating Exploit Generation...Priyanka Aash
 
Drone Emprit: Konsep dan Teknologi
Drone Emprit: Konsep dan TeknologiDrone Emprit: Konsep dan Teknologi
Drone Emprit: Konsep dan TeknologiIsmail Fahmi
 
WOTS2E: A Search Engine for a Semantic Web of Things
WOTS2E: A Search Engine for a Semantic Web of ThingsWOTS2E: A Search Engine for a Semantic Web of Things
WOTS2E: A Search Engine for a Semantic Web of ThingsAndreas Kamilaris
 
Secure password - CYBER SECURITY
Secure password - CYBER SECURITYSecure password - CYBER SECURITY
Secure password - CYBER SECURITYSupanShah2
 
WiFi Data Leakage by Solomon Sonya
WiFi Data Leakage by Solomon SonyaWiFi Data Leakage by Solomon Sonya
WiFi Data Leakage by Solomon SonyaEC-Council
 
IoT Workshop Indianapolis
IoT Workshop IndianapolisIoT Workshop Indianapolis
IoT Workshop IndianapolisMike Branstein
 
IPv6 Security Talk mit Joe Klein
IPv6 Security Talk mit Joe KleinIPv6 Security Talk mit Joe Klein
IPv6 Security Talk mit Joe KleinDigicomp Academy AG
 
Semantically-Enabling the Web of Things: The W3C Semantic Sensor Network Onto...
Semantically-Enabling the Web of Things: The W3C Semantic Sensor Network Onto...Semantically-Enabling the Web of Things: The W3C Semantic Sensor Network Onto...
Semantically-Enabling the Web of Things: The W3C Semantic Sensor Network Onto...Laurent Lefort
 
Smart Defense: Strategic Approach to fight contemporary Security, Privacy & A...
Smart Defense: Strategic Approach to fight contemporary Security, Privacy & A...Smart Defense: Strategic Approach to fight contemporary Security, Privacy & A...
Smart Defense: Strategic Approach to fight contemporary Security, Privacy & A...Abhinav Biswas
 
Are TOR Hidden Services really hidden? Demystifying HS Directory surveillance...
Are TOR Hidden Services really hidden? Demystifying HS Directory surveillance...Are TOR Hidden Services really hidden? Demystifying HS Directory surveillance...
Are TOR Hidden Services really hidden? Demystifying HS Directory surveillance...Abhinav Biswas
 
Secure Node Code (workshop, O'Reilly Security)
Secure Node Code (workshop, O'Reilly Security)Secure Node Code (workshop, O'Reilly Security)
Secure Node Code (workshop, O'Reilly Security)Guy Podjarny
 
Web Security Jumpstart
Web Security JumpstartWeb Security Jumpstart
Web Security JumpstartSatria Ady Pradana
 
Web Security Workshop : A Jumpstart
Web Security Workshop : A JumpstartWeb Security Workshop : A Jumpstart
Web Security Workshop : A JumpstartSatria Ady Pradana
 
Listening at the Cocktail Party with Deep Neural Networks and TensorFlow
Listening at the Cocktail Party with Deep Neural Networks and TensorFlowListening at the Cocktail Party with Deep Neural Networks and TensorFlow
Listening at the Cocktail Party with Deep Neural Networks and TensorFlowDatabricks
 
Elasticsearch - DevNexus 2015
Elasticsearch - DevNexus 2015Elasticsearch - DevNexus 2015
Elasticsearch - DevNexus 2015Roy Russo
 
Tor
TorTor
Torantitree
 
Touring the Dark Side of Internet: A Journey through IOT, TOR & Docker
Touring the Dark Side of Internet: A Journey through IOT, TOR & DockerTouring the Dark Side of Internet: A Journey through IOT, TOR & Docker
Touring the Dark Side of Internet: A Journey through IOT, TOR & DockerAbhinav Biswas
 
FAPI and beyond - よりよいセキュリティのために
FAPI and beyond - よりよいセキュリティのためにFAPI and beyond - よりよいセキュリティのために
FAPI and beyond - よりよいセキュリティのためにNat Sakimura
 
170724 JP/UK Open Banking Summit English Translation
170724 JP/UK Open Banking Summit English Translation170724 JP/UK Open Banking Summit English Translation
170724 JP/UK Open Banking Summit English TranslationNat Sakimura
 

More Related Content

Similar to OpenID in the Digital ID Landscape: A Perspective From the Past to the Future

DEFCON 23 - Patrick Mcneil and Owen - sorry wrong number
DEFCON 23 - Patrick Mcneil and Owen - sorry wrong numberDEFCON 23 - Patrick Mcneil and Owen - sorry wrong number
DEFCON 23 - Patrick Mcneil and Owen - sorry wrong numberFelipe Prado
 
Fundamentals of Network security
Fundamentals of Network securityFundamentals of Network security
Fundamentals of Network securityAPNIC
 
Sneak Peek into the Future with Prof. Indranil Sengupta, IIT Kharagpur
Sneak Peek into the Future with Prof. Indranil Sengupta, IIT KharagpurSneak Peek into the Future with Prof. Indranil Sengupta, IIT Kharagpur
Sneak Peek into the Future with Prof. Indranil Sengupta, IIT KharagpurPriyanka Aash
 
From Thousands of Hours to a Couple of Minutes: Automating Exploit Generation...
From Thousands of Hours to a Couple of Minutes: Automating Exploit Generation...From Thousands of Hours to a Couple of Minutes: Automating Exploit Generation...
From Thousands of Hours to a Couple of Minutes: Automating Exploit Generation...Priyanka Aash
 
Drone Emprit: Konsep dan Teknologi
Drone Emprit: Konsep dan TeknologiDrone Emprit: Konsep dan Teknologi
Drone Emprit: Konsep dan TeknologiIsmail Fahmi
 
WOTS2E: A Search Engine for a Semantic Web of Things
WOTS2E: A Search Engine for a Semantic Web of ThingsWOTS2E: A Search Engine for a Semantic Web of Things
WOTS2E: A Search Engine for a Semantic Web of ThingsAndreas Kamilaris
 
Secure password - CYBER SECURITY
Secure password - CYBER SECURITYSecure password - CYBER SECURITY
Secure password - CYBER SECURITYSupanShah2
 
WiFi Data Leakage by Solomon Sonya
WiFi Data Leakage by Solomon SonyaWiFi Data Leakage by Solomon Sonya
WiFi Data Leakage by Solomon SonyaEC-Council
 
IoT Workshop Indianapolis
IoT Workshop IndianapolisIoT Workshop Indianapolis
IoT Workshop IndianapolisMike Branstein
 
IPv6 Security Talk mit Joe Klein
IPv6 Security Talk mit Joe KleinIPv6 Security Talk mit Joe Klein
IPv6 Security Talk mit Joe KleinDigicomp Academy AG
 
Semantically-Enabling the Web of Things: The W3C Semantic Sensor Network Onto...
Semantically-Enabling the Web of Things: The W3C Semantic Sensor Network Onto...Semantically-Enabling the Web of Things: The W3C Semantic Sensor Network Onto...
Semantically-Enabling the Web of Things: The W3C Semantic Sensor Network Onto...Laurent Lefort
 
Smart Defense: Strategic Approach to fight contemporary Security, Privacy & A...
Smart Defense: Strategic Approach to fight contemporary Security, Privacy & A...Smart Defense: Strategic Approach to fight contemporary Security, Privacy & A...
Smart Defense: Strategic Approach to fight contemporary Security, Privacy & A...Abhinav Biswas
 
Are TOR Hidden Services really hidden? Demystifying HS Directory surveillance...
Are TOR Hidden Services really hidden? Demystifying HS Directory surveillance...Are TOR Hidden Services really hidden? Demystifying HS Directory surveillance...
Are TOR Hidden Services really hidden? Demystifying HS Directory surveillance...Abhinav Biswas
 
Secure Node Code (workshop, O'Reilly Security)
Secure Node Code (workshop, O'Reilly Security)Secure Node Code (workshop, O'Reilly Security)
Secure Node Code (workshop, O'Reilly Security)Guy Podjarny
 
Web Security Workshop : A Jumpstart
Web Security Workshop : A JumpstartWeb Security Workshop : A Jumpstart
Web Security Workshop : A JumpstartSatria Ady Pradana
 
Listening at the Cocktail Party with Deep Neural Networks and TensorFlow
Listening at the Cocktail Party with Deep Neural Networks and TensorFlowListening at the Cocktail Party with Deep Neural Networks and TensorFlow
Listening at the Cocktail Party with Deep Neural Networks and TensorFlowDatabricks
 
Elasticsearch - DevNexus 2015
Elasticsearch - DevNexus 2015Elasticsearch - DevNexus 2015
Elasticsearch - DevNexus 2015Roy Russo
 
Touring the Dark Side of Internet: A Journey through IOT, TOR & Docker
Touring the Dark Side of Internet: A Journey through IOT, TOR & DockerTouring the Dark Side of Internet: A Journey through IOT, TOR & Docker
Touring the Dark Side of Internet: A Journey through IOT, TOR & DockerAbhinav Biswas
 

Similar to OpenID in the Digital ID Landscape: A Perspective From the Past to the Future (20)

DEFCON 23 - Patrick Mcneil and Owen - sorry wrong number
DEFCON 23 - Patrick Mcneil and Owen - sorry wrong numberDEFCON 23 - Patrick Mcneil and Owen - sorry wrong number
DEFCON 23 - Patrick Mcneil and Owen - sorry wrong number
 
Fundamentals of Network security
Fundamentals of Network securityFundamentals of Network security
Fundamentals of Network security
 
Sneak Peek into the Future with Prof. Indranil Sengupta, IIT Kharagpur
Sneak Peek into the Future with Prof. Indranil Sengupta, IIT KharagpurSneak Peek into the Future with Prof. Indranil Sengupta, IIT Kharagpur
Sneak Peek into the Future with Prof. Indranil Sengupta, IIT Kharagpur
 
From Thousands of Hours to a Couple of Minutes: Automating Exploit Generation...
From Thousands of Hours to a Couple of Minutes: Automating Exploit Generation...From Thousands of Hours to a Couple of Minutes: Automating Exploit Generation...
From Thousands of Hours to a Couple of Minutes: Automating Exploit Generation...
 
Drone Emprit: Konsep dan Teknologi
Drone Emprit: Konsep dan TeknologiDrone Emprit: Konsep dan Teknologi
Drone Emprit: Konsep dan Teknologi
 
WOTS2E: A Search Engine for a Semantic Web of Things
WOTS2E: A Search Engine for a Semantic Web of ThingsWOTS2E: A Search Engine for a Semantic Web of Things
WOTS2E: A Search Engine for a Semantic Web of Things
 
Secure password - CYBER SECURITY
Secure password - CYBER SECURITYSecure password - CYBER SECURITY
Secure password - CYBER SECURITY
 
WiFi Data Leakage by Solomon Sonya
WiFi Data Leakage by Solomon SonyaWiFi Data Leakage by Solomon Sonya
WiFi Data Leakage by Solomon Sonya
 
IoT Workshop Indianapolis
IoT Workshop IndianapolisIoT Workshop Indianapolis
IoT Workshop Indianapolis
 
IPv6 Security Talk mit Joe Klein
IPv6 Security Talk mit Joe KleinIPv6 Security Talk mit Joe Klein
IPv6 Security Talk mit Joe Klein
 
Semantically-Enabling the Web of Things: The W3C Semantic Sensor Network Onto...
Semantically-Enabling the Web of Things: The W3C Semantic Sensor Network Onto...Semantically-Enabling the Web of Things: The W3C Semantic Sensor Network Onto...
Semantically-Enabling the Web of Things: The W3C Semantic Sensor Network Onto...
 
Smart Defense: Strategic Approach to fight contemporary Security, Privacy & A...
Smart Defense: Strategic Approach to fight contemporary Security, Privacy & A...Smart Defense: Strategic Approach to fight contemporary Security, Privacy & A...
Smart Defense: Strategic Approach to fight contemporary Security, Privacy & A...
 
Are TOR Hidden Services really hidden? Demystifying HS Directory surveillance...
Are TOR Hidden Services really hidden? Demystifying HS Directory surveillance...Are TOR Hidden Services really hidden? Demystifying HS Directory surveillance...
Are TOR Hidden Services really hidden? Demystifying HS Directory surveillance...
 
Secure Node Code (workshop, O'Reilly Security)
Secure Node Code (workshop, O'Reilly Security)Secure Node Code (workshop, O'Reilly Security)
Secure Node Code (workshop, O'Reilly Security)
 
Web Security Jumpstart
Web Security JumpstartWeb Security Jumpstart
Web Security Jumpstart
 
Web Security Workshop : A Jumpstart
Web Security Workshop : A JumpstartWeb Security Workshop : A Jumpstart
Web Security Workshop : A Jumpstart
 
Listening at the Cocktail Party with Deep Neural Networks and TensorFlow
Listening at the Cocktail Party with Deep Neural Networks and TensorFlowListening at the Cocktail Party with Deep Neural Networks and TensorFlow
Listening at the Cocktail Party with Deep Neural Networks and TensorFlow
 
Elasticsearch - DevNexus 2015
Elasticsearch - DevNexus 2015Elasticsearch - DevNexus 2015
Elasticsearch - DevNexus 2015
 
Tor
TorTor
Tor
 
Touring the Dark Side of Internet: A Journey through IOT, TOR & Docker
Touring the Dark Side of Internet: A Journey through IOT, TOR & DockerTouring the Dark Side of Internet: A Journey through IOT, TOR & Docker
Touring the Dark Side of Internet: A Journey through IOT, TOR & Docker
 

More from Nat Sakimura

FAPI and beyond - よりよいセキュリティのために
FAPI and beyond - よりよいセキュリティのためにFAPI and beyond - よりよいセキュリティのために
FAPI and beyond - よりよいセキュリティのためにNat Sakimura
 
170724 JP/UK Open Banking Summit English Translation
170724 JP/UK Open Banking Summit English Translation170724 JP/UK Open Banking Summit English Translation
170724 JP/UK Open Banking Summit English TranslationNat Sakimura
 
Introduction to 
the FAPI Read & Write OAuth Profile - Jan 2018 Updates
Introduction to 
the FAPI Read & Write OAuth Profile - Jan 2018 UpdatesIntroduction to 
the FAPI Read & Write OAuth Profile - Jan 2018 Updates
Introduction to 
the FAPI Read & Write OAuth Profile - Jan 2018 UpdatesNat Sakimura
 
Introduction to the FAPI Read & Write OAuth Profile
Introduction to the FAPI Read & Write OAuth ProfileIntroduction to the FAPI Read & Write OAuth Profile
Introduction to the FAPI Read & Write OAuth ProfileNat Sakimura
 
金融 API 時代のセキュリティ: OpenID Financial API (FAPI) WG
金融 API 時代のセキュリティ: OpenID Financial API (FAPI) WG金融 API 時代のセキュリティ: OpenID Financial API (FAPI) WG
金融 API 時代のセキュリティ: OpenID Financial API (FAPI) WGNat Sakimura
 
ブロックチェーン〜信頼の源泉の民主化のもたらす変革
ブロックチェーン〜信頼の源泉の民主化のもたらす変革ブロックチェーン〜信頼の源泉の民主化のもたらす変革
ブロックチェーン〜信頼の源泉の民主化のもたらす変革Nat Sakimura
 
Future Proofing the OAuth 2.0 Authorization Code Grant Protocol by the applic...
Future Proofing the OAuth 2.0 Authorization Code Grant Protocol by the applic...Future Proofing the OAuth 2.0 Authorization Code Grant Protocol by the applic...
Future Proofing the OAuth 2.0 Authorization Code Grant Protocol by the applic...Nat Sakimura
 
OpenID Foundation FAPI WG: June 2017 Update
OpenID Foundation FAPI WG: June 2017 UpdateOpenID Foundation FAPI WG: June 2017 Update
OpenID Foundation FAPI WG: June 2017 UpdateNat Sakimura
 
API Days 2016 Day 1: OpenID Financial API WG
API Days 2016 Day 1: OpenID Financial API WGAPI Days 2016 Day 1: OpenID Financial API WG
API Days 2016 Day 1: OpenID Financial API WGNat Sakimura
 
Financial Grade OAuth & OpenID Connect
Financial Grade OAuth & OpenID ConnectFinancial Grade OAuth & OpenID Connect
Financial Grade OAuth & OpenID ConnectNat Sakimura
 
OpenID Foundation Foundation Financial API (FAPI) WG
OpenID Foundation Foundation Financial API (FAPI) WGOpenID Foundation Foundation Financial API (FAPI) WG
OpenID Foundation Foundation Financial API (FAPI) WGNat Sakimura
 
OpenID Foundation Foundation Financial API (FAPI) WG
OpenID Foundation Foundation Financial API (FAPI) WGOpenID Foundation Foundation Financial API (FAPI) WG
OpenID Foundation Foundation Financial API (FAPI) WGNat Sakimura
 
車輪は丸くなったか?~デジタル・アイデンティティの標準化動向とそのゴール
車輪は丸くなったか?~デジタル・アイデンティティの標準化動向とそのゴール車輪は丸くなったか?~デジタル・アイデンティティの標準化動向とそのゴール
車輪は丸くなったか?~デジタル・アイデンティティの標準化動向とそのゴールNat Sakimura
 
OAuth SPOP @ IETF 91
OAuth SPOP @ IETF 91OAuth SPOP @ IETF 91
OAuth SPOP @ IETF 91Nat Sakimura
 
Oidc how it solves your problems
Oidc how it solves your problemsOidc how it solves your problems
Oidc how it solves your problemsNat Sakimura
 
Transient client secret extension
Transient client secret extensionTransient client secret extension
Transient client secret extensionNat Sakimura
 
Introduction to OpenID Connect
Introduction to OpenID Connect Introduction to OpenID Connect
Introduction to OpenID Connect Nat Sakimura
 
Nc 30 sakimura-distribution_0604
Nc 30 sakimura-distribution_0604Nc 30 sakimura-distribution_0604
Nc 30 sakimura-distribution_0604Nat Sakimura
 
Smartphone Native Application OP
Smartphone Native Application OPSmartphone Native Application OP
Smartphone Native Application OPNat Sakimura
 
Open idとcyber空間
Open idとcyber空間Open idとcyber空間
Open idとcyber空間Nat Sakimura
 

More from Nat Sakimura (20)

FAPI and beyond - よりよいセキュリティのために
FAPI and beyond - よりよいセキュリティのためにFAPI and beyond - よりよいセキュリティのために
FAPI and beyond - よりよいセキュリティのために
 
170724 JP/UK Open Banking Summit English Translation
170724 JP/UK Open Banking Summit English Translation170724 JP/UK Open Banking Summit English Translation
170724 JP/UK Open Banking Summit English Translation
 
Introduction to 
the FAPI Read & Write OAuth Profile - Jan 2018 Updates
Introduction to 
the FAPI Read & Write OAuth Profile - Jan 2018 UpdatesIntroduction to 
the FAPI Read & Write OAuth Profile - Jan 2018 Updates
Introduction to 
the FAPI Read & Write OAuth Profile - Jan 2018 Updates
 
Introduction to the FAPI Read & Write OAuth Profile
Introduction to the FAPI Read & Write OAuth ProfileIntroduction to the FAPI Read & Write OAuth Profile
Introduction to the FAPI Read & Write OAuth Profile
 
金融 API 時代のセキュリティ: OpenID Financial API (FAPI) WG
金融 API 時代のセキュリティ: OpenID Financial API (FAPI) WG金融 API 時代のセキュリティ: OpenID Financial API (FAPI) WG
金融 API 時代のセキュリティ: OpenID Financial API (FAPI) WG
 
ブロックチェーン〜信頼の源泉の民主化のもたらす変革
ブロックチェーン〜信頼の源泉の民主化のもたらす変革ブロックチェーン〜信頼の源泉の民主化のもたらす変革
ブロックチェーン〜信頼の源泉の民主化のもたらす変革
 
Future Proofing the OAuth 2.0 Authorization Code Grant Protocol by the applic...
Future Proofing the OAuth 2.0 Authorization Code Grant Protocol by the applic...Future Proofing the OAuth 2.0 Authorization Code Grant Protocol by the applic...
Future Proofing the OAuth 2.0 Authorization Code Grant Protocol by the applic...
 
OpenID Foundation FAPI WG: June 2017 Update
OpenID Foundation FAPI WG: June 2017 UpdateOpenID Foundation FAPI WG: June 2017 Update
OpenID Foundation FAPI WG: June 2017 Update
 
API Days 2016 Day 1: OpenID Financial API WG
API Days 2016 Day 1: OpenID Financial API WGAPI Days 2016 Day 1: OpenID Financial API WG
API Days 2016 Day 1: OpenID Financial API WG
 
Financial Grade OAuth & OpenID Connect
Financial Grade OAuth & OpenID ConnectFinancial Grade OAuth & OpenID Connect
Financial Grade OAuth & OpenID Connect
 
OpenID Foundation Foundation Financial API (FAPI) WG
OpenID Foundation Foundation Financial API (FAPI) WGOpenID Foundation Foundation Financial API (FAPI) WG
OpenID Foundation Foundation Financial API (FAPI) WG
 
OpenID Foundation Foundation Financial API (FAPI) WG
OpenID Foundation Foundation Financial API (FAPI) WGOpenID Foundation Foundation Financial API (FAPI) WG
OpenID Foundation Foundation Financial API (FAPI) WG
 
車輪は丸くなったか?~デジタル・アイデンティティの標準化動向とそのゴール
車輪は丸くなったか?~デジタル・アイデンティティの標準化動向とそのゴール車輪は丸くなったか?~デジタル・アイデンティティの標準化動向とそのゴール
車輪は丸くなったか?~デジタル・アイデンティティの標準化動向とそのゴール
 
OAuth SPOP @ IETF 91
OAuth SPOP @ IETF 91OAuth SPOP @ IETF 91
OAuth SPOP @ IETF 91
 
Oidc how it solves your problems
Oidc how it solves your problemsOidc how it solves your problems
Oidc how it solves your problems
 
Transient client secret extension
Transient client secret extensionTransient client secret extension
Transient client secret extension
 
Introduction to OpenID Connect
Introduction to OpenID Connect Introduction to OpenID Connect
Introduction to OpenID Connect
 
Nc 30 sakimura-distribution_0604
Nc 30 sakimura-distribution_0604Nc 30 sakimura-distribution_0604
Nc 30 sakimura-distribution_0604
 
Smartphone Native Application OP
Smartphone Native Application OPSmartphone Native Application OP
Smartphone Native Application OP
 
Open idとcyber空間
Open idとcyber空間Open idとcyber空間
Open idとcyber空間
 

Recently uploaded

Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 

Recently uploaded (20)

Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 

OpenID in the Digital ID Landscape: A Perspective From the Past to the Future