CISO Best Practices for Enterprise Enablement
Facebook X LinkedIn

OpenID SSE, CAEP and RISC - Critical standards that enable Zero-Trust security

Combined Session
Wednesday, May 11, 2022 15:50—16:10
Location: A03-04

Zero-trust security relies heavily on the ability for independently owned and operated services to dynamically adjust users’ account and access parameters. These adjustments are based on related changes at other network services, such as identity providers, device management services or others. A set of standards from the OpenID Foundation enable independent services to provide and obtain such dynamic information in order to better protect organizations that rely on zero-trust network access. These standards are being used today in some of the largest cloud-based services from Microsoft and Google to dynamically adjust users’ account and access properties.

This talk gets into the details of the Shared Signals and Events (SSE) Framework, which is the foundational standard for secure webhooks. We also explain two standards based on the SSE Framework: The Continuous Access Evaluation Profile (CAEP), which provides dynamic session information, and the Risk Information and Account Compromise (RISC) Profile, which provides account compromise information

OpenID SSE, CAEP and RISC - Critical standards that enable Zero-Trust security
Event Recording
OpenID SSE, CAEP and RISC - Critical standards that enable Zero-Trust security
Click here to watch the recording of this session. You'll need to log in to watch it.
OpenID SSE, CAEP and RISC - Critical standards that enable Zero-Trust security
Presentation deck
OpenID SSE, CAEP and RISC - Critical standards that enable Zero-Trust security
Click here to download the slide deck. Please note that downloads are only available for event participants and subscribers. You'll need to log in to download it.
Tim Cappalli
Tim Cappalli
Microsoft
Tim Cappalli is a member of the Identity Standards Team in Microsoft's Identity Division. Tim is currently working on identity coexistence with privacy-related changes in browsers and operating...
Atul Tulshibagwale
Atul Tulshibagwale
SGNL
Atul is a federated identity pioneer and the inventor of the Continuous Access Evaluation Protocol (CAEP), forming the basis of the Shared Signals and Events working group in the OpenID Foundation,...
Subscribe for updates
Please provide your email address