Early-bird Discount
expires in
Register Now

Agenda

Do we need to Internalize Authorization Before we Externalise it?

Do we need to Internalize Authorization Before we Externalise it?

Combined Session
Friday, June 07, 2024 11:30—11:50
Location: B 07-08
Watch the video
Log in to download presentations

Compared to externalising authentication, externalising authorization has proven elusive. Yet a combination of the rise of advanced threat actors, regulation, compliance and pressures for greater business agility is bringing it back in focus. It is tempting to think of externalising authorization as a technology problem. Technology like policy languages, authorization engines and workflow systems is necessary to enable the externalisation of authorization, but it is not sufficient. Externalising authorization requires three foundational building blocks to be in place, namely value for all stakeholders from engineers to customers, supporting business processes and technology. In this session we explore each of these building blocks should be internalised in terms of mapping value for all stakeholders, the process and culture needed to make authorization policies explicit and finally the need to drive authorization infrastructure, from policy language to enforcement engines, into the compute and network fabric to address greenfield and brownfield deployments in order to remove barriers to externalising authorization.

Pieter Kasselman
Identity Standards Architect
Microsoft
Pieter Kasselman is a member of Microsoft's Identity Standards team where he focus on developing standards to address the most important problems in the field of identity. Pieter has over 25 years'...
Almost Ready to Join EIC 2024?
Reach out to our team with any remaining questions
Get in touch