Last Update 10:51 AM September 19, 2021 (UTC)

Company Feeds | Identosphere Blogcatcher

Brought to you by Identity Woman and Infominer.
Support this collaboration on Patreon!

Friday, 15. October 2021

Urbit

Assembly

![](https://storage.googleapis.com/media.urbit.org/site/events/assembly-event-image.png) Assembly 2021 marks a pivotal moment in Urbit: software distribution. Yes, Urbit is ready to be built upon. We’ll spend three days together doing just that. - Learn about building applications on Urbit (it’s easy). - Find out how to work and create on a platform that is fully owned by you. - Meet with the gro
![](https://storage.googleapis.com/media.urbit.org/site/events/assembly-event-image.png) Assembly 2021 marks a pivotal moment in Urbit: software distribution. Yes, Urbit is ready to be built upon. We’ll spend three days together doing just that. - Learn about building applications on Urbit (it’s easy). - Find out how to work and create on a platform that is fully owned by you. - Meet with the growing ecosystem of communities and businesses built on Urbit. If you’re simply into calm computing, well, there will be plenty of that too. You’ll choose between two tracks: - Assembly: Assemble software or work together on projects in small groups - Workshop: A two day workshop taught by Neal Davis, Urbit for Developers

Friday, 24. September 2021

Urbit

Urbit Outside

![](https://secure.meetupstatic.com/photos/event/3/0/5/7/clean_498732375.jpeg) For our second post-Covid Urbit IRL, we're heading to the East Bay! Please join us at Sibley Preserve for a hangout and (optional) hike. We'll meet at the Sibley Staging Area at 3:00PM, and leave for a casual walk to the caldera and labyrinth at 4:00PM. Hiking shoes, snacks, water, and picnic blankets/chairs are enco
![](https://secure.meetupstatic.com/photos/event/3/0/5/7/clean_498732375.jpeg) For our second post-Covid Urbit IRL, we're heading to the East Bay! Please join us at Sibley Preserve for a hangout and (optional) hike. We'll meet at the Sibley Staging Area at 3:00PM, and leave for a casual walk to the caldera and labyrinth at 4:00PM. Hiking shoes, snacks, water, and picnic blankets/chairs are encouraged! There are restrooms and water at the Staging Area. Please join the channel 'Urbit Outside ~[masked]' in ~bitbet-bolbel/urbit-community to get in touch with the gang.

Sunday, 19. September 2021

Europechain

NFTs For The Hospitality Industry – Travel

NFTs have a wide range of use cases in the travel industry which are mostly unexplored. Learn more about the most interesting ones in this article!

Traveling is all about making memories that will last a lifetime (or longer, if you upload those memories to the everlasting internet!). And travel is also about experiencing something and somewhere new. A different country, an alternative cuisine, a way of life full of quirks and cultural traits dissimilar to ours. Seeing the world opens and enriches one’s mind. Collecting travel memories and...

Source

Saturday, 18. September 2021

FindBiometrics

Wearables, Payment Cards, and Selfie Onboarding: This Week’s News Roundup

This week’s roundup of FindBiometrics’ top articles delivers a healthy mix of topics including wearables, payment cards, and selfie onboarding. First, though, is an item that got some attention not […] The post Wearables, Payment Cards, and Selfie Onboarding: This Week’s News Roundup appeared first on FindBiometrics.

This week’s roundup of FindBiometrics’ top articles delivers a healthy mix of topics including wearables, payment cards, and selfie onboarding.

First, though, is an item that got some attention not for its written content, but for a video. FindBiometrics readers now have access to a fireside chat between Editor in Chief Peter Counter and Armin Ebrahimi, Head of Personal Identity at Ping Identity, with the discussion delving into digital onboarding, addressing high risk use cases, and AML and KYC compliance, among other things:

WATCH NOW: The Future of Identity Verification

In the world of biometric wearables, the high-profile startup WHOOP got some attention with a $200 million Series F funding round led by SoftBank Vision Fund 2. The latest VC injection brought WHOOP’s valuation to a whopping $3.6 billion:

Biometric Wearables Specialist WHOOP Reaches $3.6B Valuation After Latest Funding Round

As for biometric payment cards, Zwipe recently made news with its announcement of a partnership with an undisclosed Tier-1 bank. Based somewhere in Europe, the client is planning a three-country pilot of fingerprint-scanning cards featuring Zwipe’s technology:

Zwipe Prepares for Biometric Card Pilot With Tier 1 Bank

This week also brought the latest and perhaps one of the most high-profile illustrations of the growing popularity of selfie-based biometric onboarding. NASA has contracted IDEMIA to deliver a ‘Remote Identity Proofing’ solution that lets its collaborators verify their identities using a mobile device:

NASA Turns to IDEMIA for Remote Onboarding

Equifax, meanwhile, has launched a selfie onboarding solution of its own. The company’s Digital Identity Suite is aimed at verifying the identities of home rental applicants for property managers, again demonstrating the popularity of onboarding solutions that combine document and facial recognition for identity verification:

Equifax Delves Into Selfie Onboarding for Rental Applications

*

Stay tuned to FindBiometrics for the latest news from the exciting world of biometrics. You can also visit our sibling site Mobile ID World to read the latest about digital identity.

September 18, 2021 – by Alex Perala

The post Wearables, Payment Cards, and Selfie Onboarding: This Week’s News Roundup appeared first on FindBiometrics.

Friday, 17. September 2021

FindBiometrics

New Zebra Tablets Support Windows Hello Biometric Authentication

Zebra Technologies has released a new line of rugged tablets and 2-in-1 devices to improve the working experience for people in the field. The ET8x series is built atop a […] The post New Zebra Tablets Support Windows Hello Biometric Authentication appeared first on FindBiometrics.

Zebra Technologies has released a new line of rugged tablets and 2-in-1 devices to improve the working experience for people in the field. The ET8x series is built atop a Windows 12 foundation, and leverages the 11th Generation of Intel processors.

The actual ET80 and ET85 devices both come with a 12-inch screen, a 13MP rear camera, and a front-facing camera that supports the Windows Hello facial authentication system. They are also available with a slew of optional upgrades, including a barcode scanner, a fingerprint sensor, and a rugged keyboard. The latter can be attached with a friction hinge that essentially turns the tablet into a functional laptop, thereby giving employees access to a more complete workstation while they are away from the office.

In addition to those hardware features, the devices are the first Zebra tablets with Wi-Fi 6E and 5G capabilities, which ensures strong connectivity from any location. The tablets similarly can be used with the citizens broadband radio service (CBRS), and weigh in at less than 2.9 pounds.

According to Zebra, the ET8x series is well suited to manufacturing, public safety, and government work. Potential applications include remote inspections, patient care, personnel management, and routing and dispatch, with Zebra noting that the devices are certified for use with the public safety network for emergency first responders. The devices also come with Zebra’s Mobility DNA and PowerPrecision Plus software to streamline employee workflows, and an optional Push to Talk feature to further improve communications.

“The innovative ET8x series provide businesses across multiple industries with the devices they need to improve productivity, speed and reliability across all areas of their operations,” said Zebra Enterprise Mobile Computing VP Julie Johnson.

Zebra has previously reported that public safety organizations are prioritizing the mobile experience as they proceed with their digital transformations. The company’s barcode scanners have previously been featured in the BioPad tablet from SIASA.

(Originally posted on Mobile ID World)

The post New Zebra Tablets Support Windows Hello Biometric Authentication appeared first on FindBiometrics.


Rank One Shows Significant Accuracy Gains in Latest FRVT Test

Rank One Computing (ROC) is boasting about the improved accuracy of its latest facial recognition algorithm. In that regard, the company noted that the algorithm has already been vetted by […] The post Rank One Shows Significant Accuracy Gains in Latest FRVT Test appeared first on FindBiometrics.

Rank One Computing (ROC) is boasting about the improved accuracy of its latest facial recognition algorithm. In that regard, the company noted that the algorithm has already been vetted by an independent source, posting a dramatic 30-40 percent accuracy gain in the most recent iteration of the NIST’s FRVT Ongoing test.

In absolute terms, ROC’s algorithm had a 99.21 percent overall accuracy rate in situations in which the False Match Rate is set at 1 in 1,000,000. The algorithm also scored well in several other categories that measure performance and efficiency. Most notably, ROC was in the 95th percentile for template size and comparison speed, which is to say that the algorithm was able to achieve a high level of accuracy while using smaller (and more efficient) face templates.

According to ROC, its biometric templates are 20 times smaller than those generated with algorithms of a comparable quality. Rank One was one of the more consistent facial recognition vendors, and reached the 80th percentile in seven of the eight benchmarking metrics that the NIST uses to evaluate accuracy and template generation. ROC noted that the NIST tested the algorithms using a diverse dataset with images of people from all over the world.

While the company is celebrating its current performance, Rank One indicated that it will not rest on its laurels moving forward. The company has already announced that it will release a new version of its facial recognition SDK in early 2022. The new version of the algorithm is expected to be even more accurate than its predecessor.

Rank One’s algorithm has scored well in template generation and comparison speed in prior FRVT tests. The company patented its liveness detection technology in early 2021, and it has since teamed up with the SIA to launch an industry campaign to create an ethical code of conduct for facial recognition developers.

September 17, 2021 – by Eric Weiss

The post Rank One Shows Significant Accuracy Gains in Latest FRVT Test appeared first on FindBiometrics.


Apple Emphasizes Biometric Fitness Tracking in New Smart Watch

Apple has officially unveiled the next generation of Apple Watches. The Apple Watch Series 7 will debut later this fall, and will be available in 41 and 45mm form factors. […] The post Apple Emphasizes Biometric Fitness Tracking in New Smart Watch appeared first on FindBiometrics.

Apple has officially unveiled the next generation of Apple Watches. The Apple Watch Series 7 will debut later this fall, and will be available in 41 and 45mm form factors.

Regardless of the size, Apple highlighted the redesigned watch face as one of the key selling points of the device. The tech giant has thinned the borders of the watch to deliver a screen that is 20 percent larger without significantly altering the overall dimensions of the watch itself. That bigger screen improves readability and makes many watch features easier to use, including the new QWERTY keyboard that supports QuickPath swipe word entry.

The new Always-On Retina display, meanwhile, is 50 percent thicker than the display on the Series 6, which makes it more durable and more resistant to cracking. The Series 7 matches its predecessor with a WR50 water resistance rating, and surpasses it as the first Apple Watch with IP6X certification for dust resistance.

The Watch also comes with a slew of built-in biometric sensors, including an electrical heart sensor and a blood oxygen sensor, the latter of which was first introduced with the Series 6. Both sensors are paired with a matching app, and can be used with Apple’s various fitness and wellness apps to track physical performance. In that regard, the watchOS 8 introduces a new Mindfulness app, in addition to new types of workouts and improvements for existing ones.

The new offerings cover Tai Chi and Pilates, as well as an Apple Fitness+ app built specifically for the Apple Watch platform. Fitness+ debuts on September 27, and offers guided meditation and SharePlay Group Workouts that allow 32 people to work out together in the same session.

As for the existing features, watchOS 8 will improve the quality of the data gathered during bike rides, on runs, and during regular workouts (such as HIIT routines). The platform tracks GPS position and heart rate, accelerometer, and gyroscope readings to gauge when someone is moving (rather than sitting at a stop light), and it will prompt people to start a workout if they start moving before they initiate a session. The platform will also announce workout milestones and track calorie burn.

The Apple Watch Series 7 will also bring basic updates for the Messages and Photos apps, and further integrate the Wallet and Home apps with smart cars, smart buildings, and other IoT devices. Finally, older users will benefit from an improved fall detection algorithm.

(Originally posted on Mobile ID World)

The post Apple Emphasizes Biometric Fitness Tracking in New Smart Watch appeared first on FindBiometrics.


IBM Blockchain

Why open source isn’t free: Support as a best practice

The use of open source code is on the rise. Red Hat’s 2021 Enterprise Open Source Report found that 90% of companies use open source code and 79% of IT leaders expect their business use of open source to increase. Also on the rise, unfortunately, is malware and ransomware up 158% in 2020 according to […] The post Why open source isn’t free: Support as a best practice appeared first on Blockchain

The use of open source code is on the rise. Red Hat’s 2021 Enterprise Open Source Report found that 90% of companies use open source code and 79% of IT leaders expect their business use of open source to increase. Also on the rise, unfortunately, is malware and ransomware up 158% in 2020 according to […]

The post Why open source isn’t free: Support as a best practice appeared first on Blockchain Pulse: IBM Blockchain Blog.


FindBiometrics

Biometric Art Exhibit Responds to People’s Heartbeats

The city of Toronto will soon play host to an innovative new art exhibit that responds to the heartbeat of each individual guest. Dubbed PULSE TOPOLOGY, the exhibit is the […] The post Biometric Art Exhibit Responds to People’s Heartbeats appeared first on FindBiometrics.

The city of Toronto will soon play host to an innovative new art exhibit that responds to the heartbeat of each individual guest. Dubbed PULSE TOPOLOGY, the exhibit is the work of Mexican-Canadian artist Rafael Lozano-Hemmer, and is being put on in collaboration with the Bentway and Exhibition Place.

PULSE TOPOLOGY sounds relatively straightforward in terms of setup. The exhibit will be made up of roughly 3,000 lights that have been suspected from the ceiling of an old storage cubicle. Those lights will resemble a series of inverted mountains, with speakers scattered throughout the landscape to add an auditory component to the experience.

What makes the installation especially unique is its use of touchless biometric technology. PULSE TOPOLOGY will use contactless sensors to monitor a guest’s heartbeat as they walk through the exhibit, and the lights and sounds will change in real time based on the results. Since everyone’s heartbeat is unique, everyone’s experience of PULSE TOPOLOGY will be unique as well.

“PULSE TOPOLOGY offers a visualization of human vital signs after a time of social-distancing and mourning,” said Lozano-Hemmer. “The piece consists of a labyrinth of lights and speakers reacting to the pulse of participants, creating a connective, immersive experience from individual biometrics, reminding us that we are not alone. The work is a memento mori, celebrating our fleeting existence.”

Of course, Lozano-Hemmer is not the first person to use biometrics for artistic purposes. NEC displayed an exhibit that converted iris scans into visual patterns at SXSW in 2019, while Connected Future Labs has suggested that people can use the data from its open source EmotiBit wearable to create interactive works of art.

The space being used for PULSE TOPOLOGY was closed to the public prior to the exhibit, and is located underneath Toronto’s Gardiner Expressway. The exhibit itself will run from October 2 to October 31, with tickets available on a pay-what-you-can basis (with a $5 recommendation).

Source: BlogTO

September 17, 2021 – by Eric Weiss

The post Biometric Art Exhibit Responds to People’s Heartbeats appeared first on FindBiometrics.


FindBiometrics Unveils Agenda for Enterprise Biometrics Online Summit

The Enterprise Biometrics Online Summit is right around the corner, and FindBiometrics has now released an agenda for the event detailing a day packed with informative and insightful presentations and […] The post FindBiometrics Unveils Agenda for Enterprise Biometrics Online Summit appeared first on FindBiometrics.
Register now!

The Enterprise Biometrics Online Summit is right around the corner, and FindBiometrics has now released an agenda for the event detailing a day packed with informative and insightful presentations and discussions.

The event, slated for September 22, will start off at 11:00 a.m. ET with opening remarks from FindBiometrics Editor in Chief Peter Counter, followed by a keynote from Jeremy Grant, the Coordinator of the Better Identity Alliance. That will be followed by a keynote presentation from an SVP from one of the biggest names in face biometrics – FaceTec’s Jay Meier.

Around noon will be the event’s first big panel discussion, and it’s going to tackle one of the most important issues facing virtually all industries in the COVID-19 age. “Reopening With Biometrics: Security and Access During a Pandemic” will feature Group337 CEO Lee Odess and ZKTeco CEO Manish Dalal.

Next up will be what is surely one of the most highly anticipated presentations of the day. Acuity Market Intelligence’s Principal Analyst, Maxine Most, galvanized the audience at the FindBiometrics Identity Summit in June with her keynote address, “Harnessing the Tornado”; at the Enterprise Biometrics Online Summit, Most will deliver Part 2 of her exploration of the whirlwind of activity in biometric tech.

That will be followed by insights from another expert observer from outside of the industry itself: the National Institute of Standards and Technology’s Naomi Lefkovitz. From her position as the Senior Privacy Policy Advisor of NIST’s Information Technology Lab, Lefkovitz will speak with a FindBiometrics editor about privacy frameworks in the workplace.

The afternoon will also see commentary from Frost and Sullivan Security Industry Analyst Danielle VanZandt, who will discuss the practicalities of retiring password-based security in the workplace; and Lee Odess will return to discuss the major biometric trends in the security industry. But not before presentations from AnyVision and Thales, a fireside chat with IDEMIA’s Senior Director of Digital Identity for North America Tarvinder Sembhi, a ChannelPro session on access control and the IoT, and a stroll through the Summit’s virtual Expo Hall.

Finally, the day will conclude with a discussion on reusable identity credentials featuring representatives from two of the most important companies active in the digital authentication space: Onfido Director of Alliances & Partnerships Ed Ackerman, and Microsoft Principal Program Manager Ankur Patel.

Clearly, the Enterprise Biometrics Online Summit will deliver a wealth of insight into how biometric technology can be used – and is being used – to transform all kinds of organizations for the better. Registration for the event is still open and free of charge, so be sure to sign up today to give your organization a leg up in the ongoing digital transformation of business.

Platinum Sponsors: Gold Sponsors:

Silver Sponsors:

The post FindBiometrics Unveils Agenda for Enterprise Biometrics Online Summit appeared first on FindBiometrics.


Report Suggests Onfido Customers Enjoy 261 Percent Return on Their Investment

Onfido has released the results of a Total Economic Impact study that quantifies the financial benefits of its identity verification and authentication technology. The commissioned study was carried out by […] The post Report Suggests Onfido Customers Enjoy 261 Percent Return on Their Investment appeared first on FindBiometrics.

Onfido has released the results of a Total Economic Impact study that quantifies the financial benefits of its identity verification and authentication technology. The commissioned study was carried out by Forrester Consulting, and shows that companies that deploy an Onfido solution can expect to see as much as a 261 percent return on their investment (ROI).

That figure corresponds to $9.86 million in net present value for an organization’s first six months with Onfido. Those numbers are based on the potential gains for a hypothetical composite organization, though that organization was based on Forrester’s interviews with five current Onfido clients. The real clients represent more than 60 million human customers, while the composite organization is a bank with $240 million in yearly revenue and 12 million individual customers with an average of $2,000 in their accounts.

Beyond the obvious financial gains, the Impact study also showed that the use of Onfido’s face and document recognition tech enabled a better user experience for their customers. The amount of time spent on onboarding went down 30 percent, and fewer onboarding sessions needed to be referred to a manual agent. As a result, agents were able to process the cases they did receive more quickly. The number of people onboarded went up five percent (with fewer abandonments), while the amount of fraud detected increased 20 percent.

“We found that when Onfido said the ID card is okay and the same person is in the live video, we never saw a case where it turned out to be fraudulent. No false positives,” said one of the banking project managers interviewed for the study. “So now we feel quite comfortable relying on Onfido’s judgement.”

According to Forrester, identity theft and account takeover fraud has steadily increased over the past two years. The Impact study positions Onfido as an effective solution that can catch and repel fraudulent actors during the onboarding process.

In the meantime, Onfido has enjoyed record growth during the COVID-19 pandemic. The company provides biometric onboarding services for multiple financial institutions, including One, TDI Bank, and Volkswagen Financial Services.

September 17, 2021 – by Eric Weiss

The post Report Suggests Onfido Customers Enjoy 261 Percent Return on Their Investment appeared first on FindBiometrics.


‘Kids Do What They’re Taught’: How to Get the Next Generation Off of Passwords

At this point, the consensus is clear. Passwords are a vulnerable and outdated security measure, and data will be safer once organizations and individuals progress to stronger forms of authentication. […] The post ‘Kids Do What They’re Taught’: How to Get the Next Generation Off of Passwords appeared first on FindBiometrics.

At this point, the consensus is clear. Passwords are a vulnerable and outdated security measure, and data will be safer once organizations and individuals progress to stronger forms of authentication. The problem is that it’s difficult to move people away from what they know. Tech insiders may be familiar with more effective technologies like biometrics and security keys, but many members of the general public cannot even conceive of a security framework predicated on something other than a secret string of letters and numbers.

That’s why the a recent study from the NIST was so concerning. The study looked at the password habits of young children, and revealed that children exhibit many of the same bad behaviors as their parents. People of any generation tend to reuse passwords, and share those passwords with their friends. In that regard, the study suggests that passwords are inherently flawed, at least to the extent that they incline people towards poor security practices.

The real issue is that the study shows that those practices are being perpetuated. Despite all of the attempts to raise awareness about other security technologies, passwords are still the primary security measure for another generation. The longer that goes on, the more that behavior becomes entrenched, which further delays the rise of passwordless authentication.

So how do you combat that problem? And what implications does the NIST study have for those working to get rid of passwords?

Teachers First

According to FIDO Alliance Executive Director and CMO Andrew Shikiar, the NIST’s findings do not necessarily change the task currently facing privacy and security advocates. He thinks the next generation will be fine because it’s easy to teach kids new tricks.

“People can have behavioral change. I’m less worried about kids than I am about adults because kids are very malleable, for better or for worse,” Shikiar said. 

“Kids do what they’re taught. They don’t always do what they’re told, but they do what they’re taught, and they’re being taught by teachers who have been using passwords for all their lives.”

The problem, then, isn’t that kids are learning bad habits (though that’s obviously less than ideal), but that teachers are still passing on the same assumptions that they learned when they were younger. After all, most of us were raised with passwords, and recognize them as the thing that stands between our secrets and potential cybercriminals.

The upshot is that if you want to reach kids, you first need change the minds of the parents and teachers that have been entrusted with their care. Fix that problem, and the next generation will sort itself out in time.

“The education market isn’t always the most nimble, but there’s a good opportunity to not only practice better authentication habits today, but in doing so, to educate tomorrow’s users, the next generation, on practicing better login hygiene,” Shikiar said.

Market Change

Of course, getting older people to unlearn their habits is easier said than done. Thankfully, Shikiar believes that it is possible to achieve that cultural shift with the proper messaging.

“At the end of the day, not entering a password is easier than entering a password, but people aren’t accustomed to that,” he said. You just need to find a way to convince people that the technology is safe in order to get them on board.

“How do you get people to choose to enroll a biometric?” Shikiar asked. “What’s the right terminology? What’s the right iconography? What does the user journey have to look like to get someone to enroll, and then utilize, a biometric authenticator versus a password?”

The fact that passwordless authenticators are so easy to use is ultimately what makes them easy to teach. In FIDO’s own research, people are initially reluctant to use biometrics. However, Shikiar indicated that the vast majority (97 percent) are eager to use the technology once they understand what is happening, and how it works. The market has also borne that out, most notably with the debut of Touch ID.

“Apple has proven that it’s possible to consumerize better security and better logins,” Shikiar explained. “When Touch ID first came out, people are like, why would I need to do that? I can just use my PIN code to unlock my phone. But all of a sudden people liked Touch ID. The mass consumerization of biometric technology on handsets, and the widespread acceptance of that as a preferred means to unlock, tells me that it’s not a huge leap to get people to go understand what I do to unlock is now what I do to log in. That’s a small leap.”

The challenge now is to build on that success. Passwordless technologies like security keys and biometric authentication are already sophisticated enough to deploy at scale. That means that public perception is the only thing slowing adoption rates. Companies like Samsung and Google followed in Apple’s footsteps with fingerprint sensors and facial authentication in modern smartphones, and a similar push could create a similar shift with other sectors and devices.

Ask for Permission

While changing adult minds can lay the groundwork for cultural change, it is not necessarily sufficient when it comes to protecting children. There are unique legal considerations when dealing with minors that aren’t there when dealing with consenting adults, especially when it comes to the collection of biometric data. After all, how can you use biometrics to verify a kid’s identity if that kid cannot give you permission to use that data in the first place?

To an extent, educators can sidestep the problem with technologies like security keys. Those kinds of device-based solutions may not be good for young children who are apt to lose them, but they can be effective for older students. For example, teachers could hand out security keys at the high school and university level, and the students could use those keys (instead of passwords) to log into shared computers, or to log into remote learning tools.

However, Shikiar believes that there is still a role for biometrics at any age. He drew a distinction between remote and local authentication systems, and argued that the latter can enable the safe use of biometric data for kids since it does not involve any data collection.

“I’d be fine with my kids using biometrics on a Chromebook as long as it was stored locally on that device,” said Shikiar, who has a 9-year-old and a 10-year-old of his own. “If they want to use biometrics, they should use the technology that’s built into devices that kids are using [to access educational materials]. Use local authenticators to let kids log in.”

As it relates to kids, local technologies minimize the legal exposure for tech developers because there is no database for hackers to break into, and the company cannot access or exploit the data for commercial purposes. The actual biometric data (whether it be a fingerprint, a faceprint, or some other modality) stays on the device, and remains in the possession of the individual who registered it. That also means that businesses do not need to ask for consent (even for minors), since they are not asking to see, store, or use any sensitive information.

For Shikiar, that makes it the only viable biometric authentication option for minor citizens. One of the main drawbacks of passwords is that they are stored in a centralized location, and server-side biometrics only recreates that problem.

“Even a strong password can be manipulated out of your hands. It can be stolen off a server,” Shikiar concluded. “Until we get rid of these server-side credentials, we won’t be able to break the cycle of credential theft, credential stuffing, and data breaches.”

*

Whatever the case, the simple fact of the matter is that the current generation of children is being raised online. They are gaining access to online services from a young age both at school and at home, and that means that their caretakers need to make sure that those outlets are as secure as they would be for an adult. The NIST survey demonstrates that parents and educators have not yet accepted that responsibility, and that needs to change if the tech industry wants to cultivate a truly passwordless society. 

(Originally posted on Mobile ID World)

The post ‘Kids Do What They’re Taught’: How to Get the Next Generation Off of Passwords appeared first on FindBiometrics.


Ontology

The Rise of An Identity-Native Web 3.0 World

Ontology’s Chief of Ecosystem Partnerships Presents At The European Identity and Cloud Conference This week, Gloria Wu, our Chief of Ecosystem Partnerships, gave a presentation at the European Identity and Cloud Conference on ‘The Rise of An Identity-Native Web 3.0’. Hosted in Germany, the conference brought together leading experts from within the technology and security sectors to discuss some
Ontology’s Chief of Ecosystem Partnerships Presents At The European Identity and Cloud Conference

This week, Gloria Wu, our Chief of Ecosystem Partnerships, gave a presentation at the European Identity and Cloud Conference on ‘The Rise of An Identity-Native Web 3.0’. Hosted in Germany, the conference brought together leading experts from within the technology and security sectors to discuss some of the latest developments, successes, and issues in the identity and cloud spaces over the last year. Joining virtually, Gloria provided some fascinating insights into the formation of identity in the incoming world of Web 3.0, as well as commentating on how native citizens of Web 3.0 are forging their own identities and reputations. If you missed the event, don’t worry! We have put together a recap blog below, including some of the key points.

The evolution of human identification and reputation has had many stages. Before modernity, people’s identity was closely related to their reputation and standing within a social group. In the industrial age, this moved on to see people’s identities become influenced by their credentials on paper, therefore becoming closely linked to things outside of themselves in the form of physical verifications about their jobs, houses, tax numbers, nationalities, and much more. The first iteration of the internet allowed users to move away from paper verification and extend their identity into the digital sphere. By gaining easier access to information, their identity was changed by the ability to connect, albeit rather basically, with digital resources and virtual networks.

In Web 2.0, this was taken a step further — people began to engage more actively on the internet through comment features on websites, chatrooms and social media platforms. Our digital identities grew through increased data exchange, as we created digital footprints of our online selves. Data processing and collection became a highly lucrative resource for companies, with little to no regulation of data harvesting and its uses. The Cambridge Analytica scandal laid bare the dangers of this insatiable data economy which inadvertently gave big tech giants control of millions of users’ information. Indeed, it highlighted the complete lack of privacy and oversight that people have online.

There are a host of problems associated with identity and reputation in Web 2.0, not least the fact that people have little control over data ownership. On nearly all websites, sensitive data is required for identity verification and reputation is ultimately locked in client servers. Companies use non-transparent algorithms to collect data, leaving people unaware of how companies are using the information they share. The network effect, a phenomenon whereby a product or service gains additional value as more people use it, has led to the rise of the data economy. Companies are incentivized to collect as much information as possible about the people using their services which, of course, leads to privacy and security concerns as centralized systems no longer possess the power to keep user data safe. The fact that data pools in Web 2.0 are also highly fragmented further exacerbates the potential for issues, as there are many separate areas on the web where sensitive information can be breached, edited, or lost.

Web 3.0, the internet’s third iteration has begun in earnest, and now users can take back control of their digital identities by using more distributed, interoperable, and self sovereign applications. As we move into the next stage, it is essential that we revamp identity and reputation management using Distributed Ledger Technology. Decentralized identity applications built on blockchain, such as Ontology’s ONT ID, can help users defend their data and privacy. Through these applications, the data owner is able to authorize access to their data. To combat the lack of a standard process to support proper valuation and trading of data, peer-to-peer, cross-platform data marketplaces can be used. Open API ensures compatibility with applications on any infrastructure and reputation ratings can also help to establish trust between peers.

In the real world, reputation directly influences social capital, authority, status, eligibility and access to opportunities. In the digital world, reputation manifests into profiles, hierarchies, tags, and scores that determine the privileges that are granted to users. Digital reputation scores can be created through the collation of all relevant data related to an individual. These scores can be linked to an individual’s digital identity and stored on-chain, allowing any entity within the digital ecosystem to verify information and assess that individual’s creditworthiness or reputation score. Web 3.0 would stand to benefit greatly from such protocols, which would help to verify an individual’s eligibility to enter and participate in a system in a transparent way.

Web 3.0 is starting to see the emergence of ‘massive user data’. Within an on-chain context, such data takes the form of transaction data, smart contracts, digital assets and ownership history, and much more. Off chain, it looks like in-app data from games or other apps, reviews and ratings from different platforms, user profile information from social networks, financial data, and KYC, amongst others. Web 3.0 native data, i.e. data that has maximum consistency and a minimal amount of additional components, is starting to come into play, which is helping to inform a new kind of identity and reputation. This is applicable in many different scenarios in Web 3.0. For example, when a user seeks entry to a decentralized autonomous organization (DAO), they may be required to provide different types of personal data, such as proof of ownership of digital assets or social media verification to prove you are not a bot. This allows individuals to contribute to DAOs, where they can influence decision-making processes. Creditworthiness, which is used in decentralized finance to collateralized assets, also requires native data in order for users to avail of a DAO’s service provisions.

The question of whether it is better to have one reputation score for everything or multiple reputation scores for different contexts is a topic for debate. The benefits of reputation scores that can use on-chain data to reveal contributions to a certain project in the form of participation in bounty programs, development of product plug-ins, submitted proposals and governance votes are an exciting space to be explored.

Ontology enables a decentralized network environment that solves key issues of identity security and data integrity. Data sharing and productive collaboration is maximized by assuring that users can trust one another. Ontology helps to facilitate self-sovereign identity and privacy protection, data diversity, algorithmic versatility, and configurable reporting. The groundswell of momentum surrounding this area is evident in the Ontology community where we have reached over 1.5 million ONT ID users, with a diverse community spanning 30+ languages, over 190 partners, and 707 nodes in total. We are excited to be at the forefront of a new revolution for identity in Web 3.0 and are honoured that so many companies and individuals are putting their faith in our solutions to guide them into this exciting new era.

Learn more about our decentralized data and identity solutions on our website and official Twitter account. You can also chat with us on Telegram and keep up-to-date with the latest news via our Telegram Announcement account.

Other Resources

LinkedIn / Medium / Facebook / Reddit / DiscordYouTube

The Rise of An Identity-Native Web 3.0 World was originally published in OntologyNetwork on Medium, where people are continuing the conversation by highlighting and responding to this story.


Tokeny Solutions

Tokeny’s Talent|Cyrille’s Story

The post Tokeny’s Talent|Cyrille’s Story appeared first on Tokeny Solutions.
Cyrille De Ciancio is DevOps Engineer at Tokeny Solutions.  Who are you?

My name is Cyrille De Ciancio, I’m 33 years old and I live in France near the Luxembourgish border. I started my professional career in Luxembourg as a system engineer in an international bank. After seven years working in Luxembourg, I’ve decided to move to Asia.

I first landed in Hong Kong where I worked for 3 years, then with my family, we decided to move to Bangkok in Thailand where we stayed for a year and a half.

My professional path allowed me to meet and learn how to work with people from all around the world, and it brought me valuable soft skills which are (to me) even more important than the technical ones.

How did you land at Tokeny Solutions?

I was in Thailand when I decided to move back to Europe and look for a job. During my research, I saw a DevOps open position on Tokeny’s website and I’ve applied. From the first interview, I had a very good feeling about Tokeny, the team, its culture and its ambitions.

We moved forward with other interviews and a few weeks later I joined the company.

How would you describe working at Tokeny Solutions?

Working at Tokeny brings me all the components I need to be professionally beaming: trust, autonomy, listening… On top of that, there are so many technical challenges which need to be tackled, together with an impressively skilled tech team, the motivation is always at a high level.

What are you most passionate about in life?

Besides new technologies, traveling and discovering new countries, different people and cultures have always been very important to me, I love it. I really like getting deep into the countryside of places I’m visiting.

I also love cooking but honestly I still need more practise 🙂

What is your ultimate dream?

My dream is quite simple: I wish a long, happy and healthy life for my family and everyone else I share my life with.

What would you change in the world if you could?

I would love to live in a world where frontiers do not matter much. A world where we would teach kids how to become happy before teaching them how to become rich.

He prefers: check

Coffee

Tea

check

Movie

Book

Work from the office

check

Work from home

Cats

check

Dogs

check

Text

Call

check

Burger

Salad

check

Ocean

Mountains

Wine

check

Beer

check

Countryside

City

check

Slack

Emails

check

Casual

Formal

check

Crypto

Fiat

Morning

check

Night

More Stories  Tokeny's Talent 19 Feb at 8:43 Tokeny’s Talent|Eva’s Story Tokeny's Talent 23 Apr at 10:10 Tokeny’s Talent|Joachim’s Story Tokeny's Talent 19 Mar at 10:28 Tokeny’s Talent|Xavi’s Story Tokeny's Talent 25 Jun at 8:25 Tokeny’s Talent|Mario’s Story Tokeny's Talent 28 May at 8:44 Tokeny’s Talent|Barbora’s Story Tokeny's Talent 17 Sep at 12:14 Tokeny’s Talent|Cyrille’s Story Tokeny's Talent 16 Jul at 13:10 Tokeny’s Talent|Luis’s Story Tokeny's Talent 19 Aug at 16:50 Tokeny’s Talent|José’s Story Tokeny's Talent 20 Nov 2020 Tokeny’s Talent|Shurong’s Story Tokeny's Talent 15 Jan at 10:42 Tokeny’s Talent|Nida’s Story Join Tokeny Solutions Family We are looking for talents to join us, you can find the opening positions by clicking the button. Available Positions

The post Tokeny’s Talent|Cyrille’s Story appeared first on Tokeny Solutions.


Holochain

Dev Camp 8 Starts In Two Weeks

Holochain Dev Pulse 103

The Holochain development team is moving to regular weekly releases of the Holochain conductor, HDK, and supporting libraries. These regular releases will bring incremental improvements in stability, performance, and developer ergonomics. This comes at the right time, because Dev Camp 8 is starting on September 28th – less than two weeks! Yes, it’s finally here!

This week’s release, Holochain v0.0.106, is a small one in terms of developer-facing features, bringing a new admin API endpoint for hApp uninstallation and the first iteration of a ‘web hApp bundle’ format. Along with some low-level features… just small ones, like, you know… sharding (!!!)

[ EDIT 17 Sept: The changelog has one correction; relaxed chain top ordering isn't available yet. ]

Dev Camp 8: huge turnout, exciting curriculum

Yes, the community-led Dev Camp 8 is finally about to happen. We’ve all been astounded by the response — the organisers have received over 1500 applications from all over the world. That’s seven times more than last Dev Camp! This is a nice problem to have, but it has meant that the organisers have had to figure out how to deal with so many more participants. So they’ve taken the past couple months to strategise with the developer community and Holo organisation to make sure it’s a success for all.

It also adds some new features, which aren’t required for Dev Camp but are required for a couple of tools that will be used in Dev Camp. These tools are Launcher, an end-user hApp runner, and create, the beginning of a new RAD scaffolding tool. In order to support Launcher, the conductor admin API now has an `UninstallApp` endpoint and there’s a new web hApp bundle format.

To me, Launcher, create, and web hApp bundling feel like big news. They aren’t ready for prime time yet, though, so I’ll share more about them later.

Still time to register for Dev Camp!

Yes, that’s right. Even with the huge number of applications, and even though it starts in only 12 days, you can still join the Dev Camp. It’s free, the curriculum sounds really fun, and it’s got a great crew of leaders, facilitators, teachers, and mentors. It’ll last six weeks (with a break in the middle), with weekly live sessions for Europe time zones and support sessions for Asia-Pacific and the Americas. There’ll also be a Discord server where you can talk with participants and support folks any time you like.

I’ll write more about the Dev Camp next week, but in the meantime — go and sign up!

Holochain v0.0.106 release notes Sharding has landed (sort of)

The sharding code is all written, integrated, and ready to be turned on with a configuration setting. When it’s disabled, a Holochain conductor operates as it always has — in ‘full-sync’ mode, with every node storing a copy of every piece of data. This is how Holochain will be deployed on HoloPorts until we can test sharding further.

If you want to experiment with sharding, here’s how to turn it on in the conductor config:

network: # … transport config excluded … tuning_params: gossip_dynamic_arcs: true

And if you’re feeling extra adventurous, there are other gossip tuning params you can play with too.

Web hApp bundles

There already is a hApp bundle format, which bundles up all the DNAs necessary for the Holochain side of a full hApp. You can use the hc app command, which takes a hApp manifest file and produces a bundle with the extension .happ.

This new web hApp bundle and manifest format (link to source code; documentation hasn’t been published yet) adds the ability to include a zip file full of web UI assets, along with the rest of the hApp, in a bundle with the extension .webhapp. This will be used as a common format for both Holo hosting and the Launcher.

Full changelog [ EDIT: This feature is included, but a merge issue caused it to be inactive. It'll be reactivated in next week's release. ] Relaxed chain top ordering (#939 and #941): If you’ve been getting HeadMoved errors when making lots of zome calls from your UI, this new feature could be helpful. Rather than having to call that function again if another function has beaten it, it allows you to specify that its batch of writes can be ‘rebased’ on the new chain top. This is an option for any entry logic that doesn’t require strict source chain ordering. WebAppManifest and hc web-app (#973): This is the beginning of a bundle format for hApps that contain both a DNA bundle and a web-based UI. This format will be used by both the upcoming Launcher and the Holo Hosting App. UninstallApp (#969): This admin API endpoint had already been stubbed out; now it’s functional. It allows hApp managers like the Launcher to completely remove a hApp. Sharding compiled in (#943): No longer hidden behind a feature flag, sharding can now be turned on with the conductor configuration parameter network.tuning_params.gossip_dynamic_arcs. Documentation Drive follow-up: new goodies for new devs

A couple months ago, community dev Connor Turland instigated a Documentation Drive. (And I’m so grateful to him.) Here are three exciting things that came out of that work.

Updated Application Architecture

Of all the Core Concepts, the one I was least satisfied with was Application Architecture. I felt like it didn’t do a great job of explaining how hApps are put together and run, and Connor agreed. So he rewrote it, I massaged it and added new pictures, and now you can read the updated version. If the Holochain stack never made sense to you before, it probably will now! (Also, it doesn’t talk about donuts anymore. 🍩 Hopefully this more straightforward description of agent-centricity is easier to understand.)

hApp development tutorials

There are two getting-started tutorials that show you, in actual code, how to create a hApp. happ-client-call-tutorial, written by Connor and Jost Schulte, shows you how to connect a UI to a hApp (in both TypeScript and Rust). Connor also wrote happ-build-tutorial, a companion that walks you through the basics of structuring, writing, compiling, and running a hApp.

Holochain community wiki

A community knowledge repository has been sorely needed for a while. Previously, devs have had to comb through forum posts, Open Dev blog posts, GitHub readmes, and Dev Pulses to find good quality information. Now there’s a place to put the best of it! The community wiki already has a number of great guides and howtos, and there’s always room for more contributions. It’s not technically an official resource, but the folks writing articles in there are so skilled that it’s probably more useful than the official dev portal right now 😊

Holochain In Action videos

Holochain In Action is a community of developers actively building on and learning about Holochain. I’ve mentioned them before, and invited you to join the community, but I realised that their weekly session recordings really ought to be shared.

So let’s start with the most recent one, session 17. It showcases the Elemental Chess hApp and dives into the code, explaining how it implements player profiles and game invitations. If you’re working on a hApp with a social component, especially a game hApp, this would be a good one to watch.

Wow! That feels like plenty for this week. I have a feeling there will be an equal amount really soon — the developer ecosystem is growing faster than I can keep up with it!

Cover photo by Leon Contreras on Unsplash


Credify

Vietnam’s IT Resources: Credify’s Director of Engineering Shuichi Nagao

Interview Credify’s Director of Engineering Shuichi Nagao Vietnam has been an attractive place for... The post Vietnam’s IT Resources: Credify’s Director of Engineering Shuichi Nagao appeared first on Credify.
Interview Credify’s Director of Engineering Shuichi Nagao

Vietnam has been an attractive place for innovation and international investment, especially in the technology industry. In this article, we would like to discuss with Shuichi Nagao, Credify’s co-founder and Director of Engineering, what businesses should know about Vietnam’s Information Technology (IT) resources, especially before entering the market.

Before founding Credify, Shuichi had been working as a Fullstack Engineer in the FinTech space, such as payment and blockchain (Ethereum). Since 2019, he has been running Credify mainly in Vietnam. From his diverse experiences, Shuichi can share his knowledge on Vietnam’s IT industry, and how businesses can leverage these resources.

Can you tell us about yourself and your journey from a full-stack developer to co-founder of Credify?

I’m Shu, a co-founder, and Director of Engineering. I learned machine learning at the University of Tokyo and in the last year of my university I joined a start-up company that two of my classmates founded, as software engineers. Through working with real products whose page views were like millions per day, I learned web development and iOS development. Eventually, this company was acquired by a big Japanese company for a decent amount of money, which was stunning to me. You know, the two of my classmates became millionaires! More importantly, you could impact/change people’s lives!

I have around 50 classmates, and at least 10 people out of 50, as far as I know, are entrepreneurs or very early-stage members of start-up companies. So I was interested in running my own business at some point, however, back in 2017, I decided to work as a software engineer in a FinTech company because I wanted to deep dive into complex software development to understand how systems work well before doing something for myself.

When I attended a tech conference on Ethereum in Tokyo, I met Makoto Tominaga and got along with him. At that time, I was interested in a different environment to challenge myself and impressed with Makoto’s vision and his experience and we started to work together in time. 

As the co-founder of Credify, why did you choose Vietnam as the primary market?

Frankly speaking, I didn’t see Vietnam as the first market at the very beginning. Makoto and I came to Vietnam for software development at first, as we got a partner outsourcing company in Saigon. As we had been developing the MVP in Vietnam, we saw opportunities in the Vietnamese market (regulation in Vietnam, particularly around personal information, is not as well established as that in Japan, the economy is growing rapidly, etc.) and then we started to focus on the Vietnamese market. And also, the pandemic prevented us from moving to another country.

What do you think are the similarities of emerging markets in SouthEast Asia, and particularly Vietnam, regarding their IT resources?

The number of outsourcing companies is outstanding compared to developed countries. Due to the low cost compared with the developed countries, the emerging economies tend to have many outsourcing businesses, particularly in software development. In the outsourcing IT companies, you would work on different projects with quite limited periods of time (like every quarter) and you would need to strictly follow the requirements provided by clients or business analysts (I didn’t know of this position – Business Analyst – until I had come to Vietnam).

That engineers in the SEA speak English was impressive. I’m from Japan and find a lot of Japanese engineers with very good engineering skills without English speaking skills (writing & reading are mostly fine). I think there is kind of correlations between technical skills and English skills particularly in SEA because they need to use English to learn new technologies, while Japanese, Korean, and Chinese have more information in their mother tongue.

What are the strengths and weaknesses of Vietnam’s emerging IT sector?

Vietnam has a significantly growing economy and more and more demands of hiring from IT companies, therefore from a macroeconomic perspective, the Vietnamese talents will keep becoming stronger. Besides, the competitiveness of Vietnamese engineers is strong compared to other countries in SEA with the solid government’s support for STEM education, so leader-class engineers in Vietnam will get good opportunities to work globally.

As a weakness, I would say the mindset. In nature that Vietnam has quite a number of outsourcing software companies, the product-driven mindset is not easy to cultivate. If you are assigned a new product every quarter, it will be difficult to love your product. I believe that great products and services will be created by a team that is passionate about their own products and services. That being said, there are more and more new growing IT startup companies in Vietnam nowadays, which I think will change this situation as engineers can have more opportunities to work for those growing product companies.

What are the most on-demand IT services, positions & skills? How can Vietnam develop to meet that demand?

Engineering Manager and Tech Lead are very competitive. If you were to launch a new office in the IT sector in Vietnam (maybe a new company, maybe a subsidiary in Vietnam as a foreign company), you would need a software engineer who can build a product and a team. It goes without saying that this person should have both strong technical skills and management skills, but how can people develop these skills? I find Vietnamese engineers tend to follow the orders and try to complete them as much as possible by the due date (of course, not everybody), however, it is significantly important to understand (and make clear) the business requirements and figure out what exactly to do as a dev team by themselves without those orders. Having this self-starter mindset and ownership will be key.

What strategy should Vietnamese business use to best leverage this human resource, especially the increasing number of new freshers graduating from university?

Two things in my opinion; mentorship and branding. Working with top talent will be incredibly important particularly for juniors and freshers to set a role model. In my experience early days as a software engineer, I did pair programming with a great performer sometimes and I often asked senior engineers many questions like how to write testable code and how to design architecture. With regards to branding, good engineers bring more good engineers but finding the first ones is tough. Building a good reputation as to what the tech team does and making output by way of publishing tech blogs or open-source will be effective.

Finally, what are the qualities/values that Credify looks for in a potential employee developer?

I do value passion and mindset to grow our products together. Technical skills are important, but I like people who are passionate about what they do and I want to work with those people. I am sure that Credify can provide people with challenging and exciting opportunities.

About Shuichi Nagao

Shuichi is a graduate of the University of Tokyo and started working for Candle Inc. as a software engineer during the last year of the university. The company was acquired by a Japanese company in 2016. After this M&A, Shuichi had a transition to a FinTech startup company, AnyPay Inc. in 2017. where he contributed to both mobile development and API development. Shuichi co-founded Credify in 2019 and is now our Director of Engineering.

———————-

#TalkwithCredify’sLeaders is a series of 4 discussion articles in which our leaders will share their opinions and experiences on a compelling topic of their expertise.

The post Vietnam’s IT Resources: Credify’s Director of Engineering Shuichi Nagao appeared first on Credify.


Ontology

Everything You Need To Know About Ontology EVM Contract Development

Part 4: Web3 API and Ontology Bridge In the last section, we demonstrated the Ontology EVM contract development process. In this section, we introduce a series of Web3 API references, and explain how to use the Ontology Bridge. 5. Web3 API Reference Due to the differences in the structure and storage structure of Ethereum and Ontology transactions, Ontology currently only supports the
Part 4: Web3 API and Ontology Bridge

In the last section, we demonstrated the Ontology EVM contract development process. In this section, we introduce a series of Web3 API references, and explain how to use the Ontology Bridge.

5. Web3 API Reference

Due to the differences in the structure and storage structure of Ethereum and Ontology transactions, Ontology currently only supports the following RPC interfaces. For specific usage, click here.

6 Use of Ontology Bridge 6.1 Ontology Bridge TestNet

Users can log into https://bridge.ont.io/testnet to try Ontology Bridge. Currently, Ontology Bridge supports the TestNet.

A step-by-step guide is provided below:

1) Open the Ontology Bridge test network link and click Connect Wallet in the upper right corner.

Click Cyano and MetaMask respectively to connect a wallet. Once connected, you should see your wallet address displayed.

2) Select the asset to be exchanged and the type of asset to convert to.

An OEP-4 token being exchanged for an ORC-20 token is displayed below:

Click the Swap button and the following confirmation box will pop up. Click OK to complete the exchange of OEP-4 to ERC-20. If the exchange is successful, a successful exchange prompt box will pop up.

An ORC-20 token being exchanged for an OEP-4 token is displayed below:

This requires the Approve operation first. After the Approve is successful, the process is the same as the OEP-4 token exchange for the ORC-20 token described above

6.2 Exchange of ONG between Ethereum account address and Ontology account address

ONG can exist in both the Ontology account address (address starting with A) and the Ethereum account address (address starting with 0x). The function of this is to facilitate developers to transfer ONG in different account addresses to each other.

Proceed as follows:

Open the TestNet and connect to the wallet Click the ONG Transfer button as shown in the figure below

The following two pictures show ONG transfers between different types of addresses. Of course, transfers between the same types are also possible.

This concludes our “Everything You Need To Know About Ontology EVM Contract Development” series: Part 1, Part 2, Part 3 and Part 4.

Don’t forget that the Ontology EVM-compatible public beta has been opened to developers around the world, and the “Security Vulnerability and Threat Intelligence Bounty Program” in cooperation with SlowMist Technology is also in progress. The reward for reporting a single vulnerability is up to $12,000!

Learn more about our decentralized data and identity solutions on our website and official Twitter account. You can also chat with us on Telegram and keep up-to-date with the latest news via our Telegram Announcement account.

Other Resources

LinkedIn / Medium / Facebook / Reddit / DiscordYouTube

Everything You Need To Know About Ontology EVM Contract Development was originally published in OntologyNetwork on Medium, where people are continuing the conversation by highlighting and responding to this story.

Thursday, 16. September 2021

Finicity

Fintech Times: Leveraging AI to Simplify Digital Verification

Nick Baguley, VP of Data Science at Finicity, writes in the Fintech Times about how artificial intelligence (AI) and machine learning (ML) has the ability to make lending and verification processes easier and more efficient. Most importantly he talks about what’s already happening today and where it’s headed. Read the entire article here. The post Fintech Times: Leveraging AI to Simplify Digital

Nick Baguley, VP of Data Science at Finicity, writes in the Fintech Times about how artificial intelligence (AI) and machine learning (ML) has the ability to make lending and verification processes easier and more efficient. Most importantly he talks about what’s already happening today and where it’s headed.

Read the entire article here.

The post Fintech Times: Leveraging AI to Simplify Digital Verification appeared first on Finicity.


51 Nodes

Exploring IOTA 2.0 Smart Contracts in a Private Network: Developing a Prediction Market

Abstract — Smart contracts are being introduced to IOTA, which has proposed an interesting take on distributed ledgers by proposing the Tangle. The Tangle promises to provide a more scalable transaction infrastructure with lower fees, potentially overcoming limitations of Ethereum and other blochain-based ledgers. Due to the current alpha state of IOTA smart contracts, the official documentation l

Abstract — Smart contracts are being introduced to IOTA, which has proposed an interesting take on distributed ledgers by proposing the Tangle. The Tangle promises to provide a more scalable transaction infrastructure with lower fees, potentially overcoming limitations of Ethereum and other blochain-based ledgers. Due to the current alpha state of IOTA smart contracts, the official documentation lags and it is a bit of challenge to get a working setup. To help interested developers and the IOTA community to more quickly try out smart contracts, this article describes how to set up a private IOTA network with the latest state of the software and demonstrates a workable prediction market smart contract developed in Rust.

Introduction

Smart contracts are codified contracts using rules and algorithms that can automatically trigger and incur electronic transactions of cryptocurrencies like Ether. The expected economic impact of smart contracts is very large as they allow for improving the efficiency of many existing business models and they also allow for completely new business models. For instance payouts of insurance contracts can be automated using smart contracts or autonomous cars could also pay tolls and parking fees automatically.

While smart contracts are already well known amendments from blockchain approaches like Ethereum, these approaches suffer from shortcomings like low throughput, and high transaction costs. For these reasons, the IOTA foundation had set out to first propose a new and more scalable transaction system based on the so called “Tangle”. Secondly, IOTA version 2.0 is currently under development, and it includes an approach to smart contracts. Smart contracts under IOTA 2.0 are promised to be built on an infrastructure that both scales well, and incurs low transaction costs.

Before the background of a promising new approach for smart contracts, I started to explore how to set up a private IOTA network for development and how to develop and deploy a smart contract on it. As the IOTA developer documentation is lagging it was quite a challenge to get a working solution. Thus, the main contributions of this article are, (1) a proper description how to set up the network and how to enable smart contracts, and (2) a fully working demonstration smart contract, which implements a simple prediction market in which multiple network participants can predict and bet on a certain outcome of an event.

The outline of this article is, I give (1) an overview of IOTA and the network’s smart contract integration, (2) a description of how to set up an environment for developing and testing IOTA smart contracts, (3) an implementation of a simple prediction market as a smart contract, (4) some notes and insights on IOTA and smart contracts, and (5) a conclusion.

The IOTA Network and Smart Contracts

IOTA is about a new kind of public and permissionless distributed ledger for exchanging value and data. The IOTA network has been designed to overcome the main bottlenecks of Blockchain-based distributed ledgers. Due to the organization of transactions (of value) in a chain, there is just one end to append new ones, which makes it slow. Thus, in contrast to the Blockchain-based approaches the distributed ledger of IOTA is organized in a different way. The Blockchain, which is central to Bitcoin or Ethereum for instance, is replaced by the Tangle. The Tangle connects transactions via edges in a directed (and acyclical) graph (see next figure). In contrast to the Blockchain, there are multiple nodes (representing transactions) on which new edges to new nodes, i.e., transactions, can be appended.

The Tangle data structure of IOTA’s distributed ledger. Green: validated transactions, White: not yet validated, Grey: new transactions. Source (2021–09–10)

Beside the data structure, there are further key differences to classic Blockchain-based approaches. The consent mechanism requires no miners because all users help in validating transactions. Therefore, transactions can be essentially conducted with zero fees. The current IOTA network still requires a central coordinator, defining trusted transaction milestones, which other transactions need to reference to be also trusted. To achieve true decentralization, the planned update to IOTA 2.0 should overcome this limitation.

The key properties and key promises of IOTA are of being

highly scalable by a new data structure allowing for parallel transactions requiring few resources and being suitable for devices and sensors having zero-fee transactions running fast transactions finally approving messages within seconds providing a distributed network, which is robust against attacks

These properties would enable a layer of trust and a very scalable and efficient messaging system for the “machine economy” with a very large amount of devices connected to the Internet. The current version of IOTA on the Mainnet is 1.5, which went live in April 2021. Version 1.5 is seen as an intermediate step in maturing the IOTA technology and proving its usability and practical value. This would form the basis for smart contracts that use the messaging capabilities of the IOTA network. Smart contracts are supposed to be introduced in version 2.0 the latest and might be even backported to 1.5. At the time of writing, smart contracts are subject to development.

IOTA network layers. Source (2021–09–10)

The design for IOTA 2.0 foresees different layers (see figure above) that separate the general underlying messaging, transacting, and validating infrastructure from the application layer, which comprises also smart contracts, which would then use layer 1 capabilities to realize their features. A main reason for separating smart contracts into another layer is to not compromise the messaging functionality. Smart contracts run on Wasp nodes on layer 2 in connection with Goshimmer on layer 1, responsible for conducting transactions and messaging (see next figure).

GoShimmer for messaging and Wasp nodes for smart contracts in an IOTA 2.0 network. Source (2021–09–10)

Due to the separation of Wasp and Goshimmer, they need a technical capability to connect and interact with each other. Therefore, Goshimmer nodes contain a “txstream” plugin, which needs to be activated for connecting Wasp nodes. Smart contracts are developed in the Rust programming language. Rust is known to generate very performant and memory efficient executables while preventing the developer from many classes of errors by a helpful compiler and a well-designed language. To test smart contracts and run unit tests against smart contract functionality, the “solo” environment written in Go can be used.

Setup

The described setup defines a private IOTA 2.0 network you can run on your laptop. The network hosts a layer 1 Goshimmer node for messaging and a layer 2 Wasp node for running smart contracts. On this basis, the next chapter shows how to develop and deploy a smart contract to this network.

Environment

I used Ubuntu 20.04 LTS with latest updates and upgrades and

installed git installed rust 1.53.0 for developing native IOTA smart contracts by
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh installed wasm-pack 0.10.0 for compiling smart contracts into “WebAssembly” binaries by
curl https://rustwasm.github.io/wasm-pack/installer/init.sh -sSf | sh

Installed dependencies for rocksdb required by Goshimmer as its underlying database engine:

sudo apt-get install libgflags-dev sudo apt-get install libsnappy-dev sudo apt-get install zlib1g-dev sudo apt-get install libbz2-dev sudo apt-get install liblz4-dev sudo apt-get install libzstd-dev

Cloned and built Goshimmer 0.7.5 from the develop branch (in the version of 2021–08–16) according the following description:

git clone -b develop https://github.com/iotaledger/goshimmer.git git checkout tags/v0.7.5 cd goshimmer go build -tags rocksdb

Prepared Goshimmer for transaction handling
Save the config.json file to your Goshimmer directory to

enable the txstream plugin, which allows Goshimmer to communicate with Wasp nodes disable the portcheck plugin

To check whether Goshimmer synchronizes its time and whether messaging works, open up the dashboard on your local machine by http://127.0.0.1:8081/dashboard. It needs to display

TangleTime Synced: Yes Message: DBVBaNbSEsq8D1SuNd7ULLeSPTXLwQBwfW1agWKnFX23 (as an example) — that is, the message must not read 1111111111111111111111111 .. (containing only ones)

Before running Goshimmer, delete the message database of previous (erroneous) attempts ( if any) by rm -rf mainnetdb in the mainnetdb subdirectory of Goshimmer. The database will be automatically generated again with a fresh start of Goshimmer.

Also in case tangle time does not synchronize (see the dashboard on your local machine by http://127.0.0.1:8081/dashboard or the Goshimmer log: “can’t issue payload: tangle not synced”), shutdown Goshimmer, delete the message database, and restart Goshimmer.

Run Goshimmer in its directory as follows — after having created the ./assets/snapshotTest.bin file as described subsequently:

./goshimmer --autopeering.seed=base58:8q491c3YWjbPwLmF2WD95YmCgh61j2kenCKHfGfByoWi --node.enablePlugins=bootstrap,prometheus,spammer,"webapi tools endpoint",activity,snapshot,txstream --messageLayer.startSynced=true --autopeering.entryNodes= --node.disablePlugins=clock --messageLayer.snapshot.file=./assets/snapshotTest.bin --messageLayer.snapshot.genesisNode= --metrics.manaResearch=false --mana.enableResearchVectors=false --mana.snapshotResetTime=true --statement.writeStatement=true --statement.writeManaThreshold=1.0 --config=./config.json

Create a cli wallet

The cli wallet can send IOTA funds to a Wasp wallet, where it is used to deploy smart contracts. We generate an initial transaction with funds for our cli wallet.

Install the cli-wallet in a new directory

wget https://github.com/iotaledger/goshimmer/releases/tag/v0.7.5 download cli-wallet-0.7.5_Linux_x86_64.tar.gz tar -xf cli-wallet-0.7.5_Linux_x86_64.tar.gz

Set reuse_addresses=true in the config.json of cli-wallet:

To create a new wallet run ./cli-wallet init , returning

IOTA 2.0 DevNet CLI-Wallet 0.2 GENERATING NEW WALLET … [DONE] ================================================================ !!! PLEASE CREATE A BACKUP OF YOUR SEED !!! !!! !!! !!! E7owJWtDBGSUAZUWQkn1kHG5zUy2PLQf6eEr3RoMCJs7 !!! !!! !!! !!! PLEASE CREATE A BACKUP OF YOUR SEED !!! ================================================================ CREATING WALLET STATE FILE (wallet.dat) … [DONE]

Note your SEED for allocating funds to this wallet.

We generate a custom genesis snapshot, with the transaction that allocates the funds.

Go to the Goshimmer installation directory and then to the following subdirectory ./tools/genesis-snapshot

Paste the seed of the previously generated cli wallet to the following command

go run main.go --token-amount 3500000 --seed E7owJWtDBGSUAZUWQkn1kHG5zUy2PLQf6eEr3RoMCJs7 --snapshot-file snapshotTest.bin

Now,

go to your Goshimmer directory and inside of it run mkdir assets cp ./tools/genesis-snapshot/snapshotTest.bin ./assets/snapshotTest.bin to provide the generated snapshotTest.bin file to Goshimmer. Setting up a Wasp node for smart contracts

I installed Wasp from the master branch in the state of 2021–08–03.

git clone https://github.com/iotaledger/wasp.git check out a workable state of the code from the repository. I used this commit. go build -tags rocksdb go build -tags rocksdb ./tools/wasp-cli

We need to transfer funds to the Wasp wallet by creating the wallet in the first place by ./wasp-cli init

We need to get the address of the wallet by ./wasp-cli balance , returning something like

Address index 0 Address: 1Ah4cqMPdrDGx6Htapk7NZUxxcYHsP1C3oAugEYHVmACj

To send funds to this wallet, paste your address into this command and run it in the cli-wallet’s directory:

./cli-wallet send-funds -amount 40000 -dest-addr 1Ah4cqMPdrDGx6Htapk7NZUxxcYHsP1C3oAugEYHVmACj

Now, ./wasp-cli balance returns a balance of 40,000 IOTA.

Finally, configure wasp-cli to be able to connect to the local Goshimmer node and to form a committee of one local Wasp node by saving the wasp-cli.json file to the directory of your wasp-cli.

Deploying a chain

Smart contracts are deployed on a chain, which needs to be deployed first:

./wasp-cli chain deploy --committee=0 --quorum=1 --chain=predmarketchain --description="Prediction Market"

where

committee=0 specifies to use one Wasp node only, which handles smart contracts. quorum=1 says one Wasp node is enough here — for development and testing

Now we have to provide funds to the chain by

./wasp-cli chain deposit IOTA:1000 --chain=predmarketchain ,

reducing the wasp wallet’s balance by 1,000 IOTA.

A Prediction Market Smart Contract

The private IOTA network is now used to develop and deploy a smart contract. I report the design and implementation of a simple prediction market in Rust, how to build and deploy it, and finally how to use it.

Design

A classic example of realizing a smart contract is given by a prediction market. A prediction market is a virtual electronic market allowing to predict outcomes of future events by placing a monetary bet on a certain outcome. Such events could be sports events, political events, future prices of stocks, or other events with uncertain future outcomes. For instance, the outcome of a political election could be subject to predictions on a prediction market. A simple binary question to be answered by prediction market participants could be “Will candidate/team A win?” — with possible outcomes being “yes” or “no”.

Our design of a prediction market for demonstration purposes is simple. We omit a book maker and a pricing mechanism. Formally, we do not pose a question with predefined possible outcomes. Instead, market participants can bet basically on any outcome of an event with an arbitrary amount of tokens until the time for predictions is over. Afterwards, the winning outcome is determined and winning bets placed on the correct outcome receive back their share on the overall amount of tokens placed in bets. Assume, in total 700 tokens were bet on “no” and 300 tokens in total were bet on “yes”, and “yes” is the actual outcome. A single bet on “yes” with 100 tokens receives (100/300)*(700+300) = 333 tokens, making a win of 233 tokens.

Realizing this design as a smart contract in the IOTA network allows to deploy one contract per question to be answered. The account deploying the contract is in control and has to specify the time until when bets can be placed on outcomes. The actual question to be answered has to be communicated in third party channels. Any network participant can then look up the contract and call a function to place a bet on an outcome by sending some IOTA from their wallet. Finally, after the time for predictions and bets has passed, the deploying account has to call a function to close the prediction market and to provide the actual outcome of the event and correct answer to the question. This triggers the evaluation of all bets with regard to the correct answer. Accounts with the correct answer receive the winning amount of IOTAs in a transaction.

Note that in a real world and more production-like scenario, one might consider using an oracle to provide the outcome of an event. Oracles can stream off-chain data (about events) into the Tangle, so smart contracts can use this data in their evaluations.

Implementation

Smart contracts for the IOTA network can be implemented in Rust and then compiled to a WebAssembly file.

Our demonstration smart contract implemented in Rust can be viewed and cloned from this repository. The smart contract first exposes three functions for (1) initializing a prediction market, (2) placing a bet on an outcome, and (3) closing the prediction market for determining winners. When the contract is loaded, the mentioned functions’ implementations are made publicly available under the first string’s name, e.g., “initmarket”.

The first function should be called by the account deploying the contract for initialization. Optionally, the function can set an end time for betting using the parameter BETENDUTC, which is a date-and-time string in ISO format, assuming time in UTC. In case the parameter is omitted, bets can be placed at any time until the closemarket function is called (see below).

The second function allows to place a bet on a certain outcome value of an event, provided as parameter BETVALUE, e.g. “yes”. The amount to bet is the amount of IOTA sent with the function call. Bets must be placed in time before the betenddatetime has passed, which was set on initialization of the market. To save incoming bets for future evaluation to determine winners, I use two structs, defined in the beginning. That is, I define a hash map, mapping a betting account’s id to a Bet struct, which defines the amount of tokens and the outcome value of the bet. These custom structs are used instead of the built-in map offered by the context object of the function because only a proper hash map allows iterating over all keys and elements stored. As custom objects are not accommodated by the state stored in the context of the function, we need to jsonify it to produce a string, which can then be stored in the state.

The third function closes the prediction market and is to be called by the contract owner. Calls by other accounts will fail. The function can only be run after the specified end time has passed for predictions, and the function to close the market can be called successfully only once. The function requires a BETVALUE parameter, specifying the winning outcome, e.g., “yes”. The function runs through the stored bets, determines winning bets and the amount of IOTA coins they receive, and sends the IOTA to the wallets of the winners.

Build

To build the smart contract, one can pull the accompanying repository on github with the following structure:

* Cargo.toml
* src/lib.rs
* pkg/
* target/

The full Rust code of the smart contract is contained in a file called lib.rs. The structure and the naming of files follows standard conventions for Rust. To define dependencies of the smart contract code, the Cargo.toml file reads as follows:

The most important dependency is wasmlib, which is the IOTA’s smart contract library, allowing to produce smart contracts as compiled WebAssembly files. Furthermore, serde is used for serializing custom state objects to json strings for storage in the smart contract’s state. chrono brings some date and time related functionality required to control the end of a prediction market.

To build the smart contract, run wasm-pack build in the directory where Cargo.toml resides. The other directories like pkg and target are created automatically in the build process. The compiled WebAssembly file is located in the pkg directory and named predictionmarket_bg.wasm.

Preparation

We proceed by deploying our simple smart contract compiled as a WebAssembly wasm file.

Note: please adapt the path to the wasm file if required.

./wasp-cli chain deploy-contract wasmtime predictionmarket "Prediction Market SC" ./prediction-market-smart-contract/pkg/predictionmarket_bg.wasm --chain=predmarketchain --upload-quorum=1 -d --address-index=0

outputing:

uploaded blob to chain -- hash: 6wVabTkRUUGrQzEj8s4yuPC8dfaHGLsoHLXsqvveSw4hPosted on-ledger transaction BChQcWEmMptqRM1z4C9ZffTQXPebg1MMiEYENuAnV7KV containing 1 request:
- Request 4RkBSF6BAHgfamyJnXFy4r1YoVU9wvZ9b6uvXUjt2VWAfF5
Waiting for tx requests to be processed...
Posted off-ledger request 2JdtBzxjP4Bc6Tj2SnZPSctoYDHxuCAvPWJwn6ufMShJ6Lw

Now, functions can be called on the contract. First, the same wasp-cli that deployed the contract needs to call the initmarket function. There are two possibilities:

a) do not specify a specific an end date for the prediction market to simplify testing and development by this call ./wasp-cli chain post-request predictionmarket initmarket --chain=predmarketchain

b) specify a specific end date and time for the prediction market. The iso format is used and UTC is assumed. In this way, all bets must be placed before this time and the market can be only closed after this time. Run ./wasp-cli chain post-request predictionmarket initmarket string BETENDUTC string "2021-09-08 23:00" --chain=predmarketchain

Before placing a bet, we check the wallet’s balance with ./wasp-cli balance

returning

Address index 0
Address: 1BAgmaSN1RYk5rbbxMK21CZo8t2zQ3EFeMwDPnMhQdQbs
Balance:
IOTA: 28653
------
Total: 28653

For the deployed prediction market, we assume two possible outcomes “yes” and “no” on which bets can be submitted. To place a bet with 10 IOTA on “no”, we run

./wasp-cli chain post-request predictionmarket bet string BETVALUE string no --chain=predmarketchain -t IOTA:10

and afterwards, by ./wasp-cli balance we see the wallet's balance reduced by 10 IOTA.

Address index 0
Address: 1BAgmaSN1RYk5rbbxMK21CZo8t2zQ3EFeMwDPnMhQdQbs
Balance:
IOTA: 28643
------
Total: 28643

We now introduce and prepare the setup for four more participants to the prediction market. Each participant requires another wasp wallet. Thus, we create four new subdirectories waspwallet2, waspwallet3, waspwallet4, waspwallet5 and copy wasp-cli and wasp-cli.json to those directories by repeating with regard to these directories

The last command initializes a new wallet.

In case the contract’s code is changed, it needs to be re-deployed using the first and main wasp-cli. You also need to re-deploy the chain on which the contract is deployed first. Due to the redeployment of the contract, the copied versions of wasp-cli.json (in waspwallet2 to waspwallet5 directories) miss the new address of the deployed predmarketchain chain. In this case, we need to get it back in there to be able to run bets on the same prediction market from another account. Either you noted the address of the chain when it was created, such as

activating chain nZBwoJi5q7KGk8D2cgm16PWrdM6aL2qTdCY27HHjZgrK.. OK.

or you perform a cat wasp-cli.json in the directory of your first wasp wallet, giving you some information like this (among other information):

{
"chains": {
"predmarketchain": "nZBwoJi5q7KGk8D2cgm16PWrdM6aL2qTdCY27HHjZgrK",
},

Now you need to provide this address of the predmarketchain to the new wasp wallets’ configuration files. To do this, you can run the following command for the new wallets in the respective directories (e.g. in waspwallet2 through waspwallet5 in our example).

./wasp-cli set chains.predmarketchain nZBwoJi5q7KGk8D2cgm16PWrdM6aL2qTdCY27HHjZgrK

Please adapt the chain’s actual address nZBwoJi5q7KGk8D2cgm16PWrdM6aL2qTdCY27HHjZgrK to yours.

Finally, all four new wasp wallets need to be funded. First, find out their address by running (for each new waspwallet subdirectory)

waspwallet2/wasp-cli address

Then, provide the funds using cli-wallet (in the directory where it resides on your computer) by running

./cli-wallet send-funds -amount 40000 -dest-addr 1Ah4cqMPdrDGx6Htapk7NZUxxcYHsP1C3oAugEYHVmACj

and replacing the address 1Ah4cqMPdrDGx6Htapk7NZUxxcYHsP1C3oAugEYHVmACj with the actual address found by running ./wasp-cli balance before in the respective subdirectories (of waspwallet2 to waspwallet5).

Simulation of a Prediction Market

Now we are ready to place bets in the deployed contract’s prediction market on behalf of these four new participants. So, in the respective subdirectories we run say

cd waspwallet2 ./wasp-cli chain post-request predictionmarket bet string BETVALUE string yes --chain=predmarketchain -t IOTA:100 cd ../waspwallet3 ./wasp-cli chain post-request predictionmarket bet string BETVALUE string no --chain=predmarketchain -t IOTA:50 cd ../waspwallet4 ./wasp-cli chain post-request predictionmarket bet string BETVALUE string yes --chain=predmarketchain -t IOTA:200 cd ../waspwallet5 ./wasp-cli chain post-request predictionmarket bet string BETVALUE string yes --chain=predmarketchain -t IOTA:500

Finally the contract owner (with the first wallet) can close the prediction market by running in the directory of the first wallet

./wasp-cli chain post-request predictionmarket closemarket string BETVALUE string no --chain=predmarketchain

In this example, the actual outcome is specified to be “no”. When running this command from a different wasp wallet’s directory, we obtain a log output on the Wasp node

You are not authorised to close the prediction market - only contract creator is allowed to close the market.

When successfully closing the prediction market, the Wasp node’s log outputs

CLOSEMARKET is executed:
the winning value is: "no"
total amount of bets placed on "no" is 60 IOTA
total amount of bets placed on "yes" is 800 IOTA
total amount of bets over all values: 860 IOTA
1FbCCHv9if3xbnRg3wJ7SY1kBFSdhNFR6Ax6haw6PhYDL placed a bet on "no", which is a WIN
bet amount: 10 IOTA; won amount: 143 IOTA; of total amount placed a bet on 860; where total amount per winning value: 60
transferring won amount of IOTA to: 1FbCCHv9if3xbnRg3wJ7SY1kBFSdhNFR6Ax6haw6PhYDL
1FZtVTCi2GDuQ1oMGZqpT38akLpcMiMv6a8MVKNJYYdsr placed a bet on "yes", which is not a win
1F81pGLKLhPb5ANFSGWQ7UPMSnPdahNZaZkgrcyaFXvpu placed a bet on "no", which is a WIN
bet amount: 50 IOTA; won amount: 716 IOTA; of total amount placed a bet on 860; where total amount per winning value: 60
transferring won amount of IOTA to: 1F81pGLKLhPb5ANFSGWQ7UPMSnPdahNZaZkgrcyaFXvpu
17jdFbAhWwF79fBEia6A8AYMTmMYncipaFhDTjsqUbMfp placed a bet on "yes", which is not a win
1BAgmaSN1RYk5rbbxMK21CZo8t2zQ3EFeMwDPnMhQdQbs placed a bet on "yes", which is not a win
consensus/action.go:338 postTransaction: POSTED TRANSACTION: 4Aw6PzQGkk6MFzPVAXZkz8RGiPocYxuxhA9o7qgeDN7h, number of inputs: 2, outputs: 3
EVENT: state was synced to block index #11, approving output: [0]4Aw6PzQGkk6MFzPVAXZkz8RGiPocYxuxhA9o7qgeDN7h
STATE TRANSITION TO #11. requests: 1, chain output: [0]4Aw6PzQGkk6MFzPVAXZkz8RGiPocYxuxhA9o7qgeDN7h

Revisiting the bets, we had placed the following ones:

Bets number 1 and 3 were on “no” and the bet was on the actual outcome “no”. So the total amount of IOTA was 860, the bets on “no” were only 60 IOTA in total. The share of bet number 1 is 10/60 and share of bet number 2 is 50/60. So, wasp wallet 1 receives 1/6 of 860 IOTA, i.e, 143 IOTA. And wasp wallet 3 receives 5/6 of 860 IOTA, i.e, 716 IOTA. Note that when transferring funds, a minimum transaction of fee of 1 IOTA is deducted from the amount to be transferred.

Note that running the closemarket function of the smart contract a second time leads to an error message in the Wasp node’s log:

the prediction market was already closed Limitations

There are some limitations of the presented prediction market

Only one contract per chain can be deployed because the bets are not stored per contract identification in the chain’s state All bets are stored on-chain, so they are public Each account (given by a wasp wallet) can place only one bet per deployed prediction market contract The actual question asked by the prediction market and the possible outcomes have to be conveyed informally Bets are against other market participants — there is no market maker Insights

Along the way of producing this article and experimenting with IOTA smart contracts, many small insights were gained. With the hope that these insights will be helpful, I share them in the following.

Transaction Time

Running transactions in the described setup on a laptop can take several seconds when waiting for the wasp-cli commands to finish. However, they can be run asynchronously when using the wasp-cli, i.e., commands can return immediately after issuing a command. Of course, transactions can run in parallel. When running scripted wasp-cli requests, one has to take care not to create too much load on the Wasp node because otherwise requests will fail with “time out”-errors. To evaluate transaction times in a production setup on the Devnet or Mainnet, further investigations are required.

Transaction Fees

In principle fees for transactions and deployments are configurable. However, there are some minimum fees that apply such as for deploying a chain (100 IOTA), deploying a smart contract, and posting state changing requests to a smart contract (1 IOTA). With default minimum fees in mind, transaction costs in the IOTA network should be very low compared to transaction fees in the Ethereum network. Note that chain owners could also increase transaction fees.

Production Readiness

On a first shot, nothing really worked when trying to set up a private IOTA network based on public documentation. That is, one has to find workable versions of the software, find a proper configuration and parameters, and find working ways for funding wallets and deploying contracts. The IOTA 2.0 software is under development and special notice has to be taken on which versions to run and which version of the different pieces (Wasp, GoShimmer, cli) to combine. The documentation in IOTA’s repositories is lagging behind the development process. However, the IOTA community is very helpful and can be reached on Discord. So, getting the network up and running depended digging into material on the github repositories, third party information (e.g., on youtube), own experiments, and asking questions on IOTA’s discord server. Once the IOTA private network and the smart contract are up and running, you are ready for testing and experiments. Further steps taken by IOTA to bring the smart contract implementation and IOTA 2.0 to production readiness can be looked up in their roadmap.

Developing Smart Contracts

Using Rust as a language for developing smart contracts might help producing error-free and stable smart contracts because Rust is well-known for its strict and sophisticated compiler which together with the strong typing and the language design eliminates whole classes of errors common in other languages. Also, the compiler provides helpful error messages. Therefore, using Rust can provide some advantages over the Solidity language, which is usually used for developing Ethereum smart contracts. However, Rust might be unfamiliar for smart contract developers being used to Solidity.

Conclusion

This article discussed smart contracts as a new and upcoming feature in IOTA 2.0. Because IOTA has a different approach to conduct and store transactions in a more parallel way with fewer resources than Ethereum, a higher scalability and lower fees are promises that come with this approach. Our experimental setup of a private IOTA network and simple prediction market IOTA smart contract shows that it is already possible to use IOTA smart contracts for development and testing. As the process of setting up the IOTA network and running smart contracts was a bit challenging, I believe this article and example code can provide useful input and support for other developers and the community interested in IOTA smart contracts.

51nodes GmbH based in Stuttgart is a provider of crypto economy solutions. 51nodes supports companies and other organizations in realizing their Blockchain projects. 51nodes offers technical consulting and implementation with a focus on smart contracts, decentralized apps (DApps), integration of blockchain with industry applications, and tokenization of assets.

Thanks to Majd Turfa and Jan-Paul Buchwald for their help in the course of developing this article, experiments, and the setup.

Exploring IOTA 2.0 Smart Contracts in a Private Network: Developing a Prediction Market was originally published in 51nodes on Medium, where people are continuing the conversation by highlighting and responding to this story.


FindBiometrics

Zwipe Solidifies MENA Foothold With Latest Biometric Cards Partner

An Abu Dhabi-based FinTech startup has become Zwipe‘s latest customer, further signaling the latter’s prominence in the emerging biometric payment cards space. The client, NymCard, specializes in streamlined payment card […] The post Zwipe Solidifies MENA Foothold With Latest Biometric Cards Partner appeared first on FindBiometrics.

An Abu Dhabi-based FinTech startup has become Zwipe‘s latest customer, further signaling the latter’s prominence in the emerging biometric payment cards space.

The client, NymCard, specializes in streamlined payment card issuance, and has attracted the attention of FinTech investors, having raised $7.6 million in a Series A funding round earlier this year, according to a MENAbytes report. The company is seeking to disrupt the card issuance ecosystem, and it would seem that its interest in the technology that enables such disruption has naturally led it to enter the biometric payment card space.

“We are now seeing increasing interest in biometric payment cards as they combine world-class security with world-class convenience,” explained NymCard founder and CEO Omar Onsi in a statement. “Zwipe is a highly respected fintech in the biometric payments marketplace and Zwipe Pay ONE based cards will add considerable value for our customers in MEA.”

The development arrives soon after the news that Inkript, an early Zwipe customer, placed a substantial followup order for Zwipe’s biometric payment card module; and after Zwipe’s announcement that an as-yet-unnamed Tier 1 bank based in Europe has committed to a multi-country biometric payment card pilot using Zwipe’s technology.

In a statement, Zwipe’s Ramzi Saboury highlighted the “phenomenal” interest in biometric payment card adoption in the MENA region. “We are happy to partner with NymCard, a well-recognized Banking-as-a-Service provider for payment innovators and fintechs,” he said, adding later, “We are confident that this alliance will further accelerate the deployment of biometric payment cards.”

Saboury was named Zwipe’s General Manager for the Middle East and North Africa Region earlier this year.

Zwipe’s partnership with NymCard will see it providing commercialization support and technical guidance to the company, with biometric cards to be delivered by one or more of Zwipe’s manufacturing partners in the region.

(Originally posted on Mobile ID World)

The post Zwipe Solidifies MENA Foothold With Latest Biometric Cards Partner appeared first on FindBiometrics.


auth0

Streamlining a React Monorepo

Whether you have a single application or a suite of applications, code reuse, standards around structure, process, and feature development help to ensure your codebase remains healthy in the long term.
Whether you have a single application or a suite of applications, code reuse, standards around structure, process, and feature development help to ensure your codebase remains healthy in the long term.

FindBiometrics

TruU Provides Comprehensive Access Control Services for Stanley Black & Decker

Stanley Black & Decker has teamed up with TruU to bolster its corporate security. The company will be deploying TruU’s TruIdentity Cloud, which comes with comprehensive digital and physical access […] The post TruU Provides Comprehensive Access Control Services for Stanley Black & Decker appeared first on FindBiometrics.

Stanley Black & Decker has teamed up with TruU to bolster its corporate security. The company will be deploying TruU’s TruIdentity Cloud, which comes with comprehensive digital and physical access control capabilities.

In that regard, the TruIdentity Cloud was designed to reduce the world’s reliance on passwords. The platform can be integrated with an organization’s existing security hardware, and offers support for biometrics in addition to card-based credentials at doors and workstations. On the card front, the TruIdentity Cloud can be used to issue digital credentials to an employee smartphone to eliminate the costs associated with physical badges.

The TruIdentity Cloud also uses behavioral biometrics and location analytics to provide ongoing, passive security beyond the initial login. The platform analyzes signals from smartphones, workstations, and the surrounding environment, and uses that information to generate a risk score for each interaction. The system will then step in if that risk score climbs too high.

According to TruU, its platform will minimize the threat of security breaches, and deliver a better user experience for Stanley employees. The TruIdentity Cloud provides coverage for the entire organization (and any applications it happens to be using), and minimizes installation and help desk costs with a centralized user portal that people can use to register devices and manage their security setup.

“TruU enables companies like Stanley to completely eliminate the need for passwords, badges, tokens, rotating codes, and other forms of work-inhibiting authentication technologies,” said TruU Co-Founder and CEO Lucas Budman.

“TruU has enabled over ten thousand of our employees to easily and securely log in from anywhere in the world while eliminating the need for antiquated and insecure passwords,” added Stanley Black & Decker President and CFO Don Allan. “We are on pace to double that enrollment by the first quarter of 2022.”

The TruIdentity Cloud is compatible with leading solutions from ForgeRock, Okta, Ping, Yubico, Feitian, and Microsoft, amongst several others. TruU noted that the number of data breaches has increased in the past few years, and that many of those breaches can be directly attributed to compromised password credentials.

September 16, 2021 – by Eric Weiss

The post TruU Provides Comprehensive Access Control Services for Stanley Black & Decker appeared first on FindBiometrics.


Indicio

Trusted Data Ecosystems: The Indicio Way

The post Trusted Data Ecosystems: The Indicio Way appeared first on Indicio Tech.
We missed commemorating our first birthday because we were simply too busy. When we launched Indicio in May 2020, a global pandemic was disrupting the way we shared information. Lockdowns triggered a global migration from work to home, and centralized systems fragmented into millions of daily sign ons, access requests, and virtual meetings — many conducted on devices that were poorly protected. The curse of friction and the need to find efficient and effective ways of managing information in these new circumstances were an opportunity to rethink technology, processes, and ingrained habits—and jettison what wasn’t working.

Catastrophes have a way of resetting fundamentals, and the fundamental question we worked on was how can we trust digital data? This problem is now endemic to life because all our information is digital. The very efficiency of our communication has us trapped in a highly inefficient existential crisis. And it’s costing us a fortune in mitigation, poor user experience, fraud, and theft. Specifically, we saw four dimensions to the problem.

The first was how do you encode digital information with authenticity? You need to show, definitively, that it came from the source it says it did and that it hasn’t been altered. This is like the “Trinity” of trust. If St. Patrick came back as a technologist, he’d probably use a shamrock to explain how these all go together.

The second dimension is regulatory compliance. Yes, we see COVID health passes being used to effectively burglarize people’s private data but that just isn’t sustainable—or right. You may say, “hey, people don’t care about privacy when convenience is on offer,” but the Venn diagram of people who do care about privacy and those who detest predatory tech companies is large enough to power privacy regulation to infinity and beyond. We need to mitigate that risk—and the cost burden this compliance has created.

The third dimension is security. One trillion dollars. That’s the estimated cost of cyber insecurity. The cost of our collective failing here exhausts adjectives; the pressure to defend against threats is just exhausting. The stats are so grim the new paradigm in security is called “Zero Trust.” You can’t get more nada than zero. What this means is that everything must be verified as authentic and unaltered all the time. Trust nothing, verify everything.

The fourth dimension is resilience. A technology that solves all these problems cannot manifest in a single point of failure whether that `is a single database or a single company.

No matter what way you slice and dice and spin current information systems, none deliver on all these dimensions. In fact, they barely deliver on any. And when they do, they do in ways that increase the risk in adjacent dimensions. Now, think about how many digital and non-digital devices and things the Internet of Things is going to drop into these systems in the next five years.

That’s why we missed our birthday.

We were working with global enterprises to build what we call “Trusted Data Ecosystems” to answer these challenges—and then some.

How does a Trusted Data Ecosystem solve all these problems?

First, it uses decentralized blockchain technology to create an authentic digital proof of someone or something or some claim. It uses machine-readable governance to establish who counts as a trusted source for this data within an ecosystem—the rules for trust. It has the software for people to create trusted data, hold and share it, and verify it.

Second, a trusted data ecosystem avoids the need for third parties to store personally identifying information (PII) in order to manage verification. No more personal accounts, passwords, or logins. No more data processing compliance costs and headaches.

Third, if you eliminate the need for databases full of PII, you eliminate them as a security risk. They aren’t colloquially known as “honeypots” for nothing. But just as important, you now have an ecosystem system for authentic verification to meet the demands of Zero Trust. All your network assets can implement rigorous verification in a frictionless way — thanks to machine-readable governance.

Fourth, our trusted data ecosystems are supported by decentralized networks. You can use ours, which now has 23 nodes on five continents, you can use others, or you can have us build you your own private network. Either way, you remove that single-point-of-failure weakness. The open-source base for the technology also means that credentials can be interoperable across systems—vital when you think about using a health test proof issued in one country for travel to another.

On top of all this, we’ve designed our Trusted Data Ecosystems to be easily integratable into existing systems. Technological evolution should be sustainable and not a case of buying new and shinier systems every couple of years, which only creates chaos for your employees and painful costs on your books. We believe that technology should be easy to integrate, easy to update, and easy to interoperate—and an open-source base enables this kind of continuous, sustainable improvement and innovation.

This multidimensional value—authenticity, compliance, integrity, and resilience—coupled with being easy to integrate is what separates the Indicio approach from the rest. Our growth in 16 months—with global enterprise customers and a global decentralized blockchain network supported by 23 companies on five continents is a sign that fundamental change is coming in the way we share information. And it will arrive just in time to navigate the vast expansion of connected devices.

Some tech companies look to the stars; we’re changing the digital universe.

The post Trusted Data Ecosystems: The Indicio Way appeared first on Indicio Tech.


Ontology

Everything You Need To Know About Ontology EVM Contract Development

Part 3: EVM Contract Development Process Demo Last Week, Ontology announced the official deployment of a TestNet supporting EVM and opened the EVM compatible public beta to developers around the world. At the same time, the “Ontology Security Vulnerability and Threat Intelligence Bounty Programme” was officially launched in cooperation with SlowMist, a well-known code auditing agency. The to
Part 3: EVM Contract Development Process Demo

Last Week, Ontology announced the official deployment of a TestNet supporting EVM and opened the EVM compatible public beta to developers around the world. At the same time, the “Ontology Security Vulnerability and Threat Intelligence Bounty Programme” was officially launched in cooperation with SlowMist, a well-known code auditing agency. The top reward for reporting a vulnerability is $12,000 in ONG.

In Part 2, we introduced the tools for developing and deploying EVM contracts on Ontology, and how to use MetaMask plug-in wallets to manage Ethereum wallets. In this section, we demonstrate the EVM contract development process.

4. EVM Contract Development Process Demonstration

Below, we use the Hardhat tool to demonstrate the complete process of developing, deploying, and testing, EVM contracts on the Ontology network.

4.1 Environmental Preparation Install nodejs Install Hardhat 4.2 Contract Design

4.2.1 Contract Logic

Let’s use a red packet contract as an example, which mainly provides the following functions:

Send Red Packet Receive Red Packet

Each time a red packet is issued, the value of each red packet and the number of people who can claim it must be specified.

For example, the value of a red packet is 100 tokens and the number of people who can claim it is 10. That is, there are 10 different addresses to receive a portion of the red packet. We set the amount of each red packet to be equal, that is, each address can receive 10 tokens.

According to the above logic, we can set the following storage structure:

4.2.2 Defining Contract Events

In the process of contract execution, we can trace the contract execution process by adding events.

In this example, we design the following two events:

When sending a red packet, the contract generates the ID of the red packet, which must be pushed to the caller through an event. When receiving the red packet, you need to push an event to record the red packet ID and the number of tokens received.
event SendRedPacket(uint packetId, uint amount);
event ReceiveRedPacket(uint packetId, uint amount);

4.2.3 Define Function

sendRedPacket

1) Send red packets. Anyone can call this interface and send a certain amount of tokens to the contract address, so that other addresses can receive red packets from the contract address.

Note: Before calling this method, you need to authorize the contract address to be able to transfer the token from the user’s address, so you need to call the Approve method of the token first.

receivePacket

2) Receive the red packet. Any address can receive red packets by calling this interface. When calling this interface, you need to specify the red packet ID, that is, specify the red packet to be received.

Please refer to this link for the complete code of the contract.

4.3 Use Hardhat to compile and test the contract

4.3.1 Create Hardhat Project

mkdir hardhatdemo
cd hardhatdemo
npm init
npm install — save-dev hardhat
npx hardhat

4.3.2 Modify hardhat.config.js file

Add test network node configuration information

The corresponding addresses for the specified private keys under the accounts filed need to have ONG from the TestNet to pay the transaction fee. You can receive TestNet ONG here.

4.3.3 Document preparation

Put the red packet contract code file in the contracts folder. In order to support the transfer of ERC-20 tokens, we also need EIP20Interface.sol, UniversalERC20.sol, and TokenDemo.sol files, which can be downloaded here.

4.3.4 Add test code under test folder

4.3.5 Compile contract

Execute the following commands in the project root directory to compile the contract

$ npx hardhat compile
Compiling 5 files with 0.8.0
Compilation finished successfully

After the command is executed, the following folder will be generated:

├── artifacts
├── cache
├── contracts
├── hardhat.config.js
├── node_modules
├── package-lock.json
├── package.json
├── scripts
└── test

4.3.6 Test contract

$ npx hardhat test

The execution results are as follows:

$ npx hardhat test
RedPacket
✓ Token
✓ sendRedPacket (16159ms)
2 passing (41s)

The above is a complete demonstration process of Ontology EVM contract development. In Part 4, we introduce a Web3 API reference and teach you how to use Ontology Bridge to implement one-click crossover between Ontology digital assets and Ethereum digital assets.

Stay tuned!

Learn more about our decentralized data and identity solutions on our website and official Twitter account. You can also chat with us on Telegram and keep up-to-date with the latest news via our Telegram Announcement account.

Other Resources

LinkedIn / Medium / Facebook / Reddit / DiscordYouTube

Everything You Need To Know About Ontology EVM Contract Development was originally published in OntologyNetwork on Medium, where people are continuing the conversation by highlighting and responding to this story.


Elliptic

NFTs . . . A Bubble or a Long Term Bet? Three Key Takeaways from Elliptic’s HODL2021 Panel

On September 7, I had the privilege of participating in the HODL2021 conference organized by the Blockchain and Crypto Asset Council (BACC) of the Internet and Mobile Association of India (IAMAI). 

On September 7, I had the privilege of participating in the HODL2021 conference organized by the Blockchain and Crypto Asset Council (BACC) of the Internet and Mobile Association of India (IAMAI). 


OWI - State of Identity

Intensity Analytics: Software Programs with Internally-engineered ML & AI Techniques

What if we could go beyond a fingerprint to establish behaviors, mannerisms, and motor movements that make you uniquely you? In this week's State of Identity podcast, host, Cameron D'Ambrosi is joined by Jonathan Nystrom, CEO of Intensity Analytics, to discuss the geospatial, multidimensional routines that comprise behavioral biometrics. Learn how machine learning and artificial intelligence techn

What if we could go beyond a fingerprint to establish behaviors, mannerisms, and motor movements that make you uniquely you? In this week's State of Identity podcast, host, Cameron D'Ambrosi is joined by Jonathan Nystrom, CEO of Intensity Analytics, to discuss the geospatial, multidimensional routines that comprise behavioral biometrics. Learn how machine learning and artificial intelligence techniques are being adopted as the next wave of frictionless authentication to compare previous behavior to current behavior, all to sufficiently identify that you're you.


ValidatedID

See you at MWC2019 and 4YFN!

In this edition, we’d be presenting our services for electronic signature and digital identity. Latest developments among the worldwide leaders in innovation.
In this edition, we’d be presenting our services for electronic signature and digital identity. Latest developments among the worldwide leaders in innovation.

Sign your documents from Dynamics 365 with VIDSigner

If you are a Microsoft Dynamics 365 user, from now on you can send PDF documents and sign them digitally thanks to the our VIDsigner connector
If you are a Microsoft Dynamics 365 user, from now on you can send PDF documents and sign them digitally thanks to the our VIDsigner connector

Coinfirm

Coinfirm Announces $8m Series A Funding Round and New CEO

London, 16 September 2021 — Coinfirm, the global leader in RegTech for digital currencies and the blockchain-based financial ecosystem, is pleased to announce the successful close of its Series A fund raising of USD 8 million, and welcomes Dr. Mircea Mihaescu as its new Chief Executive Officer to lead the company. The investment will enable...
London, 16 September 2021 — Coinfirm, the global leader in RegTech for digital currencies and the blockchain-based financial ecosystem, is pleased to announce the successful close of its Series A fund raising of USD 8 million, and welcomes Dr. Mircea Mihaescu as its new Chief Executive Officer to lead the company. The investment will enable...

SelfKey

SelfKey Join Hands with Blockster

We’re excited to announce that SelfKey will join hands with the upcoming social media platform Blockster. The post SelfKey Join Hands with Blockster appeared first on SelfKey.

We’re excited to announce that SelfKey will join hands with the upcoming social media platform Blockster.

The post SelfKey Join Hands with Blockster appeared first on SelfKey.


Okta

Spring Native in Action with the Okta Spring Boot Starter

In the fall of 2020, the Spring team released a new experimental Spring Native project that gave Spring developers hope for faster startup times. Spring Native is all about converting your Spring applications to native executables. It leverages GraalVM to make it happen. This announcement was huge because the new kids on the block, Micronaut and Quarkus, produced native executables by default.

In the fall of 2020, the Spring team released a new experimental Spring Native project that gave Spring developers hope for faster startup times. Spring Native is all about converting your Spring applications to native executables. It leverages GraalVM to make it happen. This announcement was huge because the new kids on the block, Micronaut and Quarkus, produced native executables by default.

I was really excited about Spring Native when I first heard about it. Its first release (v0.8.3) was on Nov 23, 2020, but I started playing with it in September 2020, probably due to SpringOne. How do I know this? Because that’s when I first tried it, and entered an issue for the Okta Spring Boot starter. I was able to get things working with Spring Security’s OAuth dependencies (instead of the Okta starter) in the waning weeks of 2020.

Table of Contents Branching out with Spring Native Okta Spring Boot Starter v2.1.1 Supports Spring Native! Create a Native Spring Boot App Learn More About Spring Boot and Spring Native Branching out with Spring Native

According to VMWare Tanzu’s recent State of Spring 2021 report, a lot of people know about Spring Native, but it’s still early.

I wrote about how to build native Java apps with Micronaut, Quarkus, and Spring Boot earlier this summer and included my learnings. Around the same time, I thought to myself, "it’d sure be nice if the Okta Spring Boot starter worked with Spring Native."

To solve this desire, I scheduled a Twitch stream with Brian Demers and Josh Long. We spent 90+ minutes figuring things out. You can watch our struggles, collaborations, and ultimate joy in the video below. I added a detailed table of contents to the video’s description on YouTube, so you can skip around if you like.

This stream originally aired on June 22, 2021. Since then, there have been a few Spring Boot releases and several Spring Native releases. And don’t forget, there was another SpringOne!

Okta Spring Boot Starter v2.1.1 Supports Spring Native!

Today, I’m happy to announce that we’ve added our learnings to Okta Spring Boot v2.1.1; now, it only takes a couple of lines to add native support to a Spring Boot application that uses Okta.

import org.springframework.nativex.hint.NativeHint; @NativeHint(options = "--enable-https")

Or, if you’d prefer a full example:

package com.example.demo; import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplication; import org.springframework.nativex.hint.NativeHint; @NativeHint(options = "--enable-https") @SpringBootApplication public class DemoApplication { public static void main(String[] args) { SpringApplication.run(DemoApplication.class, args); } }

If you’d like to see what it takes to migrate my previously mentioned native Java + Spring Boot example from using Spring Security OAuth to the Okta starter, look no further than @oktadev/native-java-examples#5.

You can also try it out yourself with the Okta CLI. Install it and follow along below for a quick Okta + Spring Native example.

Create a Native Spring Boot App

To create a secure Spring Boot app with Okta, run okta start spring-boot. You’ll need to verify your email and set a password as part of this.

If you already have an Okta account, you can run okta login first.

This command will download our Okta Spring Boot sample, register your app on Okta, and configure it by adding your Okta settings to src/main/resources/application.properties.

Add @NativeHint(options = "--enable-https") to the main Application class as specified above.

Next, edit your pom.xml and add the Spring Native version and classifier to the <properties> section:

<spring-native.version>0.10.3</spring-native.version> <repackage.classifier/>

Then, replace the <build> section with the XML below:

<build> <defaultGoal>spring-boot:run</defaultGoal> <plugins> <plugin> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-maven-plugin</artifactId> <configuration> <classifier>${repackage.classifier}</classifier> <image> <builder>paketobuildpacks/builder:tiny</builder> <env> <BP_NATIVE_IMAGE>true</BP_NATIVE_IMAGE> </env> </image> </configuration> </plugin> <plugin> <groupId>org.springframework.experimental</groupId> <artifactId>spring-aot-maven-plugin</artifactId> <version>${spring-native.version}</version> <executions> <execution> <id>test-generate</id> <goals> <goal>test-generate</goal> </goals> </execution> <execution> <id>generate</id> <goals> <goal>generate</goal> </goals> </execution> </executions> </plugin> </plugins> </build> <repositories> <repository> <id>spring-releases</id> <name>Spring Releases</name> <url>https://repo.spring.io/release</url> <snapshots> <enabled>false</enabled> </snapshots> </repository> </repositories> <pluginRepositories> <pluginRepository> <id>spring-releases</id> <name>Spring Releases</name> <url>https://repo.spring.io/release</url> <snapshots> <enabled>false</enabled> </snapshots> </pluginRepository> </pluginRepositories>

Giddyup!

./mvnw

Next, open your browser to http://localhost:8080. You’ll likely be logged in straight away and see your name printed on the screen.

Learn More About Spring Boot and Spring Native

We hope you learned something from this video and our experience. A huge thanks to Josh Long and Andy Clement for their assistance during this stream. The Spring Native docs are where you want to go to really dig in. If you prefer videos, I recommend watching Josh Long’s Spring Tips: Spring Native 0.10.0 video.

Check out these posts for more information about Spring Boot and Spring Native:

Build Native Java Apps with Micronaut, Quarkus, and Spring Boot

R2DBC and Spring for Non-Blocking Database Access

Faster Spring Boot Testing with Test Slices

How to Prevent Reactive Java Applications from Stalling

Spring Boot and Okta in 2 Minutes

If you have any questions about this post, please add a comment below. For more interesting content, follow @oktadev on Twitter, connect with us on LinkedIn, and subscribe to our YouTube channel.


Affinidi

A Conversation with Joseph Thompson of AID:Tech

Right after our first webinar, we caught up with Joseph Thompson, the CEO of AID:Tech to get his thoughts on the Self-Sovereign Identity (SSI) space and its impact on our society over the next few years. Here are some questions we asked him. What’s exciting about verifiable credentials? Not many people today understand the importance of taking ownership of their data. But that could c

Right after our first webinar, we caught up with Joseph Thompson, the CEO of AID:Tech to get his thoughts on the Self-Sovereign Identity (SSI) space and its impact on our society over the next few years.

Here are some questions we asked him.

What’s exciting about verifiable credentials?

Not many people today understand the importance of taking ownership of their data. But that could change over the next decade, as privacy would be the most important commodity.

As people travel more, they tend to use their data across borders, and it becomes necessary to be able to use it safely and securely.

In the EU, we have the eIDAS, which is a regulation for verifying the identity of individuals online through electronic documents.

So, I was born and brought up in Ireland and when I go to Italy or Spain or any other country that’s a part of the EU, I don’t have to bring my health data, tax credits, passport, or any other document as my identity, thanks to eIDAS. Imagine the convenience that comes with it! And that’s just from the consumer side.

As for Enterprises, when their consumers bring in data from other organizations in a secure way, it saves them time and money, besides increasing transparency.

This means verifiable credentials would make it easy for entities to trust data even on anonymous profiles and it can be massive for economies moving forward because an organization doesn’t necessarily have to know a person, just his or her data for processing. This is possible through verifiable credentials and that’s what makes it so exciting.

There are undoubtedly a lot of opportunities, provided we can resolve a couple of issues first.

One issue is there must be many applications for end-users. Having an identity on a network is kind of useless unless there are a ton of applications that can be accessed with that identity. So, we should be watching this space, especially blockchain, decentralized identity, and verifiable credentials for any developments that can be leveraged.

That said, there’s no doubt that there is a massive upside to using verifiable credentials and it’s only a matter of time before we start leveraging it.

What’s the best way to get the word out on verifiable credentials, privacy, and decentralized identity, and their benefits?

It’s a lot of marketing, and it becomes easy when you can demonstrate the benefits through real-world use cases.

First of all, the decision to share your data with someone must be a personal choice that an individual must make based on the benefit of a service.

Take the example of the microinsurance application that we’re building now. If an individual has a trusted verifiable credential, then the same can be sent to an insurance company. For insurance companies and healthcare organizations, these credentials mitigate their risks because they can determine whether the individual can make the copayments and premiums.

For individuals, they could decide if they wanted to share their data with an insurance company to get health insurance, and if yes, which company. In other words, the end user would have complete control over their data and could determine where and how it was shared.

Many people who weren’t convinced first have slowly adopted it due to their personal experiences.

To create more such experiences, companies in this space have to be more solution-focused. Currently, there’s a lot of focus on the tech side of VC implementation, but this should extend to a solution-centric approach to increase adoption.

While this is already happening in pockets, there has to be a holistic approach to solving a particular problem through verifiable credentials, and I believe it will happen soon.

How do you see VCs and SSI evolving in the next five years or so?

A convergence of technologies such as mobile smartphones, identity wallets, cryptos, and more would drive the need for trusted identities that can be shared seamlessly across different entities and use-cases.

It will also present huge opportunities for people to monetize their own data and this can drive adoption as well.

In all, yes, we can expect more awareness and adoption in five years because of the enormous upsides for both individuals and organizations.

So, what do you think are the impediments that can hamper this adoption?

Regulations definitely. Currently, we see a lack of clarity among lawmakers, so more awareness about VCs and their benefits could bring in more positive laws that can, in turn, foster innovation.

Shifting gears a bit here, what really brought you to SSI and decentralized identity?

Well, it all began in 2009 when I ran a marathon for a charity, but the money didn’t reach the intended recipients. I realized there was a lack of transparency in how the funds were collected and used. That was my first tryst with transparency or the lack of it.

In 2015, I was doing my Master’s degree in Digital Currencies and during this time, it occurred to me that the Google search engine must be converted into a transparency engine. What I mean by that is that there must be a layer of transparency in the information, so people are able to trust it better.

With such thoughts, I did some pilots in this space, and it soon became clear that this was a need for today’s world from government aid to welfare payments. And that’s how the whole idea was born.

Can you share some insights into the social projects you’re working on?

We’re working with the Women’s World Banking to distribute microinsurance to women in Uganda and Nigeria. We’re also partnering with the Asian Development Bank, Microsoft, and Save The Children to build verifiable credentials for parents, so they can access financial aid, education, and other benefits, and pass it to their children. We have now completed the pilot phase and we’re scaling it massively with the help of our partners.

What is Affinidi’s Role in the work you do?

Makes our life a lot easier as we don’t have to build the entire verifiable credentials from the base level!

Learn more about AID:Tech and Affinidi’s partnership.

While this brings us to the end of this interview, we have many interesting content and events lined up. Join our mailing list, and follow us on LinkedIn, Facebook, and Twitter

Note: opinions expressed here are the writer’s own.

A Conversation with Joseph Thompson of AID:Tech was originally published in Affinidi on Medium, where people are continuing the conversation by highlighting and responding to this story.


Meeco

Meeco at Money 20/20 Europe

Fintech’s biggest hivemind, Money 20/20 is back this year from 21 to 23 of September in Amsterdam. This year the event is back to a in-person event and with an immersive agenda bringing 8 groups of nearly 30 industry speakers, called Think Tanks, to discuss Fintech’s biggest challenges of today. ... Read More The post Meeco at Money 20/20 Europe appeared first on The Meeco Blog.
Fintech’s biggest hivemind, Money 20/20 is back this year from 21 to 23 of September in Amsterdam. This year the event is back to a in-person event and with an immersive agenda bringing 8 groups of nearly 30 industry speakers, called Think Tanks, to discuss Fintech’s biggest challenges of today. “The future is trustless. What do we need instead?” Meeco will be present, with our CEO and Founder Katryna Dow joining the Think Tank titled “The future is trustless. What do we need instead?” on Tuesday 21, 16:00 – 17:00 CET. Dave Birch will be moderating. David is an author, advisor and commentator on digital financial services. He’s one of the global top 15 favourite sources of business information (Wired magazine) and one of the top ten most influential voices in banking (Financial Brand); was found to be one of the top ten Twitter accounts followed by innovators. He leads 15Mb Ltd (his advisory practice), is Global Ambassador for Consult Hyperion (the secure electronic transactions consultancy that he helped to found), Non-Executive Chairman of Digiseq Ltd, Ambassador for Jersey for Fintech, a member of the Governing Council of the Centre for the Study of Financial Innovation (the London-based think tank) and holds number of board-level advistory roles. He is an Honorary President of EEMA, the European e-ID Association. Joining Katryna in this panel discussion are the following speakers: • Felix Gerlach, CPO & Co-founder, Passbase Inc. • Riddhiman Das, Co-founder & CEO, TripleBlind • Emma Lindley, Co-founder, Women In Identity • Louise Maynard-Atem, Research Lead, Women In Identity Trust is an outdated concept. We should not need trust to be able to do trade and share. Trust should be an implicit hallmark, not an explicit task. What do we need to develop to remove the need to achieve it? And what do we need instead? We need to build an environment that is safe by default. We need to shift from transactions based on the identification of the counter parties to transactions based on the strongly-authenticated credentials of the counter parties. How do we get there? This and other thought provoking conversations will take place at Money 20/20. Book by Friday the 16th (CET) for early bird prices and save 500€. Book Now

The post Meeco at Money 20/20 Europe appeared first on The Meeco Blog.


MATTR

Adding DID ION to MATTR VII

Since the beginning of our journey here at MATTR, decentralization and digital identity have been central to our approach to building products. As part of this, we’ve supported Decentralized Identifiers (or DIDs) since the earliest launch of our platform. We’ve also considered how we might give you more options to expand the utility of these identities over time. An important milestone The

Since the beginning of our journey here at MATTR, decentralization and digital identity have been central to our approach to building products. As part of this, we’ve supported Decentralized Identifiers (or DIDs) since the earliest launch of our platform. We’ve also considered how we might give you more options to expand the utility of these identities over time.

An important milestone

The W3C working group responsible for Decentralized Identifiers recently published the DID v1.0 specification under “Proposed Recommendation” status. This is a significant milestone as DIDs approach global standardization with the pending approval of the W3C Advisory Committee.

DIDs are maturing, but so is the environment and context in which they were originally designed. With a complex ecosystem consisting of dozens of different methodologies and new ones emerging on a regular basis, it’s important to balance the potential of this decentralized approach with a realistic approach for defining the real utility and value of each DID method. For example, the DID Method Rubric provides a good frame of reference for comparing different approaches.

Different types of DIDs can be registered and anchored using unique rules specific to the set of infrastructure where they’re stored. Since DIDs provide provenance for keys which are controlled by DID owners, the rules and systems that govern each kind of DID method have a significant impact on the trust and maintenance model for these identifiers. This is the key thing to remember when choosing a DID method that makes sense for your needs.

Our supported DID methods

In MATTR VII, by supporting a variety of DID methods — deterministic or key-based DIDs, domain-based DIDs, and ledger-based DIDs — we are able to provide tools which can be customized to fit the needs of individual people and organizations.

Key-based DIDs — Largely static, easy to create, and locally controlled. This makes them a natural choice for applications where there’s a need to manage connections and interactions with users directly. DIDs anchored to web domains — These have a different trust model, where control over the domain can bootstrap a connection to a DID. This makes a lot of sense for organizations with existing domain names that already transact and do business online, and can extend their brand and reputation to the domain of DIDs. Ledger-based DIDs — These offer a distributed system of public key infrastructure which is not centrally managed or controlled by a single party. While ledgers differ in their governance and consensus models, they ultimately provide a backbone for anchoring digital addresses in a way which allows them to be discovered and used by other parties. This can be a useful feature where a persistent identifier is needed, such as in online communication and collaboration.

There is no single DID method or type of DID (which at the moment) should be universally applied to every situation. However, by using the strengths of each approach we can allow for a diverse ecosystem of digital identifiers enabling connections between complex networks of people, organizations and machines.

To date, we’ve provided support for three main DID methods in our platform: DID Key, DID Web, and DID Sovrin. These align with three of the central types of infrastructure outlined above.

Introducing DID ION

We’re proud to announce that as of today we’ve added support for DID ION, a DID method which is anchored to IPFS and Bitcoin. We’ve supported the development of the Sidetree protocol that underpins DID ION for some time as it has matured in collaboration with working group members at the Decentralized Identity Foundation.

With contributions from organizations such as Microsoft, Transmute, and SecureKey, Sidetree and DID ION have emerged as a scalable and enterprise-ready solution for anchoring DIDs. The core idea behind the Sidetree protocol is to create decentralized identifiers that can run on any distributed ledger system. DID ION is an implementation of that protocol which backs onto the Bitcoin blockchain, one of the largest and most used public ledger networks in the world.

Sidetree possesses some unique advantages not readily present in other DID methods, such as low cost, high throughput, and built-in portability of the identifier. This provides a number of benefits to people and organizations, especially in supporting a large volume of different kinds of connections with the ability to manage and rotate keys as needed. We have added end-to-end capabilities for creating and resolving DIDs on the ION network across our platform and wallet products.

Although DID ION is just one implementation of the Sidetree protocol, we see promise in other DID methods using Sidetree and will consider adding support for these over time as and when it makes sense. We’ll also continue to develop Sidetree in collaboration with the global standards community to ensure that this protocol and the ION Network have sustainable futures for a long time to come.

At the same time, the community around DID Sovrin is developing a new kind of interoperability by designing a DID method that can work for vast networks of Indy ledgers, rather than focusing on the Sovrin-specific method that’s been used to date. As DID Sovrin gets phased out of adoption, we’re simultaneously deprecating standard support for DID Sovrin within MATTR VII. We’ll be phasing this out shortly with upcoming announcements for customers building on our existing platform.

If you’ve got any use cases that utilize DID Sovrin or want to discuss extensibility options, please reach out to us on any of our social channels or at info@mattr.global and we’ll be happy to work with you.

Looking ahead

We believe this a big step forward in providing a better set of choices when it comes to digital identity for our customers. From the start, we have designed our platform with flexibility and extensibility in mind, and will continue to support different DID methods as the market evolves.

We look forward to seeing how these new tools can be used to solve problems in the real world and will keep working to identify better ways to encourage responsible use of digital identity on the web.

Adding DID ION to MATTR VII was originally published in MATTR on Medium, where people are continuing the conversation by highlighting and responding to this story.


Urbit

Developer Call: Azimuth, Scaled

ETH Gas prices are too high! The growth of Urbit has been greatly hampered this year by the cost of activating planets. Join Philip Monk (`~wicdev-wisryt`) and the entire L2 team as they present the work completed to date to implement Layer 2 naive rollups. Come see a demo of the new Bridge front end, first migrating a star and spawning some planets, then activating a planet, all on L2. This call
ETH Gas prices are too high! The growth of Urbit has been greatly hampered this year by the cost of activating planets. Join Philip Monk (`~wicdev-wisryt`) and the entire L2 team as they present the work completed to date to implement Layer 2 naive rollups. Come see a demo of the new Bridge front end, first migrating a star and spawning some planets, then activating a planet, all on L2. This call will be a great opportunity for galaxy owners to get their questions answered for the upcoming vote on Layer 2 implementation. It will also be good for anyone in the community that wants a comprehensive look at how naive rollups will work to bring down planet activation costs. If you're technically inclined, be sure to check out [Philip's walkthrough](https://www.youtube.com/watch?v=lQdqCwYIBoU) of the naive rollup code ahead of time so you can ask questions.

Wednesday, 15. September 2021

Indicio

Newsletter Vol 10

The post Newsletter Vol 10 appeared first on Indicio Tech.
Indicio Named Finalist in IDC’s Inaugural Best in Future of Digital Infrastructure North America Awards

 

Indicio is thrilled to be named a finalist in the inaugural IDC Future Enterprise, Best in Future of Digital Infrastructure North America Awards in the Ubiquitous Deployment category. Finalists joining Indicio in the Ubiquitous Deployment category are Toyota Financial Services for their Digital Infrastructure Transformation and US Air Force Cloud One. 

Read The Announcement Sumiran Agarwal, Director of Node Operators, will be speaking at the GBBC Blockchain Central UNGA

 

Join Indico’s Director of Network Ecosystem for a panel discussion on the future of digital identity at the Global Blockchain Business Council (GBBC) Blockchain Central UNGA. The event brings together leaders in technology, government, academia, and policy for a variety of programming focused on the role of technology and community in accelerating progress toward the United Nations Sustainable Development Goals.

Register Here Liquid Avatar Technologies successfully demonstrates complete, interoperable health data ecosystem

 

Congratulations to Indico Node Operator Liquid Avatar Technologies for successfully demonstrating the interoperability of their decentralized identity platform, LAVCE, at the Cardea Interop-athon. This hackathon style event offered an opportunity for companies participating in the Cardea community to test the issuing, exchanging, and verifying of health related data. LAVCE’s successful demonstration illustrated the power of interoperable verifiable credentials as a way to transform how we share and trust digital health information. 

Read More This Tuesday is Wallet-Mania!

 

Join us Sep 21 for this fireside chat style event moderated by Mathieu Glaude from Northern Block. We are bringing together leadership from IdRamp, GlobalID, Lissi, Liquid Avatar, and Trinsic to discuss the current landscape of the market, use cases, and the future of digital wallets. 

Details for the event Demo Day is September 23rd

 

Please join us and the Cardea community Thursday, September 23, 2021, 12:00 PM EST, to see demonstrations of the solutions tested at the Cardea Interop-athon from the participating companies of the event. See the cutting edge displays of interoperable, decentralized identity! 

Register Today Upcoming Events

 

Here are a few events in the decentralized identity space to look out for.

Cardea 8/19 Aries Bifold 8/25

The post Newsletter Vol 10 appeared first on Indicio Tech.


KuppingerCole

A different way to IGA: Leveraging the ServiceNow infrastructure

by Martin Kuppinger IAM is evolving from traditional, on-premises solutions towards IDaaS (Identity as a Service), supporting the changing requirements to IAM as well as to deploying and operating IAM solutions. This whitepaper looks at how to plan for IAM modernization, the alternative paths, and the role IGA to ITSM integration plays in IAM modernization. It also looks at why customers are optin

by Martin Kuppinger

IAM is evolving from traditional, on-premises solutions towards IDaaS (Identity as a Service), supporting the changing requirements to IAM as well as to deploying and operating IAM solutions. This whitepaper looks at how to plan for IAM modernization, the alternative paths, and the role IGA to ITSM integration plays in IAM modernization. It also looks at why customers are opting for Clear Skye IGA solutions built on top of ServiceNow, and how this fits into the need for IAM modernization.

Workshop | Move your Active Directory to the Cloud

Martin Kuppinger, Principal Analyst, KuppingerCole Patrick Parker, Founder and CEO, EmpowerID Matthias Reinwarth, Lead Advisor & Senior Analyst, KuppingerCole
Martin Kuppinger, Principal Analyst, KuppingerCole Patrick Parker, Founder and CEO, EmpowerID Matthias Reinwarth, Lead Advisor & Senior Analyst, KuppingerCole


Workshop | Zero Trust & Modern Digital Workplaces




Northern Block

Northern Block Partners with leading RegTech kompany to Offer Onboarding of Verifiable Legal Entities to Trust Networks

September 15, 2021 Toronto, Canada The partnership between Northern Block and kompany provides organizations and users of the NB Orbit platform access to the leading global corporate register network and in turn, audit-proof company information from commercial registers, financial authorities and tax offices around the world. The purpose of this partnership is to enable trust […] The post Northe

September 15, 2021

Toronto, Canada

The partnership between Northern Block and kompany provides organizations and users of the NB Orbit platform access to the leading global corporate register network and in turn, audit-proof company information from commercial registers, financial authorities and tax offices around the world.

The purpose of this partnership is to enable trust network operators to increase the authenticity of legal entities that join their ecosystem. This provides the ability to engage in business with peers with confidence, while mitigating fraud risks. Through the instant access to this primary source information, the KYC/KYB process is greatly enhanced by including official information on over 115 million companies across more than 200 countries and jurisdictions.

“We see an increasing demand from clients to validate legal entity data at source. So in automating access to original corporate register records, via our partnership with kompany, we are providing an additional layer of KYC & KYB security.”, says Mathieu Glaude, CEO of Northern Block.

Before conducting business, companies should perform sufficient due diligence to get to better know the other entity that they’re about to transact with. However, this is easier said than done. For example, in global digital commerce, in many cases companies don’t know or meet the other entity they’re going to transact with. Therefore, enabling companies to verify whether the other party unequivocally meets their policies adds a layer of trust and comfort. Increasing the authenticity of the organizations that get onboarded to trust ecosystems inherently increases the network value and aids companies.

Onboarding in a self-sovereign manner to digital trust ecosystems is different than in federated models. When network operators manage a trust network and an entity connects into the network and begins transacting, it’s important to ensure that you’re getting credentials from the source issuer. This is what kompany provides via its global register network: official data and documents retrieved in real-time form their original source. 

Russell E. Perry, CEO and Co-Founder of kompany: “With increasing compliance and AML requirements, the veracity and source of company data have become a central point in combating money laundering and other frauds. We are, therefore, proud to provide Northern Block clients with our unparalleled access to real-time audit-proof company information, ensuring access to company information across multiple jurisdictions and helping their clients achieve improved business efficiency.”

Canada is becoming a nation of digital identity. Recently, the Government of Ontario announced their technology and standard choices for their Digital ID Ecosystem. Digital ID is critical to the economy. The Digital ID & Authentication Council of Canada (DIACC) estimates that the potential value that trusted digital identity could bring to the Canadian economy is at least 1 percent of Canada’s GDP, or CAD 20 billion. 

Mathieu Glaude adds, “Onboarding small businesses in a frictionless manner must be made easy. We’ve asked small businesses to do so much during Covid; and now that we’re asking them to use new digital tools, we must ensure we don’t create more friction, but instead find ways to add value to their businesses. The first step is ensuring trusted interactions.”

About Northern Block – Northern Block is a Toronto, Canada based technology provider that facilitates the commercialization of digital trust ecosystems using self-sovereign identity (SSI) technologies, standards and principles. Through its leading NB Orbit platform, organizations can deploy digital credentialing ecosystems, become credential issuers, accept digital credentials within workflows and use a variety of digital wallets and agents to connect and exchange credentials.

A leader in the SSI space with active positions on leading industry bodies like the Digital Identity and Authentication Council of Canada (DIACC) and the Trust over IP Foundation (ToIP), Northern Block is at the forefront of delivering on the Secure, Privacy by design and Verifiable world.

About Kompany –  kompany is the leading RegTech platform for global business verification and Business KYC (KYB) for AML compliance. Clients include global and international banking groups, FinTechs, Big Four accounting firms, law firms, Banking-as-a-Service and compliance platforms, and multinational corporations. kompany is headquartered in Vienna, Austria, with offices in London, New York, and Singapore.

kompany is a government licensed clearing house of registers with real-time access to commercial registers, financial and tax authorities worldwide. kompany is backed by Fairway Asset Management, Global Brain, European Super Angels Fund, Elevator Ventures, UNIQA Ventures and Hermann Hauser Investment.

 

The post Northern Block Partners with leading RegTech kompany to Offer Onboarding of Verifiable Legal Entities to Trust Networks appeared first on Northern Block | Self Sovereign Identity Solution Provider.


Anonym

China, US Recognize National Security Risks of Surveillance Capitalism

Governments are always going to be concerned about national security. China’s recent passing of its Personal Information Protection Law (PIPL) is an example of a national government recognizing that the amount of personal data collected by non-government online services and mobile apps is at the point where it can be a rich data source for a national […] The post China, US Recognize Na

Governments are always going to be concerned about national security.

China’s recent passing of its Personal Information Protection Law (PIPL) is an example of a national government recognizing that the amount of personal data collected by non-government online services and mobile apps is at the point where it can be a rich data source for a national security adversary.

The risk focus has moved to private enterprise and the internet economy, and the surveillance capitalism sector of that makes national security more challenging. China recognizes this in its PIPL, which comes into effect on November 1, 2021. President Biden recognized it in his cybersecurity announcements in July. 

What this tells us is we’re all moving in the same direction. It’s not only us here at Anonyome Labs but national governments around the globe that clearly see the national security risks of personal data storage, transfer and processing by private enterprise.

Surveillance capitalism is the root of the problem for every country. We’re fighting the same enemy, just in different wars.

Postscript: We’ll be closely following commentary and analysis of China’s new PIPL. At time of writing the full English translation had not been released. We know the PIPL is broad-ranging, comprehensive, and described as “the world’s harshest data privacy law.” It’s modelled on the GDPR but will be stricter in its standards and penalties. The PIPL deals with personal data from national security and public interest perspectives. Together with China’s Data Security Law and Cybersecurity Law, the PIPL forms an overarching data protection framework

The post China, US Recognize National Security Risks of Surveillance Capitalism appeared first on Anonyome Labs.


auth0

4 Authentication Tools That Increase Retail Conversion Rates

How to decrease abandoned carts by improving the simplicity and security of your user login process.
How to decrease abandoned carts by improving the simplicity and security of your user login process.

Ocean Protocol

OceanDAO Round 10 is Live!

530K USD available for sustainable data-oriented projects! Hello, Ocean Community! For those new, OceanDAO is a community-curated funding system directed towards projects building in the Ocean Protocol ecosystem. The Ocean ecosystem becomes self-sustainable as the builders of the Web3 data economy leverage Ocean Protocol to create products, services, and resources that the community finds valua

530K USD available for sustainable data-oriented projects!

Hello, Ocean Community!

For those new, OceanDAO is a community-curated funding system directed towards projects building in the Ocean Protocol ecosystem.

The Ocean ecosystem becomes self-sustainable as the builders of the Web3 data economy leverage Ocean Protocol to create products, services, and resources that the community finds valuable.

Grant Funding Categories:

Building or improving applications or integrations to Ocean Community or developer outreach (grants don’t need to be technical in nature) Unleashing data Building and/or improving core Ocean software Improvements to OceanDAO itself

For up-to-date information on getting started with OceanDAO, we invite you to get involved and learn more about Ocean’s community-curated funding on the OceanDAO website.

The goal is to grow the DAO each round. We encourage the $OCEAN ecosystem to apply or reapply AND to vote! Thank you to all of the participants, voters, and proposers.

OceanDAO Round 10 Announcements and Guidelines Round 10 Information

There is $530,000 USD in grant funding available in Round 10. The max request limit per proposal has now changed. Please find more details below:

Please Note: The amount requested is in USD, but the amount paid is in OCEAN token. The conversion rate is the market price on the Proposal Submission Deadline (October 5th at midnight GMT). This determines how many OCEAN will be awarded if a proposal is voted to receive a grant.

A total of $100,000, or approx. 19%, of “Total Round Funding Available” is earmarked for New Projects. Earmarked proposals are eligible for entire “Total Round Funding Available”; returning (general) grants are eligible for the remaining $430,000, or approx. 81%.

As a builder, submit your project proposal on the Round 10 Ocean Port Forum. As a voter, this is where you can see all the expanded proposal details to make an informed vote decision.

Additionally, you can check out the OceanDAO Round 10 Proposal Submission Dashboard to see all the proposals in one place as they are submitted.

The grant proposals from the snapshot ballot that meet these criteria are selected to receive their Funding Amount Requested (in OCEAN) to foster positive value creation for the overall Ocean Protocol ecosystem.

Project Levels & Funding Tiers

To improve funding effectiveness, OceanDAO continues to increase access to funding. After the introduction of the Project Standing Dashboard, teams have been working to reconcile their grant deliverables, and complete their proposals.

To continue incentivising completion and outcomes, we are introducing Project Levels, which can be acquired by Teams delivering on their grant promises. Below are the Funding Tiers accessible by projects for OceanDAO Grants Round 10.

Teams applying for their first time — $20,000 USD Teams who have completed 1–2 proposals — $20,000 USD Teams who have completed 3+ proposals — $50,000 USD

Make sure to update your Project Deliverables to remain in a good standing, and to continue accessing larger grant amounts. Important note: existing Projects will only be able to participate in the Voting process if their project is in a “Completed” or “Funds Returned” standing.

Project Standings > 1Team-1Proposal

A key focus in OceanDAO is improving ROI Transparency. With the introduction of [Project Standings], each project reconciles their grant deliverables and outcomes with the DAO to access greater funding. This process naturally leads teams towards reconciling their deliverables, and continue building.

Therefore, the introduction of [Project Standings] enables [1Team-1Proposal] rules to be deprecated.

This design review originated from various discussions with Ambassadors and the larger OceanDAO community. We’d like to thank the community for your continuous feedback and support.

Funding Round — Rules & Timing Updates Proposals Submission Deadline is October 5th at midnight GMT Add OCEAN to Voting Wallet by the Proposal Submission Deadline. A 2 day proposal Due Diligence Period, ends October 7th, 2021 at 23:59 GMT Voting Starts on October 7th, 2021 at 23:59 GMT Voting Ends on October 11th, 2021 at 23:59 GMT

If your Proposal is voted to receive a grant, please submit a Request Invoice to the Ocean Protocol Foundation (OPF) for the Ocean Granted amount, if you haven’t already,

OceanDAO Ecosystem

Continue to support and track progress on all of the Grant Recipients here!

Much more to come — join our Town Halls to stay up to date. Thank you!

Follow Ocean Protocol on Twitter, Telegram, LinkedIn, Reddit, GitHub & Newsletter for project updates and announcements. And chat directly with other developers on Discord.

🌊 OceanDAO Round 10 is Live! was originally published in Ocean Protocol on Medium, where people are continuing the conversation by highlighting and responding to this story.


SWN Global

MetaMUI official Partner of the 2021 OECD Global Blockchain Policy Forum Sept 15th- Oct. 1st

OECD Global Blockchain Policy Forum 2021 We are proud to announce that Sovereign Wallet Network is the official partner of Buniness and Finance at the OECD for the 2021 OECD Global Blockchain Policy Forum. reserve your seat on: https://oecd-events.org/blockchain-policy-forum#bl-7d0b3f5b-c3a6-4b40-8749-390d707a7040 This Year’s edition is “The 4th edition of the annual OECD Global Blockc
OECD Global Blockchain Policy Forum 2021

We are proud to announce that Sovereign Wallet Network is the official partner of Buniness and Finance at the OECD for the 2021 OECD Global Blockchain Policy Forum.

reserve your seat on:
https://oecd-events.org/blockchain-policy-forum#bl-7d0b3f5b-c3a6-4b40-8749-390d707a7040

This Year’s edition is “The 4th edition of the annual OECD Global Blockchain Policy Forum” delves into recent developments and emerging challenges to take a balanced assessment of blockchain’s use and potential in supporting global markets and the rules and norms that underpin them.

From strengthening cross-border commerce and international regulatory cooperation to better-linking companies with investors, and bringing new levels of transparency to the digital economy and control over our lives online. As in previous years, the Forum provides a platform for the public and private sectors to come together to exchange information, perspectives and priorities across the many areas where blockchain and public policy connect.

MetaMUI identity-based Blockchain is MetaMUI, the 1st Identity-based blockchain to truly enable regulated Peer to Peer (P2P) transactions. It can be used as the cornerstone for most financial offerings, with its high versatility and support for custom-developed use cases that enable Central Bank Digital Currencies (CBDC) implementation and issuance easily on the MetaMUI CBDC platform.

MetaMUI is built around Self-Sovereign Identity (SSID) technology. By combining the SSID and blockchain token mechanism, MetaMUI was able to create a new identity-based CBDC system that can protect user’s privacy while providing an identity-based transfer system that can satisfy travel rules and other regulatory requirements such as Know your customer (KYC), Anti-money laundering (AML) and Counter Financing of Terrorism (CFT).

#OECDblockchain #DLT #AI #CBDC #blockchain #FinTech #tokenization #MetaMUI #Cross_Border_Payments #DeFi


Coinfirm

Coinfirm Partners with Notabene for Travel Rule Compliance

LONDON, 15 September  – Notabene, the leading FATF Travel Rule solution provider and Coinfirm, a leading RegTech and blockchain analytics provider are today announcing a collaborative partnership. The Financial Action Task Force – the global AML watchdog – has outlined Recommendation 16, the ‘Travel Rule’, which stipulates VASPs must include key identifying information on counterparties...
LONDON, 15 September  – Notabene, the leading FATF Travel Rule solution provider and Coinfirm, a leading RegTech and blockchain analytics provider are today announcing a collaborative partnership. The Financial Action Task Force – the global AML watchdog – has outlined Recommendation 16, the ‘Travel Rule’, which stipulates VASPs must include key identifying information on counterparties...

Ontology

Ontology Weekly Report (September 7–13, 2021)

Highlights Reflecting a major endorsement for decentralized identity, Ontology recently announced that ONT ID, its decentralized digital identity application, has surpassed 1.5 million users. Ontology has also now officially deployed its EVM TestNet and is opening its EVM-compatible public beta for developers. Latest Developments Development Progress We have completed the launch of Ontology’s
Highlights

Reflecting a major endorsement for decentralized identity, Ontology recently announced that ONT ID, its decentralized digital identity application, has surpassed 1.5 million users. Ontology has also now officially deployed its EVM TestNet and is opening its EVM-compatible public beta for developers.

Latest Developments

Development Progress

We have completed the launch of Ontology’s EVM TestNet and are 45% done with testing. Ontology’s Security Vulnerabilities and Threat Intelligence Bounty Program has launched with a top prize of $12,000 in ONG rewards. We have completed Ethereum RPC support and are 100% done with internal testing. The TestNet has been synchronized online; we are 40% done with testing. We have completed 100% of Ontology’s new Ethereum account system development, the TestNet has been synchronized online; we are 42% done with testing. The EVM/OEP-4 asset seamless transfer technical solution, which facilitates the efficient conversion between OEP-4 assets and EVM assets, is complete and the TestNet has been synchronized online; we are 38% done with testing. We have completed 100% of the tutorial documents on EVM contract development on the Ontology chain.

Product Development

Ontology released 3,333 limited edition Ontology Avatars. Each Avatar is randomly generated and can be tied to an ONT ID that represents the owner in the metaverse. All Ontology Avatars were claimed in less than 5 hours. ONTO hosted a cross-chain campaign with BurgerSwap Bridge. Participants who perform cross-chain transactions on BurgerSwap with ONTO will have the chance to win rewards. Bonuses will be given to the top 50 participants with the highest cross-chain transaction value on BurgerSwitch. ONTO hosted a liquidity mining campaign with ApeSwap, a decentralized exchange and yield farming platform on Binance Smart Chain. All participants will win rewards; 100 winners who stake in the ONG-BNB pool via ONTO Wallet will be entered into an ONG lottery. ONTO hosted a NFT competition event with GameDAO, the world’s first NFT encrypted artwork entertainment creation platform. Participants submitted 38 ONTO, Ontology and GameDAO themed NFTs. Users can vote for their favorite NFTs now via ONTO and will have the chance to win rewards.

On-Chain Activity

120 total dApps on MainNet as of September 13, 2021. 6,709,279 total dApp-related transactions on MainNet, an increase of 23,760 from last week. 16,347,156 total transactions on MainNet, an increase of 64,964 from last week.

Community Growth

789 new members joined our global community this week. Our community is continuing to grow and we encourage anyone who is curious about what we do to join us. We held our weekly Discord Community Call, led by Humpty Calderon, our Head of Community. He introduced Loot and the 3,333 limited edition Ontology Avatars campaign. We held our new Telegram weekly Community Call, led by Astro, an Ontology Harbinger from our Asian community. He had a lively discussion with community members, focusing on the centralized identity universal login component, ONT Login, and the batch verification solution, ONT TAG. We held our weekly DeID Summit, in which we spoke about “the difference between DID and Black Mirror”. We introduced Ontology’s decentralized identity framework that enables users to control their data and decide whether a third-party can access a particular piece of information about them. As always, we’re active on Twitter and Telegram where you can keep up with our latest developments and community updates.

Global News

Ontology announced that ONT ID, its decentralized digital identity application, has surpassed 1.5 million users. The fact that over 1.5 million users have embraced decentralized identity through ONT ID reflects the significant appetite for blockchain solutions that safeguard user privacy in the midst of ongoing scamming, identity fraud, data leaks and ransomware attacks. Ontology has officially deployed its EVM TestNet and is opening its EVM-compatible public beta for developers. In collaboration with code auditor SlowMist, Ontology is setting up the Ontology Security Vulnerabilities and Threat Intelligence Bounty Programme, with a top prize of $12,000 in ONG rewards. In order to encourage community developers to quickly and easily familiarize themselves with the Ontology EVM development environment, we published Everything You Need To Know About Ontology EVM Contract Development. Ontology in the Media

VentureBeat — Data management puts enterprises to the test

The Dell survey found that most business leaders lack confidence in their data protection solutions, with 82% of respondents reporting concern that their organization’s solutions won’t be able to meet future business challenges. Even companies taking steps to overcome the hurdles say that they anticipate major headwinds. According to Dell, 58% of businesses investing — or planning to invest — in software-as-a-service apps are struggling to find data protection for them.

ONT ID is a decentralized identity framework that complies with W3C’s recommended standards for decentralized identifiers and verifiable credentials. Decentralization, self-management, privacy protection, and ease of use are the key features of ONT ID that ensure users fully control their data and identity. Ontology has been actively collaborating with a variety of partners interested in adopting decentralized solutions. At present, we have provided solutions in multiple sectors including mobility, inventory management and logistics, professional marketplace, corporate data attestation, digital content, music copyright, and smart banking.

Learn more about our decentralized data and identity solutions on our website and official Twitter account. You can also chat with us on Telegram and keep up-to-date with the latest news via our Telegram Announcement account.

Other Resources

LinkedIn / Medium / Facebook / Reddit / DiscordYouTube

Ontology Weekly Report (September 7–13, 2021) was originally published in OntologyNetwork on Medium, where people are continuing the conversation by highlighting and responding to this story.


KuppingerCole

Managing Access and Entitlements in Multi-Cloud Multi-Hybrid IT

by Martin Kuppinger Introducing DREAM (Dynamic Resource Entitlement and Access Management) Paradigm for managing all access of everyone and everything to all resources consistently in a multi-cloud multi-hybrid environment. Policy-based, automated, consuming the current state of services & infrastructure. Shifting from identity & security siloes to a holistic, integrated concept. Start

by Martin Kuppinger

Introducing DREAM (Dynamic Resource Entitlement and Access Management)

Paradigm for managing all access of everyone and everything to all resources consistently in a multi-cloud multi-hybrid environment. Policy-based, automated, consuming the current state of services & infrastructure. Shifting from identity & security siloes to a holistic, integrated concept. Start tactically now with CIEM, PAM, etc., but go on to strategic measures.

Managing identities, managing entitlements, and managing access has become way more complex than ever before, in dynamic, multi-cloud, multi-hybrid IT environments. In the past, servers and applications were rather static, and entitlements too were static. But this has changed. Entitlements and access in today’s cloud environments are dynamic, just like workloads.

Additionally, most organizations must deal with a multi-cloud, multi-hybrid IT. Different clouds, such as Microsoft Azure, AWS, or GCP, are very different in the way they deal with and manage identities, resources, access, and entitlements. With private clouds, managed IT, Edge Computing, and on-premises IT, different approaches on delivering IT are there to be managed, all different in the technology as well as the split between provider and tenant responsibilities.

Security as Code Can’t Be the Answer

However, the answer can’t be in security as code, because this would require developers to care for security (and infrastructure management), instead of setting the focus on their specialized skills and letting them work on what they are best in. The answer also can’t be in having specialized solutions for different parts of the IT environment, such as cloud-only approaches. Organizations need a comprehensive approach, covering the breadth and depth of their multi-cloud, multi-hybrid IT reality.

DREAM takes this broader approach, beyond just cloud-focused management of entitlements and access, looking at all types of identities, workloads, and all elements of IT. Additionally, DREAM is well-integrated with SODAS and BASIS, delivering a comprehensive set of methods and models for moving to agile delivery of secure services in multi-cloud, multi-hybrid IT environments.

Fig. 1: DREAM integrates security & identity across all parts of multi-cloud, multi-hybrid IT environments, closely aligned and integrated with service development, delivery & operations as well as infrastructure management & operations (KuppingerCole SODAS).

Cloud-First Approach Will not Lead to a Uniform Environment

As outlined, most organizations today have a mix of different types of IT. While “cloud first” is a valid strategy, it will not lead to a uniform environment. While the ratio of cloud workloads will (and must) grow over time, it will be multi-cloud and thus not uniform. Edge Computing appeared as a response to the need to shift workloads back closer to the on-premise environment. However, there was a reason for private clouds to appear, as well as for keeping parts of IT on-premises.

In manufacturing and other industries, on-premises IT will never disappear. Multi-cloud, multi-hybrid is the reality, here to stay. It will differ in the ratios of what is done where, but it will not disappear for many organizations, and the shift will be slow (slower than frequently expected) and gradual for most organizations.

This requires, as described in KuppingerCole SODAS (Secure Operations & Development of Agile Services), an integrated approach to development, infrastructure management, operations, and security & identity. DREAM focuses on the Security & Identity layer within that concept and how to manage identities, entitlements, and access uniformly across the entire IT, powered by policy-based automation.

Fig. 2: DREAM focuses on IAM, including CIEM, Access Governance, and PAM, as well as Cybersecurity and SOAR, and aligns with the other elements of a modern IT stack for delivering agile, secure services.

Managing Identities and Entitlements with the DREAM Approach

DREAM is an approach for managing all types of identities, both human and non-human. Human identities span everyone from the consumer to the employee, while non-human identities cover devices, things, services, resources, etc., as well as the complex relationships between the various types of identities.

DREAM focuses on managing entitlements and unifying this management across different environments such as the various public clouds, private clouds, VM (virtual machine) environments, and servers in traditional IT.

Based on a comprehensive , uniform approach, it puts identity and security in one responsibility and a unified technical solution, also enabling consistent governance across the entire IT environment. This also includes supporting modern concepts such as SOAR (Security Orchestration, Automation, and Response) that build on SIEM (Security Information and Event Management), and monitoring what happens in terms of security across all of IT as well as reacting to this.

DREAM Integrates CIEM, IGA, IAM, and PAM

DREAM also integrates concepts such as the evolving concept of CIEM (Cloud Infrastructure Entitlement Management), IGA (Identity Governance & Administration) as part of IAM (Identity & Access Management), and PAM (Privileged Access Management) for supporting every identity, every entitlement, and the access across the entire breadth and depth of IT.

This requires utilizing information about the state of services, applications, resources, identities, etc. It builds on virtual repositories that gather and expose that information so that it can be analyzed – this is where AI & ML come into play – and policy-based automation of the entire management of identities and security then build on these repositories.

Fig. 3: The key actions to take in delivering to the DREAM model.

To move forward with DREAM, the first step is – if not already done – the de-siloing of IT. Don’t treat cloud differently from on-premises or private clouds. Don’t split responsibilities. Workloads might run here or there, they will shift. For application and service delivers, you need a unified approach. You need it even more for comprehensive, strong security and efficient management of identities and access, and, last but not least, for (access) governance, complying with regulations, and mitigating risks. This initial step also requires a portfolio assessment and gap analysis, to understand what you have, what you need in addition, and what you should best retire.

From there, based on a vision involving the KuppingerCole models for Identity Fabrics and Security Fabrics, you need to define the target architecture, a roadmap that evolves over time, the guardrails, and the policies and processes.

Running DREAM Environments

Roll-out should be tactical and phased, focusing on fixing the critical challenges first. This might include opting for a specialized CIEM solution first (even while most already go well beyond cloud only, and beyond infrastructure entitlements only) to fix the pressing challenges of managing entitlements and access in the dynamic, volatile cloud environments.

But all should be done with the vision and target architecture in mind, not as tactical, isolated, non-integrated activities. DREAM will evolve continually. For more efficient management, and again being part of unification as described in KuppingerCole BASIS, this also involves shifting delivery of traditional workloads to a service model – making your traditional IT work as if it were another cloud.

In running DREAM environments, policy-based automation is at the core. It is about shifting to well-defined policies (proposed and optimized by AI and ML) that work on the dynamic data, instead of manual administration. This limits errors and increases speed in responding to permanent changes in the agile IT of today. It is also the foundation for governance and consistent security operations, and automated response across the IT environments.

Guiding principles for DREAM:

Business requests IT Services Unified view on IT Services – one IT, across multi-hybrid, multi-cloud environments Policy-based automation instead of manual administration or coding Development is agile, consuming identity & security APIs, delivering status/requirements back to central repositories, and to the operations management to be ready supporting new and changing applications and services Automation of identity, security and infrastructure setup & management

Our recommendation is to think beyond solutions that cover just multi-cloud, but integrate across multi-cloud multi-hybrid IT. Focus also on integration with the IAM and PAM (Privileged Access Management) infrastructure you have in place. Look at the overarching DevSecOps (KuppingerCole SODAS) model; and the model for agile service delivery in a modern, multi-cloud, multi-hybrid IT (KuppingerCole BASIS) for a comprehensive approach.


Ontology

Ontology Loyal Member NFT

Earn rewards for your community engagement! In order to acknowledge and reward those who participate in Ontology’s events and contribute to our weekly discussions, we are launching a loyalty program! Engage with the community and receive NFTs. Collect enough NFTs to win ONG rewards! Ontology’s Loyal Member program aims to boost the community’s knowledge about Web3 and blockchain, as well as
Earn rewards for your community engagement!

In order to acknowledge and reward those who participate in Ontology’s events and contribute to our weekly discussions, we are launching a loyalty program! Engage with the community and receive NFTs. Collect enough NFTs to win ONG rewards!

Ontology’s Loyal Member program aims to boost the community’s knowledge about Web3 and blockchain, as well as decentralized identity solutions. It is also a way for us to give back to community members who contribute to our events and grow with the Ontology family. Ontology is going to give away NFTs to specific community members whose contributions stand out. Members who collect 10 Loyal Member NFTs can receive 50 ONG.

The Loyal Member program gives Ontology community members the opportunity to learn more about our ecosystem and each other. We hope to facilitate more connections with our community members and encourage a welcoming atmosphere for new members interested in blockchain technology.

How to Attend

Join our Telegram group and share your topic with the hashtag #Topic directly in the group channel.

At the end of our weekly Tuesday Community Call, we will have an anonymous vote for your favorite topic for Wednesday. The most popular topics will be discussed at 9am UTC on Wednesdays.

Some potential topics include DID, Web3 and NFTs. Bring your own idea to the table and share it with the community.

Our study panel will be held on a weekly basis. Those who are active and participate will be noted by admins and will receive a special NFT acknowledging their contributions.

The first 10 members to receive 10 NFTs will be awarded 50 ONG each.

How to Claim

We will collect active members’ Ontology addresses to airdrop the NFTs. Once the NFTs reach 10, we’ll distribute 50 ONG to the related address. Each member/address can only receive ONG once.

Note: The Ontology Team reserves the final right of interpretation of the above event.

Learn more about our decentralized data and identity solutions on our website and official Twitter account. You can also chat with us on Telegram and keep up-to-date with the latest news via our Telegram Announcement account.

Other Resources

LinkedIn / Medium / Facebook / Reddit / DiscordYouTube

Ontology Loyal Member NFT was originally published in OntologyNetwork on Medium, where people are continuing the conversation by highlighting and responding to this story.


Meeco

Data Privacy: does anyone care?

We’ve all heard the refrain….no-one cares about privacy anymore. I confess, that sometimes I feel the same way, particularly when I see my own family members oblivious to what they are sharing. I’ve even done it myself. Then I realise that it’s not that they don’t care about data privacy, ... Read More The post Data Privacy: does anyone care? appeared first on The Meeco Blog.
We’ve all heard the refrain….no-one cares about privacy anymore. I confess, that sometimes I feel the same way, particularly when I see my own family members oblivious to what they are sharing. I’ve even done it myself. Then I realise that it’s not that they don’t care about data privacy, it’s just they don’t have any agency to do anything about it. I recently gave a talk at Kuppinger Cole European Identity Conference 2021 so had cause to dig into this question afresh. If the newspaper and magazine headlines are anything to go by then data privacy is still very much a live issue. But what about real people? Surely there must be some examples that would help. I looked at two recent events that could act as a litmus test of public sentiment. The first was Apple’s decision as part of its update to iOS 14.5 that allowed users, for the first time, to control whether or not to allow apps to track their data. Pretty convincing data but maybe it was skewed towards Apple users. Maybe if I looked at something more serious like helping to fight the Covid pandemic, I’d see a completely different picture? According to the latest Edelman Trust Barometer, even fighting a Global pandemic is not sufficient reason to share data. The willingness to share data to Governments to help contain Covid has actually decreased over the last 12 months. Perhaps not surprising given how some Governments have not been too adept in handling privacy concerns[1].  Finally, I was convinced by some latest research by KPMG – Corporate Data Responsibility – in August 2021. The research was conducted in the US but I suspect can be translated across the world. One set of statistics stood out: The compelling data and research suggest that my original question now needs to be reframed. People most certainly do care about their data privacy. The question now is: how are organisations going to bridge this data privacy chasm? This a real opportunity for organisations to step up and take a lead. An opportunity for organisations to action rebuilding trust and becoming data sustainable for the future. There are some immediate steps every organisation should start with: • Analyse your own ethics around data collection and use. Consider implementing a code of data ethics. • Be transparent and explicit around data collection and use and do it in a way that is upfront, easy and clear for everyone to understand. • Consider using privacy enhancing technologies to anonymise data or make use of synthetic data. • Give people access and control over their data empowering them to gain value and equity by sharing. People openly admit they don’t know how to protect their personal data and they are rightly peeved that organisations aren’t doing much to help. Take the lead now in establishing corporate data responsibility. Meeco can help provide the infrastructure you need to bridge the data privacy chasm. Reference: [1] https://www.theguardian.com/technology/2020/jul/20/uk-government-admits-breaking-privacy-law-with-test-and-trace-contact-tracing-data-breaches-coronavirus About the author A highly strategic, technical and commercially astute executive. Jason Smith has over 20 years of experience of starting, growing and managing businesses. The last 10 years of which have been with data businesses. Prior to joining Meeco, Jason led a global project within Experian as part of their global data innovation team (‘Dx’) focusing on consent, data sharing & privacy. He also co-led projects on digital ID, privacy enabling technologies and consumer personal data management applications. Jason also contributed to Experian’s response to the 2020 EU Data Strategy consultation. Previously, he established a research data lab as part of ScaleUpNation, in Amsterdam, using machine learning & network science to research ‘what lies behind a successful scale-up’. Prior to that Jason co-founded and was CEO of Blurrt, a social media data intelligence software using AI natural language processing for sentiment and emotional analysis as well as topic clustering. Blurrt achieved a number of UK technology awards and firsts – notably real time analysis of political debates and sports matches using tweets which were broadcast live. Jason has written, presented and produced 3 radio documentaries for BBC on technology (‘BeingSocial’ on social media & data; ‘Becoming Artificial’ on AI & what it means for humans and ‘Going Viral’ on the use of technology during the first Covid lockdown). In addition Jason has written and been invited to speak on data & AI. He is a member of the European AI Alliance and was previously recognised by TechCityInsider as one of the top 200 tech entrepreneurs in the UK. Outside of work, he cycles.

The post Data Privacy: does anyone care? appeared first on The Meeco Blog.


Aergo

Airdrops From AERGO: The Great Klaytn Event

AERGONAUTS And KLAYswap: The Great Listing: What Does This Mean For AERGONAUTS? AERGO, one of the largest hybrid blockchains based out of South Korea, is going to be listed on KLAYswap, a decentralized crypto asset finance protocol that enables users to provide liquidity and garner rewards. KLAYswap is a complete and automated on-chain swap protocol that operates and leverages on-chain liquidity

AERGONAUTS And KLAYswap: The Great Listing: What Does This Mean For AERGONAUTS?

AERGO, one of the largest hybrid blockchains based out of South Korea, is going to be listed on KLAYswap, a decentralized crypto asset finance protocol that enables users to provide liquidity and garner rewards. KLAYswap is a complete and automated on-chain swap protocol that operates and leverages on-chain liquidity pools. Liquidity is guaranteed through automated market making mechanisms. KLAYswap enables on-chain swap services for any KLAY or KCT-type token cryptocurrency to become a liquid provider and earn passive income from transaction fee commissions. For AERGOnauts, this enables AERGO token holders to participate in a passive income paradigm simply by utilizing the KLAYswap platform. Now how does this on-chain swap work, it is enabled through a specific innovation, known as the Orbit Bridge.

On KLAYswap, ERC-20 tokens can be transferred throughout the Klaytn ecosystem via a technological innovation known as the Orbit Bridge, a transparent and immutable bridge built on Orbit Chain which in return offers yield farming with assets that were previously disconnected and unable to communicate with one another before the inception of such an innovation. KLAYswap is built on one of the most prominent and secure blockchain protocols within the realm of cryptocurrency, the Klaytn ecosystem, which was created by Kakao. Kakao is one of the most publicly traded Fin-Tech companies in South Korea and has a market capitalization of approximately 30 billion dollars. KakaoTalk is utilized by over 90% of the South Korean populace and KakaoTaxi is the most widely used transportation service throughout the country. AERGO, with a massive foothold within South Korea, has been successfully able to partner with Klaytn and through this partnership, AERGO will have increased liquidity, immutability and the ability for investors to garner passive income by participating in liquidity pools on the network.

AERGO And KLAYswap: The Specifics Of The Event

The AERGO Listing: What This Means For AERGONAUTS and The Klay Community: The Great Airdrop

AERGO is one of the largest blockchains within South Korea, with an extremely development team that has been actively been working with KLAYswap and Orbit Bridge. Today, we’re excited to announce that AERGO will be listed on KLAYswap and an airdrop event will occur as a result of this enhancement of liquidity on KLAYswap! The KAERGO-KLAY LP will airdrop over 300,000 KAERGO tokens to all liquidity providers of the KAERGO-KLAY LP. Wallets that provide liquidity to the KAERGO-KLAY pools will be distributed KAERGO on the basis of the share ratio of that specific wallet. AERGONAUTS will notice that KAERGO is linked to the Orbit Bridge chain that enhances interoperability and communication between chains that have been integrated into the platform; this includes AERGO. KAERGO is the Klaytn version of AERGO, the native token of the AERGO platform that has been bridged over to the Klaytn ecosystem through the utilization of Orbit Bridge.

Participation In The Airdrop: Active Community Involvement: How And When To Connect To KLAYswap

AERGO Community Members, No Matter The Size Of Your Holdings: Can Participate In This Airdrop Based On The Instructions Below

The way for community members to participate in the airdrop is as follows. It is necessary to provide liquidity to the KAERGO-KLAY liquidity pool to receive the airdrop during the event period. To provide liquidity to the KAERGO-KLAY pool, you must have one of those two assets and both can be converted to Klaytn Network assets using the Orbit Bridge. The airdrop event will start on September 16th and end on October 15th and will drop 300,000 Aergo Tokens. Below is a guide to assist you with providing liquidity on the KLAYswap protocol.

Provide Liquidity To The KAERGO-KLAY Pool

This liquidity measure will depend on the coins you have in your wallet, you may choose KAERGO-KLAY as options. If you choose a singular token option, half of the deposit will automatically be converted into the other pair to be deposited into the liquidity pair. Provided below is a Medium article to assist you as well.

It is important to reference that to receive cross-chain assets on Klaytn Network, you must have a Klaytn Network based wallet such as Kaikas, which is a web based wallet, or Klip, which is a mobile based wallet.

Medium : Using swap/providing liquidity/staking & boosting in KLAYswap

Kaikas: https://medium.com/klaytn/kaikas-now-available-in-chrome-and-firefox-4395221f10d6

Kaikas download: https://chrome.google.com/webstore/detail/kaikas/jblndlipeogpafnldhgmapagcccfchpi

Orbit Bridge:
https://bridge.orbitchain.io/

How To Convert Via Orbit Bridge To Klaytn: Cross-Chain Management

Orbit-Chain: Interconnecting Multiple Blockchains To Klaytn

There are a few steps one must take to convert assets through Orbit Bridge, and I wanted to create a step-by-step guide to assist AERGONAUTS in doing so.

Step 1. Select A Coin Or Validator

Step 2: Choose the base chain to convert from, and to. Enter the amount of asset, and the address to receive the assets in.

Make sure all information you plugged in is correct, if it isn’t correct and you press convert, your funds maybe lost!

Step 3: Confirm the entered information, then allow Metamask to confirm the transaction.

Check all information within the Bridge confirmation window prior to pressing “Confirm.” Afterwards, press “Confirm” within MetaMask to confirm the transaction, to complete the transfer over to Klaytn Network.

Step 4: Checking the asset deposited in a Klaytn-based wallet

To check the balance of the sent asset, use [Add Token] menu to add the asset.

To find token contract addresses, please visit the following Klaytn explorer link

Klaytn Scope (Explorer): https://scope.klaytn.com/tokens

*KLAYswap website: https://klayswap.com

*To use KLAYswap, you must have Klaytn Network-based wallet such as Kaikas (Web-based) or Klip (Mobile).

About Kaikas: https://medium.com/klaytn/kaikas-now-available-in-chrome-and-firefox-4395221f10d6

Kaikas download: https://chrome.google.com/webstore/detail/kaikas/jblndlipeogpafnldhgmapagcccfchpi

Klip: https://klipwallet.com

Step 5: Connecting Your Wallet

Step 6: Choose A Liquidity Pool To Deposit Into

Step 7: Use The Deposit Button After Checking All The Information

If you’re using the liquidity pool for the first time, approval maybe required. When prompted, press approval. This will automatically trigger a transaction request to Kaikas wallet, which you can verify by clicking on the “Confirm” button.

Step 8: Confirm The Deposited Asset In The Pool And How To Claim Rewards

When the deposit is complete, the applicable reward rate to the pool is distributed to the depositer in real time. The deposited assets can be checked in the “My Deposit” section while rewards can be checked with the “Claim Rewards” section.

Conclusion: An Exciting Initiative: An Expansion For AERGO and Klaytn

The AERGO team is pleased and excited to be part of one of the largest liquidity-pool-yield-farming protocols within the blockchain sphere, KLAYswap. As South Korean companies, this partnership is set to continuously foster and flourish as the two communities and chains interconnect and interact with one another resulting from this initiative. For those who own AERGO token, we cordially invite you to participate in this event to receive free KAERGO tokens. This is an exciting step for the AERGO project, and we look forward to sharing more announcements with you soon!

Disclaimer: Cryptocurrency investing and gambling requires substantial risk, do not invest or gamble more than you can afford to lose! I am not a financial adviser and I am not responsible for any of your trades. It is incumbent that you always do your own research before investing in anything!

Airdrops From AERGO: The Great Klaytn Event was originally published in Aergo blog on Medium, where people are continuing the conversation by highlighting and responding to this story.


Blockchain Commons

Principal Authority: A New Perspective on Self-Sovereign Identity

This summer, we’ve been iterating through an article intended to talk about the success that Blockchain Commons has had working with the Wyoming legislature to help to define a first-in-the-country legal definition of digital identity. The Digital Identity Working Group for the Wyoming Select Committee on Blockchain meets again next week, on September 21-22, 2021. I will be providing testimony ther

This summer, we’ve been iterating through an article intended to talk about the success that Blockchain Commons has had working with the Wyoming legislature to help to define a first-in-the-country legal definition of digital identity.

The Digital Identity Working Group for the Wyoming Select Committee on Blockchain meets again next week, on September 21-22, 2021. I will be providing testimony there at 2pm MST. As a result, we’ve decided to release the current draft of this article on digital identity and how Wyoming has defined it using Principal Authority, with the goal of helping to shape the agenda for digital identity for the next year, both in Wyoming and elsewhere.

—Christopher Allen

In 2016, I wrote “The Path to Self-Sovereign Identity” to talk about the historic evolution from centralized identity to user-centric identity and to define the next step: a self-sovereign digital identity that was controlled by the user, not some third party. In it I also offered 10 Self-Sovereign Identity Principles which have been widely accepted by the decentralized identity community.

Self-sovereign identity has matured and grown considerably since, as I chronicled in “Self-Sovereign Identity: Five Years On”. There are now specifications, products, and entire companies supporting the concept. However, recent legal efforts to define self-sovereign identity may be just as important for catapulting it into the mass market.

Read More Defining Identity

Defining identity is by no means easy. That core topic could encompass a paper much longer than this. The following are some various definitions of identity drawn from the RWOT Glossary:

Identifier: A label that refers to an entity and can be used to establish or maintain an identity. For example, a name or UID.

Identity: A conceptual construct that enables the differentiation between distinct entities that are individually considered to be unique, but which may possess class or group characteristics. An identity gives these entities the ability to interact as peers in collaborative or competitive ways. It is not the entity that it represents.

Identity, Digital: A digital representation of an entity, managed by digital tools, over which that entity has personal or delegated control.

Identity, Functional: How we recognize, remember and respond to specific people and things.

SSI: Self-sovereign identity. A decentralized digital identity that does not depend on any centralized authority and whose information is portable.

Digital identity is just one aspect of a complex, interconnected web of different digital models. It’s not the same thing as identification (where you prove you are a distinct entity with unique characteristics), authentication (where you prove you were the same entity as before), or personal data (which is information related to an identified or identifiable entity).

Those other elements all need to be considered, but it’s digital identity, and now self-sovereign identity, that gives us the linchpin to do so.

Turning Digital Identity into Law

For self-sovereign identity to truly achieve international success, I feel that it needs to not just be embraced by the technological sector, but also to have a basis in law. In recent years, I’ve been progressing toward that goal through work with various state and national legislatures.

Collaborating with the Wyoming legislature has borne the first fruit. This year they passed SF0039 on digital identity, which the Governor signed into law and which went into effect on July 1, 2021. It defines digital identity as follows:

(xviii) “Personal digital identity” means the intangible digital representation of, by and for a natural person, over which he has principal authority and through which he intentionally communicates or acts.

So where’s the self-sovereign identity in that?

As with much legislation, it’s all about the careful selection of words.

Defining Principal Authority

To understand how Principal Authority relates to self-sovereign identity requires insight into what Principal Authority is. The concept comes out of English Common law. It appears in most Commonwealth countries but has also found its way into the laws of other countries, including the United States. It’s primarily used in the Laws of Agency, an area of commercial law where an agent is empowered to take on certain tasks.

As the name would suggest, Principal Authority first requires a Principal: a person or entity. It then requires that entity have Authority: some power. Principal Authority is thus the power derived from a person or entity, which they can use or which they can delegate out to others. When applied to digital identity, Principal Authority says that a Principal has Authority over his identity — which is a clear restatement of self-sovereign principles.

In fact, the recognition of a Principal is itself a statement of the first of the principles of self-sovereign identity: existence. It asserts that digital identity is always a representation of an actual entity, who predates any digital representation, and who is also the first and foremost beneficiary of that representation.

However, in drawing on the Laws of Agency, the concepts of Principal and Principal Authority go beyond that. Because the person at the heart of an identity has the ultimate power to control the self-sovereign digital representation that they’ve created (and/or that they use), this means that any others who exert Principal Authority over that identity data are doing so only as agents of the Principal.

By focusing on Agency, the concept of Principal Authority also ensures that the Principal always has the ability to revoke their delegation to the agents whom they have temporarily offered Authority regarding their identity. This is a requirement for other self-sovereign principles such as portability, and it’s a real necessity in the digital world, where we might need to delete personal data or to cancel Terms & Conditions that we signed without real, informed consent.

Altogether, this new definition of Principal Authority adds a lot of nuance to self-sovereign identity, and much of that comes thanks to the implicit incorporation of Agency.

Defining Control

In saying that a Principal has the ultimate authority to control their digital identity, care also needs to be taken to define what that control means. It means that a Principal has (or can delegate) the Principal Authority to identify as that identity; to authenticate as that identity; and to know the contents of the data held by that identity.

However, any digital identity also exists as part of a larger ecosystem, and the Principal does not have control over the larger ecosystem. They cannot control how other entities rate, rank, or note the reputation of their identity; and they cannot control comments, flags, or other notes that other entities might attach to their identity.

Further, a Principal cannot necessarily prevent other entities from creating new digital identities related to them, which may or may not link to an existing identity. (Though states are increasingly recognizing the limits of voluntary disclosure of information, digital identity laws will ultimately never prevent a police station from creating their own identity record related to a criminal, or a civic authority from creating government-related identity records.)

In other words, self-sovereign identity, and the establishment of Principal Authority over it, lays down boundaries for what the Principal controls — boundaries that are much wider than those established for digital identities controlled by third parties. However, those boundaries still exist.

Fundamentally, control of a digital identity means that the Principal can expect to maintain the continuity of that identity for as long as they see fit, but in doing so must accept the battle scars inflicted by interactions in a larger ecosystem that are implicit to the identity itself.

Agents & Their Duty

The ability to delegate Principal Authority, as revealed by the Laws of Agency, may be as crucial to self-sovereign identity as the concept of a Principal itself. It allows the empowerment of agents by a Principal — who might be physical agents or, in the increasingly digital world, virtual agents. But, it also institutes the core requirement that those agents be working for the good of the Principal when they are exerting Principal Authority over the identity holder’s identity data.

This concept of “duty” is crucial to the Laws of Agency. Duty requires that an Agent only use their delegated Principal Authority as the Principal requests, in a way that benefits the Principal, and with care and due diligence, while frequently reporting back what they’ve done.

This is a notable change from the way that digital identities have been treated traditionally. Compare that to banks, who represent you in financial transactions, and then sell your spending data; compare that to Facebook, who collects as much personally identifiable data and other information as you’re willing to give them, then sells that to advertisers; or compare it to Google, who infers personally identifiable and demographic data based on the information you input into their tools and the choices you make. In large part, you don’t even know what these identity representatives and data holders are doing. In the world before Europe’s GDPR or California’s CCPA, you had little input into their actions. Even now, with those early and rough attempts to protect digital self-sovereignty, you’re typically opting-out, not opting-in — which is barely agency at all — and you’re still not protected against people who are self-serving nor those who are inferring information from scattered pieces of data.

That’s because any duties currently required of the entities to whom you grant agency over your data are quite minimal. Maybe there’s a duty of privacy, maybe there’s a duty of safety, but in general they don’t need to work in your best interest. That’s why we need to ensure that new definitions of digital identity, particularly self-sovereign identity, follow the Laws of Agency in ways that our current systems do not.

This sort of agent agreement needs to be part of delegation. To date, this has been true to a limited extent with federation protocols such as SAML and Oauth, but that needs to be extended to every person. Wyoming’s digital-identity law is the first example of legislation that focuses on Agency in this way, and that’s much of its power.

However, this isn’t a simple issue. Even with Agency-focused legislation, we need to determine a source for duties. This article will try to outline some of them, using not just the traditional duties of agents, but also the self-sovereign principles themselves. However, it’s a mere starting point, with a stronger legal foundation required.

Principal Authority & The State

Before defining duties, it’s important to note one other interesting element of Principal Authority and its foundation in Agency: it focuses not just on a single person’s authority, but also on their ability to delegate to and require duties from other entities. In other words, it’s a peer-to-peer relationship; this relationship works within the context of a state who recognizes the concept of Principal Authority, respects its ability to enable Agency, and enforces its established duties.

However, though the state is involved, this peer-to-peer relationship still lies in stark contrast to traditional property law, where property is always in some way beholden to the state: the state might be the original source for property, they might be able to reclaim it by eminent domain, and they might be able to seize it through asset forfeiture. Those ideas all run counter to the idea of self-sovereignty — which is yet another reason that we choose to focus on the Agency of Principal Authority, not property law, as the core legal metaphor for self-sovereign identity.

Restating the Self-Sovereign Principles

The use of Principal Authority to empower self-sovereign identity provides a legal foothold for many of my original 10 principles.

What follows is a restatement of the self-sovereign principles that reorganizes the original ten as rights and duties that are suggested by customs, expectations, and best practices, but which need to be better codified to become true duties. It also proposes five additional duties that could come from customs implicit in the Laws of Agency.

Together, these ideas may allow us to both better understand how to turn the self-sovereign principles into concrete usage and also to more easily translate them into duties bound by legislation.

The Rights of Self-Sovereign Authority

Some principles of self-sovereign identity are implicit in the idea of a Principal.

Existence. The definition of Principal requires that there be a real entity at an identity’s heart. Control. The definition of Principal Authority says that the Principal always retains control of an identity, within specifically defined boundaries, no matter who is holding it at a particular time. Persistence. Because of their uncontested Principal Authority, a Principal may decide to have an identity last for as long as they see fit. Consent. Anything that happens within the defined boundaries of the digital identity is implicitly with the consent of the Principal, who may delegate or revoke Principal Authority at any time.

Self-sovereign rights recognize that an identity exists to benefit its Principal. These core principles likely derive explicitly from a definition of digital identity such as that created by the Wyoming legislature.

The Duties of Self-Sovereign Identity

The remaining principles of self-sovereign identity can be stated as duties owed to a Principal by an agent who has been granted Principal Authority over an identity for certain purposes.

Access. An agent must provide the Principal with access to data related to their digital identity. Transparency. An agent must be open about how they will administer a digital identity. Portability. An agent must make a digital identity portable upon the request of the Principal. Interoperability. An agent must use standard, interoperable protocols when making an identity portable, and should also use those interoperable protocols when interacting with other identity systems. Minimization. An agent must minimize the data collected, stored, transmitted, and shared regarding an identity so that it only includes data that is strictly necessary in the context of a request made by the Principal. Protection. An agent must place the protection of the identity above their own needs or desires.

Identity duties says that agents will tell you how they’re using your identity, use it in the most minimalist way possible, and make it easy for you to reclaim the identity. However, legislation may be required to turn these best practices into duties bound by law.

The Duties of Self-Sovereign Agents

The idea of Principal Authority itself suggests additional duties that were not included on the original list of principles of self-sovereign identity, but which are generally defined in the Laws of Agency to be due from agents to Principals.

Specificity. An Agent will use Principal Authority to serve specific tasks as instructed by the Principal, or as required by Custom, and do nothing more with an identity. Responsibility. An agent will serve those tasks with reasonable care and skill, with due diligence, and without further delegation. Representation. An agent will act in the best interests of the Principal, without secret profit, and will not take on other responsibilities that might conflict with that. Fidelity. An agent will serve those tasks in good faith. Disclosure. An agent will maintain accounts and report their actions back to the Principal.

Agent duties say that agents will be trustworthy in their use of your identity. These duties are more likely to implicitly be a part of any legislation that was built atop the Laws of Agency.

Taking the Next Steps

Wyoming’s definition of personal digital identity helps us to lay more foundation for self-sovereign identity, but it’s still just a starting point.

There’s more to do.

Laws of Custom

To start with, the Laws of Agency are largely built on Laws of Custom, which are as likely to be common law as any formally codified legislation. When creating new laws related to self-sovereign identity, we’ll be creating new Laws of Customs for the digital frontier, an area that’s so fresh that the tradition of customs has been limited.

This creates real challenges, as we must decide what customs we want to create and then we must develop them from common law to legal customs to (eventually) codified duties. We can integrate these with the Laws of Agency, and we can figure out how that interrelates with old common laws such as the Use Laws. We may even need special courts to set these common laws and achieve remedies, such as the Court of Chancery.

Fundamentally, there’s a lot of work to be done here; recognizing the existence of a Principal and the use of delegatable Principal Authority bound by the Laws of Agency is just a starting place. New customs, even though understood as best practices, will not automatically become legal duties.

Open Questions

Beyond that, I’m not a lawyer. There may be other legal elements that can support our definition of digital identity. Are there additional duties that we could bring in? Are there fiduciary or agency laws that we could leverage? Are there other legal models of interest we can draw from, such as the UNCITRAL Model Law of Electronic Commerce approach, which says that “The actions, promises, rights and obligations of a person shall not be denied legal validity on the sole ground they are effectuated through their digital identity”? These possibilities need to be studied, preferably with the help of legal experts.

Even once we’ve fully defined digital identity, we still must consider how digital identity may need to be more carefully protected. Are there ways we can give specific protection to private keys used for signatures and to express authority? Can we protect against the theft of private keys that might allow impersonation or false witness? Can we prevent the misuse of digital biometric or genetic information? Can we protect against other “crimes of authority”?

There’s also a flipside: digital identity should give us some new advantages not found in traditional identity. For example, there have always been problems with individuals with low market power being at a disadvantage when negotiating with larger parties. Can new digital identity laws help start to resolve that imbalance?

Final Notes

One of the most important steps going forward will be to continue working with the Digital Identity subcommittee in the Wyoming legislature. However, I’d also welcome discussions with other states and nations, to ensure that we have great definitions of digital identity that support self-sovereign identity everywhere.

If this is important to you too, consider supporting Blockchain Commons to make this a reality.

Offering Some Thanks

This article was written by Christopher Allen with Shannon Appelcline. Thanks to commentators who made time to talk to us about it, including Joe Andrieu, Dazza Greenwood, and Clare Sullivan. (Our conclusions are ours; they may or may not agree with them.)

Many thanks to Wyoming State Senator Chris Rothfuss who invited me to join the Wyoming Digital Identity subcommittee and to the others members of the Digital Identity subcommittee in the Wyoming legislature, including Brittany Kaiser, Carla Reyes, Diedrich Henning, Scott David, and once more Clare Sullivan and Dazza Greenwood. Thanks to their hard work, Wyoming now offers the first definitions of personal digital identity in the United States, laying the foundation for these additional ideas.

Tuesday, 14. September 2021

KuppingerCole

IATA Travel Pass - Self Sovereignty in Action

Self-sovereign identity has been a hot topic at EIC since 2016. We've seen it rapidly go from concept to reality, with a massive increase in global interest from car manufacturers to banks to healthcare. We've seen innovative pilot projects, new software and exciting new privacy innovations.  But what happens when advanced new technology and protocols come into contact with the real
Self-sovereign identity has been a hot topic at EIC since 2016. We've seen it rapidly go from concept to reality, with a massive increase in global interest from car manufacturers to banks to healthcare. We've seen innovative pilot projects, new software and exciting new privacy innovations.  But what happens when advanced new technology and protocols come into contact with the real world? In this talk, Andy will describe how SSI underpins the IATA Travel Pass ecosystem. He'll cover some of the implementation challenges, the do's and don'ts, and describe how the technology is just one small cog in the machine that comprises airlines, airports, testing laboratories and governments around the world.  As IATA's technology partner, Evernym has been at the centre of the storm of global travel pass innovation, and Andy will give you a look under the covers of what a global SSI rollout looks like. Andrew Tobin, European Managing Director, Evernym


The Future of Blockchain in the Enterprise

Looking at the digital transformation in the industries and the relevance Blockchain / DLT will have. Moritz von Bonin, Head of Blockchain & DLT Solutions, Deutsche Bahn

Looking at the digital transformation in the industries and the relevance Blockchain / DLT will have.

Moritz von Bonin, Head of Blockchain & DLT Solutions, Deutsche Bahn


Panel | From Piecemeal to Strategic Priority: What CISOs need to know about CIEM

CIEM (Cloud Infrastructure Entitlement Management) is a SAAS delivered, converged approach to next generation, ideally AI driven multi-cloud security, managing access and privileges in the cloud. It is playing across the disciplines Identity Management & Governance, Access, Privilege Management and Authentication, addressing the complexity of multi-cloud adoption with privilege & access ma

CIEM (Cloud Infrastructure Entitlement Management) is a SAAS delivered, converged approach to next generation, ideally AI driven multi-cloud security, managing access and privileges in the cloud. It is playing across the disciplines Identity Management & Governance, Access, Privilege Management and Authentication, addressing the complexity of multi-cloud adoption with privilege & access management working differently for each provider.

Gerry Gebel, Head of Standards, Strata Identity, Inc David Higgins, EMEA Technical Director, CyberArk Jon Lehtinen, Director, Okta Patrick Parker, Founder and CEO, EmpowerID Matthias Reinwarth, Lead Advisor & Senior Analyst, KuppingerCole


Exploring the Future of AI

Anne Bailey, Analyst, KuppingerCole
Anne Bailey, Analyst, KuppingerCole


Panel | Bringing the Global Assured Identity Network (GAIN) to Reality

Donna Beatty, Digital Identity Industry Expert, Digital Identity Vittorio Bertocci, Principal Architect, Auth0 Daniel Goldscheider, CEO, yes.com Don Thibeau, Executive Director, OpenID Foundation
Donna Beatty, Digital Identity Industry Expert, Digital Identity Vittorio Bertocci, Principal Architect, Auth0 Daniel Goldscheider, CEO, yes.com Don Thibeau, Executive Director, OpenID Foundation


From Zero to Full Domain Admin: The Real-World Story of a Ransomware Attack

Joseph Carson, Chief Security Scientist & Advisory CISO, Thycotic
Joseph Carson, Chief Security Scientist & Advisory CISO, Thycotic


Identity in Zero Trust model

Anoop Mangla, Cybersecurity Practice Director, Wipro
Anoop Mangla, Cybersecurity Practice Director, Wipro


Decentralized Identity and the US Dept. of Homeland Security

Markus Sabadello, CEO, Danube Tech
Markus Sabadello, CEO, Danube Tech


Digital Keys and Secrets: When to Manage Them, When to Get Rid of Them

Hybrid IT environments are full of secrets, like tokens, passwords, certificates and encryption keys that open access to mission-critical information. The emergence of concepts like Zero Trust authentication, Just-in-Time access and Zero Standing Privileges suggests that these access secrets don’t need to be permanent. Instead they can be created on the fly and made to expire automatically, paving

Hybrid IT environments are full of secrets, like tokens, passwords, certificates and encryption keys that open access to mission-critical information. The emergence of concepts like Zero Trust authentication, Just-in-Time access and Zero Standing Privileges suggests that these access secrets don’t need to be permanent. Instead they can be created on the fly and made to expire automatically, paving way for the future where secrets or passwords no longer need to be managed and vaulted at all.

SSH.COM's CTO, Miikka Sainio, explores how reducing the number of permanent secrets enterprises manage in dynamic environments improves security, operational velocity cost-efficiency. He also discusses why managing and vaulting secrets is still a necessary phase in many cases when companies adopt modern and future-proof methods.

Miikka Sainio, CTO, SSH




In-house OAuth/OIDC infrastructure as a competitive advantage

Leading service providers have started developing their software in-house to achieve competitive business advantages.

Leading service providers have started developing their software in-house to achieve competitive business advantages.




Solving the Access Challenge in Cloud Migration

Berno Snijder, Account Lead Security, Accenture
Berno Snijder, Account Lead Security, Accenture


Digital Onboarding

Enterprise hiring in the time of Covid is putting greater emphasis on supporting remote on boarding of new employees. This creates new challenges for the IAM team as it is no longer self evident that new contractors and employees to show up at a physical helpdesk, provide ID and pick up their new accounts. How do you organize the remote onboarding and are there technologies and approaches that

Enterprise hiring in the time of Covid is putting greater emphasis on supporting remote on boarding of new employees. This creates new challenges for the IAM team as it is no longer self evident that new contractors and employees to show up at a physical helpdesk, provide ID and pick up their new accounts. How do you organize the remote onboarding and are there technologies and approaches that are used in digital customer onboarding and KYC processes that can be leveraged to also handle employee onboarding?

Another important aspect is that remote working has become the norm and securing the remote connections is critical. A big part of that effort is to implement MFA at scale but in this situation how do you handle the roll out of the MFA when the users are not present in the office?

How do you support remote onboarding at scale?
How do you roll out MFA to a 100 000 people organisation?
What is the future for remote onboarding of contractors and employees?

Martin Sandren, Manager IAM, AholdDelhaize


Panel | Identity vs Authorization - Where to Draw the Line

We will look at OAuth protocol and its misusage for authorization purposes. What is the difference between client and user authorization and at which stage should each happen? We will revise what Identity is at its core and what should or should not be part of it. And what about Group Membership – a ‘domain-driven’ advise how to triage roles between Identity and Authorization. All these best p

We will look at OAuth protocol and its misusage for authorization purposes. What is the difference between client and user authorization and at which stage should each happen? We will revise what Identity is at its core and what should or should not be part of it. And what about Group Membership – a ‘domain-driven’ advise how to triage roles between Identity and Authorization. All these best practices are backed by real-life experience.

- OAuth and its misusage as an authorization protocol
- Essence of Identity
- Difference between client authorization and user authorization in the context of OAuth
- Group Membership – where do roles belong?
- Theory backed by practice

Hristomir Hristov, Solutions Architect, KPMG Martin Manov, Software Architect, Cobuilder International Fabian Süß, Project Manager, KuppingerCole


Security & Identity: How Hindsight Helps Us Plan for the Future

Our approach to security across all aspects of our lives has changed considerably over the last 20 years. From firewalls to the cloud, Max Faun explores how security technology has evolved since the start of the millennium. One size no longer fits all but everything does come down to trust, or lack of it! Is Zero Trust the way forward for an identity-centric secure future? Max looks at four

Our approach to security across all aspects of our lives has changed considerably over the last 20 years. From firewalls to the cloud, Max Faun explores how security technology has evolved since the start of the millennium.

One size no longer fits all but everything does come down to trust, or lack of it! Is Zero Trust the way forward for an identity-centric secure future? Max looks at four pillars that businesses and individuals can apply to gain trust back and reap the benefits. 

Max Faun, Head of Consulting, Europe, Okta


Programming People: How to implement 'AI for good'

Artificial Intelligence is a little bit like sex: Everyone talks about it, very few people actually do it and if you don't do it safely, the consequences can be devastating. This session will give you a basic understanding of what you (yes, you!) can do to implement "ethical" AI systems in your organization and enjoy the promising opportunities this new tool offers while being aware of its limitat

Artificial Intelligence is a little bit like sex: Everyone talks about it, very few people actually do it and if you don't do it safely, the consequences can be devastating. This session will give you a basic understanding of what you (yes, you!) can do to implement "ethical" AI systems in your organization and enjoy the promising opportunities this new tool offers while being aware of its limitations and risks.

Anita Klingel, Senior Consultant, PD


Proactive and Polymorphic Adaptation of Multi-Cloud Deployments

During the last couple of years, hybrid and multi-cloud solutions are becoming very popular. With the emerging cloud options, modern enterprises increasingly rely on hybrid cloud solutions to meet their computational demands by acquiring additional resources from public clouds dynamically as per their needs. Alicja Reniewicz, Team Leader, 7bulls.com Paweł Skrzypek, Chief Architect, 7bulls.com

During the last couple of years, hybrid and multi-cloud solutions are becoming very popular. With the emerging cloud options, modern enterprises increasingly rely on hybrid cloud solutions to meet their computational demands by acquiring additional resources from public clouds dynamically as per their needs.

Alicja Reniewicz, Team Leader, 7bulls.com Paweł Skrzypek, Chief Architect, 7bulls.com Sp. z o.o.


Digital Onboarding Game Change: Face Verification and Liveness Detection

2020 will be eternally known as “The Year of COVID.” It will also be known as the year remote digital onboarding was near instantaneously transformed from a strategic, forward-thinking business development objective to an urgent, mission critical business priority. This has accelerated the adoption of biometric face recognition and liveness detection to create secure, trusted, and frictionless onb

2020 will be eternally known as “The Year of COVID.” It will also be known as the year remote digital onboarding was near instantaneously transformed from a strategic, forward-thinking business development objective to an urgent, mission critical business priority. This has accelerated the adoption of biometric face recognition and liveness detection to create secure, trusted, and frictionless onboarding experiences.

The market landscape is being shaped by a range of innovators. From biometric face recognition and liveness technology providers to targeted digital onboarding and identity verification platforms, to the identity BIG THREE: IDEMIA, NEC, and Thales; everyone wants in. The market is heating up as the stakes couldn't be higher.

Using Acuity’s proprietary Constellation market landscape model as context, the current state of play will be evaluated in terms of the key market sectors, drivers, challenges, and opportunities for real world problem solving and disruptive innovation.

C. Maxine Most, Principal, Acuity Market Intelligence


PAM 101

Paul Fisher, Senior Analyst, KuppingerCole
Paul Fisher, Senior Analyst, KuppingerCole


Clouds for all Seasons

Cloud services have enabled organizations to exploit leading edge technologies without the need for large capital expenditure.  In addition, to survive the COVID pandemic, organizations have had to accelerate their use of these services.  The market for these services is forecast to grow significantly as organizations complete their digit

Cloud services have enabled organizations to exploit leading edge technologies without the need for large capital expenditure.  In addition, to survive the COVID pandemic, organizations have had to accelerate their use of these services.  The market for these services is forecast to grow significantly as organizations complete their digital transformation and move, migrate, or modernize their IT systems.  However, according to some estimates only around 4% of enterprise workloads have currently been moved to the public cloud.  The factors limiting this growth are the challenges faced by organizations of managing the security and compliance of this new complex hybrid IT environment.  This presentation will describe how we expect the market for cloud services to evolve and the key changes needed to help organizations to manage these challenges. 

Mike Small, Senior Analyst, KuppingerCole


Secrets in the Clouds: The Journey of Digital Vaults to Cloud

When we traditionally think of vaults, we expect them to be in the close vicinity of a user. In our rapidly digitising world, the nature of such vaults have transformed as well. Data *(or Password, whichever word you think is correct)* vaults which are expected to be located on premises are now digital, making ownership of these vaults and access to these vaults critical functions for an organisat

When we traditionally think of vaults, we expect them to be in the close vicinity of a user. In our rapidly digitising world, the nature of such vaults have transformed as well. Data *(or Password, whichever word you think is correct)* vaults which are expected to be located on premises are now digital, making ownership of these vaults and access to these vaults critical functions for an organisation. The Cloud hosts a lot of secrets and this journey of vaults becoming digital and part of Cloud Environments is nothing but fascinating.

Anil Bhandari, Chief Mentor & Thought Leader, ARCON TechSolutions


Cloud Infrastructure Entitlement Management (CIEM): Advancing from Cloud First to Identity First

Matthias Reinwarth, Lead Advisor & Senior Analyst, KuppingerCole
Matthias Reinwarth, Lead Advisor & Senior Analyst, KuppingerCole


The Ethical Part of AI Governance

The Ethical Part of AI Governance – my personal learning journey This talk is about my personal learning journey in AI and AI Ethics together with Bosch. I want to share what brought me to AI and AI Ethics personally and professionally and what instrument is used at Bosch to bring AI Ethics to life. Sina Brandstetter, Software Engineer and Solution Architect, Robert Bosch GmbH

The Ethical Part of AI Governance – my personal learning journey

This talk is about my personal learning journey in AI and AI Ethics together with Bosch. I want to share what brought me to AI and AI Ethics personally and professionally and what instrument is used at Bosch to bring AI Ethics to life.

Sina Brandstetter, Software Engineer and Solution Architect, Robert Bosch GmbH


"That’s Not Fair!": Detecting Algorithmic Bias with Open-Source Tools

The harm that the misuse of AI/ML can have is obvious, from the ProPublica Recidivism piece from 2016 to the latest discovery of bias in facial recognition classifiers by Joy Buolamwini.   The need for tools to use AI/ML ethically is concentrated in two particular areas: transparency and fairness. Transparency involves knowing why an ML system came to the conclusion that it did—something

The harm that the misuse of AI/ML can have is obvious, from the ProPublica Recidivism piece from 2016 to the latest discovery of bias in facial recognition classifiers by Joy Buolamwini.

 

The need for tools to use AI/ML ethically is concentrated in two particular areas: transparency and fairness. Transparency involves knowing why an ML system came to the conclusion that it did—something that is essential if we are to identity bias. In some forms of ML, this is difficult. We’ll cover two tools to assist with transparency: LIME and SHAP. We’ll highlight where each of these tools performs well and poorly, and provide recommendations for utilizing them in unison where appropriate.

 

Once transparency is established, we’ll pause to evaluate potential sources of bias that would affect the fairness of a particular algorithm. Here the number of tools available is far-reaching. We’ll start with an explanation of bias metrics, explaining the roles that true/false positives and true/false negatives play in calculating various accuracy metrics. The basics of fairness established, then we will explore various tools used against a few, publicly available sample ML implementations. Tools in this review will include: Aequitas, AIF360, Audit-AI, FairML, Fairness Comparison, Fairness Measures, FairTest, Themis™, and Themis-ML. We’ll compare these tools, providing recommendations on their usage and profiling their strengths and weaknesses.

Mike Kiser, Senior Identity Strategist, SailPoint


Security Automation in the Financial Sector: Research Findings, Best Practices, and Lessons Learned

This presentation combines the findings of a doctoral study into security automation in the financial sector with real-world experiences in implementing security automation. The research focused on strategies financial institutions need to reduce the gap between the attacker's time to compromise and the defender's time to detect and respond. Learn from the experiences of companies that have implem

This presentation combines the findings of a doctoral study into security automation in the financial sector with real-world experiences in implementing security automation. The research focused on strategies financial institutions need to reduce the gap between the attacker's time to compromise and the defender's time to detect and respond. Learn from the experiences of companies that have implemented or are implementing security automation. This session will look at what to expect from security automation (and what not to expect), how to decide what to automate, strategies to help ensure a successful security automation program, and lessons learned from success and failure.

Dr. Donnie Wendt, Principal Security Researcher, MasterCard


Why must CISOs and security leaders let IAM drive their cloud security adoption?

As organizations expand their cloud footprint to accelerate innovation and digital transformation, increased security risks pose an imminent and elevated threat to their growing cloud presence. The market is overwhelmed with numerous security technologies, approaches and frameworks for securing an organization’s cloud adoption journey, but security leaders and architects must meticulously assess t

As organizations expand their cloud footprint to accelerate innovation and digital transformation, increased security risks pose an imminent and elevated threat to their growing cloud presence. The market is overwhelmed with numerous security technologies, approaches and frameworks for securing an organization’s cloud adoption journey, but security leaders and architects must meticulously assess the security risks associated with their cloud usage, migration patterns and digital interactions with customers, employees and partners to suite their business requirements and cloud security priorities.

Identity and Access Management (IAM) remains one of the key security disciplines to support digital transformation and cloud adoption objectives, by not only providing a secure identity and access foundation for the user, device and cloud-service types but also by offering additional cloud-specific security provisions that include cloud access management, cloud entitlement management, cloud privileged access and cloud access governance to its evolving technology portfolio.

In this session, we will discuss the important security tenets of an organization's cloud adoption program and how effective IAM architecture and planning can help navigate CISOs and security leaders through their cloud adoption journey.

Anmol Singh, Sr. Cloud Security Advisor, Microsoft


Picos and Decentralized SSI Agencies

Picos (persistent compute objects) are an actor-model programming system with long-term persistent state. Each pico also has persistent identity and availability for a cloud-native developer experience. Picos are DIDComm-enabled agents supporting SSI. Consequently, picos are capable of running specialized application protocols for any given workflow in a secure, cryptographic environment. The arch

Picos (persistent compute objects) are an actor-model programming system with long-term persistent state. Each pico also has persistent identity and availability for a cloud-native developer experience. Picos are DIDComm-enabled agents supporting SSI. Consequently, picos are capable of running specialized application protocols for any given workflow in a secure, cryptographic environment. The architecture of picos makes them independent of the runtime they executed on, holding out hope of a decentralized SSI agency. This talk introduces picos, demonstrates their DIDComm capabilities, and presents a roadmap for building a decentralized SSI agency, independent of any particular organization.

Dr. Phil Windley, Enterprise Architect, Brigham Young University


Panel | Managing Zero Standing Access

Horst Bliedung, Head of IAM Product Management, Atos Paul Fisher, Senior Analyst, KuppingerCole Vadim Lander, Chief Technology Officer and Distinguished Engineer, Symantec Identity Security, Broadcom Brandon Nolan, Global Digital Identity Lead, Avanade Patrick Parker, Founder and CEO, EmpowerID
Horst Bliedung, Head of IAM Product Management, Atos Paul Fisher, Senior Analyst, KuppingerCole Vadim Lander, Chief Technology Officer and Distinguished Engineer, Symantec Identity Security, Broadcom Brandon Nolan, Global Digital Identity Lead, Avanade Patrick Parker, Founder and CEO, EmpowerID


Cloudification of Access Management – Lessons Learned from the Migration of a Large-scale Production System

Access Management is a crucial capability in the IT infrastructure of any Enterprise. But it is even further crucial, when the whole application landscape is integrated, i.e., more than 1,800 applications used by millions of users. Back in 2017 we modernized the existing access infrastructure and set up ForgeRock as its successor on-premises in our data center. With rising demands regarding av

Access Management is a crucial capability in the IT infrastructure of any Enterprise. But it is even further crucial, when the whole application landscape is integrated, i.e., more than 1,800 applications used by millions of users. Back in 2017 we modernized the existing access infrastructure and set up ForgeRock as its successor on-premises in our data center. With rising demands regarding availability, scalability, and support for market-specific customizations, as well as more products and applications are going to the cloud, it became increasingly clear that project will have to cloudify its infrastructure and application stack. The future setup should follow modern paradigms like GitOps, Everything as Code and making use of highly automated processes based on Service Layers, all whilst keeping the integrated applications up and running and migrating the product stack to the AWS (Amazon Web Services) cloud.

Key Takeaways:

- How does a target architecture look like
- What challenges will appear when it comes to the migration
- How to ensure the migration to the cloud, whilst minimizing the effect for all integrated applications

Dr. Heiko Klarl, Chief Marketing and Sales Officer, iC Consult Group Stephanus Rieger, Product Owner, BMW AG


Addressing Multi-cloud Identity Challenges with a New Standard: IDQL

The trend toward adopting multiple cloud providers means identity is now distributed, rendering traditional, centralized access policies and perimeters obsolete. As a result, the way we think about identity and access management (IAM) has to change. This session will present Identity Query Language (IDQL), a new standard for identity and access policy orchestration across distributed and multi-clo

The trend toward adopting multiple cloud providers means identity is now distributed, rendering traditional, centralized access policies and perimeters obsolete. As a result, the way we think about identity and access management (IAM) has to change. This session will present Identity Query Language (IDQL), a new standard for identity and access policy orchestration across distributed and multi-cloud environments.

Gerry Gebel, Head of Standards, Strata Identity, Inc


Beyond Blockchain: New Frameworks for Data Privacy and Security

The reason to use biometrics as a form of identity is because they are unique, unchanging and are the one direct and unequivocal link to an individual. But what if these identifiers are compromised? This is not a hypothetical scenario as the U.S. Office of Personnel Management breach sadly taught us several years ago. For years, this has been a conundrum in the world of biometrics - to store the d

The reason to use biometrics as a form of identity is because they are unique, unchanging and are the one direct and unequivocal link to an individual. But what if these identifiers are compromised? This is not a hypothetical scenario as the U.S. Office of Personnel Management breach sadly taught us several years ago. For years, this has been a conundrum in the world of biometrics - to store the data in a centralized system that has to be protected or choose device-based biometrics that are not linked to a vetted physical identity. In this never-ending loop of having to choose between privacy and security, we as a society have ended up with neither. This is about to change.

There are multiple forces now converging, that are driving serious attention and urgency to solve this problem as never before - continued, massive data breaches, skyrocketing use of biometrics and the emergence of far-reaching privacy and data protection laws that put the onus on protecting personal data on the private sector.

Owning personal data, and especially biometrics, has become a hot potato. Noone wants to hold it, but it is necessary for doing business. Consumers on the other hand are asking for more control. As a result, we are seeing new frameworks emerge, frameworks that go beyond blockchain and take into account the need for holistic, decentralized identity management that binds a rooted identity to a trusted authentication key that cannot be stolen, lost or circumvented by fraudsters operating under assumed identities with stolen PII.

Join us as we take you through a journey of what these new frameworks look like and the new possibilities that emerge when there is no binary choice to be made between privacy and security. It will finally be possible to have both.

Frances Zelazny, Co-Founder & CEO, Anonybit


Customer External Digital Identity, What is it, What can you use it for and Should you Play

The debate on Customer External Digital Identity has reached fever pitch. This session takes a step back and looks at how Customer External Digital Identity can enable Trust between individuals and organisations in many sectors, what that allows organisations and individuals to do and also looks at the different roles that you might choose for your organisation. Martin Ingram, Product Owner, Ide

The debate on Customer External Digital Identity has reached fever pitch. This session takes a step back and looks at how Customer External Digital Identity can enable Trust between individuals and organisations in many sectors, what that allows organisations and individuals to do and also looks at the different roles that you might choose for your organisation.

Martin Ingram, Product Owner, Identity Services, NatWest


Panel | Global AI Governance: World Stage

Recent years have seen significant Artificial Intelligence (AI) development across all domains of business and society. This panel aims to bring attention to societal impacts of AI – benefits and challenges, by bringing thought leaders and practitioners from different parts of the world to leverage diverse viewpoints around AI governance that continue to drive AI development across borders. 

Recent years have seen significant Artificial Intelligence (AI) development across all domains of business and society. This panel aims to bring attention to societal impacts of AI – benefits and challenges, by bringing thought leaders and practitioners from different parts of the world to leverage diverse viewpoints around AI governance that continue to drive AI development across borders. 

Anne Bailey, Analyst, KuppingerCole Armin Bauer, Managing Director Technology and Founder, IDnow GmbH Al Lynn, Vice President Emerging Technology and Incubation, Cisco


The Future of IoT Security

Speaker: Graham Williamson

Speaker: Graham Williamson




The Rise of An Identity-Native Web 3.0 World

Identity is a fundamental element in the traditional world to associate information to the same individuals. As we leave more and more digital footprints in the world of Internet, these information are giving birth to our digital profiles, raising issues of privacy protection, monetization of data, identity theft and more. While in this presentation, we revisit the manifestation and formation of i

Identity is a fundamental element in the traditional world to associate information to the same individuals. As we leave more and more digital footprints in the world of Internet, these information are giving birth to our digital profiles, raising issues of privacy protection, monetization of data, identity theft and more. While in this presentation, we revisit the manifestation and formation of identity in the incoming world of Web 3.0, and discover how the native citizens of Web 3.0 are forming their own identities and reputations with native behavior data that are distributed, interoperable, and self-sovereign.

Gloria Wu, Chief of Ecosystem Partnerships, Ontology


Panel | Tackling the Identity Emergency

Paul Fisher, Senior Analyst, KuppingerCole C. Maxine Most, Principal, Acuity Market Intelligence Frances Zelazny, Co-Founder & CEO, Anonybit
Paul Fisher, Senior Analyst, KuppingerCole C. Maxine Most, Principal, Acuity Market Intelligence Frances Zelazny, Co-Founder & CEO, Anonybit


Panel | Best Practices to Implement Security Automation

Alexei Balaganski, Lead Analyst, KuppingerCole Joseph Carson, Chief Security Scientist & Advisory CISO, Thycotic Christopher Schütze, Director Practice Cybersecurity and Lead Analyst, KuppingerCole
Alexei Balaganski, Lead Analyst, KuppingerCole Joseph Carson, Chief Security Scientist & Advisory CISO, Thycotic Christopher Schütze, Director Practice Cybersecurity and Lead Analyst, KuppingerCole


How Denmark is Building the Cyberprotection Bridge Between the Private and Public Sectors: The National Danish Cybersecurity Council

Denmark is among the most digitaized countries in the world and as the digitarization strategy moves forward, it is necessary to improve and enhance the nation's overall cyberprotection. In 2019, the Government appointed a new 20-member national Cybersecurity Council for the period of two years. The council’s role is to advise the government on new initiatives that can support both the private and

Denmark is among the most digitaized countries in the world and as the digitarization strategy moves forward, it is necessary to improve and enhance the nation's overall cyberprotection. In 2019, the Government appointed a new 20-member national Cybersecurity Council for the period of two years. The council’s role is to advise the government on new initiatives that can support both the private and public sectors by improving resillience and better cyberprotection; contribute to knowledge sharing, advisories and guidance on the strategic level; and look into the need for cyber security competences and suggest measures to further develop these, both among private citizens and employees, as well as within education and research.

In this session, you will get a view into the midway status of the work of the Council, and will learn which initiatives work and which need more effort. The Council has been advising the healthcare authorities on the Danish COVID-19 app, and has been discussing the SolarWinds hack and the upcoming vaccination passport.

Bjarke Alling, Chair, National Danish Cybersecurity Council


Panel | Identity in the Asia-Pacific - Untangling the Web

Do you want to launch or expand your identity-related business in the Asia-Pacific region but don’t know where to start? Linden Dawson, Director, Cybersecurity & Digital Trust, PwC Australia Allan Foster, Chief Evangelist, ForgeRock Graham Williamson, Director APAC / Senior Analyst, KuppingerCole

Do you want to launch or expand your identity-related business in the Asia-Pacific region but don’t know where to start?

Linden Dawson, Director, Cybersecurity & Digital Trust, PwC Australia Allan Foster, Chief Evangelist, ForgeRock Graham Williamson, Director APAC / Senior Analyst, KuppingerCole


The State of Strong Authentication

The FIDO Alliance was launched in 2013 with the audacious goal: to change the very nature of authentication. To move the entire world away from usernames and passwords and traditional multi-factor authentication with an open and free web standard that makes authentication simpler and stronger. It’s 2021, so why are passwords still persisting? The session will answer that question, and detail t

The FIDO Alliance was launched in 2013 with the audacious goal: to change the very nature of authentication. To move the entire world away from usernames and passwords and traditional multi-factor authentication with an open and free web standard that makes authentication simpler and stronger. It’s 2021, so why are passwords still persisting? The session will answer that question, and detail the progress that has been made towards standardizing strong authentication and the opportunity for companies to start on a journey past passwords.

Join Andrew Shikiar, executive director of FIDO Alliance, as we look the past year from the FIDO standards lens, including:
-- The impacts of Covid-19 on digital transformation plans and securing remote workforces & where strong authentication has fit in
-- Progress global organizations have made toward going truly passwordless
-- Considerations for strong authentication when seeking compliance with regulation such as PSD2 SCA
-- What other areas, such as identity verification, that need to be strengthened to better secure the web

-- Attendees will understand how a global pandemic affected companies' digital transformation plans, including strong authentication projects

Key Takaways: 


-- Attendees will learn the status of efforts to standardize strong authentication, and where support stands today
-- Attendees will be able to analyze their strong authentication options for complying with regulation like PSD2 SCA
-- Attendees will be able to explain how identity verification and authentication relate, and efforts in motion to better secure both areas

Andrew Shikiar, Executive Director and Chief Marketing Officer, FIDO Alliance


Panel | The Modern Approach to Identity Governance

What if we took the traditional way of thinking of Identity Governance and reversed it completely? Putting together a successful IGA program has commonly been a long haul, A headache, A mess, A budget destroyer, And an expectation disappointer. There is a new way. Some call us crazy and some say its impossible. However, those who have experienced the new way call us visionaries.

What if we took the traditional way of thinking of Identity Governance and reversed it completely? Putting together a successful IGA program has commonly been a long haul,

A headache,

A mess,

A budget destroyer,

And an expectation disappointer.

There is a new way. Some call us crazy and some say its impossible. However, those who have experienced the new way call us visionaries. We have been presenting a modern ideology and process for IGA that drastically reduces the time to value, the total cost of ownership, and the economic impact of an Identity Governance Solution.

This panel will focus on strategic order of operations, calculating the economic return of the modern approach, how to optimize AI/ML in Identity Governance, and the ways simplicity expediates the path to stronger compliance and security postures.

Austin Baker, Director of Sales, SecurEnds Gal Helemski, Co-Founder & CIPO, PlainID Fabian Süß, Project Manager, KuppingerCole


Mission Possible or How to Implement Automated Identity Lifecycle in a 200 years old Enterprise

Identity Lifecycle automation project in Swedbank lasted for 4 years. During all those years I fulfilled business analyst role in IAM area. I collected requirements, draw process models, and did detailed analysis. I also defined minimum viable scope of the project and drove the team to reach the goal. Finally, I did acceptance testing. I can share key activities for business analyst throughout

Identity Lifecycle automation project in Swedbank lasted for 4 years. During all those years I fulfilled business analyst role in IAM area. I collected requirements, draw process models, and did detailed analysis. I also defined minimum viable scope of the project and drove the team to reach the goal. Finally, I did acceptance testing. I can share key activities for business analyst throughout different phases of the project.
Analysis
* Get descriptions or describe yourself HR-processes, which are related to identity area.
* Get descriptions/explanations of data feeds from HR-systems.
* Describe your needs to HR-system development team, such as future employment changes, deputies etc in advance.
* Trust but verify: ask for example files /data. Perform data analysis to makes sure, that previous descriptions and processes are valid.
* Just acknowledge that “roll-out” of new processes is not one day activity, this can last for multiple months and must be treated and described as a separate process.

Development
* Help developers with clarifying tiny details from stakeholders
* Document the details
* Control the scope and drive team to do correct prioritization
* Discuss alternative solutions to implement same business need

Testing
* Rehearse migration
* Rehearse roll-out
* If testing resource is limited – verify major business cases. Prolong pilot period to see rare business cases in production.

Roll-out
* Define different scopes and roll-out in smaller scopes (to keep incidents queue managed)
* Start roll-out from the process, that has smaller impact on acting employees (In our case we decided to start roll-out with leaver)
* Set up regular meetings with major stakeholders to inform them about changes in the processes. Good if you managed to agree on convenient communication channels (such as chat in Teams) between operational teams to be able to resolve incidents quickly.

Pilot
* Verify not only concrete cases, but also analyze the data.
* Agree on convenient way of communicating issues/bugs/questions to developers.
* Resolve incidents and fix bugs as quickly as possible, so that operating units don’t feel alone with software/data issues.

 

Key takeaways:

 

* Everything is possible but
* Define viable minimum
* Management team must be involved and work for your project. Your project must be a priority for all stakeholders / involved parties
* Start roll-out from the end
* Find a way to analyze your data to make sure, that everything is ok

Ekaterina Silina, Business Analyst, Digital Identity team, Swedbank


Implementing Identity Management on AWS

Identity on AWS may be well trodden ground, but that doesn’t necessarily make it any more inviting for enterprise practitioners who may not have had occasion to yet dive into the topic when tasked with an implementation. Jon Lehtinen, Director, Okta

Identity on AWS may be well trodden ground, but that doesn’t necessarily make it any more inviting for enterprise practitioners who may not have had occasion to yet dive into the topic when tasked with an implementation.

Jon Lehtinen, Director, Okta


The Proper Care and Feeding of Non-Human Identities

Non-human identities are crucial for managing access risk with IGA, especially for non-standard accounts that provide the most access risk for organizations. Brian Iverson, Chief Product Officer, Tuebora

Non-human identities are crucial for managing access risk with IGA, especially for non-standard accounts that provide the most access risk for organizations.

Brian Iverson, Chief Product Officer, Tuebora


Digital Identity in Germany

Explore the: - Landscape of digital identity in Germany - Success factors - Future Outlook Roland Adrian, CEO, Verimi GmbH

Explore the:

- Landscape of digital identity in Germany
- Success factors
- Future Outlook

Roland Adrian, CEO, Verimi GmbH


Managing Self-Sovereign Identities as an Institution with Lissi

The presentation explains how institutions can establish relationships with clients and manage their data. It will include a mixture of theoretical background knowledge as well as a practical demonstration of the "Lissi institutional Agent". The demonstration will include the following steps: - creation of schemas and credential definitions - Establishing an encrypted peer-to-peer connection -

The presentation explains how institutions can establish relationships with clients and manage their data.
It will include a mixture of theoretical background knowledge as well as a practical demonstration of the "Lissi institutional Agent".
The demonstration will include the following steps:
- creation of schemas and credential definitions
- Establishing an encrypted peer-to-peer connection
- Requesting information from the user (self-attested, verified and Zero-knowledge proofs)
- Issuance of credentials
- Management of received costumer data

Adrian Doerk, Business Development Manager, Main Incubator GmbH


Fraud Controls for Digital Identity Ecosystems

To date, Digital Identity Trust Frameworks have generally been light touch regarding the specification of fraud controls, relying on the theoretical protection a Digital ID offers through more robust authentication. It is true that improvements in authentication methods, such as soft tokens and biometrics, mean the ID theft vector of phishing for a user’s password may be removed. However, ID fraud

To date, Digital Identity Trust Frameworks have generally been light touch regarding the specification of fraud controls, relying on the theoretical protection a Digital ID offers through more robust authentication. It is true that improvements in authentication methods, such as soft tokens and biometrics, mean the ID theft vector of phishing for a user’s password may be removed. However, ID fraudsters will continue to use stolen ID information to create an ID in the victim’s name. They will continue to create synthetic IDs. They will also continue to try and take over victim’s accounts, using online account recovery and voice helpdesk channels to replace a strong authentication method with one that the fraudster controls.

In recognition of this ongoing threat from fraudsters, the Open Identity Exchange (OIX) has produced a comprehensive Guide to Fraud Controls for Digital ID Ecosystems.

The guide covers the processes and channels that need to be considered from a fraud risk point of view. It identifies the different types of fraud controls that should be applied in each channel, including ecosystem wide syndicated fraud controls, such as shared signals. The process of dealing with a suspected fraud is examined: how should these be prioritised, what investigation process should be followed, and how should victims be informed. Finally, it covers legal considerations when implementing fraud controls, in particular when sharing information and collaborating across the ecosystem to act as a joined-up defence against fraud attack.

This presentation / panel session will provide discuss these topics and how the guide can help those implementing Digital ID and provide the audience a chance to speak about their own fraud challenges with the authors and how the recommendations in the guide might be applied to help

Nick Mothershaw, Chief Identity Strategist, The Open Identity Exchange


Panel | From Smart Cities to Manufacturing – Securing Clouds of Things

Fulup Ar Foll, Founder and Lead Architect, IoT.bzh Graham Williamson, Director APAC / Senior Analyst, KuppingerCole
Fulup Ar Foll, Founder and Lead Architect, IoT.bzh Graham Williamson, Director APAC / Senior Analyst, KuppingerCole


Identity Management and Governance, in a Cloud Native World

Most enterprise infrastructure and software are in the later stages of cloud transformation. However Identity Management and Governance has lagged behind. First generation monolithic IAM solutions and providers do not provide agility into entitlement and risks in a cloud first world. The complexity of diverse infrastructure, security policies, and development velocity make it virtually impossible

Most enterprise infrastructure and software are in the later stages of cloud transformation. However Identity Management and Governance has lagged behind. First generation monolithic IAM solutions and providers do not provide agility into entitlement and risks in a cloud first world. The complexity of diverse infrastructure, security policies, and development velocity make it virtually impossible to provision, analyze and remediate at scale.

Arun Binaykia, CEO, Sath Inc


Self-Issued OP and OpenID Connect for SSI (OIDC4SSI)

One crucial component to SSI is end-users being able to interact with verifiers directly, without relying on a third-party provider or having to operate their own hosted infrastructure. Kristina Yasuda, Identity Standards Architect, Microsoft

One crucial component to SSI is end-users being able to interact with verifiers directly, without relying on a third-party provider or having to operate their own hosted infrastructure.

Kristina Yasuda, Identity Standards Architect, Microsoft


WHY ON PREMISE IGA IS THE NEW LEGACY

In this session Thomas Müller-Martin, Global Technical Lead at Omada will share his insights about the evolving IGA market and why companies today choose an enterprise IGA SAAS platform over an on-premise solution. Learn in this session how to transform your legacy or home-grown solution to a modern IGA solution without the hassle of long and cumbersome implementation and high maintenance cos

In this session Thomas Müller-Martin, Global Technical Lead at Omada will share his insights about the evolving IGA market and why companies today choose an enterprise IGA SAAS platform over an on-premise solution. Learn in this session how to transform your legacy or home-grown solution to a modern IGA solution without the hassle of long and cumbersome implementation and high maintenance costs. Based on best practices, we will demonstrate to you how organizations today can deliver fast value to their business to mitigate risk and increase efficiency. Join this interesting speech by Omada, a global market leader in Identity Governance and Administration (IGA).

Thomas Müller-Martin, Global Technical Lead, Omada


DIDComm and the Self-Sovereign Internet

DIDComm is the messaging protocol implemented in Hyperledger Aries that provides utility for DID-based relationships. Many may think DIDComm is just a way to exchange credentials, but it's more than that. DIDComm is a protocol layer capable of supporting specialized application protocols for any given workflow. Because of its general nature and inherent support for self-sovereign relations
DIDComm is the messaging protocol implemented in Hyperledger Aries that provides utility for DID-based relationships. Many may think DIDComm is just a way to exchange credentials, but it's more than that. DIDComm is a protocol layer capable of supporting specialized application protocols for any given workflow. Because of its general nature and inherent support for self-sovereign relationships, DIDComm provides a basis for a self-sovereign internet, a secure internet overlay, that is much more private, enabling, and flexible than the one we've built using Web 2.0 technologies. This talk introduces Autonomic Identity Architectures, describes DIDComm, discusses its protocological nature, and presents use cases in the Internet of Things.  Dr. Phil Windley, Enterprise Architect, Brigham Young University


Panel | Digital Identities and IoT - How to Leverage OIDC and OAuth 2.0 for the Best User Experience and Security! IAM Related Experiences From the Automob

A lot of innovation around physical products is created by connectivity, allowing them to become part of the consumer's larger digital ecosystem and the providing enterprise. Gartner says in its megatrends for the next decade: "Anything costing more than a few USD will be "intelligent and networked". Examples are electronic wall boxes to charge cars or remote-control for dishwashers, cars, etc

A lot of innovation around physical products is created by connectivity, allowing them to become part of the consumer's larger digital ecosystem and the providing enterprise. Gartner says in its megatrends for the next decade: "Anything costing more than a few USD will be "intelligent and networked". Examples are electronic wall boxes to charge cars or remote-control for dishwashers, cars, etc.
Several compelling use cases require smart things to act not only for themselves but also on behalf of the end-user. OpenID Connect and OAuth 2.0 can be used to provide a user-friendly and secure user journey. Learn about the experiences with these standards when it is about IoT and how Identity & Access Management products help to reduce time-to-market, costs, and inconsistency between different touchpoints.

Key Takeaways: 

- What are the essential protocols to bring identity and IoT together
- What are the challenges, best practices, and pitfalls of IoT projects
- Arguments for buy or build

Fulup Ar Foll, Founder and Lead Architect, IoT.bzh Andre Priebe, CTO, iC Consult Group Graham Williamson, Director APAC / Senior Analyst, KuppingerCole


Hybrid cloud enablement: use cases, challenges, best practices

Cloud computing has become commonplace in recent years, it is almost inevitable for small to medium sized companies to leverage cloud services largely if not fully. However, it is not easy to run cloud enablement project in bigger and yet most importantly traditional companies, where there are hundreds of legacy applications, which expect data to be closer to the computing units, and which are dep

Cloud computing has become commonplace in recent years, it is almost inevitable for small to medium sized companies to leverage cloud services largely if not fully. However, it is not easy to run cloud enablement project in bigger and yet most importantly traditional companies, where there are hundreds of legacy applications, which expect data to be closer to the computing units, and which are dependent on bandwidth and reliable network availability. In this presentation, I am going to address cloud migration requirements, usual challenges, and lessons learnt and best practices from project management, security and service management point of view.

Paraj Sharma, Program Manager, Global IT-Infrastructure Services, Thyssenkrupp Industrial Solutions AG


It takes a village...

As a byproduct of the current activity across industry, government, and regulatory sectors, digital identity leaders face unprecedented opportunities- and challenges. Covid has accelerated the global imperative to establish a strong and safe global digital economy that is enabled by a secure, interoperable,  digital identity ecosystem.   One of the most daunting challenges is how, wher

As a byproduct of the current activity across industry, government, and regulatory sectors, digital identity leaders face unprecedented opportunities- and challenges.

Covid has accelerated the global imperative to establish a strong and safe global digital economy that is enabled by a secure, interoperable,  digital identity ecosystem.   One of the most daunting challenges is how, where and when to start. 

The reality is that the target global ecosystem will be years in the making despite the widely held view that better identity is crucial to achieving a trusted digital-first marketplace.  The fact is that the target state is the quintessential “it takes a village” challenge.  It is this speaker’s strongly held view that the leaders who move the market now will be best positioned to substantively shape the government, regulatory and legal frameworks that might otherwise hamper ecosystem growth.

The focus of this session is to speak to the market movers in the audience and provide food-for-thought in devising a strategy to move forward.  The ‘right’ strategy will attract global relying parties, identity service providers and the digitally-enabled consumer audience writ large (‘the village.’)  The global ecosystem will take time to evolve but the time to build the foundation is now.

Donna Beatty, Digital Identity Industry Expert, Digital Identity


From Day One to Hour One: IGA in the Era of Extreme Automation

Cloud capabilities are driving automation approaches that will upend traditional, linear templates for Identity Governance service delivery. This extends to everything from application/service on-boarding, provisioning and user lifecycle management workflows. In this session, Manoj will share his experience of working on automation approaches for cloud workloads and discuss what this means for the

Cloud capabilities are driving automation approaches that will upend traditional, linear templates for Identity Governance service delivery. This extends to everything from application/service on-boarding, provisioning and user lifecycle management workflows. In this session, Manoj will share his experience of working on automation approaches for cloud workloads and discuss what this means for the future of IGA in the era of continuous integration and delivery.

Suganya Balan, Manager – Privileged Access Management, Philip Morris International Manoj Kumar, Director, Identity and Access Management, Philip Morris International


Closing Keynote & Announcement of EIC 2021 Gamification Winners




What are the benefits of handling external users in IGA?

Most of the companies today are handling all external users with HR processes using HR systems, which can cause friction and inefficiency when managing external users' lifecycle.  Lauri Reunamäki, Partner, Business Operations, Lempinen & Partners

Most of the companies today are handling all external users with HR processes using HR systems, which can cause friction and inefficiency when managing external users' lifecycle. 

Lauri Reunamäki, Partner, Business Operations, Lempinen & Partners


Decentralized Identity: What's Been Happening and Why it Matters

Decentralized Identity is seeing a proliferation of activity -- so much that even experts struggle to make sense of it all. Even the names of the emerging specs have gotten wacky (or, technically, WACI...) Kim Hamilton Duffy, Director, Identity and Standards, Centre Consortium

Decentralized Identity is seeing a proliferation of activity -- so much that even experts struggle to make sense of it all. Even the names of the emerging specs have gotten wacky (or, technically, WACI...)

Kim Hamilton Duffy, Director, Identity and Standards, Centre Consortium


ADI Association: Bringing Accountability to Digital Identity

The Accountable Digital Identity (ADI) Association is a nonprofit organization dedicated to advancing an open framework for digital identity that focuses on accountability, privacy, and interoperability. The Association is a global coalition of private and public organizations spanning finance, government, healthcare, and technology parties. Ramesh Kesanupalli, Co-Founder, ADI Association

The Accountable Digital Identity (ADI) Association is a nonprofit organization dedicated to advancing an open framework for digital identity that focuses on accountability, privacy, and interoperability. The Association is a global coalition of private and public organizations spanning finance, government, healthcare, and technology parties.

Ramesh Kesanupalli, Co-Founder, ADI Association


Case Study: How an Entire Industry adopts Digital Enterprise Identity

Back in November 2013 the U.S. congress enacted the Drug Supply Chain Security Act (DSCSA). Part of the regulation is that actors within the U.S. pharmaceutical industry must verify the U.S. state license, which is issued by the U.S. Drug Enforcement Administration (DEA), status (and thus the authenticity) of every trading partner within their supply chain. And this does not stop just by direct tr

Back in November 2013 the U.S. congress enacted the Drug Supply Chain Security Act (DSCSA). Part of the regulation is that actors within the U.S. pharmaceutical industry must verify the U.S. state license, which is issued by the U.S. Drug Enforcement Administration (DEA), status (and thus the authenticity) of every trading partner within their supply chain. And this does not stop just by direct trading partners a pharmaceutical supply chain actor might have, the regulation states, that also indirect trading partner’s U.S. state license status must be proofed.

Dr. Carsten Stöcker, Co-founder and CEO, Spherity


How can Decentralized Identities reshape the Future of eCommerce?

Dr. Michele Nati, Head of Telco and Infrastructure Development, IOTA Foundation
Dr. Michele Nati, Head of Telco and Infrastructure Development, IOTA Foundation


Panel | A First-Person Account of Third-Party Identity Risk Management

In a 2018 study by Onus & Ponemon on data risk in the third-party ecosystem, more than 75% of companies surveyed said they believe third-party cybersecurity incidents are increasing. Those companies were right to believe that. As our world becomes more digitized, and thus more interconnected, it becomes increasingly more difficult to safeguard organizations from cybercrime. Tack on to that

In a 2018 study by Onus & Ponemon on data risk in the third-party ecosystem, more than 75% of companies surveyed said they believe third-party cybersecurity incidents are increasing. Those companies were right to believe that.

As our world becomes more digitized, and thus more interconnected, it becomes increasingly more difficult to safeguard organizations from cybercrime. Tack on to that challenge a global pandemic that all but forced organizations to become “perimeter-less,” if they weren’t already, and the potential access points for bad actors through third-party access increases exponentially.

The problem is two-fold.

The landscape of third-party users is vast and continues to grow. From third-party non-employees like vendors, contractors and affiliates to non-human third parties like IoT devices, service accounts and bots, more organizations are engaging third parties to assist with their business operations and help them to innovate, grow faster, improve profitability, and ultimately create greater customer value – faster. On average, companies share confidential and sensitive information with more than 580 third parties and in many cases, an organization's third-party workers can actually outnumber their regular, full-time workforce.

Yet, despite the increased use of third-party workers in business, most organizations lack the proper third-party risk culture, processes, and technologies to protect themselves against the long list of third parties with access to their sensitive data and systems. Organizations have these systems in place to manage their full-time employees but lack the same level of rigor to manage these higher-risk third-parties. As a result, many third-party users are provided with more access than needed for their roles, and most disturbingly, that access is frequently not terminated when the third party no longer needs it.

Without the right third-party identity lifecycle management procedures in place, businesses unwittingly expand their attack surface, unnecessarily put sensitive information at risk, and create additional access points for hackers.




Identosphere Identity Highlights

Identosphere #49 • Devon Loffreto is not Moxie Marlinspike • Ontario Canada Digital ID • Privacy by (Re)Design

Our weekly edition of the latest SSI related news, upcoming events, and thoughtful commentary from the blogosphere
Welcome to the Identosphere Weekly

Yes the publication time of this has been drifting lately, as weekends are especially attractive for other things, besides creating a newsletter, towards the end of the summer. <3 It might make sense overall to trend towards a weekday publication. Thanks for your understanding.

This weekly newsletter is possible Thanks to Patrons, like yourself.

Support our work on Patreon — Get Exclusive Content!!

Read previous issues and Subscribe : newsletter.identosphere.net

Contact \ Content Submissions: newsletter [at] identosphere [dot] net

Coming up

GS1 Industry & Standards Event 2021 • 9/13-16

EIC Speaker Spotlight: Vittorio Bertocci on Browser Changes Affecting Identity • 9/14

OpenID Foundation Hosting Workshop at EIC 2021

SVIP Demo Week 9/14-17 ←WEDNESDAY the ID things present

ICET'21- International Colloquium on Emerging Technologies • 9/18-22 • @ieeebvm Empowering Technophiles, Envisioning Tomorrow (Registration

EIC Speaker Spotlight: Maarten Stultjens on the European Perspective of Identity 9/23

Internet Identity Workshop 33 • 10/12-14

Digital Trust World 2021 • 10/4-7 ‘the Conference for Authentication, Biometrics, Fraud & Security and Identity,’

Blogtalk Christopher Allen: Not Moxie Marlinspike, Oft confused, no more.

Link to corrected attribution Devon Loffreto is not Moxie Marlinspike

Self-Sovereign Identity has deep roots. It did not just emerge in 2016 after a blog post was written. It did not fail to exist when wikipedia editors denied it subject integrity with the stated message: "good luck with that".

Plotting ROI, and other measures for gauging performance on Peak Paradox

The purpose of this post is to plot where some (there is way too many to do them all) different investment measures align on the Peak Paradox model. 

Explainers Self-Sovereign Identity and how we can get there ProCivis

Enabled by recent advances in the realm of cryptography, mobile devices and decentralized identity standards we can now put citizens firmly in control of their digital identities while ensuring the level of trust needed to unlock the full potential of a digital society. 

Fluid Multi-Pseudonymity Windley

Fluid multi-pseudonymity perfectly describes the way we live our lives and the reality that identity systems must realize if we are to live authentically in the digital sphere.‘

The Unbundling of Authentication vs Authorization - What You Need to Know Ping Identity

Authentication and authorization are both processes that fall under the category of identity and access management (IAM), but they serve different purposes. 

An Introduction to Digital Trust Northern Block

what’s the purpose of SSI? It’s about enabling Digital Trust (which is quickly becoming an integral part of digital transformation for organizations).

Blockchain, The Missing Piece In Self-Sovereign Digital Identity Modex (part of a youtube playlist)

How do we prove we are who we say we are? In an identity context, blockchains permit people to prove things about themselves using decentralized, verifiable credentials without revealing the actual data.

The Era of Self-Sovereign Identity Chakaray

VC-AuthN OIDC uses the OpenID connect standards to easily integrate with the supported systems and also provides a way to authenticate using the verifiable credentials, giving the control back to the user. This is similar to the traditional OpenID connect, the only difference is in the token information. Rather than using the user’s information to construct the token, this uses claims in the verifiable credentials presented by the user.

Literature Industry-Grade Self-Sovereign Identity Pouwelse, De Kok, Kuipers, F.A.

This research has been performed in pursuit of the MSc Computer Science at Delft University of Technology in collaboration with the Dutch National Office for Identity Data (RvIG), part of the Dutch Ministry of the Interior and Kingdom Relations. Self-Sovereign Identity (SSI) is a relatively new concept part of a movement aspiring to create a universal identity layer for the Internet. SSI aims to put the citizen at the centre of their data, making them the sovereign over their digital presence.

Standardization What are Verifiable Credentials in 3 Minutes Affinidi (video)
EIC Speaker Spotlight: Kay Chopard on Driving Digital Trust

We really hope that a diverse audience will be attracted to the Kantara workshop. The reason I say that is - we're very focused, obviously in the work we do around identity, around assurance programs, around really developing what we recommend the part of standards that are used internationally. And then also taking that the next step and making sure that those standards are implemented in the identity products that are available in the field.

Why Are Governments Choosing Hyperledger? Northern Block

Open Data Standards (W3C’s DID & VC Standards)

Open Tech Standards (Hyperledger Aries, Indy, Ursa)

Achieving W3C-Compliance on Aries and Indy

Development Verifiable Credentials Guide for Developer: Call for Participation

Want to contribute to the World Wide Web Consortium (W3C) Developers Guide for Verifiable Credentials?

How Svelte Cybernetically Enhances Web Development MagicLabs

Like React, Svelte is a UI framework that makes it easier to write components. But instead of using a virtual DOM to track state changes and to re-render pages, Svelte pretty much avoids it. This is because React’s virtual DOM introduces unnecessary work for developers that, if done incorrectly, results in a slow performing app.

Why Privacy by (Re)Design Better Defines Responsibility for Privacy Anonyme

Where privacy by design puts the onus on app developers to be proactive about data privacy, privacy by (re)design redesigns the “app ecosystem to address data sharing”, spreading the burden.

Digital Identity for Development — and protection Caribou Digital

the deployment of digital identification systems needs to get smarter about understanding the political interests and risks that shape the contexts in which identification systems are used — our ID Ecosystem Mapping tool supports risk assessment arising from the deployment of digital identification systems.

Managed Open Projects: A New Way For Open Source and Open Standards To Collaborate

I recently pointed out in a TechCrunch contribution that the open source and open standards communities need to find ways to team up if they are to continue driving innovation and  development of transformative technologies to push our society forward.

Why Self-Sovereign Identity needs a token? Cheqed

Usually the question of “why does SSI need a token”, stems from people’s belief that there are existing, viable payment rails. As Sovrin outlined in their whitepaper back in 2018, traditional rails don’t work when issuers and receivers of credentials are unlikely to have a direct contractual relationship since the user is at the center with SSI.

Healthcare What SMART on FHIR Means for the Future of Healthcare Auth0

The Substitutable Medical Applications and Reusable Technologies (SMART) platform promises to solve these data fragmentation challenges by standardizing how patient data is accessed and shared. And given SMART’s inclusion in the 21st Century Cures Act, the platform will become the standard protocol for accessing electronic health records (EHRs) in the near future.

Unlocking Possibilities MagnaCerta

As different certificate frameworks emerge, there is a need for simple tools that enable Health Service Providers to deliver interoperable certificates valid across different channels, or built according to different specifications.

Finance Self Sovereign Identity/Decentralised Identity and Financial Services Webinar — A Synopsis

September 2nd, 2021 was a big day for all of us in the Global Developer Ecosystem (GDE) team of Affinidi as we geared to host our first webinar on Self Sovereign Identity/Decentralised Identity and Financial Services with Varsha Jagdale (General Manager of Financial Services at Affinidi) and Joseph Thompson (CEO of AID:Tech) as the speakers.

Banking’s identity problem Global Banking and Finance

Banks have sought to overcome some of these challenges with the use of biometrics such as facial recognition and fingerprints.  These are now more commonly used to login to, or unlock devices, and increase usability, but still leave the challenge of proving the authenticity of a document wide open to abuse.

Self-sovereign digital identity is a game changer for African financial inclusion ITOnline

Much like cell phone technology and the internet, the true power of SSDI will only be unleashed when it is embedded across all sectors of society, from education and medical care to telecommunications and retail. And that will require all role players – government bodies, regulators, service providers, public and private agencies – to take up the SSDI baton and become part of the change.

Company News The Role of SSI in MOBIX’ Deep Parking Ubikom Project

Ubikom is free, open-source email framework based on the concept of Self-Sovereign Identity. You own your identity (which, in this case, means your private key), and all the outgoing and incoming messages are encrypted and signed by default.

Canada Ontario’s Digital ID: Technology and standards

Ontario’s Digital ID will use self-sovereign identity because it gives the holder control over the credentials in their wallet. In addition, we are layering on these extra privacy-preserving features:

Consent – The verifier must ask you to approve their request to confirm your credentials.

Data minimization – The verifier can only access what they need to confirm you are eligible for their service. For example, if you need to prove that you are old enough to buy a lottery ticket, the store clerk would only know that you are 18 or older – not your actual age, birth date or anything else about you.

Anonymity – Your credentials are not tracked or traced.

Ontario will launch digital ID program later this year and here's how it works British Columbia OrgBook – ‘Tell Us Once’ via Blockchain and Self-Sovereign Identity

Canada is beginning to develop their own version of a “Tell Us Once” Digital Identity policy, an approach pioneered in Europe by the likes of Estonia.

This is a policy where having provided your data to one government agency, you’ll never be asked for it again from another, defined explicitly through legislation.

Not SSI Apple announces first states signed up to adopt driver’s licenses and state IDs in Apple Wallet

Arizona, Connecticut, Georgia, Iowa, Kentucky, Maryland, Oklahoma, and Utah are among the first states to bring state IDs and driver’s licenses in Wallet to their residents

Someone could be tracking you through your headphones NRK Beta

At least 9149 products with Bluetooth transmitters were uniquely recognized at least 24 hours apart.

At least 129 headphones could be tracked in the dataset for longer than 24 hours.

Popular headphones models from Bose, Bang & Olufsen, Jabra, Sennheiser and JBL can be tracked over longer periods of time.

Thanks for Reading!

Read more \ Subscribe: newsletter.identosphere.net

Support this publication: patreon.com/identosphere

Contact \ Submission: newsletter [at] identosphere [dot] net


Indicio

Indicio Named Finalist in IDC’s Inaugural Best in Future of Digital Infrastructure North America Awards

IDC The post Indicio Named Finalist in IDC’s Inaugural Best in Future of Digital Infrastructure North America Awards appeared first on Indicio Tech.

Indicio Named Finalist in IDC’s Inaugural Best in Future of Digital Infrastructure North America Awards

The post Indicio Named Finalist in IDC’s Inaugural Best in Future of Digital Infrastructure North America Awards appeared first on Indicio Tech.
Indicio Named Finalist in IDC’s Inaugural Best in Future of Digital Infrastructure North America Awards 

Seattle WA – September 14, 2021 – Indicio today announced it has been named a finalist in the inaugural IDC Future Enterprise, Best in Future of Digital Infrastructure North America Awards in the Ubiquitous Deployment category. The new awards were designed to highlight companies that demonstrate innovation and excellence in using cloud-centric computing to enable digital infrastructure resiliency, ensure consistent and ubiquitous workload placement and cost optimization across hybrid or multiple clouds, and take full advantage of autonomous operations.

The Indicio Network is the world’s only professionally-managed, enterprise-grade Hyperledger Indy-based network for decentralized identity. Indicio facilitates a consortium of 23 diverse, forward-thinking companies on five continents that are driving the use of decentralized identity to improve privacy and security in fintech, healthcare, travel, and the Internet of Things (IOT). Node Operators include GlobalID, Liquid Avatar, IdRamp, Bonifii, BizSecure, Entrustient, Blockspaces, Lorica Identity, and Networks Synergy. Learn more about the Indicio Node Operator Consortium membership.

“Being named a finalist in the IDC Future of Enterprise awards recognizes not just the accomplishments of Indicio’s dedicated professionals who designed and built the network, but of everything our network’s Node Operator community has done to support its establishment and maturity in such a short period of time,” said Heather Dahl, CEO, and co-founder of Indicio.tech. “We created this network to enable businesses use the power of decentralized identity to create Trusted Data Networks. These transform the way we authenticate, share, and verify data in a secure, privacy-preserving way so that information from people and connected things can be trusted. We’re seeing our Node Operators apply this technology to an extraordinary range of use cases—and they’re able to do that because they have a professionally supported enterprise-grade decentralized network to build on.”

Finalists joining Indicio in the Ubiquitous Deployment category are Toyota Financial Services for their Digital Infrastructure Transformation and US Air Force Cloud One. These organizations were recognized for their help to improve business agility and resiliency using outcome-driven infrastructure governance and portability enabled by subscription-based infrastructure consumption strategies and shared cloud management control planes. These initiatives often allow internal IT staff to offload infrastructure maintenance and support across widely dispersed locations by shifting to remote and intelligent vendor support and continuous technology refresh agreements.  

“We were overwhelmed by the number of thoughtful and strategic initiatives submitted and congratulate all the finalists named in our inaugural IDC Future Enterprise Best in Future of Digital Infrastructure North American Awards program,” said Mary Johnston Turner, Research Vice President for the Future of Digital Infrastructure – Agenda research efforts at IDC. “The finalists have effectively used digital infrastructure across on-prem, edge and public cloud platforms to transform their most important business processes and to launch new digital business innovations. They are to be congratulated for their vision and industry leadership!” 

Indicio Node Operators are responsible for supporting a copy of the Indicio ledger on the Indicio Network as well as guiding  strategy and ecosystem development. The number and business and geographic diversity of Node Operators is the foundation of its stability and resilience. Indicio supports the network with dedicated engineering staff and field-leading monitoring tools. To learn more about becoming a Node Operator, visit our website.

 To learn more about the IDG annual awards, please visit here

About Indicio

Indicio provides development and hosting for Trusted Data Ecosystems. Enterprise, consumer, and mobile applications run on Indicio’s network and use its comprehensive ecosystem of software to issue, verify, and exchange verifiable digital credentials. Founded on the belief in reducing fraud, privacy by design, and user-friendly security, Indicio supports the open source and interoperability goals of the decentralized identity community. As a Public Benefit Corporation, Indicio is committed to advancing Trusted Data Ecosystems as a public good that enables people to control their identities online and share their data by consent. Identity and application teams rely on Indicio’s simplicity, extensibility, and expertise to make trusted data work for everyone.

The post Indicio Named Finalist in IDC’s Inaugural Best in Future of Digital Infrastructure North America Awards appeared first on Indicio Tech.


Finicity

PYMNTS: Open Banking and Permission is the Future of Lending

PYMNTS talked with Finicity CEO Steve Smith about open banking, open finance, data aggregation, where we’re headed with technologies and standards and how consumer-permissioned data is the future of lending. Innovation is largely occurring differently in each fintech segment so the usefulness of a broad open banking platform to provide relevant, quality data across investing, […] The post PYMNTS

PYMNTS talked with Finicity CEO Steve Smith about open banking, open finance, data aggregation, where we’re headed with technologies and standards and how consumer-permissioned data is the future of lending.

Innovation is largely occurring differently in each fintech segment so the usefulness of a broad open banking platform to provide relevant, quality data across investing, budgeting and mortgage is becoming more and more important.

“We’re entering an age in which – through open banking – consumers are increasingly comfortable sharing their personal financial data with third parties. And amid that “gold rush,” a slew of companies have popped up (mostly fintechs), promising to upend financial services, though they tend to focus on segments of financial life – investing, let’s say, or mortgages, or high-yield savings accounts.”

Read the full article here.

The post PYMNTS: Open Banking and Permission is the Future of Lending appeared first on Finicity.


Global ID

GiD Report#177 — Should Coinbase litigate to innovate?

GiD Report#177 — Should Coinbase litigate to innovate? Welcome to The GiD Report, a weekly newsletter that covers GlobaliD team and partner news, market perspectives, and industry analysis. You can check out last week’s report here. ICYMI: Bonifii joins Indicio Network Node Operator Consortium — Bonifii This week: The SEC threatens to sue Coinbase What people are saying This
GiD Report#177 — Should Coinbase litigate to innovate?

Welcome to The GiD Report, a weekly newsletter that covers GlobaliD team and partner news, market perspectives, and industry analysis. You can check out last week’s report here.

ICYMI: Bonifii joins Indicio Network Node Operator Consortium — Bonifii

This week:

The SEC threatens to sue Coinbase What people are saying This week in crypto Stuff happens 1. The SEC threatens to sue Coinbase Brian Armstrong, Photo: TechCrunch Disrupt

Rosalyn Layton over at Forbes has a great overview of the SEC v. Coinbase situation. The brief overview looks something like this:

Regarding the sales of crypto as securities: “There’s actually a lot of clarity on that front,” Gary Gensler said at Aspen in early August. A month later, Gensler told the FT: “Talk to us, come in,” he said. “There are a lot of platforms that are in operation today that would do better engaging and instead there is a bit of . . . begging for forgiveness rather than asking for permission.”

And here’s what happened when Coinbase and Brian Armstrong took Gensler’s advice and actively engaged with the SEC on one of their upcoming products, according to Layton:

They approached the SEC for guidance on their product. Armstrong says the SEC responded with subpoenas for records and depositions, demanded a list of all their clients who had expressed interest in the product, and finally issued Coinbase a Wells notice — a warning of impending enforcement action. Armstrong said that by May of this year, the SEC was the only office in Washington refusing to meet with him at all.
“They are refusing to offer any opinion in writing to the industry on what should be allowed and why, and instead are engaging in intimidation tactics behind closed doors,” Armstrong tweeted. “Meanwhile, plenty of other crypto companies continue to offer a lend feature, but Coinbase is somehow not allowed to.”

Now, there are plenty of arguments that the product Coinbase is looking to offer might very well be classified as a security — check out Matt Levine’s solid overview.

That might be the weakest link in Armstrong’s tweetstorm, but it’s also not the primary point here. The SEC’s strategy of regulation by enforcement stifles innovation, hurts investors, and perhaps most egregiously, picks winners and losers — all while further muddying the regulatory landscape. Here’s Layton again:

Without Congressional oversight, a regulator can run roughshod over the law. Why was Ethereum blessed while its rival Ripple was sued? Why does Coinbase get a Wells notice while crypto lenders like Aave, built on the Ethereum platform, get a pass? Jesse Powell, CEO of Coinbase’s rival, Kraken, tweeted a response to Armstrong that “regulators are beating down good actors because it’s convenient” and asked: “Who is behind the effort to drive domestic businesses and consumers offshore?” Angry XRP holders point to Clayton and Hinman’s business ties to Ethereum before and after their SEC tenures. Powell implies that established financial actors welcome regulatory chaos to protect their revenue of transaction fees if it deters crypto’s disruption of traditional business models.

One option for Coinbase? Fight back.

As GlobaliD co-founder and CEO Greg Kidd has argued in the past, sometimes you have to litigate to innovate. (That happens to be the theme of his talk at this year’s Money2020 conference in Vegas next month.)

The SEC is incentivized not to overcommit and pick off easy targets to fill their coffers. (That’s their business model.) And they’ll want to grab as much land as possible. But Ripple and Coinbase have the resources and the will to fight back and find regulatory clarity through the legal process.

Eventually, it will be up to Congress to provide the country with regulatory clarity for crypto. Until then, get ready for more litigation.

2. What people are saying

Brian Armstrong:

Look….we’re committed to following the law. Sometimes the law is unclear. So if the SEC wants to publish guidance, we are also happy to follow that (it’s nice if you actually enforce it evenly across the industry equally btw).
But in this case they are refusing to offer any opinion in writing to the industry on what should be allowed and why, and instead are engaging in intimidation tactics behind closed doors. Whatever their theory is here, it feels like a reach/land grab vs other regulators.
Meanwhile, plenty of other crypto companies continue to offer a lend feature, but Coinbase is somehow not allowed to.
If you don’t want this activity, then simply publish your position, in writing, and enforce it evenly across the industry.

Felix Salmon:

Why it matters: Coinbase, the first major crypto company to get SEC approval to go public on a U.S. stock exchange, is about as regulator-friendly as crypto companies get — it has positioned itself as being far more in compliance with U.S. regulatory strictures than overseas rivals like Binance or FTX.
This week’s news shows that the industry still has a long way to go before it truly comes to terms with the U.S. regulatory environment.
The other side: “The SEC doesn’t have the obligation (or the resources) to issue guidance about things that should be obvious to a baby securities lawyer,” tweets Georgetown Law professor Adam Levitin. “It’s really astounding that Coinbase thinks it’s entitled to anything more.”
The bottom line: Coinbase’s comparative advantage was supposed to be that it stands comfortably in America’s regulatory good graces. But now Armstrong seems to be jealous of other crypto companies that offer similar products without SEC approval, and is picking fights with regulators.

Matt Levine:

A Bitcoin lending program — in which (1) a bunch of people pool their Bitcoins, (2) some manager or smart contract lends those Bitcoins to borrowers who pay interest, and (3) some or all of the interest is paid back to the people in the pool — is pretty straightforwardly an investment contract and thus a security.
I have been saying this for months, though that’s only because the SEC has also been saying it for months. But I admit that the SEC hasn’t been saying it in a particularly clear way. There’s not an SEC press release saying “FYI crypto lending programs are obviously securities.” And I gather that there are a lot of crypto lending programs — they’re a staple feature of decentralized finance platforms — and roughly none of them are registered with the SEC. The SEC and state regulators have brought enforcement actions against a few of them — we’ve talked about BitConnect and BlockFi and Blockchain Credit Partners — but I suppose each of those is distinctive in its own way, and there are about a zillion others that haven’t been sued by the SEC. 1 So you could reasonably look around and be like “oh sure we can pool people’s Bitcoins and lend them and pass along the interest, that’s not a security that should involve the SEC.” You’d be wrong, but I get where you’re coming from.

Look, I get it. From the perspective of Coinbase, and of its customers, and frankly of most normal people interested in crypto:
People would like to lend their Bitcoins. It doesn’t feel like a security. It’s kind of annoying and archaic that a 1946 Supreme Court case says that it is?
But look at it from the SEC’s perspective:
The SEC really doesn’t like crypto. The SEC is a regulatory agency that has a general tendency to want to do more regulating. Popular tokens like Bitcoin and Ether are not securities and so not subject to SEC regulation, which leaves the SEC feeling antsy. But crypto lending programs are pretty clearly securities subject to SEC regulation. So for the SEC to say “crypto lending programs are securities and need to be regulated” serves the dual purposes of (1) expanding SEC jurisdiction over crypto and (2) stopping those programs. Also it’s pretty clearly justified by a 1946 Supreme Court case. None of that is at all satisfying, I suspect, but it is true. Relevant: Coinbase Says SEC Is Investigating Its Crypto Lending Program Matt levine: Lending Bitcoins Is Tricky Felix Salmon on Coinbase/SEC Brian Armstrong’s tweetstorm 3. This week in crypto Via /gregkidd — Crypto Music App Audius Now Showcases Both Ethereum and Solana NFTs — Decrypt Via /gregkidd — Solana Price Surge Likely to Be ‘Decently Organic,’ Says FTX’s Sam Bankman-Fried FTX’s latest marketing play featuring Tom Brady and Gisele Bundchen Facebook admits “trust deficit” as it looks to launch digital wallet European Finance Regulator Calls Crypto ‘Volatile’ but Innovative BIS Signals Central Banks to Start Work on CBDCs The Burning Question Behind NFTs Crypto Fans Borrow to Buy Homes, Cars — and More Crypto Record Doge NFT Sale Highlights Growing Demand for Fractionalization How Joseph Lubin became Wall Street’s crypto whisperer Stuff happens: Via /antoine — WhatsApp’s Fight With India Has Global Implications Old, tired and rich: Big Tech founders have left the building Creator Economy Database Via /vs French Government selects IDEMIA for the national digital ID program | IDEMIA Labor unions represent largest share of workers in five years Via /spacemandev — Twitter Launches Stripe-Powered Super Follows Farewell, paper tickets Epic Wants Fortnite Back on App Store After New Korea Law Apple Refuses to Let Epic Back into South Korean App Store FTC: FB controls 90% of the social media market Via /jvs — Apple has made its move in supporting ISO 18013–5 for #digitalidentity in relation to #eIDAS

GiD Report#177 — Should Coinbase litigate to innovate? was originally published in GlobaliD on Medium, where people are continuing the conversation by highlighting and responding to this story.


auth0

Backend For Frontend Authentication Pattern with Auth0 and ASP.NET Core

Understand the Backend For Frontend authentication pattern and how it can be implemented in ASP.NET with Auth0.
Understand the Backend For Frontend authentication pattern and how it can be implemented in ASP.NET with Auth0.

KuppingerCole

Making DevSecOps a Reality and Going Beyond – Introducing SODAS (Secure Operations & Development of Agile Services)

by Martin Kuppinger A paradigm for aligning Development, Delivery, Infrastructure Setup & Management, and Operations in a seamless manner, with identity & security always at the forefront. Policy-based, automated, and with well-segregated but aligned responsibilities. DevOps, an integrated approach for development and operations of software and services, and DevSecOps, adding a security

by Martin Kuppinger

A paradigm for aligning Development, Delivery, Infrastructure Setup & Management, and Operations in a seamless manner, with identity & security always at the forefront. Policy-based, automated, and with well-segregated but aligned responsibilities.

DevOps, an integrated approach for development and operations of software and services, and DevSecOps, adding a security angle, have been around for close to a decade. While DevOps became an established principle, combining agile software development and the subsequent operations, DevSecOps – despite being intensively discussed – is seldom implemented and enforced in practice.

This leads to a variety of challenges, such as:

Security as an afterthought, leading to sub-optimal implementation of security and delaying the delivery of software Identity as an afterthought, leading to islands of identities instead of integrated identity, and identity-related risks such as weak authentication, but also bearing the risk of inadequate customer experience on the onboarding and access journey Violation of the requirements, such as in GDPR, to deliver privacy-by-design and security-by-design, as well as gaps in security-by-default, caused, e.g., by coding settings instead of relying on identity and security services Lack of consistent, stable Security API layers and Identity API layers that consume standardized services from Security Fabrics and Identity Fabrics, leading to extensive effort for continuous redevelopment and re-coding of security and identity instead of just consumption of standardized services Security-as-code as a misconception, meaning that developers are involved in coding security instead of utilizing APIs (Application Programming Interfaces) to consume security and identity services Infrastructure security is defined in code, which is error-prone, hard to manage and virtually impossible to incorporate in comprehensive Access Governance, and which requires developers to spend time on tasks that are not within their primary focus Lack of segregation of duties between development, infrastructure, operations, security, and identity What Is SODAS

SODAS (Secure Operation & Development of Agile Services) is a concept that addresses these shortcomings and can be used as a foundation to achieve the benefits of:

Fast, agile software development Efficient, automated infrastructure setup and software/service deployment Secure, efficient operations in multi-cloud, multi-hybrid environments Delivering secure software on time Consistently enforcing the principles of privacy-by-design, security-by-design, and security-by-default

A major principle within SODAS is to strengthen the skills of employees by focusing on these, instead of requiring, e.g., developers to deal with infrastructure specifics, or security experts coding security instead of just declaring policies. Segregation of skills and specialization help in evolving the workforce even in an age of a skills shortage. It also helps in having clearly-defined accountabilities and responsibilities, leading to a more efficient, but well integrated IT organization.

Fig. 1: The three pillars of the SODAS approach, spanning agile development, automated setup and management of infrastructure and operations, underpinned by consistent identity and security services.

The 3 Pillars of SODAS

SODAS consists of three pillars and a foundation, which is Security and Identity. It extends the DevOps and DevSecOps paradigm by requiring a closer integration with Infrastructure Management, specifically by adding Security and Identity in a manner that is ubiquitous to the entire process from development to operations, but at the same time well-segregated and delivered as a service to developers. This reduces developers‘ workload and allows them to consume security and identity services, instead of continually recreating these.

For Development, there is little change. It must be business-driven, (following the overarching BASIS model defined by KuppingerCole), it must be agile, and it must follow modern design and architecture principles, such as building on microservices architectures.

For efficient DevOps and supporting complex multi-cloud, multi-hybrid environments that are the reality for most organizations today, infrastructure for running the services must be provisioned and configured. Infrastructure must also grow with the business needs, requiring elasticity and scalability, which – depending on the runtime environment – is a given or must be managed by the organization. Infrastructure is also not just compute and storage, but also network. Following the principles of BASIS, which also apply to SODAS, this is provided by policy-based automation, utilizing information gathered about both the infrastructure and the requirements of the new services that shall be deployed. This requires integration of information from development, infrastructure, and other areas into (virtual) repositories, building on a common semantic, so that policy-based automation – commonly supported by AI/ML – can be applied.

Policy-Based Automation, Unified Across the Multi-Cloud, Multi-Hybrid Environments

Operations then also build on this approach of policy-based automation, unified across the multi-cloud, multi-hybrid environments. Clouds already differ vastly in the way they are managed. Additionally, between a public cloud and on-premises IT, the required level of management differs vastly due to the differences in provider responsibilities versus tenant responsibilities. However, a unified layer for policy-based automation enables organizations to abstract these differences and thus simplify operations.

This all is underpinned by the Security and Identity layer, building on modern Security Fabrics and Identity Fabrics, delivering a consistent and comprehensive set of security and identity services via consistent API layers that remain stable even when the underlying architecture changes.

Fig. 2: Key technologies involved in SODAS, integrating development, operations, and security by policy-based automation.

This all builds on the set of technologies described in the BASIS concept. For Development and Operations, DevOps Tools, but also IT Operations Management for the operations part, are essential. IT Operations Management is another vital element for the infrastructure setup and operations. Allowing the flexible shift of workloads from one environment to the other in a complex multi-cloud, multi-hybrid IT is essential, and supported by this approach. The inherent limitations found frequently in DevOps and being caused by the vast differences even in operating the major public clouds, focusing on a single defined target environment for operations are overcome by SODAS.

The Role of Enterprise Service Management

Enterprise Service Management is another essential element, for allowing a business to express its demand, and for managing all the assets and services in a consistent and coherent manner. All these elements pay into the virtual repository that provides a unified perspective across services and the environment to execute these, making the formerly unknown and dynamic known. These repositories are accessed by policies and automation solutions primarily via APIs.

Last not least, cybersecurity and IAM (Identity & Access Management), delivered via Identity Fabrics and Security Fabrics, are the foundation for delivering the identity and security services via a defined, comprehensive, and stable set of APIs. This all is well-integrated, last not least via the repository and the policy-based automation, backed by AI and ML.

Fig. 3: The key actions to take in delivering to the SODAS model.

To move from today’s DevOps towards an approach that delivers on the promise of DevSecOps and that is made to support the full range of a multi-cloud, multi-hybrid IT environment, SODAS can be implemented in four stages, following the: plan – build – deliver – run approach.

Planning is about optimizing the organization, with a clear segregation of responsibilities, but also by defining interfaces and setting up cross-divisional processes. This is about focusing, not to be mixed up with building new silos. Silos are not connected; silos are not integrated. The concept of SODAS is about focus and about leveraging the skills and specialization of the workforce in an optimized manner, supported by integration at the organizational and technical layer, and powered by policy-based automation.

Tooling Beyond the DevOps Tools Chain

To make this work, it requires the setup of the tooling, beyond the DevOps tools chain. It also requires modernizing the DevOps tools chain so that infrastructure and operations management are segregated via defined interfaces. This also allows for managing security and identity managed externally (and being consumed via APIs), controlling the DevOps tools chain. It requires working on the Identity Fabric and Security Fabric. It requires ESM and building the (very dynamic, always current) Asset Repository. And it requires policy-based automation. This is a journey, not a big bang. But every organization will already have several elements in place for building their SODAS model.

This then needs to be delivered by gathering data, by defining policies, by setting up automation, and by defining the identity and security services, the APIs, libraries, and widgets that make consumption of complex identity and security seamless to the developers.

Guiding principles for SODAS:

Business requests IT Services Unified view on IT Services – one IT, across multi-hybrid, multi-cloud environments Policy-based automation instead of manual administration or coding Development is agile, consuming identity & security APIs, delivering status/requirements back to DevOps tools as well as IT Operations Management Automation of identity, security, and infrastructure setup & management

Our recommendation is to revisit the DevOps and DevSecOps approaches in place in the organization according to SODAS to improve security and time-to-value in delivering Digital Services.


Ontology

Everything You Need To Know About Ontology EVM Contract Development

Part 2: Development Environment Tools and How to Use MetaMask to Manage Keys Last Week, Ontology announced the official deployment of a TestNet supporting EVM and opened the EVM compatible public beta to developers around the world. At the same time, the “Ontology Security Vulnerability and Threat Intelligence Bounty Programme” was officially launched in cooperation with SlowMist, a well-kno
Part 2: Development Environment Tools and How to Use MetaMask to Manage Keys

Last Week, Ontology announced the official deployment of a TestNet supporting EVM and opened the EVM compatible public beta to developers around the world. At the same time, the “Ontology Security Vulnerability and Threat Intelligence Bounty Programme” was officially launched in cooperation with SlowMist, a well-known code auditing agency. The top reward for reporting a vulnerability is $12,000 in ONG.

In order to encourage community developers to quickly and easily familiarize themselves with the Ontology EVM development environment, we specially prepared a “Handbook for Dummies”, which explains the essentials of Ontology EVM contract development.

In Part 1, we introduced the ChainID, RPC URL, browser address and other configuration information related to the Ontology EVM. Developers can configure MetaMask wallets to the Ontology network based on the above information. In this section, we introduce the tools for developing and deploying EVM contracts on Ontology, and how to use MetaMask plug-in wallets to manage Ethereum wallets.

2. Introduction to Development Environment Tools

Since the EVM contract is developed in the Solidity language, we have detailed how to build the Remix, Truffle and Hardhat development environment, and enter a series of work such as contract development, compilation, deployment, and debugging. In addition, developers can also directly reuse the existing Ethereum contract framework to develop and deploy EVM contracts on Ontology.

2.1 Remix Development Environment

Remix IDE is an open source Solidity contract integrated development environment that supports users in contract development, compilation, deployment, and debugging. Please see this link for the official English version of Remix IDE.

Below we use a Hello World contract example to show how to use Remix.

2.1.1 Install Development Environment

To use Remix for the first time, you need to find and add the Solidity Compiler and Deploy and Run Transactions modules to the compiler in PLUGIN MANAGER.

Next, select the Solidity environment, create a new file and name it HelloWorld.sol. Then, copy the Hello World contract code that has been written to this file.

2.1.2 Compile Contract

Click the Solidity Compiler button, select the compiler version as 0.5.10, and start compiling HelloWorld.sol.

2.1.3 Deployment Contract

After compilation, the contract can be deployed to the Ontology network. The following will take the TestNet as an example. Before deploying the contract, you need to connect the MetaMask wallet to the Ontology network (refer to the technical viewpoint of the previous issue), and receive the test ONG as a handling fee on the Ontology Faucet address.

Then, select “Injected Web3” in the Remix environment, and finally click “Deploy” to complete the contract deployment.

2.1.4 Call Contract

After the contract is deployed, the developer can call the methods in the contract. When deploying the Hello World contract in the example, the Hello string will be stored in the contract. We can call the message method of the contract to query this string, as shown below:

2.2 Truffle Development Environment

Truffle is a framework used to assist in the development, testing and management of Ethereum smart contracts. For official documents, please refer to this link.

Below we use this test code as an example to introduce the use of Truffle.

2.2.1 Install Development Environment

To initialize the development environment, first install the configuration files required by the Truffle environment.

Node.js v8+ LTS and npm (comes with Node) Git

Then install Truffle with the following command.

$ npm install -g truffle

2.2.2 Configure Truffle-Config

First create .secret to store the test mnemonic or private key (can be found in MetaMask) Then modify the truffle-config file as follows

2.2.3 Deploy the contract to the Ontology network

Execute the following command to deploy the contract.

$ truffle migrate — network ontology

If the following output is displayed, the deployment is successful.

Note: Try not to use Ethereum token units (such as wei, gwei, ether, etc.) when writing test scripts.

2.3 Hardhat Development Environment

Hardhat is a development environment for compiling, deploying, testing and debugging Ethereum applications. Below we use this test code as an example to introduce the use of Hardhat.

2.3.1 Install Development Environment

Please refer to this installation tutorial for installation.

2.3.2 Configure Hardhat-Config

Modify the hardhat.config.js file according to the following code

2.3.3 Deployment Contract

Execute the following command in the project root directory to deploy the contract to the Ontology testnet.

$ npx hardhat run scripts/sample-script.js — network ontology_testnet

Results of the

$ npx hardhat run scripts/sample-script.js — network ontology_testnet

Contract deployed to: 0xB105388ac7F019557132eD6eA90fB4BAaFde6E81

3. Use MetaMask to Manage Keys

Ontology Network supports developers to use the MetaMask plug-in to manage Ethereum wallet private keys.

MetaMask is a non-custodial wallet. The user’s private key is encrypted with mnemonic words and stored in the local browser. Once the user loses the private key, the use of the wallet cannot be restored. MetaMask connects to Ethereum through Infura. For more detailed information, please click here.

3.1 Install Web3 Environment

The first step is to install the Web3 environment in the dApp:

$ npm install — save Web3

Create a new file named web3.js and copy the following code to the file:

In short, as long as the MetaMask plug-in is installed on the Chrome browser, the Ethereum global variable injected by the plug-in can be used.

In the second step, introduce the following code into your client,

import getWeb3 from’/path/to/web3';

Call the following function:

3.2 Setting Up An Account

We need to obtain an account from the web3 instance created above to send transactions.

The getAccounts() function returns all accounts of the user in MetaMask. accounts[0] is the account currently selected by the user.

3.3 Contract initialization

After completing the above steps, initialize your contract.

3.4 Call Function

Now you can use the contract instance you just created to call any function you want. What needs special explanation is: the function call() is used to complete the pre-execution operation of the contract, for example:

The function send() is used to call the contract to change the state of the contract, for example:

Stay tuned for Part 3, for a demonstration of the Ontology EVM contract development process!

Learn more about our decentralized data and identity solutions on our website and official Twitter account. You can also chat with us on Telegram and keep up-to-date with the latest news via our Telegram Announcement account.

Other Resources

LinkedIn / Medium / Facebook / Reddit / DiscordYouTube

Everything You Need To Know About Ontology EVM Contract Development was originally published in OntologyNetwork on Medium, where people are continuing the conversation by highlighting and responding to this story.


Northern Block

Creating Social Inclusion Opportunities for African Youth with Lohan Spies

 Listen to this Episode to learn about how Yoma (by UNICEF) is using SSI to create social inclusion opportunities (LEARN, EARN, IMPACT). Introduction Yoma is a youth marketplace that is incubated by UNICEF in Africa.  It enables youth to Learn (through Yoma learning partners), Earn (through employers in the ecosystem) and Thrive by completing Impact […] The post <strong>Creatin


Listen to this Episode to learn about how Yoma (by UNICEF) is using SSI to create social inclusion opportunities (LEARN, EARN, IMPACT).

Introduction

Yoma is a youth marketplace that is incubated by UNICEF in Africa.  It enables youth to Learn (through Yoma learning partners), Earn (through employers in the ecosystem) and Thrive by completing Impact challenges (e.g., plastic clean-up, reforestation) that benefit our environment and communities.  All of this is enabled through a SSI-enabled digital CV and personalized learning environment. 

About Episode
During this conversation, we discuss:

An overview of Foundational Government Identity in Africa How Yoma creates Digital IDs, Digital Verifiable VCs and a Skills Backpack for Youth Yoma’s approach at both Global and Local Governance Frameworks Building the Yoma Ecosystem, by Onboarding both demand and supply side participants to the table What the future holds for Specialized, Intelligent Agents How technology can be used to further the Impact Economy

About Guest

Lohan Spies is the Founder & CEO of DIDx, a South African company focused on self-sovereign identity. Lohan is thought leader in decentralized identity and well tapped into the pulse on the African continent. DIDx is also a founding steward of the Sovrin Network.

Lohan also acts as the technical lead for the Yoma Foundation, a UNICEF organization that is using SSI to empower African youth to learn, earn and create impact.

 

LinkedIn: https://www.linkedin.com/in/lohanspies/ Twitter: https://twitter.com/lohanspies

The post <strong>Creating Social Inclusion Opportunities for African Youth</strong> with Lohan Spies appeared first on Northern Block | Self Sovereign Identity Solution Provider.


KILT

KILT Partners with OnFinality to Offer RPC Services at Launch

OnFinality, a leading blockchain infrastructure as a service platform, is providing scalable RPC (Remote Procedure Call) services to KILT Protocol from the first block. OnFinality’s globally distributed API service provides reliable and scalable endpoints for developer applications. KILT’s global community can now benefit from high-performance RPC archive nodes when they build decentralised, verif

OnFinality, a leading blockchain infrastructure as a service platform, is providing scalable RPC (Remote Procedure Call) services to KILT Protocol from the first block. OnFinality’s globally distributed API service provides reliable and scalable endpoints for developer applications. KILT’s global community can now benefit from high-performance RPC archive nodes when they build decentralised, verifiable credentials on the KILT network.

This service is currently online and can be connected to via these endpoints:

https://spiritnet.api.onfinality.io/public wss://spiritnet.api.onfinality.io/public-ws Why KILT is working with OnFinality

OnFinality’s mission is to support all blockchain organizations in the world by providing core infrastructure so they can focus on their core businesses. OnFinality’s API Service is free for the KILT community (within fair usage limits) and is built with scalability in mind. OnFinality is serving over 200 million JSON RPC requests to its public API service every day.

OnFinality also provides a one-click-deploy node service that allows customers to deploy their own KILT Spiritnet validator and collator nodes in OnFinality’s platform.

“Working with the OnFinality team was a seamless experience as we secured a Kusama parachain and launched mainnet last week. We are very aligned in our mission to support builders across the Polkadot ecosystem”, said Ingo Rübe, founder of KILT Protocol and CEO of BOTLabs GmbH.

Sam Zou, CEO of OnFinality, “We admire what KILT is working on, providing a fundamental identity service for blockchain developers, which has parallels to OnFinality’s focus on fundamental infrastructure services. Our team has really enjoyed working with KILT, their professionalism is unrivaled in this industry and they’ve provided OnFinality with extremely useful feedback on our service”.

You can run production applications that need performant access to the KILT network using OnFinality’s services. OnFinality will actively manage these clusters; as requests and usage increase they will dynamically scale their infrastructure to maintain service levels to OnFinality’s users. You can read more about OnFinality’s infrastructure here.

___________________________________________________________________

About KILT Protocol

KILT is an open-source blockchain identity protocol for issuing self-sovereign, anonymous and verifiable credentials for Web 3.0. KILT enables innovative business models around identity and privacy, addressing the need for reliable identity solutions in the digital world. It allows users to claim personal attributes, have them attested by trusted entities, and store the claims as self-sovereign credentials. KILT Protocol is developed by BOTLabs GmbH in Berlin and is the technology on which SocialKYC, a decentralised identity verification service, is built.

Website| Medium | Twitter | Github| TelegramYouTube

About OnFinality

OnFinality is a SaaS platform that provides infrastructure and developer tools that saves developers hours and allows you to grow with confidence. Their mission is to help blockchain and dApp developers build the decentralised future faster.

Website | Twitter | LinkedIn | TelegramMedium

KILT Partners with OnFinality to Offer RPC Services at Launch was originally published in kilt-protocol on Medium, where people are continuing the conversation by highlighting and responding to this story.


Space Elephant \ Unikname

Unikname Quorum – Le vote décentralisé

L’article Unikname Quorum – Le vote décentralisé est apparu en premier sur Unikname.
Unikname Quorum – Le vote décentralisé Juliette Mégret Le vote décentralisé Une nouvelle manière de voter à la fois simple – sécurisée – confidentielle et innovante

Une entreprise peut souhaiter consulter ses collaborateurs, clients ou partenaires pour de multiples raisons, en les sollicitant lors de son assemblée générale, pour obtenir d’eux un retour sur un événement donné ou pour n’importe quel autre type de prise de décision collective.

Elle doit alors choisir un processus de vote efficace parmi le vote traditionnel ou des mécanismes de vote électronique existant.

Unikname propose un nouveau type de vote électronique décentralisé complètement sécurisé, 100% confidentiel et très facile d’utilisation. Grâce à la technologie de la blockchain Unikname Network et aux propriétés de vérifiabilité de ses service providers, Unikname Quorum permet d’atteindre un haut niveau de confiance.

Introduction aux systèmes de vote Le vote traditionnel

Le vote traditionnel, sous forme de bulletin papier, est simple dans la théorie, mais compliqué et coûteux dans son organisation.

Pour mettre en place un tel processus, les participants doivent se déplacer, et pour qu’il y ait suffisamment de confiance dans ce scrutin, un certain nombre d’observateurs doivent surveiller le déroulement des différentes étapes. L’expérience de vote est alors fastidieuse pour les votants.

De son côté, l’organisation doit mobiliser un nombre important de personnel afin d’assurer le bon déroulement du scrutin. Les bulletins doivent être préparés et distribués en amont et l’accès au scrutin doit être contrôlé. À la clôture du vote, l’organisation doit encore s’atteler aux étapes de dépouillement et de publication des résultats, le tout sous la surveillance d’observateurs, garants de la conformité du processus.

Le temps du dépouillement est proportionnel au nombre de votants et/ou au nombre de personnel participant au dépouillement. Il y a donc un délai non négligeable entre la clôture du scrutin et la publication des résultats.

Une telle organisation permet de garantir un haut niveau de transparence et de confidentialité mais elle est très coûteuse pour une entreprise.

Le vote électronique

Depuis une vingtaine d’années, de nombreux algorithmes et protocoles de vote électronique ont fait leur apparition, promettant de réduire les coûts et les délais. Cependant, il existe des réticences à déployer ces solutions en raison de problèmes de confiance. Depuis leur première mise en place au début des années 1990 en Belgique, beaucoup de failles de sécurité ont été remontées, notamment sur le non-respect de la confidentialité des votes, ou de l’aspect invérifiable des résultats.

Si certains organismes ou même certains pays (comme l’Estonie) utilisent fréquemment des systèmes de vote électronique, ces processus ne font toujours pas consensus.

Pour le cas du vote en entreprise, en plus de la problématique de la confiance et de la sécurité, les professionnels font face à un obstacle supplémentaire : la multiplicité de plateformes. Utiliser une plateforme dédiée au vote électronique oblige ses utilisateurs à prendre en main une énième application, à gérer un énième identifiant, à s’authentifier selon un processus spécifique… Finalement ce qui est gagné en temps est perdu en complexité.

L’idéal serait donc une solution pleinement intégrée dans le système d’informations de l’entreprise, fortement sécurisée et respectueuse de la vie privée de ses utilisateurs. Ne serait-ce pas là toutes les valeurs de la Plateforme SSI Unikname 😉 ?

Le vote décentralisé avec Unikname Quorum

L’organisation d’un vote traditionnel repose sur quatre acteurs ou entités principales : le commissaire chargé de déclarer le scrutin et de constituer la liste électorale, les assesseurs responsables de l’administration du déroulement, l’urne permettant l’anonymisation des bulletins et les décompteurs organisant le dépouillement. Il y a également des observateurs invités à vérifier que chacun remplit bien son rôle.

Sur Unikname Network, ces différents rôles de commissaire, d’administrateur, de service d’anonymisation et de dépouilleur sont tenus par des service providers dédiés. Les Service Providers sont des petits programmes développés par la société Unikname ou ses partenaires s’exécutant sur le réseau Unikname Network. Ces programmes sont open-source, ce qui permet à n’importe qui de devenir observateur d’un vote en vérifiant que les service providers remplissent correctement leurs missions. Ils sont représentés sur le réseau par leur propre UniknameID, l’identifiant décentralisé Unikname, qui leur permet de signer des opérations, de s’authentifier ou encore d’enregistrer des transactions dans la blockchain.

Le commissaire, l’administrateur, le service d’anonymisation et de dépouilleur interviennent chacun leur tour dans les différentes étapes du vote pour garantir les exigences suivantes :

=

L’Exactitude – Un vote ne peut pas être modifié, supprimé, ni fabriqué artificiellement

=

La Vérifiabilité – Les votants peuvent vérifier que leur vote est comptabilisé

=

La Confidentialité – Personne qui ne peut pas connaître le vote d’un participant

=

L’Exclusivité – Seuls les membres de la liste électorale peuvent voter et ils ne le peuvent qu’une seule fois

=

La Non interférence – Aucun résultat ne peut être publié avant la fin du scrutin

Le déroulement du vote

Le vote décentralisé avec Unikname Quorum s’organise en trois étapes : l’enregistrement, le processus de vote et le dépouillement. À chacune de ces étapes, des informations permettant la transparence du scrutin et la vérification des exigences ci-dessus sont écrites dans la blockchain par les Service Providers. Des SSI credits sont échangés entre les différentes parties pour permettre l’accès aux différents services de la Plateforme SSI Unikname, comme par exemple les services d’écritures.

L’enregistrement

L’organisateur du scrutin contacte le commissaire pour préparer avec lui la liste électorale et les conditions de vote en échange de SSI credits. L’ensemble des crédits sont envoyés au commissaire qui va se charger de les répartir parmi les Service Providers concernés. Ainsi les participants pourront interagir avec eux sans avoir à manipuler de SSI credits.

Les informations seront écrites anonymement dans la blockchain par le commissaire et sous le contrôle de l’organisateur. Ainsi, les règles ne pourront pas être modifiées par la suite.

L’organisateur prend ensuite contact avec les participants pour les inviter à participer au scrutin. Le processus de vote

Pour voter, les participants vont d’abord s’authentifier auprès de l’administrateur pour que celui-ci vérifie qu’ils sont bien inscrits sur la liste électorale et qu’ils n’ont pas encore voté. Grâce à des mécanismes d’anonymisation, cette vérification peut se faire sans que les votants n’aient à partager leur UniknameID avec l’administrateur.

Une fois les vérifications effectuées, l’administrateur signe une autorisation qui permet aux participants d’envoyer leur bulletin au service d’anonymisation. Ce dernier enregistre alors une transaction de vote, sous le contrôle du votant, pour prouver que ce dernier a bien participé au scrutin. Ensuite, le service d’anonymisation applique des algorithmes permettant de casser les liens entre un participant et son vote, puis conserve tous les bulletins jusqu’à la clôture du scrutin.

Naturellement, le vote d’un participant est chiffré localement directement dans son appareil et les échanges entre les différentes parties se font sous un protocole de type end-to-end encryption. À partir du moment où le bulletin a quitté l’appareil du votant, aucune entité n’a la possibilité d’en connaître le contenu avant le dépouillement.

Le décompte des votes et la publication des résultats

Lorsque le scrutin touche à sa fin, le dépouilleur reçoit l’ensemble des bulletins anonymisés. Il est le seul Service Provider capable de les déchiffrer, mais il n’est pas capable de faire de lien entre les votes et les votants.

Il va alors construire un arbre de Merkle dont les feuilles sont l’ensemble des votes, ce qui permet à chaque participant de vérifier que son vote est comptabilisé. Le résultat publié est incontestable. La racine de l’arbre est écrite par le dépouilleur dans la blockchain Unikname Network afin de garder une trace du résultat et pour que l’issue du vote ne puisse pas être modifiée par la suite.

Un système de vote intégré

Comme pour les autres modules Unikname, Unikname Quorum est conçu pour s’intégrer facilement dans le système d’information d’une entreprise, via une application dédiée ou directement dans un processus déjà déployé.
Pour mettre en place un système de vote, organisateurs et participants n’ont besoin que de leur UniknameID, le même leur permettant aussi de s’authentifier ou d’échanger des données sensibles.

Grâce à son architecture décentralisée, Unikname Quorum est une solution de vote avec une haute disponibilité, peu coûteuse et aussi facile à déployer qu’à utiliser. Les professionnels peuvent se re-concentrer sur le contenu de leurs assemblées générales ou l’organisation des événements à évaluer, l’organisation des scrutins devient une formalité.

Besoin d’une démo ? Rencontrez les équipes Unikname pour échanger autour de votre projet d’innovation ! Contact

L’article Unikname Quorum – Le vote décentralisé est apparu en premier sur Unikname.


Ocean Protocol

OceanDAO Round 9 Results

7 new funded projects join OceanDAO; over 40K OCEAN burned OceanDAO Grants Hello, Ocean Community! The OceanDAO is pleased to share the results of the 9th round of our community grants initiative. A total of 300,000 USD was available in OceanDAO Round 9. At a conversion rate of 0.77 OCEAN/USD, 389,610 OCEAN tokens were available. In Round 9, all participants were funded without any proje
7 new funded projects join OceanDAO; over 40K OCEAN burned OceanDAO Grants

Hello, Ocean Community!

The OceanDAO is pleased to share the results of the 9th round of our community grants initiative.

A total of 300,000 USD was available in OceanDAO Round 9. At a conversion rate of 0.77 OCEAN/USD, 389,610 OCEAN tokens were available.

In Round 9, all participants were funded without any projects being downvoted and the excess of funds that were not allocated to any grants recipients will be burned. OCEAN burned is a signal of the extra room available for new grants.

The results are in:

Round 9 included 7 first-time projects and 10 returning projects requesting follow-up funding.

349,001.00 $OCEAN has been granted and 41,240.68 $OCEAN will be burned in Round 9.

Ocean Protocol is dedicating ever-growing resources for growth, any amount remaining and not captured by proposals, is burned. In addition, more voters are voicing their opinion and demanding projects to increase transparency and collaboration with the community.

Burned $OCEAN will be sent to address 0x000000000000000000000000000000000000dEaD, forever decreasing total $OCEAN in circulation.

OceanDAO Round 10 and announcements are coming tomorrow. Keep an eye out on Twitter @oceanprotocol and our blog for the full announcement. New highlights include:

New funding tiers

For up-to-date information on getting started with OceanDAO, we invite you to get involved and learn more about Ocean’s community-curated funding on the OceanDAO website.

The goal is to grow the DAO each round. We encourage the Ocean ecosystem to apply or re-apply AND to vote! Thank you to all of the participants, voters, and proposers.

OceanDAO Round 9 Results

You can find the full overview on our Round 9 — Votes page.

Round 9 Rules

Proposals with 50% or more “Yes” Votes received a grant, until the “Total Round Funding Available” is depleted in descending number of votes received order.

29% of “Total Round Funding Available” was earmarked for New Projects. Earmarked proposals were eligible for entire “Total Round Funding Available”; returning (general) grants were eligible for 71%.

The grant proposals from the snapshot ballot that met these criteria were selected to receive their $OCEAN Amount Requested to foster positive value creation for the overall Ocean ecosystem.

Voting opened on Sept 9th at 23:59 GMT Voting closed on Sept 13th at 23:59 GMT

Proposal Vote Results:

17 proposals submitted 17 funded or partially funded 29 Unique Wallets Voted 204 voters across all proposals (same wallet can vote on multiple proposals) 195 total Yes votes 9 total No Votes 16,119,232.40 $OCEAN voted Yes on proposals 146,450.94 $OCEAN voted No on proposals 16,265,683.34 $OCEAN Tokens voted across all proposals 349,001.00 $OCEAN has been granted 41,240.68 $OCEAN will be burned Recipients

Congratulations to the grant recipients! These projects have received an OceanDAO grant in the form of $OCEAN tokens.

See all the expanded proposal details on the Round 9 Ocean Port Forum!

If your Proposal was voted to receive a grant, if you haven’t already, please submit a Request Invoice to the Ocean Protocol Foundation (OPF) for the Ocean Granted amount.

Proposal Details

Earmarked Grants

Hama, today most of web2 is dominated by web services (REST, SOAP, Graph etc.). It is a multi billion dollar market that is ready to be disrupted. Hama aims to provide an efficient solution to these service providers to monetise and access control their services using Ocean Protocol.

WorkPi uses Compute-To-Data algorithms on data enclosed in personal Self-Sovereign Identity (SSI) wallets without compromising privacy, we call this Compute-To-SSI.

Datalatte.ai empowers internet users to monetize their own data and provide data scientists with access to non-identifiable users’ data using AI Feature Store at an affordable price.

Ocean Greek Community will create an Ocean Protocol newsletter/blog for the Greek community that will include the most relevant Ocean Protocol blog posts translated in Greek and the podcasts (that are included in the blog posts) in video format with subtitles (Creation of English subtitles as well). Also, create social media channels in order to build the community. Hosted at https://www.oceanprotocol.gr

Duggie is building a Decentralised Protocol that Leverages Crowdsourced Wisdom to source pet stories on the internet, annotate the stories into data unions and publish the stories on OCEAN with the owners/sponsors rewarded with data tokens.

General Grants

Finalized Votes4LPs enables Uniswap V2, Uniswap V3 and Bancor stakers vote in OceanDAO.

DataUnion Foundation uses blockchain technology to establish DataUnions that enable local income, quality data, and data co-ownership.

DataX ‘s vision is a one-stop shop for all Data DeFi needs. We are helping to make data a liquid asset.

Data Whale develops tools that encourage the utility and outreach of Data Tokens. This proposal aims to guarantee the continuity of Data Whale’s efforts to successfully build Data Token infrastructure and promote the eco-system around Ocean Protocol.

Project Coral’s primary goal is to spread the adoption of Web3 technology amongst the scientific community. To reflect this goal, we propose the number of scientific research objects that are created on our platform as a new metric. These projects will be composed of datasets, algorithms, models, and other scientific digital objects, some of which are data tokens.

Ocean Pearl makes it easy to keep track of all proposals, deliverables, progress, and impact on the OceanDAO ecosystem. Users who want to vote also need to touch several platforms to inform themselves (Github, port, vote). As a project owner, you have to write a new proposal based on a text template which is not ideal as formatting differences make it very difficult for automated software to extract the relevant information from a proposal.

Algovera Onshore tackles the general lack of data scientists in the Ocean eco-system. At the same time, there is a demand side issue for datasets on the marketplace. We are onboarding data scientists to Ocean who are natural consumers of data. Web3 values ensure that data scientists have ownership over their creations, and also push towards decentralization of AI.

Posthuman AI allows training and inference of advanced NLP models without viewing model parameters (i.e. ZK-training and inference), using Compute to Data.

ResilientML are developing robust, resilient, interpretable machine learning solutions to data analytics challenges in the blockchain space by combining cutting-edge academic research and industry experience.

Disrupt MLS cuts out the realtors, traditional MLS and associated fees. It takes seller listings and puts them where buyers are, on sites like realtor.com 2, zillow, etc.

Homomorphic Encryption based solution preserves intellectual property and/or privacy of monetized data for participant X and AT THE SAME TIME preserving intellectual property and/or privacy of the monetized algorithm/model applied on that data for participant Y for applications in healthcare and finance.

RAZ Finance catalyzes decentralized economic opportunities by providing collaborative ESG, sustainability, impact and investment data management solutions that enable the realization of verified outcomes

OceanDAO Ecosystem

Continue to support and track progress on all of the Grant Recipients here!

Much more to come — join our Town Halls to stay up to date and see you in Round 9. Thank you!

Follow Ocean Protocol on Twitter, Telegram, LinkedIn, Reddit, GitHub & Newsletter for project updates and announcements. And chat directly with other developers on Discord.

OceanDAO Round 9 Results was originally published in Ocean Protocol on Medium, where people are continuing the conversation by highlighting and responding to this story.


Continuum Loop Inc.

Trust Registries Webinar

  Thanks to those that attended our Trust Registries Webinar and for the attendees and those folks that couldn’t make it, here are a few things for you: Link to the recording Trust Over IP Trust Registry Task Force where we are developing the: Trust Registry Protocol Specification v1 (NOTE: This is the live Google […] The post Trust Registries Webinar appeared first on Continuum Loop Inc..

 

Thanks to those that attended our Trust Registries Webinar and for the attendees and those folks that couldn’t make it, here are a few things for you:

Link to the recording Trust Over IP Trust Registry Task Force where we are developing the:
Trust Registry Protocol Specification v1 (NOTE: This is the live Google Doc where we are making early edits). OpenAPI for a RESTful protocol as an initial implementation – managed in GitHub. NOTE: The above links for the Specification and OpenAPI files will likely change. They will always be referenced from the Trust Registry Task Force though. Be sure to reach out via our Contact Us page – we’re happy to jump on a call to see how we can help you examine where a Trust Registry may fit in your business ecosystem. We will also get you hooked up with our (semi-)monthly newsletter where we share a few key things that have been shifting in the industry. Pan-Canadian Trust Framework – The Public Sector Profile drove a lot of the CIO Strategy Council standard CAN/CIOSC 103-1:2020, Digital Trust and Identity – Part 1 Fundamentals. The Public Sector Profile (not to be confused with the DIACC PCTF which shares the same name but has a different aim) is globally recognized. 

QUESTIONS!

Questions started at about [46:30]  – though some questions came earlier. We covered: “I don’t trust organizations and corporations” – where we point out the “decentralize the world” approach goes to far. Phoning home – (hint: no it doesn’t need to phone home) Where are Holders Authorized? (hint: Knowing if you can trust Bubba’s Wallet may be more important…) Canadian Digitial Identities are emerging – can startups leverage this?  Explain the Role of Government in ecosystems.  “Can a third party discover who I trust from a trust registry?” How will interoperability work between trust registries?

As to where we need to go, we covered that in the Trust Registries Webinar as well… 

Trust Registries Webinar

The post Trust Registries Webinar appeared first on Continuum Loop Inc..


Affinidi

Affinidi Sponsors the Resonate Hackathon Conducted by SRM University

Affinidi Sponsors the Resonate Hackathon Conducted by Microsoft Learn Student Ambassadors SRM Do flying cars, Martian holidays, and a secure online world appeal to you? At Affinidi, nothing excites us more than a peek into the future, and more importantly, concrete steps that can get us there. In particular, we are passionate about addressing everyday security and privacy problems using ver
Affinidi Sponsors the Resonate Hackathon Conducted by Microsoft Learn Student Ambassadors SRM

Do flying cars, Martian holidays, and a secure online world appeal to you?

At Affinidi, nothing excites us more than a peek into the future, and more importantly, concrete steps that can get us there. In particular, we are passionate about addressing everyday security and privacy problems using verifiable credentials and we constantly strive to promote the principles of Self-sovereign Identity (SSI) to empower every entity to be in control of his or her data, and determine how and where it must be shared.

Keeping in tune with this objective, we partner with student organizations and developer communities to educate and encourage them to create applications that would widen the SSI ecosystem.

As a part of our initiatives, we have been creating and sharing relevant content, hosting webinars, and sponsoring hackathons, including the upcoming Resonate hackathon by the students of SRM University in Chennai, India.

What do we Offer for Resonate Participants?

We are thrilled to sponsor the Resonate hackathon and here’s what we offer for the participants.

The top 3 projects built on the Affinidi tech stack will be awarded a cash prize worth 10,000 INR in ETH All the submitted projects will be featured on our blog post and social media handles. Winner Verifiable Credential will be awarded to all the members of the winning teams. All other submissions have the opportunity to apply for internships, sign up for the Ambassador program, and earn a Submission Verifiable Credential. Mentorship support for teams that would like to take the idea further Judging Criteria

We will judge every submission on the below aspects.

Your submission should be a Proof of Concept (PoC) application demonstrating a Verifiable Credential based use case that uses Affinidi’s APIs and/or SDK. Should cover the issuance and verification of the VC A working demo that includes the above point Resources

Here are some resources that can get you started.

https://www.affinidi.com/developers Blog: https://academy.affinidi.com VC Schema Generator: https://vc-generator.com/ Repositories — Starter template repos of the driving license use case. How to Build a Verifiable Credential based Application in One Evening: https://www.youtube.com/watch?v=HDyzbBaDul4

For further questions, reach out to us on Discord or email us and we will get back to you at the earliest. Follow us on LinkedIn, Twitter, and Facebook

Good luck to all the participants. We look forward to reviewing your submissions and partnering with you on this SSI journey.

Affinidi Sponsors the Resonate Hackathon Conducted by SRM University was originally published in Affinidi on Medium, where people are continuing the conversation by highlighting and responding to this story.


SelfKey

SelfKey Gets Listed on 7b

We’re thrilled to announce that the native token for SelfKey, $KEY token is now listed on crypto broker platform 7b. The post SelfKey Gets Listed on 7b appeared first on SelfKey.

We’re thrilled to announce that the native token for SelfKey, $KEY token is now listed on crypto broker platform 7b.

The post SelfKey Gets Listed on 7b appeared first on SelfKey.


KuppingerCole

IT for the Digital Age: Introducing BASIS – Business-Driven Agile Secure IT as a Service

by Martin Kuppinger A paradigm for unified delivery of IT services to the business demand, based on automated, policy-based management, and supported by the unification of heterogeneous multi-cloud multi-hybrid IT environments following a services-based approach. Businesses need to reinvent themselves continually in the Digital Age. Every business is a Digital Business today, that needs to deli

by Martin Kuppinger

A paradigm for unified delivery of IT services to the business demand, based on automated, policy-based management, and supported by the unification of heterogeneous multi-cloud multi-hybrid IT environments following a services-based approach.

Businesses need to reinvent themselves continually in the Digital Age. Every business is a Digital Business today, that needs to deliver and improve Digital Services that differentiate it from the competition. This requires an IT that is built to deliver to the business demand in an agile, yet secure and well-controlled manner.

This will work only when reducing the inherent complexity of today’s multi-cloud, multi-hybrid IT, which is here to stay. Part of reducing that complexity is the gradual shift to the cloud, following “cloud-first” strategies. But the recent advent of Edge Computing has demonstrated that parts of IT never will run in the cloud. Beyond that, there is not a single cloud, but many clouds, resulting in a multi-cloud, multi-hybrid IT.

Reduce Complexity by Unification and Automation

The complexity must be reduced by unification, wherever feasible, and by shifting to automated, policy-based management of IT across the “runtime” environments. The starting point is to focus on agile development, delivery, operations, and security of Digital Services, with a clear service focus. Services and the underlying resources are known, as are the users. Focusing on access of everyone (the users) and everything to these services and resources, is best achieved by treating everything as a service, and procuring, delivering, managing, and securing services in a consistent manner across all environments.

Fig. 1: The four main stages of the BASIS approach to plan, build, deliver and run Digital Services in an agile yet secure manner.

BASIS is a concept for delivering IT to meet the demand of the business in an agile, secure way, and with a unified perspective across all IT, be it on-premises, on the edge, or in some cloud. Services are treated in a unified manager, with policy-based automation being applied uniformly across the various environments, and across services.

  Plan, Build, Deliver, and Run – The Essence of BASIS

The starting point for BASIS is a plan – build – deliver –  run approach. It starts with the business demand and a  re-defined IT strategy focused on efficient and agile delivery of IT services to business demands on time, and the IT organization that supports this. For the IT organization, the most important change is that there is no distinction between cloud and on-premises, as it is found in many organizations today, and that the focus is on development, delivery, operations of services, and security.

Build covers both the procurement and development of services, to which deployment model suits best. Cloud first strategies are a recommendation, but the reality is that, e.g., in hospitals or manufacturing, many services will continue to run on-premises. Additionally, software development takes a central role, with software being essential for differentiation of businesses in the Digital Age.

  Application Delivery Necessitates Identity Management and Security Measures

These services need to be delivered, requiring the right setup of the infrastructure, e.g., Kubernetes instances in a public cloud or virtual machines in a private cloud environment, requiring delivery of the applications and services themselves, and the setup of adequate Identity Management and Security for all resources that come with these services and that are consumed by these services.

Once deployed, efficient execution of these services is required, from the cloud or the hybrid IT, thus still potentially involving Data Center operations, as Hybrid Cloud Operations from the edge to the public cloud. It requires Application Management and, last but not least, the IAM (Identity & Access Management) and Cybersecurity to operate these Digital Services securely.

Fig. 2: Key technologies involved in BASIS, integrating development, operations, and security by policy-based automation.

  Building a BASIS Approach

It is apparent that not all parts of a multi-cloud, multi-hybrid IT environment are alike. Not everything in a multi-cloud, multi-hybrid environment can or should be managed in the same manner, starting with different provider and tenant responsibilities. However, what always is under tenant control, can be treated in a uniform manner, especially when internal IT or MSPs also deliver according to the service paradigm known from the cloud, with clearly defined tenant and provider responsibilities.

The essential building blocks for the BASIS approach on agile, secure IT and Digital Service delivery are:

Enterprise Service Management for business service requests, managing services across the entire IT, and providing insight into the assets that must be managed and secured. DevOps for delivering services following agile software development paradigms, including automated testing and delivery into the operations environment of choice. These environments must be managed, across the entire multi-cloud, multi-hybrid IT environment. The depth and breadth of management required differs. In a public cloud, less management is required, but even there, several services must be managed and monitored. Policy Management & Enforcement is a central component, as the foundation for automating the management of service delivery. Identity & Access Management as well as Cybersecurity are essential for delivering services securely and managing everyone and everything that has access to services and the underlying resources.

All this must be well-integrated, being backed by access to information about the current state of IT across the multi-cloud, multi-hybrid environment.

Fig. 3: The key actions to take in delivering to the BASIS model.

  Guiding Principles for BASIS

IT leaders must take various actions in each area to implement the BASIS approach for the agile delivery of IT services in a secure manner:

Plan: The main focus is to shift IT consequently to a business service delivery organization, driven by business demand. This requires alignment of development, operations across the multi-cloud, multi-hybrid IT environment, Identity & Access Management for the Digital Identities of everything and everyone, and Cybersecurity. Responsibilities as well as interfaces between the various areas must be well-defined. Build: These interfaces include, at a technical level, Identity & Security API layers that allow developers to easily and efficiently consume identity and security services for the Digital Services they are creating. It also requires interfaces to all current IT states, across the entire multi-cloud, multi-hybrid IT, as well as to service requests and the state of IT services. Only when the applications, services, identities, and other elements are known and their state is accessible, a unified management can be applied. Deliver: Delivery starts with policies that form the foundation for automation. Policies are rather easy to describe. However, with a growing number of policies, support by technology, including AI/ML, will be required for proposing, analyzing and optimizing policies. Policies are best described at generic levels and then – by technology – translated into the concrete policies and measures for the various parts of the IT environment. Run: This starts with the enforcement of a consistent service request & delivery process and implementing and enforcing the policy-based automation approach. Last but not least, the identity and security models must be implemented and enforced, for consistent control of all the resources in today’s complex, heterogeneous IT environments.

Guiding principles for BASIS:

Business requests IT Services, business demanding new or modified IT services, or initiates change Unified view on IT Services services as foundation – one IT, across the entire multi-hybrid, multi-cloud environments Policy-based automation instead of manual administration or coding Development is agile, consuming identity & security services via APIs, returning status/requirements as feedback, and as input to operations Automation of identity, security and infrastructure setup & management

Our recommendation is to revisit the IT organization according to BASIS, for delivering Digital Services successfully and at the speed of the business.


Elliptic

Crypto Regulatory Affairs: FCA Chair Lays Out Token Regulation Challenges

🇬🇧 FCA Chair Lays Out Token Regulation Challenges

🇬🇧 FCA Chair Lays Out Token Regulation Challenges


SWN Global

Next MMUI Listing: Bitforex Exchange

Dear MetaMUI community, We are glad to announce that MMUI will be listed on Bitforex exchange this coming Thursday with two trading pairs, MMUI/USDT and MMUI/ETH. Listing Time: MMUI deposit will open on 2021/09/15 17:00 (GMT+8) MMUI/USDT, MMUI/ETH trading will open on 2021/09/16 17:00 (GMT+8) MMUI withdrawal will open on 2021/09/16 17:00 (GMT+8) Currently, we are focusing on

Dear MetaMUI community,

We are glad to announce that MMUI will be listed on Bitforex exchange this coming Thursday with two trading pairs, MMUI/USDT and MMUI/ETH.

Listing Time:

MMUI deposit will open on 2021/09/15 17:00 (GMT+8) MMUI/USDT, MMUI/ETH trading will open on 2021/09/16 17:00 (GMT+8) MMUI withdrawal will open on 2021/09/16 17:00 (GMT+8)

Currently, we are focusing on introducing our CBDC (Central Bank Digital Currency) and SSID (Self-Sovereign Identity) solutions to nations and central banks throughout the world.
We are also preparing our business related to NFTs and Asset Tokenization.

Please stay tuned for more news and updates.
Every public announcement will be announced through our SNS channels.

Twitter: https://twitter.com/MUIcommunity
Telegram: https://t.me/SovereignWallet_Official (Official Channel)
Facebook: https://www.facebook.com/SovereignWallet

We always appreciate your support and interest in our project.
Thank you.

Monday, 13. September 2021

Indicio

Turing Trustworthy Digital Identity Conference

The post Turing Trustworthy Digital Identity Conference appeared first on Indicio Tech.

KuppingerCole

Zero Trust Use Cases

Zero Trust Use Cases: a pragmatic look from well-known use cases to lesser known ones. Focus will be on real world examples and situations proven in practice rather than on formal compliance. Further on we will have some critical thoughts on this topic.   Key Topics: * What is Zero Trust? * Some appliances for Zero Trust           &n

Zero Trust Use Cases: a pragmatic look from well-known use cases to lesser known ones. Focus will be on real world examples and situations proven in practice rather than on formal compliance. Further on we will have some critical thoughts on this topic.

 

Key Topics:

* What is Zero Trust?

* Some appliances for Zero Trust

              - Well-known use case: Web shop

              - Current use cases: Bring-your-own-device, Bring-your-own-account

              - Further use cases: Micro-segmentation, cloudification

* Some critical thoughts on non-deterministic systems

Eleni Richter, Chief Architect, EnBW


Applying Zero Trust to Humans and Things

The pandemic has dramatically changed how we work, shop, meet and learn. Simple username and password credentials can no longer be part of this new world. They have become every user’s and every IT departments’ nightmare. Connected IoT things are for the first time outnumbering non IoT connections such as Tablet, Phones and PCs and many emerging business models will drive more revenue through IoT-

The pandemic has dramatically changed how we work, shop, meet and learn. Simple username and password credentials can no longer be part of this new world. They have become every user’s and every IT departments’ nightmare. Connected IoT things are for the first time outnumbering non IoT connections such as Tablet, Phones and PCs and many emerging business models will drive more revenue through IoT-enabled services than the products through which they’re delivered. Applying zero trust thinking to all identities including connected things and not just employees and their PCs is therefore a concept organisations will need look into to ensure adequate security measures for their employees and things.

In this session we’ll talk about:

Current challenges of managing IoT devices How identity of things automate and improve user experience The role of IAM in Zero Trust Gerhard Zehethofer, Vice President IoT and Technology Partnerships, ForgeRock


Zero Party Data - knowing without controlling

Applying the principles of self-sovereign identity to financial and social media sourced data points will enable businesses to make better and informed decisions about retention, acquisition and eligibility whilst relieving them of most of their obligations under GDPR. Julian Wilson, Founder, Valido Limited

Applying the principles of self-sovereign identity to financial and social media sourced data points will enable businesses to make better and informed decisions about retention, acquisition and eligibility whilst relieving them of most of their obligations under GDPR.

Julian Wilson, Founder, Valido Limited


Entitlement Management across Hybrid Cloud for Security & Compliance

Companies across the globe are undergoing digital transformation. The main challenge with this approach is the ability to securely manage access for on-premise, cloud and SaaS applications. Entitlement Management across this hybrid landscape requires management of cloud assets, IAM profiles, groups, roles and entitlements in support of Identity Lifecycle Management, Access Management, and Acce

Companies across the globe are undergoing digital transformation. The main challenge with this approach is the ability to securely manage access for on-premise, cloud and SaaS applications. Entitlement Management across this hybrid landscape requires management of cloud assets, IAM profiles, groups, roles and entitlements in support of Identity Lifecycle Management, Access Management, and Access Governance.

Workloads have been running in the cloud since the last decade or so. AWS, GCP and Azure have replaced traditional data centers and companies continue to migrate their production workloads to cloud at blistering pace. So, what changed? Firstly, we are starting to realize that this cloud infrastructure model necessitates a different type of identity and access management solutions as native solutions don’t cover multi-cloud IaaS model and traditional IGA solutions fall short in their scope. Secondly, business goals and priorities are driving engineering teams to work on initiatives without formal approval and oversight. With IaaS it is easy to spin up an instance, assign various resources. As organizations aren’t centrally controlling these spin offs, any vulnerabilities in this growing shadow IT is a target for hackers.

SecurEnds enables entitlement management across hybrid cloud assets for security and compliance.

1. Provide visibility over hybrid-cloud assets
Discover all identities, service accounts, IAM users, roles and policies within single or hybrid cloud the IaaS infrastructure.
See the granular permissions held by IAM Users, Roles and Service Accounts. This is important to define least privilege policies.
2. Provide governance over hybrid-cloud assets
Enforce least privilege policies across all cloud identities to avoid privilege creep.
Routine audits of configurations across cloud environments helps with policy enforcement and compliance.
3: Provide remediation over hybrid-cloud assets
Post identity review kick off automation to rectify privileges

Austin Baker, Director of Sales, SecurEnds


Panel | The State of Decentralized Identity - World Stage

  Raj Hegde, Project Manager, KuppingerCole Dr. Michele Nati, Head of Telco and Infrastructure Development, IOTA Foundation John Phillips, Partner, 460degrees

 

Raj Hegde, Project Manager, KuppingerCole Dr. Michele Nati, Head of Telco and Infrastructure Development, IOTA Foundation John Phillips, Partner, 460degrees


Panel | One Size Doesn't Fit All - Why Identity User Experience Matters More Than Ever in a Zero Trust World

Balancing usability and security is a well-known challenge in the field of identity. With increasing threats to personal and critical business data posed by nation-states and other bad actors, organizations are moving to a default posture of Zero Trust with more and more technology vendors and service providers delivering solutions in the form of complex monitoring and policies designed to kee

Balancing usability and security is a well-known challenge in the field of identity. With increasing threats to personal and critical business data posed by nation-states and other bad actors, organizations are moving to a default posture of Zero Trust with more and more technology vendors and service providers delivering solutions in the form of complex monitoring and policies designed to keep the bad guys out. Knowledge workers, including an increasing population of frontline workers, require and expect seamless collaboration and productivity without barriers that waste time and require technical expertise. And businesses of all sizes are looking for solutions that can be operated by managers and program owners who are not necessarily identity and security experts. At the same time, individuals are drowning in a sea of passwords and clamoring to maintain their privacy and preventing compromise in their personal lives. With more signals, potentially come more annoyances, and with more annoyances come to the proliferation of unsafe practices. As vendors and enterprises dedicated to secure and seamless identity, it is our responsibility to invest in a more secure future while remaining dedicated to solutions that guarantee higher security but are even easier and more delightful to use than today's conventional solutions. FIDO2 and the move towards passwordless solutions are getting more adoption, but still carry with them some experience challenges in onboarding and recovery. Innovations like distributed identity show promise in decentralizing ownership of personal data and putting control back in the hands of end-users but are in very early days. EIC represents the industry and our commitment to creating trustworthy frameworks that protect organizations and people.

Join a panel of experts to share their thoughts on how we can continue on a pace of innovation in zero-trust while maintaining trust and usability for everyday people in a digital world.

- innovation requires investment across security, privacy, and usability

- abstracting complexity from both end-users and operators is more important than ever

- vendors and enterprises owe it to their users to consider everyday user experience a vital part of creating a secure environment

Paul Fisher, Senior Analyst, KuppingerCole Robin Goldstein, Partner Group Program Manager, Microsoft Alexander Koch, VP Sales DACH & CEE, Yubico


Airbus Expert Perspective: Managing Third-Party Identity Risk in the Supply Chain

As a leader in innovative aerospace manufacturing with locations across the world, Airbus recognized the need to fortify its third-party identity management processes to better meet the operational efficiency and security needs of its evolving business and supply chain. Specifically, Airbus wanted to upgrade its identity management capabilities around lifecycle management, data quality, and obsole

As a leader in innovative aerospace manufacturing with locations across the world, Airbus recognized the need to fortify its third-party identity management processes to better meet the operational efficiency and security needs of its evolving business and supply chain. Specifically, Airbus wanted to upgrade its identity management capabilities around lifecycle management, data quality, and obsolescence management for its third-party, non-employee users.

Benjamin Gasperi, On/Offboarding Product Manager, Airbus Guillaume Lugat, Head of Identity & Access Management, Airbus


From a Business Centric Consent Management Paradigm to a User Centric One

I today's digital world (post EU DMA, DSA, DGA regulation proposals (now tabled in EU Parliament for legislative approval by 2023), GAIAx birth in Europe and eprivacy new regulations adoption, the hard line separation between personal and non personal data is blurring and companies have yet understood what this means for them. While they thought that only personal data needed to be consented,

I today's digital world (post EU DMA, DSA, DGA regulation proposals (now tabled in EU Parliament for legislative approval by 2023), GAIAx birth in Europe and eprivacy new regulations adoption, the hard line separation between personal and non personal data is blurring and companies have yet understood what this means for them. While they thought that only personal data needed to be consented, now it's all the data that need the consent log prof for each digital identity they get associated to. Europeans have also created a new "notion" of cloud (GaiaX). A cloud where data can circulate freely, can be shared and mutualised (upon consent). This will have implications. Huge implications as GaiaX carries the option to "import/acquire" data also originated from other entities (including from outside Europe). The transfer mechanism will only be possible upon user express consent, voluntarily. User will need to be incentivised to agree to share. Since transfer can only be performed by users, and with consent, that will in fact open up to a secondary data market which sees the consent log representing a "transaction event'. Hence privacy will exit the framework compliance to enter the framework of "strategy and business development'. The contextual "data" hunt can begin (vs big data paradigm which fades aways). The de-monopolisation of consumer data, too.

Insights in how the new european digital policy opens to new business (data driven) opportunities;

Explanation of what market what solutions are available (commercial) to deploy (large or small companies, pubic sector, etc) to meet this important shift in data monetization strategies

Get access to information about partnerships/research projects linked to data portability implementation

Isabella de Michelis di Slonghello, CEO and founder, ErnieApp


How to Stay Relevant in the Age of Conversational Banking

The age of conversational banking represents a transformation of how and when banks interact with their users. Şebnem Elif Kocaoğlu-Ulbrich, Founder, Contextual Solutions

The age of conversational banking represents a transformation of how and when banks interact with their users.

Şebnem Elif Kocaoğlu-Ulbrich, Founder, Contextual Solutions


Malware Manipulated in Cloud Environments - Is it Dangerous?

During this presentation, I'll show how the effects can bring in inside the Cloud environment if was exploitable by Malware using PDF file, explaining how each session works within a binary, what are the techniques used such as packers, obfuscation with JavaScript (PDF) and more, explaining too about some anti-desassembly techniques, demonstrating as a is the action of these malwares and where it

During this presentation, I'll show how the effects can bring in inside the Cloud environment if was exploitable by Malware using PDF file, explaining how each session works within a binary, what are the techniques used such as packers, obfuscation with JavaScript (PDF) and more, explaining too about some anti-desassembly techniques, demonstrating as a is the action of these malwares and where it would be possible to "include" a malicious code.

Filipi Pires, Security Researcher, THOR - Threat Hunting Offensive Researcher


Driving Business Value in the Enterprise with Zero Trust

With the merger of AOL+Yahoo, the newly formed Enterprise Identity team had the challenges of planning to support the cloud-first future of the new company Oath (which would become Verizon Media), building a new Identity ecosystem with Zero-Trust methodologies, and supporting a security-minded culture. Bryan Meister, Senior Principal Architect, Yahoo

With the merger of AOL+Yahoo, the newly formed Enterprise Identity team had the challenges of planning to support the cloud-first future of the new company Oath (which would become Verizon Media), building a new Identity ecosystem with Zero-Trust methodologies, and supporting a security-minded culture.

Bryan Meister, Senior Principal Architect, Yahoo


Why We Need Guardianship in the Digital World, and How We Might Approach Delivering Guardianship Using Verifiable Credentials

  Guardianship is a condition of life in human societies. When we are young we may be looked after by parents until we become adults. When we are adults we on occasions need others to look after us, and sometimes we may need increasing levels of care as we age. In our physical world, we may recognise a guardianship role between parents and children and within families, and we may have

 

Guardianship is a condition of life in human societies. When we are young we may be looked after by parents until we become adults. When we are adults we on occasions need others to look after us, and sometimes we may need increasing levels of care as we age.
In our physical world, we may recognise a guardianship role between parents and children and within families, and we may have more or less sophisticated laws to recognise instances where someone needs to take care of another for medical, financial or other needs.
While the concept of Guardianship is reasonably well developed and understood in our physical lives, it is scarcely considered in our digital lives. Very few (if any) considerations are made for the possibility that someone may need another to look after their affairs online. Without this consideration, we resort to poor approaches such as where a Guardian needs to "log in" as the dependent, without the visibility of the service provider, or has to prove their Guardianship status to a service provider who is physically remote and often in a different legal jurisdiction.
In late 2019, the Sovrin Task Force on Guardianship wrote a white paper on Guardianship considering these issues against two specific use cases: a child refugee and an adult living with dementia. A Working Group was established at the beginning of 2020 to develop these ideas further within the context of Trust over IP and has produced two key documents: an Implementation Guide to Guardianship using Verifiable Credentials, and a Technical Requirements document for Guardianship using Verifiable Credentials.
I would like to present these new pieces of work and, hopefully, engage in a discussion on guardianship in the digital world.
**Please note that this work was created by a team working with the not-for-profit Sovrin Organisation and is provided on a Creative Commons BY SA 4.0 Licence**

John Phillips, Partner, 460degrees


From top-down ecosystems to collaborative ones

Traditional identity and access management solutions built so far on the trust for selected identity providers and their adoption from an ecosystem of identity owners and identity verifiers. The decentralized identity paradigm is disrupting these ecosystems and required more democratic collaboration and competition among a number of identity and credential issuers, identity owners,
Traditional identity and access management solutions built so far on the trust for selected identity providers and their adoption from an ecosystem of identity owners and identity verifiers. The decentralized identity paradigm is disrupting these ecosystems and required more democratic collaboration and competition among a number of identity and credential issuers, identity owners, and verifiers selecting and using them. This requires not only to design and implement new technologies but also to identify new business opportunities and business models. Collaboration, experimentation, and evaluation are the road to adoption, and the EU collaborative H2020 research and innovation framework offers the opportunity to de-risk such collaborations, in favor of innovation. This talk will present the activities and lessons from three EU collaborations, CityExhcange, ENSURESEC and ORCHRESTRA, generating innovation with the adoption of decentralized identities for individuals, things, and organizations among complex stakeholders ecosystems in the smart energy, e-commerce, and smart transport domains.

 

Dr. Michele Nati, Head of Telco and Infrastructure Development, IOTA Foundation


Panel | Building Trust with CIAM

Armin Bauer, Managing Director Technology and Founder, IDnow GmbH Paul Fisher, Senior Analyst, KuppingerCole John Erik Setsaas, VP of Identity and Innovation, Signicat AS
Armin Bauer, Managing Director Technology and Founder, IDnow GmbH Paul Fisher, Senior Analyst, KuppingerCole John Erik Setsaas, VP of Identity and Innovation, Signicat AS


The impact of agile on progressing Identity Security

After applying an agile way of working for the last three years the Rabobank Identity & Access Management service has gone through a transformation. The increased autonomy of teams, using backlogs with prioritized epics, applying agile rituals in order to create space for growth in applying agile principles, all of these have affected how IAM services are developed and delivered. Where the

After applying an agile way of working for the last three years the Rabobank Identity & Access Management service has gone through a transformation. The increased autonomy of teams, using backlogs with prioritized epics, applying agile rituals in order to create space for growth in applying agile principles, all of these have affected how IAM services are developed and delivered. Where the arena is uncertain and customers have a somewhat-defined request the agile, iterative approach works. Yet where the arena is regulatory governed and compliance driven an agile approach works less. The impact of incidents in a 24x7 security service immediately reflects itself on the development of the service when a devops team is used. The strain between waterfall project management and this agile approach is not instrumental but conceptual. Aligning expectations with the wider organization is a challenge in itself. This presentation will demonstrate the pros and cons of agile on IAM.

Agile pitfalls
Alignment with the wider organization (using waterfall and deadlines)
Where agile works well and where it does not
Countering the management drive for 'new and improved', whilst also applying agile

Henk Marsman, Lead Product Manager IAM, Rabobank


Siemens Zero Trust Architecture in 2021 and Beyond

Siemens AG drives the comprehensive Zero Trust program enabling most areas of Cyber Security, Enterprise and Product IT. In the presentation we are going to share our architecture vision as well as the implementation road map. We are going to share some lessons learned, which we gained on the way we passed so far. Dr. Jan Herrmann, Senior Cybersecurity Architect - Authorization Technologies and

Siemens AG drives the comprehensive Zero Trust program enabling most areas of Cyber Security, Enterprise and Product IT. In the presentation we are going to share our architecture vision as well as the implementation road map. We are going to share some lessons learned, which we gained on the way we passed so far.

Dr. Jan Herrmann, Senior Cybersecurity Architect - Authorization Technologies and IAM, Siemens Dimitri Lubenski, Head of Technology and Innovation (IT Strategy), Siemens


A Primer for SSI in DE

Self-Sovereign Identity – or SSI in brief – is now a major thing. Germany has become one of the world’s key SSI accelerators. Countless people and organizations – small and large – are getting excited and actively involved. Now de facto driving forces are: 1. SSI Pilots by the German Federal Chancellery as first demonstrations of the Digital Identity Ecosystem. 2. IDunion – a solution-oriented res

Self-Sovereign Identity – or SSI in brief – is now a major thing. Germany has become one of the world’s key SSI accelerators. Countless people and organizations – small and large – are getting excited and actively involved. Now de facto driving forces are: 1. SSI Pilots by the German Federal Chancellery as first demonstrations of the Digital Identity Ecosystem. 2. IDunion – a solution-oriented research project co-funded by the German Federal Ministry of Economic Affairs and Energy in the cluster of showcases in Secure Digital Identity. This presentation provides a brief SSI introduction and an update on these two major German SSI initiatives.

Dr. André Kudra, CIO, esatus AG


Journey from Enterprise Strategy to Identity Simplification

In an insurance sector not yet impacted by uberisation, AXA is moving toward its digital transformation. To achieve its key targets, including reduced time to market and improved user experience, AXA has launched several major programs: network, datacenter, workspace, .., and Identity and Access Management. Come discover how AXA leads the IAM program to support its digital transformation thoug

In an insurance sector not yet impacted by uberisation, AXA is moving toward its digital transformation. To achieve its key targets, including reduced time to market and improved user experience, AXA has launched several major programs: network, datacenter, workspace, .., and Identity and Access Management. Come discover how AXA leads the IAM program to support its digital transformation though improved agility, automation & business partnership capacity, both external and internal, while maintaining a high level of security.

– Adapt your IAM program to your context
– Define and maintain the key objectives of your program
– Accept that an IAM program is a transformation program, not a technical program

David Martinache, Manager, Wavestone Fabrice Perrin, Global Program Director, AXA


Going Passwordless and Beyond - The Future of Strong Authentication

The onslaught of account takeover attacks from insecure passwords is driving the rapid adoption of passwordless solutions.  While the risk reduction benefits are substantial, eliminating passwords is just the first step on the path to fundamentally strong authentication.  In the “new normal” era of work from anywhere, and rapidly increasing cloud adoption, organizations are moving to a n

The onslaught of account takeover attacks from insecure passwords is driving the rapid adoption of passwordless solutions.  While the risk reduction benefits are substantial, eliminating passwords is just the first step on the path to fundamentally strong authentication.  In the “new normal” era of work from anywhere, and rapidly increasing cloud adoption, organizations are moving to a new risk-based authentication model.  Advanced organizations are validating users, their devices, and inspecting the security posture of the device for each login.  Strong and continuous authentication is a fundamental building block of Zero Trust. Learn how you can make it happen without making the user experience miserable.

 Discussion topics include:

New cybersecurity and identity management requirements in the post COVID era Traditional MFA vs Passwordless - avoiding the “security vs. painful user experience” tradeoff Device trust and the confluence of cybersecurity and identity management Continuous risk-based authentication 

Takeaways:

Account takeovers and other attacks have increased as a result of distributed working - adopting a solution that removes passwords removes most of the risk MFA has evolved beyond the traditional “password + SMS + pin” approach CISO’s and IT no longer have to trade increased security for user convenience Modern devices allow organizations to leverage the Secure Enclave / Trusted Platform Module for increased security Continuous, risk-based authentication is a key factor in identity and access management Patrick McBride, Chief Marketing Officer, Beyond Identity


What a CISO needs to know about GDPR

Stefan Hessel, Rechtsanwalt I Attorney-at-Law, reuschlaw Legal Consultants
Stefan Hessel, Rechtsanwalt I Attorney-at-Law, reuschlaw Legal Consultants


The #FutureOfMobility is decentralized

Mobility-as-a-service is changing the way people move. From mobility based on driving your own car, it is converging to the consuming of various services using multiple modes of transportation. Ranging from eScooters, bicycles, ride-sharing to car-sharing, ride-hailing and public transport. Dr. Harry Behrens, Founder and CTO, Power & Mobility Ltd - bloXmove.com

Mobility-as-a-service is changing the way people move. From mobility based on driving your own car, it is converging to the consuming of various services using multiple modes of transportation. Ranging from eScooters, bicycles, ride-sharing to car-sharing, ride-hailing and public transport.

Dr. Harry Behrens, Founder and CTO, Power & Mobility Ltd - bloXmove.com


FIDO for Developers - How Developers Can Master FIDO and Passwordless Authentication Without Adding Unnecessary Complexity.

The paradox of simplicity is that making things simpler is hard work. - Bill Jensen  Building strong passwordless authentication from scratch can be very time-consuming. Integrating the necessary infrastructure into a typical password-centric identity code base increases code complexity exponentially. Taking into consideration that well-known user flows have to be changed and enhanced with

The paradox of simplicity is that making things simpler is hard work. - Bill Jensen

 Building strong passwordless authentication from scratch can be very time-consuming. Integrating the necessary infrastructure into a typical password-centric identity code base increases code complexity exponentially. Taking into consideration that well-known user flows have to be changed and enhanced with new authentication options may also pose significant challenges for developers. They have to get it right - and make it as simple as possible for the end user.

 In this talk, we highlight possible pitfalls and necessary considerations when implementing passwordless FIDO and WebAuthn protocols. You will recognize how a cloud-native approach can simplify the integration of passwordless authentication and smoothen the requirements for developers and product owners of any online service. You’ll also learn how to gradually migrate existing users to the new authentication methods in a frictionless manner.

Join us to explore three possible abstraction layers we’ve identified to take the complexity away when dealing with FIDO and passwordless multi-factor authentication. Ranging from utilizing a managed FIDO API and SDKs up to a fully-fledged passwordless-native identity provider that can be integrated with OpenID Connect. We also will share some secrets on useful extensions of the FIDO standards we’ve identified when building our passwordless user experiences.

 Felix Magedanz, founder and CEO, Hanko.io




How Biometric Face Verification Enables Effortless IAM in a Zero Trust Environment

Now more than ever, the world is operating online. Governments and enterprises need a way of securely verifying an individual’s identity whilst providing an inclusive and positive customer experience. iProov is a world leader in cloud-based face biometric authentication technology. Our Genuine Presence Assurance™ technology, powered by flashmark, ensures that the individual is: the right person, a

Now more than ever, the world is operating online. Governments and enterprises need a way of securely verifying an individual’s identity whilst providing an inclusive and positive customer experience. iProov is a world leader in cloud-based face biometric authentication technology. Our Genuine Presence Assurance™ technology, powered by flashmark, ensures that the individual is: the right person, a real person, and also confirms that they are authenticating right now.

Tom Whitney, Global Head of Solutions Consultancy, iProov


Using Hypermedia to Adapt Client-side Login to Go Beyond Passwords

There are various ways that client applications may need to log in when going beyond passwords. With a username and password, client development is easy -- just collect a couple of inputs from the user and match them on the server. When going beyond these though, how can client applications be deployed and maintained in a way that the server still dictates what the client should present and obtain

There are various ways that client applications may need to log in when going beyond passwords. With a username and password, client development is easy -- just collect a couple of inputs from the user and match them on the server. When going beyond these though, how can client applications be deployed and maintained in a way that the server still dictates what the client should present and obtain from the user when authenticating them?

Travis Spencer, CEO, Curity


Four Steps to a Next Generation PAM Solution

Four simple steps to the perfect PAM. Stefan Schweizer, Vice President, Sales – DACH, ThycoticCentrify

Four simple steps to the perfect PAM.

Stefan Schweizer, Vice President, Sales – DACH, ThycoticCentrify


Panel | Prioritizing Identity - Identity-Centric Security Strategy

Identity management is critical for digital transformation and continues to evolve and gain importance as the business environment changes in today's hyperconnected world, where employees, business partners, devices, and things are all tightly interwoven. Deploying an identity security solution – regardless of your business size or industry is a fundamental requirement today to facilitate secure c

Identity management is critical for digital transformation and continues to evolve and gain importance as the business environment changes in today's hyperconnected world, where employees, business partners, devices, and things are all tightly interwoven. Deploying an identity security solution – regardless of your business size or industry is a fundamental requirement today to facilitate secure communications and reliable transactions.

This panel explores identity security strategies that enable your business to take full advantage of your solution’s capabilities.

Yvo van Doorn, Senior Solutions Engineer, Auth0 Oliver Krebs, GM EMEA, Onfido Martin Kuppinger, Principal Analyst, KuppingerCole


Balancing User Experience, Privacy and Business Requirements – Learnings From Social CRM

Based on our research about critical privacy areas in Social CRM I could present solutions and discuss further potentials provided by upcoming technologies and resulting requirement on privacy management systems. Social CRM is a bit special as indeed many applications and processes areas are still in legally grey area, without established and accepted standards. Users tend to ignore this fact as m

Based on our research about critical privacy areas in Social CRM I could present solutions and discuss further potentials provided by upcoming technologies and resulting requirement on privacy management systems.
Social CRM is a bit special as indeed many applications and processes areas are still in legally grey area, without established and accepted standards. Users tend to ignore this fact as many applications and process provide a value for them and/or are comfortable. Based on this specific setup I could build up the discussion and presentation.
This presentation would be more a discussion to show potential solutions and not the presentation of a specific solution

Dr. Olaf Reinhold, Board Member, Researcher, Social CRM Research Center e.V.


Panel | APIs - Where Security Meets Identity Management

Traditional IAM models have focused on users, policies, and roles, which met the needs of web applications in years past but as application development has evolved to APIs, an innovative approach to identity management is required. It is no longer just users, roles, and permissions. APIs must be integrated into the identity and access management framework to ensure adequate governance and secu

Traditional IAM models have focused on users, policies, and roles, which met the needs of web applications in years past but as application development has evolved to APIs, an innovative approach to identity management is required. It is no longer just users, roles, and permissions. APIs must be integrated into the identity and access management framework to ensure adequate governance and security.

Within an API there is a requestor (often on behalf of a user), a service (API), and the data that is being passed. All these entities in the transaction require unique identity and authorization; without identity, compliance and enforcement mandates cannot be met effectively and without authorization, there is a free-for-all on your APIs reminiscent of Cambridge Analytica and Facebook.

In this session, we will look at how rapid digitalization (first and third-party APIs + multi-or hybrid-cloud environments) has complicated security efforts, the role of API integration in data governance, and how companies can best navigate the heightened cyber-threat environment we find ourselves in today.

- Why API security requires more than traffic policy management and course-grained enforcement.
- Why APIs need to be integrated into the identity and access management framework to ensure adequate governance and security.
- How companies can reduce the burden on developers to allow for a proactive approach to API security instead of reactive.

Nathanael Coffing, Co-Founder, CSO and Board Member, Cloudentity Gal Helemski, Co-Founder & CIPO, PlainID David Martinache, Manager, Wavestone Fabian Süß, Project Manager, KuppingerCole


Trust as the Key Concept in Future Mobility

The Internet and consequently the Internet of Things were built without a trust layer. Decentralized Digital Identities as basis for Connected Mobility may be one of the needed missing components to implement real data sovereignty and a trusted Economy of Things in future Connected Vehicles scenarios. Peter Busch, Product Owner Distributed Ledger Technologies Mobility, Robert Bosch Group

The Internet and consequently the Internet of Things were built without a trust layer. Decentralized Digital Identities as basis for Connected Mobility may be one of the needed missing components to implement real data sovereignty and a trusted Economy of Things in future Connected Vehicles scenarios.

Peter Busch, Product Owner Distributed Ledger Technologies Mobility, Robert Bosch Group


User Terms Engineering Layer for IEEE (The Institute of Electrical and Electronics Engineers)

Doc Searls, Co-founder and board member of Customer Commons, and Director of ProjectVRM, Harvard's Berkman Klein Center for Internet and Society
Doc Searls, Co-founder and board member of Customer Commons, and Director of ProjectVRM, Harvard's Berkman Klein Center for Internet and Society


Using Identity in a Zero Trust Architecture

Zero trust requires an enterprise to identify and monitor all the network identities used in the enterprise. NIST SP 800-207 refers to a zero trust deployment pattern called “enhanced identity governance”. The National Cybersecurity Center of Excellence (NCCoE) has a project on implementing a zero trust architecture that will include enhanced identity governance. This talk will be an overview of t

Zero trust requires an enterprise to identify and monitor all the network identities used in the enterprise. NIST SP 800-207 refers to a zero trust deployment pattern called “enhanced identity governance”. The National Cybersecurity Center of Excellence (NCCoE) has a project on implementing a zero trust architecture that will include enhanced identity governance. This talk will be an overview of the role of network identities in zero trust and the current status of the NCCoE project.

Scott Rose, Computer Scientist, National Institute of Standards and Technology (NIST)


Improving IAM Success Rates with Rigorous Concepts

IAM programs in organizations have a reputation for difficulty and high failure rates. Through education and later through experience, professionals learn that communication is the most critical success factor in all human undertakings. We may have cutting-edge technology, generous budgets, and a competent team and still fail our project miserably. High-quality communication about IAM wi

IAM programs in organizations have a reputation for difficulty and high failure rates. Through education and later through experience, professionals learn that communication is the most critical success factor in all human undertakings. We may have cutting-edge technology, generous budgets, and a competent team and still fail our project miserably. High-quality communication about IAM with our stakeholders is insufficient to succeed, but it is a necessary condition. 

And what is the building block of communication? Words and concepts.

Improving the IAM vocabulary's accuracy is the idea behind the TOME (The Open-Measure Encyclopedia) project - an open-source encyclopedia specialized in IAM, authored by volunteer IAM professionals for their peers. Its goal is to become the industry reference dictionary. It is free of charge and licensed under Creative Commons to facilitate its widespread adoption. It is rooted in science with a solid methodology and pervasive references to stand on the shoulders of giants.

In this session, I will present and define a series of IAM concepts, both frequently used and rare but often misunderstood

David Doret, Founder, Open-Measure


Securing the Privacy of Non-logged in Devices

Many services across the web today allow users to consume the service without explicitly signing up. They generally identify users by a cookie containing a unique browser-id and store user data against it. George Fletcher, Identity Standards Architect, Verizon Media Group Deepak Nayak, Privacy platforms Architect, Verizon Media

Many services across the web today allow users to consume the service without explicitly signing up. They generally identify users by a cookie containing a unique browser-id and store user data against it.

George Fletcher, Identity Standards Architect, Verizon Media Group Deepak Nayak, Privacy platforms Architect, Verizon Media


Data Privacy

Do people really care about data privacy? Jason Smith, Chief Commercial Officer, Meeco

Do people really care about data privacy?

Jason Smith, Chief Commercial Officer, Meeco


Panel | Is Traditional MFA the Right Solution in a Post-COVID World?

The hybrid mix of remote and office work combined with digital transformation initiatives is driving the rapid adoption of cloud. This trend is also prompting organizations to rethink requirements for authenticating employees and other members of an organization supply chain. Companies are now exploring how to significantly improve both security and the end user experience. Unfortunately tradition

The hybrid mix of remote and office work combined with digital transformation initiatives is driving the rapid adoption of cloud. This trend is also prompting organizations to rethink requirements for authenticating employees and other members of an organization supply chain. Companies are now exploring how to significantly improve both security and the end user experience. Unfortunately traditional multi-factor authentication is lacking in both areas. 

Joni Brennan, President, Digital ID & Authentication Council of Canada Martin Kuppinger, Principal Analyst, KuppingerCole Patrick McBride, Chief Marketing Officer, Beyond Identity Andrew Shikiar, Executive Director and Chief Marketing Officer, FIDO Alliance

 

Discussion topics include:

How is the post COVID era changing the security and identity / access management landscape? Should traditional MFA still be the “go to”? What new requirements have emerged and why? What approaches are advanced customers adopting? What is the difference between Traditional MFA and newer options? Is device trust important?  Why or why not? What is the role of continuous, risk-based authentication?


Panel | CIAM During Covid - How to Better Secure the Identities of Your Customers

Max Faun, Head of Consulting, Europe, Okta Paul Fisher, Senior Analyst, KuppingerCole Jason Goode, Regional Director – EMEA, Ping Identity Dali Kilani, CTO, Lifen
Max Faun, Head of Consulting, Europe, Okta Paul Fisher, Senior Analyst, KuppingerCole Jason Goode, Regional Director – EMEA, Ping Identity Dali Kilani, CTO, Lifen


Continuous ZeroTrust as a Way To Know Your User

Organisations perceive their users through data. In the world of fewer and fewer opportunities for physical contact, identity verification is going all remote. All online service providers need to model the risks related to user impersonation and user manipulation attacks. In this talk, we will dig through the classical methods of Knowing Your User through the static data: Authentication Coupl

Organisations perceive their users through data. In the world of fewer and fewer opportunities for physical contact, identity verification is going all remote. All online service providers need to model the risks related to user impersonation and user manipulation attacks.
In this talk, we will dig through the classical methods of Knowing Your User through the static data:
Authentication
Coupling the session with the device
Checking the network environment
Next, I will present manipulation methods related to data spoofing to express the business impact. Usual scenarios are primarily associated with rewards in the form of money for the attackers.
Time-series data analysis and the impact on the business and customer experience will be presented to show the way forward in the adaptive risk management context.
Finally, food for thought related to the standardisation of behavioural biometrics that is getting more and more attention as one of the defence methods will be shared to show that we need Zero Trust and a way to verify if and how the vendor products are working.

Static data can be easily spoofed. Dynamic data analysis (mainly in a time series manner) is the way to go.
Data resilience related to side-channel time series data analysis.
Zero Trust is also about not trusting your data sources and all the environment related to it.
Behavioural biometrics strives for standardisation.

Mateusz Chrobok, VP of Innovation, Revelock


How to Thrive in an Accelerated Access management world

Research from 2020 has shown a phonemonal growth in the access management market. The pandemic, for all its impact, has enabled organisations to re-evaluate their working strategies and practices. But at what cost? Cybercrime on corporate applications has risen exponentially from the dispersed workforce and rapid cloud adoption has left organisations vulnerable to ransomware, malicious activity

Research from 2020 has shown a phonemonal growth in the access management market.

The pandemic, for all its impact, has enabled organisations to re-evaluate their working strategies and practices. But at what cost? Cybercrime on corporate applications has risen exponentially from the dispersed workforce and rapid cloud adoption has left organisations vulnerable to ransomware, malicious activity and internal subterfuge.

Danna Bethlehem, Director Product Marketing Authentication at Thales discusses how organisations can accelerate their business with the right approach to their IAM strategy. For 2021 and beyond, enterprises need to leave survival mode behind and adopt a drive to thrive.

Drawing on recently released research into the EMEA IAM market, she will highlight:

How demands of the corporate workforce for dispersed working is bringing IAM security concerns to the fore How the next generational approach to IAM can enable forward thinking organisations to thrive How enterprises can build an effective IAM strategy to drive their growth Danna Bethlehem, Director Product Marketing IAM, Thales Cloud Protection & Licensing


European Identity & Cloud Awards Ceremony 2021




One PAM - A Holistic Approach to PAM for the Shift to a Zero Trust Model

Join Peter Dulay, Symantec Identity Management Adoption Advisor, Broadcom, as he introduces One PAM, which brings together traditional proxy-based (credential vaulting) with agent-based (granular access controls) capabilities into one consolidated solution and approach, and how One PAM is better positioned to help customers shift to a Zero Trust model.   Peter Dulay, Security & Integrat

Join Peter Dulay, Symantec Identity Management Adoption Advisor, Broadcom, as he introduces One PAM, which brings together traditional proxy-based (credential vaulting) with agent-based (granular access controls) capabilities into one consolidated solution and approach, and how One PAM is better positioned to help customers shift to a Zero Trust model.  

Peter Dulay, Security & Integration Adoption Advisor, Broadcom


Worlds Collide: The Importance of Convergence in IAM

Identity and privileged access management have existed in silos for decades. But cloud adoption and the rise in remote workers have introduced new vulnerabilities, and cybercriminals have noticed. As ransomware, breaches, and credential theft continue to make headlines, one thing is clear: We need to treat all access as privileged access and understand the context — and risk — of that access.

Identity and privileged access management have existed in silos for decades. But cloud adoption and the rise in remote workers have introduced new vulnerabilities, and cybercriminals have noticed. As ransomware, breaches, and credential theft continue to make headlines, one thing is clear: We need to treat all access as privileged access and understand the context — and risk — of that access.

In this session, Chris Owen, Saviynt Director of Product Management, will discuss how identity worlds collide through Saviynt Enterprise Identity Cloud. He will show how this converged platform brings intelligence, visibility, and context together so you can manage the entire identity lifecycle, including governance, privileged access, application access, and third-party access.

Chris Owen, Director of Product Management, Saviynt


Goodbye Dogmatism / Hellō Pragmatism

Disciples of decentralized identity have preached for years that DIDs are the only true path to giving users control over their identity, AKA self sovereign identity. The lack of widespread adoption is evidence that a more pragmatic approach is needed. Dick Hardt, Co-founder/CEO, Hellō

Disciples of decentralized identity have preached for years that DIDs are the only true path to giving users control over their identity, AKA self sovereign identity. The lack of widespread adoption is evidence that a more pragmatic approach is needed.

Dick Hardt, Co-founder/CEO, Hellō


Securing the Digital Double - The Path to a Trusted Digital Ecosystem

Digital life is a replication of the physical world in a digital ecosystem. As a result, people and things have an equal digital representation, which we call a digital double. Your digital double is active and involved in various activities, even when you take a nap. Therefore, securing the digital double is critical.  Asanka Abeysinghe, Chief Technology Evangelist, WSO2

Digital life is a replication of the physical world in a digital ecosystem. As a result, people and things have an equal digital representation, which we call a digital double. Your digital double is active and involved in various activities, even when you take a nap. Therefore, securing the digital double is critical. 

Asanka Abeysinghe, Chief Technology Evangelist, WSO2


Why ‘Zero Trust’ is Driving an Identity Centric Security Strategy

As organisations continue to adopt and embrace new technology platforms, it also brings with it the requirement to reassess how these new environments are secured. The Assume Breach mindset, a key aspect of a Zero Trust, shifts the risk posture to that of applying defense against the concept that the perimeter has already been breached. In this session, we run through the Tactics, Techniques, an

As organisations continue to adopt and embrace new technology platforms, it also brings with it the requirement to reassess how these new environments are secured. The Assume Breach mindset, a key aspect of a Zero Trust, shifts the risk posture to that of applying defense against the concept that the perimeter has already been breached.

In this session, we run through the Tactics, Techniques, and Procedures used in recent breaches and highlight the commonality across them; identity compromise and privilege elevation. This analysis will highlight the importance of taking an assume breach mindset to defense and that Identity becomes central to this strategy. Further, we will then position recommendations on how to protect against Credential Theft, Lateral Movement, and Privileged Escalation across hybrid and cloud environments




Browser Features vs. Identity Protocols: An Arms Race?

In an attempt to protect users from excessive tracking and surveillance, the last couple of years have witnessed major browser vendors introducing increasingly restrictive anti-tracking measures. Identity protocols and features got caught in the crossfire, however, forcing identity software vendors and developers to hastily introduce changes to restore functionality that browser changes broke. Is

In an attempt to protect users from excessive tracking and surveillance, the last couple of years have witnessed major browser vendors introducing increasingly restrictive anti-tracking measures. Identity protocols and features got caught in the crossfire, however, forcing identity software vendors and developers to hastily introduce changes to restore functionality that browser changes broke. Is this the new normal? What will we do when a change will break an identity feature beyond repair?

This session will review the main browser changes that have affected identity over the last few years – Chrome’s SameSite and Safari’s ITP2 in particular, interpreting them as part of a larger trend and attempting to predict what the future will look like for identity customers and practitioners.

Vittorio Bertocci, Principal Architect, Auth0


A Window Into Our Industry

Keeping up with the changes in our industry is no simple task. The rate of change for identity technologies, their applications, and their roles in the enterprise is simply too great. Since 2018, IDPro has conducted an industry survey to call attention to the skills that identity practitioners possess and employee to be successful. In 2019, the survey was expanded to explore enterprise priorities

Keeping up with the changes in our industry is no simple task. The rate of change for identity technologies, their applications, and their roles in the enterprise is simply too great. Since 2018, IDPro has conducted an industry survey to call attention to the skills that identity practitioners possess and employee to be successful. In 2019, the survey was expanded to explore enterprise priorities to highlight which areas of the identity industry were garning more attention and investment. And in 2021, IDPro expanded the survey again to include questions about diversity and inclusion. Join Ian Glazer, Founder and Vice-President of IDPro, as he explores the results of this year’s survey and the implications for you, your employer, and the industry as a whole.

Ian Glazer, VP, Identity Product Management, Co-Founder, IDPro




The Changing Landscape of Consumer Identities

John Tolbert, Lead Analyst, KuppingerCole
John Tolbert, Lead Analyst, KuppingerCole


Security and Anti fraudsters CIAM strategy for next years

In this lecture I present a reference architecture covering CIAM, API and PAM thinking about closing the main attack possibilities in modern contexts Reference architecture validated covering CIAM, PAM and API How to decrease frauds How to increase the user experience with security Alfredo Luiz dos Santos Junior, Senior IAM Architect, Farfetch

In this lecture I present a reference architecture covering CIAM, API and PAM thinking about closing the main attack possibilities in modern contexts

Reference architecture validated covering CIAM, PAM and API How to decrease frauds How to increase the user experience with security Alfredo Luiz dos Santos Junior, Senior IAM Architect, Farfetch


The Next Frontier: Why Decentralised Identity is only Base Camp

Over the past decade significant advancements have been made towards decentralised, self-sovereign and tokenised identity. Now that we can tokenise a unique value what is the new value we can enable? Katryna Dow, CEO & Founder, Meeco

Over the past decade significant advancements have been made towards decentralised, self-sovereign and tokenised identity. Now that we can tokenise a unique value what is the new value we can enable?

Katryna Dow, CEO & Founder, Meeco


Security and Privacy Challenges of Authentication, Verification and Authorisation of Customers

Sarb Sembhi, CISO, AirEye
Sarb Sembhi, CISO, AirEye


Integrating IoT With SSI-Enabled Technologies For Healthcare

Dr. Christos Patsonakis, Postdoctoral Research Associate, The Centre for Research & Technology Hellas
Dr. Christos Patsonakis, Postdoctoral Research Associate, The Centre for Research & Technology Hellas


Future proofing national eID

How to future proof a national eID scheme where 13 registered commercial IdPs, 1 government IdP and several brokers operate? Petteri Ihalainen, Senior Specialist, National Cyber Security Centre, Finland

How to future proof a national eID scheme where 13 registered commercial IdPs, 1 government IdP and several brokers operate?

Petteri Ihalainen, Senior Specialist, National Cyber Security Centre, Finland


Introducing ESSIF-LAB - The European Self-Sovereign Identity Framework Lab

Drs. Jacoba C. Sieders, Member Of The Board Of Advisors, EU SSIF-lab
Drs. Jacoba C. Sieders, Member Of The Board Of Advisors, EU SSIF-lab


Evolution of User Centricity in Customer IAM

The transformation of the IAM landscape of a Multi Service Provider is taking shape. Rolf Hausammann, Head of Identity and Access Management, Swisscom

The transformation of the IAM landscape of a Multi Service Provider is taking shape.

Rolf Hausammann, Head of Identity and Access Management, Swisscom


Meeting Expectations – 5 pillars for IoT project success

Deployment of IoT installations are accelerating as organisations seek to expand their business by adding IoT functionality to their products/service, or reduce their costs by automating processes. Unfortunately, in many cases these initiatives are not adequately executed and, as a result, do not meet expectations. In this session we will look at 5 pillars of an IoT deployment: the Device pillar

Deployment of IoT installations are accelerating as organisations seek to expand their business by adding IoT functionality to their products/service, or reduce their costs by automating processes. Unfortunately, in many cases these initiatives are not adequately executed and, as a result, do not meet expectations.

In this session we will look at 5 pillars of an IoT deployment: the Device pillar ensures we select the appropriate sensors and actuators, the Control pillar guides our decisions on controller functionality, the Communications pillar ensures we consider which options fit our required functionality and budget, the IT pillar determines the level of integration between our IT and OT environments, and the Security pillar guides our protection strategy.

A holistic approach is a success-indicator for our IoT projects.

Graham Williamson, Director APAC / Senior Analyst, KuppingerCole


Distributed Identity using the example of a digital vaccination card

Distributed Identity (DI) is less known to many and even less in connection with the pandemic. The concept that DI delivers is an excellent starting point for creating a digital vaccination record. Why DI is generally a good idea and what a digital vaccination record based on it can look like, is shown in this lecture. If you want to explain to your family in practical terms what IAM, IGA and PA

Distributed Identity (DI) is less known to many and even less in connection with the pandemic. The concept that DI delivers is an excellent starting point for creating a digital vaccination record.

Why DI is generally a good idea and what a digital vaccination record based on it can look like, is shown in this lecture. If you want to explain to your family in practical terms what IAM, IGA and PAM do: get vaccinated and (hopefully soon) apply for a digital vaccination certificate!

Ingo Schubert, Global Cloud Identity Architect, SecurID, RSA Security


Panel | Mastering the Security Challenge for AI

Artificial Intelligence (AI) has been boosting innovation and creating a whole new wave of business models. With its rapid expansion into most use cases in many industries, a new threat landscape is evolving and as such presenting tough challenges to cybersecurity teams. With its huge impact on the way we interact with technology, the need for good practices and high standards in securing AI infra

Artificial Intelligence (AI) has been boosting innovation and creating a whole new wave of business models. With its rapid expansion into most use cases in many industries, a new threat landscape is evolving and as such presenting tough challenges to cybersecurity teams. With its huge impact on the way we interact with technology, the need for good practices and high standards in securing AI infrastructures is becoming a priority. In this panel session, we will    

Identify and describe common AI security threats Talk about data quality, integrity and reliability Discuss AI risk mitigation strategies And look into the human factor of AI security Anne Bailey, Analyst, KuppingerCole Dr. Barbara Mandl, Director Cybersecurity, FOSTER FORE Lex Tan, CEO & Founder, MotionsCloud


Better Living Through Centralized IAM Policy Decisions

Stephen Hutchinson, Board Member & VP of Security Architecture, IDPro & MUFG
Stephen Hutchinson, Board Member & VP of Security Architecture, IDPro & MUFG


How to successfully rob a bank (and almost get away with it)

The majority of crimes in our industry are initiated with cyber-attacks on people - however, our people can also be our most valuable assets. This presentation start with a walkthrough of multiple "bank robbery" scenarios to focus on a real event from 2016, when in one of the largest cyber heist ever, $1 billion were at stake being stolen from a bank. And how human vigilance (as well as human mist

The majority of crimes in our industry are initiated with cyber-attacks on people - however, our people can also be our most valuable assets. This presentation start with a walkthrough of multiple "bank robbery" scenarios to focus on a real event from 2016, when in one of the largest cyber heist ever, $1 billion were at stake being stolen from a bank. And how human vigilance (as well as human mistakes by the criminals) finally prevented the worst.

Kashif Husain, CISO, Vice President, Nomura


Panel | Best Practices to integrate AI in Identity Access

Anne Bailey, Analyst, KuppingerCole Fabrice Gürmann, Data & AI Specialist, Microsoft Tobias Oberrauch, Senior AI Consultant // Leader Group at Baden-Württemberg, CGI // AI PIONEERS // German AI Association
Anne Bailey, Analyst, KuppingerCole Fabrice Gürmann, Data & AI Specialist, Microsoft Tobias Oberrauch, Senior AI Consultant // Leader Group at Baden-Württemberg, CGI // AI PIONEERS // German AI Association


The Security Debt Crisis – How to Catch Up on Past Due Patches and Neglected Risk

There is a common theme for many of the mega breaches of recent years – a neglect of basic cybersecurity hygiene that has resulted in a backlog of unpatched apps, misapplied configurations and overlooked tasks. This debt compounds over time and, as with financial debt can snowball to reach a point, where it becomes insurmountable. As organizations become increasingly cloud first, the risk profile

There is a common theme for many of the mega breaches of recent years – a neglect of basic cybersecurity hygiene that has resulted in a backlog of unpatched apps, misapplied configurations and overlooked tasks. This debt compounds over time and, as with financial debt can snowball to reach a point, where it becomes insurmountable. As organizations become increasingly cloud first, the risk profile from security debt further increases.

Richard Archdeacon, Advisory CISO, Duo Security


Persistent digital reputation across industries, countries, and legal frameworks

Stepan Gershuni, VC Marketplace WG Lead, Decentralized Identity Foundation
Stepan Gershuni, VC Marketplace WG Lead, Decentralized Identity Foundation


Building Mindset for Privileged Access

For most companies, privileged access management is associated with creating borders or limitations. Often organizations are forced to implement PAM due to the legal regulations and do not see it as an investment but rather consider cybersecurity as a cost center. Moreover, most employees think of it as another layer of control and make an assumption that the company does not trust them.  K

For most companies, privileged access management is associated with creating borders or limitations. Often organizations are forced to implement PAM due to the legal regulations and do not see it as an investment but rather consider cybersecurity as a cost center. Moreover, most employees think of it as another layer of control and make an assumption that the company does not trust them. 

Konstantin Krasovsky, Director EMEA, Indeed Identity


Staging & Release Management in IDM Environments

Ever since, Identity Management Environments do belong to the ‘more complex’ solution stacks in the world of IT. As a central component and the ‘spider in the web’, it must adopt to any evolutionary change made in connected applications and systems. Furthermore, new or modified business requirements or procedures do drive constant changes to IDM-Systems itself. Depending on traditional, agile or ‘

Ever since, Identity Management Environments do belong to the ‘more complex’ solution stacks in the world of IT. As a central
component and the ‘spider in the web’, it must adopt to any evolutionary change made in connected applications and systems.
Furthermore, new or modified business requirements or procedures do drive constant changes to IDM-Systems itself.
Depending on traditional, agile or ‘mixed’ service delivery and maintenance approaches in conjunction with multi-tier
environments for development, staging, pre- production and production (or even more), it becomes quite challenging to
appropriately integrate new functionality with the expected level of quantity and quality.
Most likely, its not only code and configuration which needs to be staged between the different system tiers, but also digital
identities and entitlement information.
In this talk, we will investigate different approaches to release and change management techniques specifically for IDM-Systems
and the benefits of integrated Multi-Tier environments. We discuss Good- Practice approaches from several Identity Management
projects from the past two decades, do’s and dont’s and how to deal with pseudonymization in staging environments which can
be used by any team for their ‘real-world’ acceptance tests, demo or lab work.
Key takeaways
• Get an overview of common mult-tier staging environments in IDM/IAM Landscapes
• Learn about good-practice approaches to establish staging functionalities
• anonymization and pseudo-anonymization for entity staging

Thorsten Niebuhr, CEO, WedaCon


The Rise of the Machines

As processing power becomes cheaper, smaller, and more accessible, the issues of Identity in this automated space become increasingly relevant. We will discuss how machine learning (ML) can perform many traditional governance tasks previously the responsibility of managers – from ensuring appropriate access controls to automating the processing of access requests. We will also examine how intellig

As processing power becomes cheaper, smaller, and more accessible, the issues of Identity in this automated space become increasingly relevant. We will discuss how machine learning (ML) can perform many traditional governance tasks previously the responsibility of managers – from ensuring appropriate access controls to automating the processing of access requests. We will also examine how intelligent devices are acting as agents for other identities and the challenges this brings to traditional identity management. Real-world examples will be presented of ML identifying security concerns and other vulnerabilities. 

Allan Foster, Chief Evangelist, ForgeRock


Bad things that Can Happen

Disclaimer: The speaker at this session has not been involved either directly or indirectly in the work in the aftermath of any of the Ransomware attacks described in this session. All of the information from the cases is based solely on data that is in public domain. Bjarke Alling, Chair, National Danish Cybersecurity Council

Disclaimer: The speaker at this session has not been involved either directly or indirectly in the work in the aftermath of any of the Ransomware attacks described in this session. All of the information from the cases is based solely on data that is in public domain.

Bjarke Alling, Chair, National Danish Cybersecurity Council


Best-Practice Approaches to Multi-Cloud IAM in the Enterprise

As more and more organizations go multi-cloud, the question arises how to integrate existing and compliance-proven enterprise IAM processes with the upcoming requirements of managing identity in the clouds. In this talk we will present two different approaches on how an organization can manage multi-cloud identities and access. The models are based on real life examples we have found to work o

As more and more organizations go multi-cloud, the question arises how to integrate existing and compliance-proven enterprise IAM processes with the upcoming requirements of managing identity in the clouds.
In this talk we will present two different approaches on how an organization can manage multi-cloud identities and access. The models are based on real life examples we have found to work out for organizations we work with. What we learn with these examples is that there is a wide spectrum between agility and control. Each organization has to find their own balance in this playing field and design a solution that is valuable to them and their team.

The dynamic nature of cloud environments requires a frictionless user experience when it comes to providing and retrieving access
There is no one size fits all - the best solution for your organization depends on your positioning within a large spectrum between agility and control
Implementing a declarative approach for your multi-cloud IAM is a essential when aiming for continuous compliance

Rebecca Bausinger, Product Manager, Meshcloud Christina Kraus, Co-Founder & CRO, meshcloud


How Secure is Your Multi-Factor Authentication?

Well-designed multi-factor authentication technologies, especially when paired with a mobile device or other token, mitigate security risks from single factor username/password authentication while still providing a positive user experience. Rebecca Nielsen, Director of Technology Integration, PKH Enterprises

Well-designed multi-factor authentication technologies, especially when paired with a mobile device or other token, mitigate security risks from single factor username/password authentication while still providing a positive user experience.

Rebecca Nielsen, Director of Technology Integration, PKH Enterprises


Integrated Intelligence – Combining Human and Artificial Intelligence for Competitive Advantage

Many companies from diverse industries increasingly rely on AI for strengthening their efficiency by automating jobs. Many of these advanced automation tools, however, currently become standard applications. Consequently, an isolated use of these tools will not enable companies to gain a competitive advantage. This presentation builds on an intelligence-based view of firm performance and the ‘Inte

Many companies from diverse industries increasingly rely on AI for strengthening their efficiency by automating jobs. Many of these advanced automation tools, however, currently become standard applications. Consequently, an isolated use of these tools will not enable companies to gain a competitive advantage. This presentation builds on an intelligence-based view of firm performance and the ‘Integrated Intelligence’ approach, which highlights the need to integrate AI with specific human expertise to outperform competitors and to transform a firm’s intelligence architecture. It further discusses the leadership implications for general managers and offers a systematic framework for generating growth and innovation beyond automation and efficiency. The ‘I3 – Integrated Intelligence Incubator’ provides executives with a toolset for developing appropriate strategic initiatives for intelligence-based future competition.

Prof. Dr. Ulrich Lichtenthaler, Professor of Management and Entrepreneurship, International School of Management


Identity Management as a Service - What it is and How to Build One

I considered myself quite an experienced programmer and having some expertise in Identity management when I was hired by Swedbank to work as full time Identity engineer. Besides projects, I had assignment to describe an architecture of the IAM as a service from my manager. Honestly, I had no clue about how to envision it. I tried to assemble standards and squeeze something out from practices a

I considered myself quite an experienced programmer and having some expertise in Identity management when I was hired by Swedbank to work as full time Identity engineer. Besides projects, I had assignment to describe an architecture of the IAM as a service from my manager. Honestly, I had no clue about how to envision it. I tried to assemble standards and squeeze something out from practices and papers. But these were not really all my ideas and I did not feel much confident. But something started to happen in few last years when we had a very hard time implementing our IAM project (believe or not, it was successful). We had to answer hundred times to questions "why", "what" and "how". And finally the blueprint of the architecture of IAM as a service appeared from the mist. It is not one and only, because same size does not fit for all. Still, I do not agree that there are indefinite number of possible solutions. I think similar enterprises and engineers may find this presentation useful to draw their own blueprints.

IAM projects start usually from implementing baseline IAM processes - joiners, leavers, movers. Because this is what is usually most needed. But then you will get asked for more - identity data, events, other services. This is what makes up IAM as a service.

Neeme Vool, Software Engineer, Swedbank


The human factor in Cyber Security - Creating a cyber aware culture

Alex Weishaupt, Practice Lead Cyber Security, Morgan Philips
Alex Weishaupt, Practice Lead Cyber Security, Morgan Philips


Panel | Futureproofing Pharmaceutical Supply Chain Security

Bob Celeste, Founder, Center for Supply Chain Studies Jeffery Denton, Vice President, Global Secure Supply Chain, AmerisourceBergen Georg Jürgens, Manager Industry Solutions, Spherity David Kessler, President, Legisym David Mason, Supply Chain Compliance and Serialization Lead, Novartis Gena Morgan, Strategic Consultant, GS1 US Dr. Oliver Nürnberg, Chief Product Owner, SAP Life Science
Bob Celeste, Founder, Center for Supply Chain Studies Jeffery Denton, Vice President, Global Secure Supply Chain, AmerisourceBergen Georg Jürgens, Manager Industry Solutions, Spherity David Kessler, President, Legisym David Mason, Supply Chain Compliance and Serialization Lead, Novartis Gena Morgan, Strategic Consultant, GS1 US Dr. Oliver Nürnberg, Chief Product Owner, SAP Life Sciences


CIO Advice: How to Make Your Digital Business Fly

by Martin Kuppinger Doing IT right is the premise for delivering time-to-value in the Digital Journey. Success requires an agile IT for delivering secure Digital Services on time. Virtually all organizations have become digital at least to a certain extent in the past three decades since the World Wide Web (already an old-fashioned term) took off. But we are still on that journey. There is a go

by Martin Kuppinger

Doing IT right is the premise for delivering time-to-value in the Digital Journey. Success requires an agile IT for delivering secure Digital Services on time.

Virtually all organizations have become digital at least to a certain extent in the past three decades since the World Wide Web (already an old-fashioned term) took off. But we are still on that journey. There is a good reason not to name this Digital Transformation, but Digital Journey. It is not about transforming from the analog to the digital state, but an ongoing journey.

This journey is driven by ever-changing business models, rapid innovation of products and services, as well as a shift from product business to service business, and last but not least, new entrants in the competition. Business must compete harder than ever before to be successful.

Fig. 1: Digital Services: Software as a differentiator. Success in the Digital Age builds on competitive differentiation through Digital Services & Digital Experience.

  Making Digital Services a Differentiator

Differentiation in the Digital Business is based on Digital Services. The phrase “every business is a software business” never has been truer than today. Software is ubiquitous. It forms the backend of digital services, it forms the frontend via apps, it is in connected things, and it is in microchips of connected vehicles. Software is everywhere. The intellectual property of businesses is melded into software. The USP (Unique Selling Proposition) of companies results from delivering better digital services. This is what differentiates them in today's competitive environment.

However, Digital Services are not only about translating business into Digital Services, and thus software development. It is also about delivery, operating, and last but not least, securing these services. The link between security, Digital Services, and Digital Experience (DX) is Digital Identity. Only if delivery, operations, and security are built for agility and rapid, reliant, and resilient delivery of services, and only if the Digital Identity approach is built for the needs of today’s hyperconnected business, will organizations be able to deliver the Digital Experience that differentiates them from their competitors and makes them successful.

Fig. 2: Even greenfield IT consists of many components that must be delivered, managed, and secured. And even greenfield IT will become brownfield IT that has to cope with legacy.

  Conceal Heterogeneity through Standardization and Unification

While some startups can build on a greenfield IT, reality is that even this quickly becomes a mix of new and established (or “legacy”) elements, and is based on multiple clouds. For most organizations, though, it is about a complex mix of IT, both in the backend and with respect to all the devices that are used to access services. However, the latter are out of control of the business because Digital Experience is about supporting what the customers and consumers are using to access the Digital Services.

And, regardless of greenfield or brownfield approaches on IT: Digital Services consist of many elements, from backend applications, storage and data to the services themselves, the apps used, the software that is baked into microchips, and so on.

The reality of the IT of the vast majority of organizations is multi-cloud, multi-hybrid, with many different deployment models. Some can just build on multi-cloud, but even new organizations end up with more complexity when it comes to manufacturing, where on-premises IT and Edge Computing are needed. Thus, organizations must prepare their IT to deliver to the business on demand and on time, while accepting the heterogeneity of today’s IT. Heterogeneity will not easily disappear. Thus, it is about making it work better, by reducing complexity and by concealing heterogeneity through standardization and unification.

Fig. 3: IT must serve to the needs of agility and security while keeping cost under control and delivering to the control & compliance needs of organizations.

  Keeping an Eye on the Costs

Agility in delivering to business demand is just one element of what a good, modern IT must deliver. As always, cost must be kept under control. Succeeding in the Digital Business will always require delivering the Digital Services at a reasonable and competitive cost. Control & compliance requirements are more important than ever before, with ever-increasing regulatory pressure. Last, but not least, security and resilience are essential to the success.

Digital Businesses are at risk of cyber-attacks as well as failure in delivery. Failing in cybersecurity can destroy a Digital Business. When everything is based on Digital Services, when every business is a software business, then cybersecurity is more important than ever before.

The challenge is delivering on the various needs in an efficient, reliable manner across development, delivery, operations, security, and identity. This will not work with point solutions, because everything is integrated in the digital business. It will also not work when relying on manual administration in many of the areas. Manual work is expensive and error-prone. Using approaches like "everything as code" won't work. There are too few people who can code, and coding is both expensive and error-prone, as we all experience regularly in bugs, updates, and patches.

Fig. 4: Policy-based automation is the foundation for successfully running the complex IT environments of today and serving the demand of the Digital Business.

  Automation Is Key

The solution lies in automation based on policies, supported by intelligent solutions utilizing what AI (Artificial Intelligence), ML (Machine Learning), and other techniques can deliver. This requires collecting information about everything in IT, from services, backend applications, devices, and apps to all the various types of users to the underlying infrastructure, regardless of where this is located across the multi-cloud multi-hybrid IT universe of the organization.

Fig. 5: Management of IT must focus on what can be well-managed. Identities and services are where organizations can get a grip on. In the end, it is about someone or something accessing services. This is where IT unification starts.

When looking at automation, it requires infrastructure automation. It requires efficient development with automated testing and delivery into production. However, from a management perspective, the potential for unification and standardization across a heterogeneous, complex IT environment, is in focusing on the areas that organizations have under control: Identities and services or, in broader terminology, the resources that support and form the Digital Service.

Access happens from humans, devices, things, or services to other services. Identities can be managed and must be managed. Applications, their data, and the services and infrastructure delivering this are under control. It is way harder to get a grip on all the devices – just think about BYOD (Bring Your Own Device) approaches or all the different devices used by customers and consumers. Even harder, is control of the network in a hyper-connected world where Work from Home (WfH) is the new normal. Thus, Identity and Access Management (IAM) as well as a consistent, automated, efficient management of the IT services, is where the focus of modern IT must be.

Fig. 6: Digital Business: Technology impact on agility. Digital Identity, Cybersecurity and Agile Development & Operations as key enablers.

  Managing Digital Identities Is Essential to Gain a Competitive Edge

The technology impact becomes visible when mapping the impact of technologies to support organizations in changing to the needs in their Digital Journey. Managing Digital Identities of everyone, specifically the consumers and customers, but also the relationships to devices and connected things, for example, is essential to win in the dynamic competition of the Digital Age.

The technologies with the highest relevance are: Digital Identity Management, Cybersecurity – to secure the Digital Business – and Agile Development & Operations for developing and delivering the Digital Services.

Fig. 7: Eight fundamentals for successfully developing, delivering and securing the Digital Services that make Digital Business succeed.

  Eight Fundamentals of Digital Business Success

Success in the Digital Business is based on eight fundamentals:

Business demand drives IT, which exists  to support the business – and IT has never been as important as it is today, where every business is some sort of a software business. Multi-cloud, multi-hybrid IT is the new normal. “Cloud first” is a meaningful paradigm, but Edge Computing demonstrates that not everything will run in the cloud, not to speak of a single cloud. Built on policy-based automation. Policy-based automation is the key to managing complex, heterogeneous environments. Doing this right, requires the use of AI & ML to help in creating and optimizing policies. Gather the status of everything. Policy-based automation also requires data about everything. The identities, the infrastructure, the code and structure of applications, APIs, and so on. This must be gathered into repositories that then can be utilized by policies. Identities & resources in core focus. Someone or something (with an identity) is accessing services and the resources in the background. Which device is used, which network is used: This is hard to control. But identities and resources are known and can be well-managed. Unified view of resources – everything as a service. This leads to a perspective where, ideally, everything is treated as a service, regardless of whether deployed from the cloud or on-premises. Identities are accessing resources – this is where unification can start. Agile development, integrated delivery & operations. Rapid delivery of Digital Services to the business demand requires agile development that integrates with delivery and operations (and, last but not least, security). Again: This will work across all layers only when being based on policy-based automation. Automate security across everything: Identities & resources. The automation of security must start where organizations have control. They have that control over identities and resources. Control is way harder to win over devices and networks. Thus: Focus on identities and resources for a unified, efficient management of IT.

It is time to revisit the way we do IT, and to improve it.


Tokeny Solutions

How Fractionalization of NFTs Enables Co-Ownership

The post How Fractionalization of NFTs Enables Co-Ownership appeared first on Tokeny Solutions.
September 2021 How Fractionalization of NFTs Enables Co-Ownership

For months, non-fungible tokens (NFTs) are making headlines in the blockchain space. NFTs are supposed to be unique and they usually represent an asset. Most of the time, the asset is digital and embedded in the token, but problems have come to the fore. Firstly, there is no proof that assets have not been duplicated before their tokenization, or that other NFTs will not represent the same asset. Secondly, how can users verify that the NFT creator is the asset owner?

CREDIT: Elliptic

Last month a collector bought a fake Banksy NFT for £244,000. The image, which features a figure smoking in front of industrial chimneys, supposedly commenting on climate change, was a hoax from a scammer. It is one example among many others.

With NFTs, the source and owner of the asset is simply not trackable. On platforms such as OpenSea (now valued at $1.5 billion), the authenticity is reliant on the seller saying they are who they say they are. Sounds a bit light in terms of customer protection from my personal opinion. Considering this, it is easy for me to see the use of NFTs for collectibles, but it is harder to see the benefits for real world asset tokenization.

Some NFTs are now becoming very valuable and start to struggle to find liquidity. Therefore, there is a new trend to fractionalize NFTs to enable co-ownership and make them more accessible. In some ways, fractionalizing NFTs is coming back to a use case of standard tokens, except the need to guarantee the ownership of the underlying asset. Moreover, in the traditional world, co-ownership is usually made possible with financial securities to protect owners and apply laws (taxes, inheritance, etc.). How could this be done on the blockchain?

NFTs are unique and indivisible by nature, so how can we fractionalize these assets? We can “wrap” up a NFT into a permissioned token with the T-REX protocol (ERC3643): a unique token smart contract is deployed (representing the asset) by a verified issuer (the asset owner or its custodian). The shares of the asset would be represented by the tokens generated via the smart contract. The asset is now divisible as much as decided by the issuer. The cap table of owners is transparent, automatically updated, and the ownership of these shares is guaranteed by digital identities.

In the same way, and as long as the custodian of the asset can be trusted, it is possible to “wrap” crypto, stablecoins, fiat, real world assets and securities in permissioned tokens. It guarantees the ownership of the underlying asset, and makes the tokens recoverable in case of loss of wallets.

Wrap your digital assets Market Insights

Bitfinex launches new exchange for trading tokenized equities and bonds

Crypto exchange Bitfinex has launched a new exchange called Bitfinex Securities that will allow trading of tokenized equities and bonds.

The Block

Read More

Moore Global says tokenized real estate could reach $1.4 trillion in five years

Accounting firm Moore Global published a report exploring the tokenization of real estate.

Ledger Insights

Read More

Wall Street Ramps Up Tokenization Infrastructure As Second Wave Of Digital Assets Builds

According to a summer note from Rosenblatt Securities, a New York-based institutional brokerage firm, $9.5 billion was invested into Wall Street infrastructure enabling institutional handling of digital assets in 1H of 2021, almost as much as in all 2020.

The Tokenizer

Read More

El Salvador Has Adopted Bitcoin As Legal Tender — The First Country To Do So

El Salvador became the first country in the world to adopt Bitcoin as legal tender, kicking off a big and bold experiment for the popular cryptocurrency.

NPR

Read More

Fake Banksy NFT sold through artist’s website for £244k

A hacker has returned $336,000 to a British collector after he tricked him into buying a fake Banksy NFT advertised through the artist’s official website.

BBC 

Read More

With $2.4 Billion in Transactions, NFT Market Defies Expectations in Second Quarter of 2021

DappRadar, which tracks blockchain sales, saw that in the second quarter of 2021 NFTs brought in $2.4 billion, slightly above the first quarter’s $2.3 billion.

ARTnews

Read More

Les actions tokenisées, le futur de la Bourse

Trading continu, rapidité d’exécution, fluidité des processus… Ces nouveaux titres financiers enregistrés sur la blockchain ont un fort potentiel.

JND

Read More

 

Former SEC Chairman Jay Clayton Joins Fireblocks

This appointment represents the second crypto-focused engagement for the former regulator, following his March 2021 appointment to the Board of Directors at One River Asset Management, which recently filed a carbon-neutral Bitcoin ETF application with the SEC.

Forbes

Read More

Compliance In Focus

Bitfinex launches new exchange for trading tokenized equities and bonds

Crypto exchange Bitfinex has launched a new exchange called Bitfinex Securities that will allow trading of tokenized equities and bonds.

The Block

Read More

Moore Global says tokenized real estate could reach $1.4 trillion in five years

Accounting firm Moore Global published a report exploring the tokenization of real estate.

Ledger Insights

Read More

Wall Street Ramps Up Tokenization Infrastructure As Second Wave Of Digital Assets Builds

According to a summer note from Rosenblatt Securities, a New York-based institutional brokerage firm, $9.5 billion was invested into Wall Street infrastructure enabling institutional handling of digital assets in 1H of 2021, almost as much as in all 2020.

The Tokenizer

Read More

El Salvador Has Adopted Bitcoin As Legal Tender — The First Country To Do So

El Salvador became the first country in the world to adopt Bitcoin as legal tender, kicking off a big and bold experiment for the popular cryptocurrency.

NPR

Read More

Fake Banksy NFT sold through artist’s website for £244k

A hacker has returned $336,000 to a British collector after he tricked him into buying a fake Banksy NFT advertised through the artist’s official website.

BBC 

Read More

With $2.4 Billion in Transactions, NFT Market Defies Expectations in Second Quarter of 2021

DappRadar, which tracks blockchain sales, saw that in the second quarter of 2021 NFTs brought in $2.4 billion, slightly above the first quarter’s $2.3 billion.

ARTnews

Read More

Les actions tokenisées, le futur de la Bourse

Trading continu, rapidité d’exécution, fluidité des processus… Ces nouveaux titres financiers enregistrés sur la blockchain ont un fort potentiel.

JND

Read More

Former SEC Chairman Jay Clayton Joins Fireblocks

This appointment represents the second crypto-focused engagement for the former regulator, following his March 2021 appointment to the Board of Directors at One River Asset Management, which recently filed a carbon-neutral Bitcoin ETF application with the SEC.

Forbes

Read More

Subscribe Newsletter

A monthly newsletter designed to give you an overview of the key developments across the asset tokenization industry.

Previous Newsletter  Sep13 How Fractionalization of NFTs Enables Co-Ownership September 2021 How Fractionalization of NFTs Enables Co-Ownership For months, non-fungible tokens (NFTs) are making headlines in the blockchain space. NFTs are supposed to be… Aug16 DeFi vs Regulation: Round One August 2021 DeFi vs Regulation: Round One Due to their decentralized nature, the crypto and DeFi markets have always been complicated subjects when it comes… Jul12 Public Blockchains Are Now Suitable for Financial Institutions July 2021 Public Blockchains Are Now Suitable for Financial Institutions A blockchain is a network, it is an ecosystem. It is a group of people… Jun14 Are Banks Missing Out on the Digital Money Revolution? June 2021 Are Banks Missing Out on the Digital Money Revolution? Digitalization continues to accelerate our everyday life, affecting people, businesses, governments and financial institutions.…

The post How Fractionalization of NFTs Enables Co-Ownership appeared first on Tokeny Solutions.


Affinidi

Everything You Need to Know About VC Revocation

Self-Sovereign Identity (SSI) is a form of identity where users have complete control over their data and how it is shared with others. Verifiable Credentials (VCs), on the other hand, are a W3C standard for implementing SSI. There are three parties involved in a VC — issuer, holder, and verifier, and together they form what’s called the trust triangle. The entire process begins when the issuer

Self-Sovereign Identity (SSI) is a form of identity where users have complete control over their data and how it is shared with others. Verifiable Credentials (VCs), on the other hand, are a W3C standard for implementing SSI.

There are three parties involved in a VC — issuer, holder, and verifier, and together they form what’s called the trust triangle.

The entire process begins when the issuer creates a VC that contains one or more details of a holder. As a part of this process, an issuer also can revoke a VC, as circumstances of the holder may change.

For example, a holder may no longer be a student of a university/college, hence his/her student VC must be revoked. The same applies when a holder is no longer an employee or when a government ID such as a driver’s license, visa, or passport has expired.

Now that you know why VCs need to be revoked, let’s drill down to the implementation.

Status of a VC

The status of a VC is checked by the verifier to ensure that it is still valid. From an implementation standpoint, W3C’s specification has a property called the credentialStatus property that contains information about the current status of a VC.

The credentialStatus property of a VC must include,

id — a URL type — describes the status of a credential. The value of this property is used to determine the current status of a VC

The actual implementation varies greatly and could even include a link to an external document that contains the credential’s validity.

Here’s an implementation example

{ "id": "http://dmv.example.gov/credentials/3732", "type": ["Credential", "ProofOfAgeCredential"], "issuer": "https://dmv.example.gov/issuers/14", "issued": "2010-01-01T19:73:24Z", "claim": { "id": "did:example:ebfeb1f712ebc6f1c276e12ec21", "ageOver": 21 }, "credentialStatus": { "id": "https://dmv.example.gov/status/24, "type": "CredentialStatusList2017" }, "proof": { ... } }

The above example is a list-based credential revocation, which means, the status of many VCs is contained in a single list.

Here’s how this list looks.

{ "id": "https://dmv.example.gov/status/24, "description": "Status of sample DMV credentials." "verifiableCredential": [{ "claim": { "id": "http://dmv.example.gov/credentials/3732", "currentStatus": "Revoked", "statusReason": "Disciplinary action" }, "issuer": "http://dmv.example.gov/", "issued": "2017-12-05T14:27:42Z", "proof": { ... } }, { "claim": { "id": "http://dmv.example.gov/credentials/2363", "currentStatus": "Suspended", "statusReason": "Investigation" }, "issuer": "http://dmv.example.gov/", "issued": "2017-12-04T14:27:42Z", "proof": { ... } }, // ... more status info here ... }], "proof": { ... } }

Finally, you have to provide the protocol, which is HTTP GET.

GET /status/24 HTTP/1.1 Host: dmv.example.gov Content-Type: application/ld+json Content-Length: 1062 Accept: application/ld+json, application/json, text/plain, */*

Thus, this is an example of how you can implement VC Revocation.

Moving on, let’s see Affinidi’s implementation of the same.

Affinidi’s VC Revocation APIs

Affinidi has implemented a list-based credential revocation, and its general flow is depicted in the below diagram.

The specific APIs that handle VC Revocation in Affinidi’s stack are:

CreateDidAuthRequest Revocation list 2020 Credential (issuerDid) BuildRevocationList2020 RevokeCredential PublicRevocationListCredential

Let’s take a look at the functionality of each of these APIs including their sample requests and responses.

CreateDidAuthRequest

In the CreateDidAuthRequest API, the client sends a request to the server that it wants to get authenticated. The server creates a request and the client creates a response for that request using auth. This uses HTTP POST.

Here’s a sample of the request.

{ “audienceDid”: “string” }

And the response is the “string” itself.

RevocationList2020Credential (issuerDid)

This API is required to check if the VC was revoked. This uses the HTTP GET protocol.

The response to this HTTP request looks like this.

{ “id”: “string”, “@context”: [ “string” ], “type”: [ “string” ], “issuer”: “string”, “issuanceDate”: “string”, “credentialSubject”: { “id”: “string”, “type”: “string”, “encodedList”: “string” }, “proof”: { “type”: “string”, “created”: “2019–08–24T14:15:22Z”, “proofPurpose”: “string”, “verificationMethod”: “string”, “jws”: “string”, “nonce”: “string”, “signatureValue”: “string”, “creator”: “string” } } BuildRevocationList2020

As the name suggests, this API builds the revocation list and uses the HTTP POST protocol.

The request must include the credentialID and the subjectDID.

{ “credentialId”: “string”, “subjectDid”: “string” }

The response will be like this.

{ “credentialStatus”: { “id”: “string”, “type”: “string”, “revocationListIndex”: “string”, “revocationListCredential”: “string” }, “revocationListCredential”: {} } RevokeCredential

This API sets the revoke status based on the id and updates the reason for revocation as well. It also uses the HTTP POST protocol.

The request will contain two parameters, as follows.

{ “id”: “string”, “revocationReason”: “string” }

The response will be,

{ “revocationListCredential”: “string” } PublicRevocationListCredential

This API is required to be a separate endpoint at the flow, to have this service generic and revocation service to not know the issuer’s private key (so issuer signing revocationListVC on his side, and then using this endpoint to publish it.

Thus moving forward Verifiers will be able to use it to verify/check the status of revocable VCs related to this revocationList VC).

Here’s a sample of the request.

{ “id”: “string”, “@context”: [ “string” ], “type”: [ “string” ], “issuer”: “string”, “issuanceDate”: “string”, “credentialSubject”: { “id”: “string”, “type”: “string”, “encodedList”: “string” }, “proof”: { “type”: “string”, “created”: “2019–08–24T14:15:22Z”, “proofPurpose”: “string”, “verificationMethod”: “string”, “jws”: “string”, “nonce”: “string”, “signatureValue”: “string”, “creator”: “string” } }

And the response will be like this.

{ “id”: “string”, “@context”: [ “string” ], “type”: [ “string” ], “issuer”: “string”, “issuanceDate”: “string”, “credentialSubject”: { “id”: “string”, “type”: “string”, “encodedList”: “string” }, “proof”: { “type”: “string”, “created”: “2019–08–24T14:15:22Z”, “proofPurpose”: “string”, “verificationMethod”: “string”, “jws”: “string”, “nonce”: “string”, “signatureValue”: “string”, “creator”: “string” } }

Thus, this is how you can revoke VCs using Affinidi’s stack. As you can discern, these APIs handle the bulk of the functionality and all that you have to do is use them in your application.

If you have any further questions on using these APIs, reach out to us on Discord or email us.

Also, read through our blog posts, join our mailing list, and follow us on LinkedIn, Facebook, and Twitter

The information materials contained in this article are for general information and educational purposes only. It is not intended to constitute legal or other professional advice.

Everything You Need to Know About VC Revocation was originally published in Affinidi on Medium, where people are continuing the conversation by highlighting and responding to this story.


Meeco

Meeco at EIC2021

EIC2021 – the headline KuppingerCole event kicks off Monday 13 September in Munich – with in person attendance! Meeco is delighted to be attending and presenting. This is a very welcome opportunity to reconnect with colleagues from around the globe and sit side by side in this hybrid event. The ... Read More The post Meeco at EIC2021 appeared first on The Meeco Blog.
EIC2021 – the headline KuppingerCole event kicks off Monday 13 September in Munich – with in person attendance! Meeco is delighted to be attending and presenting. This is a very welcome opportunity to reconnect with colleagues from around the globe and sit side by side in this hybrid event. The European Identity and Cloud Conference returns fully digital, reacting to the global pandemic. KuppingerCole has used the experience of the past eighteen months in virtual conferencing throughout to offer a safe and hygienic event experience – on-site, virtual, and hybrid. This year, Katryna Dow, our CEO & Founder attend in person, and Jason Smith, our Chief Commercial Officer will beam in virtually for his presentation. Both Katryna and Jason are presenting on Tuesday 14 September; Katryna in the Consumer Identity and Digital Transformation, and Jason in the Privacy and Consent Management tracks. Following is an outline of their sessions.
The Next Frontier: Why Decentralised Identity is only Base Camp Over the past decade significant advancements have been made towards decentralised, self-sovereign and tokenised identity. Now that we can tokenise a unique value, what is the new value we can enable? The emerging post-pandemic world is already calling for a new type of ‘digital’ normal. We are at the beginning of a new design and architectural phase. Personal data linked to identity, fueled by AI will sit at the centre of everything. If we get this right, we may enable citizens, students, patients, passengers and consumers to more equitably join the value chains fuelled by data and identity, which in turn could lead to greater trust, personalisation and a more prosperous society. However, this will require new commercial models, enforceable regulation and the digital tools to transform our connected society. This session will focus on the work ahead to connect services, service providers to our semantic world. Tuesday, September 14, 2021 12:00—12:20 CET Data Privacy Do people really care about data privacy? The pandemic has forced more of us into digital channels and with that has come an over sharing of personal data. It’s become too easy to upload an app and straight away put your name, email address, payment details in, without actually understanding fully where and with whom that information may be shared and why it’s being used. Is this a cost that people are prepared to pay? Latest research suggests a growing data privacy chasm between people and business. How can business bridge this chasm? Tuesday, September 14, 2021 15:50—16:10 CET It’s not too late to get your last-minute ticket! Register now If you’re at the event, we would love to have you join us in person, or of course in the comfort of your remote screen.

The post Meeco at EIC2021 appeared first on The Meeco Blog.

Sunday, 12. September 2021

KuppingerCole

Hybrid. It’s Never Only One Thing

New technology is often seen as a total replacement for whatever came before. This is evident in the “Move to Cloud”! However, we are almost never in a greenfield position: we must interoperate with legacy systems and the demands of the business drive towards different and competing solutions for different problems. We will discuss the challenges of a hybrid deployment, addressing multi-cloud as w

New technology is often seen as a total replacement for whatever came before. This is evident in the “Move to Cloud”! However, we are almost never in a greenfield position: we must interoperate with legacy systems and the demands of the business drive towards different and competing solutions for different problems. We will discuss the challenges of a hybrid deployment, addressing multi-cloud as well as on-premises components, and how a hybrid approach to identity is required to competently address these often conflicting requirements. We will use real-world examples of hybrid solutions to demonstrate the solutions.




Complexity has Reached a Tipping Point in IT – What Can we do About it?

"Act quickly; allow me to think less; protect me from risk." These incongruent objectives are being asked of IT departments and their staff. We are living through a great digital transformation that is rewriting our way of working and means of producing goods and services. Underlying and enabling this transformation is an increasingly complex, obscure, and challenging myriad of interwoven software

"Act quickly; allow me to think less; protect me from risk." These incongruent objectives are being asked of IT departments and their staff. We are living through a great digital transformation that is rewriting our way of working and means of producing goods and services. Underlying and enabling this transformation is an increasingly complex, obscure, and challenging myriad of interwoven software systems spanning organizational and technological boundaries. IT complexity is no longer isolated to back-office nerds conversing in technobabble and pushing us aside to remedy our newb problems. All portions of the workforce are more exposed and dependent on technology to complete their day-to-day duties. 




Give Me 10 Minutes, I'll Give You The Truth About Identity

User recognition and authentication is becoming the central element of companies' digitalisation strategy. Not only are user registration and login the first experiences users make, Identity and Access management will ultimately determine which company recognises and serves the needs of its users best and will be successful in the market. What you can expect A holistic view on identity a

User recognition and authentication is becoming the central element of companies' digitalisation strategy. Not only are user registration and login the first experiences users make, Identity and Access management will ultimately determine which company recognises and serves the needs of its users best and will be successful in the market.

What you can expect

A holistic view on identity and access management A forward-looking way of thinking and Progressive software architectures


COVID has Accelerated Public Demand for Digital ID

Digital ID and Authentication Council of Canada (DIACC) research finds that three-quarters of Canadians feel that it’s important to have a secure, trusted, and privacy-enhancing digital ID to safely and securely make transactions online. As federal governments focus on post-pandemic recovery, investing in digital ID makes strong economic sense, especially for small and medium-sized businesses (SME

Digital ID and Authentication Council of Canada (DIACC) research finds that three-quarters of Canadians feel that it’s important to have a secure, trusted, and privacy-enhancing digital ID to safely and securely make transactions online. As federal governments focus on post-pandemic recovery, investing in digital ID makes strong economic sense, especially for small and medium-sized businesses (SMEs). For SMEs, the impact of digital identity could be used to improve processes that are difficult today.

This is especially true in situations where businesses need to provide proof of identity to another business. Considering SMEs account for approximately 30 percent of Canada’s overall GDP ($450 billion), if we assume that the average SME could be just one percent more efficient with access to trusted digital identity, this results in a potential $4.5 billion of added value to SMEs and reinvestments in the Canadian economy. This presentation will provide a detailed overview of research performed over the course of 2 years to quantify public perception and demand for secure, interoperable, digital identity that works across the whole of the economy. 




Introducing The Global Assured Identity Network (GAIN)

100 experts propose an interoperable scheme to create a virtual IDP.
100 experts propose an interoperable scheme to create a virtual IDP.


Where Stands the Sovereign Self?

When thinking about what SSI means for enterprises and providers of services to enterprises, it's easy to forget that SSI is about each of our sovereign selves. This means SSI should give us each a clear sense of independence, agency, and obvious freedom from the old centralized Identity Provider Relying Party model, and the federated one that followed from it. But we aren't there yet. What will i

When thinking about what SSI means for enterprises and providers of services to enterprises, it's easy to forget that SSI is about each of our sovereign selves. This means SSI should give us each a clear sense of independence, agency, and obvious freedom from the old centralized Identity Provider Relying Party model, and the federated one that followed from it. But we aren't there yet. What will it take to get us there—for our sovereign selves, and not just for hot new SSI businesses?




The Rise of the Developer in IAM

Everything is famously code today—cars are computers with wheels, appliances have Internet access, smart doors and houses are controlled from mobile phone apps. With all this code around, security is more of a challenge than ever. A central pillar of security is identity management: the technology that protects logins and controls access. This, too, is becoming code to work with all the other code

Everything is famously code today—cars are computers with wheels, appliances have Internet access, smart doors and houses are controlled from mobile phone apps. With all this code around, security is more of a challenge than ever. A central pillar of security is identity management: the technology that protects logins and controls access. This, too, is becoming code to work with all the other code. Libraries for developers are essential, including ID controls in mobile and Web applications for initial sign on, single sign-on, federated sign-on, biometric authentication systems, and controlling access to sensitive data. And code itself is becoming code: automation systems for producing code, deploying code, updating code, configuring resources and access controls. IAM code has to be wherever it’s needed, when it’s needed, and automated, just like any other code. The better we do this, the more secure we all are with our ubiquitous computers. 




Cloud without Compromise: Identity-Centric Security that Mitigates Modern Risks

Is your IGA strategy keeping up with modern threats? Novel attack methods are revealed daily, compliance requirements never stop evolving, and how and where we work has forever escaped the traditional office. As a result, organizations require more flexibility than ever to protect what matters most. You shouldn’t have to compromise functionality nor security levels because your IT resources and pe

Is your IGA strategy keeping up with modern threats? Novel attack methods are revealed daily, compliance requirements never stop evolving, and how and where we work has forever escaped the traditional office. As a result, organizations require more flexibility than ever to protect what matters most. You shouldn’t have to compromise functionality nor security levels because your IT resources and people operate on-premises, in the cloud or in a hybrid environment. The point is that you don’t need to.

Don’t miss this 20-minute keynote address by One Identity’s Rima Pawar, VP of Product Management, as she discusses the secret fears of many CISOs and other senior IT leadership and how an identity-centric security strategy can mitigate modern threats and help IT executives sleep at night. Topics will include best practices to extend security beyond the traditional perimeter; how to take an identity-centric approach to security; as well as hear how your peers are pursuing Zero Trust strategies.




Multi-Cloud Multi-Hybrid IT: How to Make your Digital Business Fly

IT has changed fundamentally in the past years. Multi-cloud environments mixed with private clouds and on-premises infrastructures (multi-hybrid) are the new normal. The high pace in transformation, modernization, and innovation required for success in the digital age requires these environments to work smooth and secure. In his talk, Martin Kuppinger will discuss where and how IT, IT Security,

IT has changed fundamentally in the past years. Multi-cloud environments mixed with private clouds and on-premises infrastructures (multi-hybrid) are the new normal.
The high pace in transformation, modernization, and innovation required for success in the digital age requires these environments to work smooth and secure.
In his talk, Martin Kuppinger will discuss where and how IT, IT Security, and IAM need to evolve to make the digital business fly.




Introducing BASIS - Addition to Martin Kuppinger's Opening Keynote




Analyst Chat #93: Policies and Automation to Secure Your Agile and Dynamic IT Environment

Martin Kuppinger and Matthias discuss the high-priority topic of how to achieve automation of management and security across the entire multi-hybrid, multi-cloud IT infrastructure based on well-defined policies.

Martin Kuppinger and Matthias discuss the high-priority topic of how to achieve automation of management and security across the entire multi-hybrid, multi-cloud IT infrastructure based on well-defined policies.




Identity, Privacy, Security - The European Perspective

In recent years, we have seen quite a few transatlantic policy issues with regards to Cybersecurity and the way how personal information is being treated by private and public organizations. The main areas where we see these differences are data protection/privacy, standards & certification and last but not least private-public information sharing.

In recent years, we have seen quite a few transatlantic policy issues with regards to Cybersecurity and the way how personal information is being treated by private and public organizations. The main areas where we see these differences are data protection/privacy, standards & certification and last but not least private-public information sharing.




Identity and the Rise of the Platforms

The first era of SaaS is ending, and we are entering a new era of convergence. This new era will result in new kinds of enterprise platforms that converge discrete functionalities into new systems of delivery. Best of breed solutions will all but disappear. Point solutions will fade away. The identity industry will fundamentally shift. The traditional IAM vendors you know are going to face competi

The first era of SaaS is ending, and we are entering a new era of convergence. This new era will result in new kinds of enterprise platforms that converge discrete functionalities into new systems of delivery. Best of breed solutions will all but disappear. Point solutions will fade away. The identity industry will fundamentally shift. The traditional IAM vendors you know are going to face competition from Salesforce, ServiceNow, Workday and others. You, the customer, are going to be influenced more and more by these players and their new systems of delivery. In this session, I will explore what is driving this trend and how it may shape the future of the identity industry.




Modernizing the Customer Journey

As organizations are recovering from the pandemic, the need to adapt to rapid technology, organization and social changes makes many of them embark on a digital transformation at high speed. Investments to drive online business, powered by customer insights and an attractive user experience, yet secure and compliant to rules and regulations, have never been bigger. Integrating Marketing and

As organizations are recovering from the pandemic, the need to adapt to rapid technology, organization and social changes makes many of them embark on a digital transformation at high speed. Investments to drive online business, powered by customer insights and an attractive user experience, yet secure and compliant to rules and regulations, have never been bigger.
Integrating Marketing and Customer Relationship Management (CRM) functions with Customer Identity & Access Management (CIAM), if done well, can help business owners achieve the ROI they are looking for.

Join Gerald Horst, who leads PwC's Digital Identity team in EMEA, as he explains how powerful Customer Identity & Access Management can be when you are transforming your organization to become successful in doing business online. Gerald will share relevant client experiences, demonstrate some key capabilities and give his view on future client demands in this context.

Key takeaways:

How to onboard new customers within minutes while applying a zero-trust approach How to balance the user experience, cost, and security requirements the right way Integrating CIAM with SalesForce to support a digital customer journey from A to Z The power of CIAM in future online business models 

 




Identity’s evolving role in cloud security

As we emerge from the first wave of digital transformation, most organizations have embraced multi-cloud and hybrid environments. Companies increasingly use digital technologies to transform the actual products and services they sell to their customers, while modern service and app architectures drive adoption of containers and micro-services. These trends pose new challenges and opportunities for

As we emerge from the first wave of digital transformation, most organizations have embraced multi-cloud and hybrid environments. Companies increasingly use digital technologies to transform the actual products and services they sell to their customers, while modern service and app architectures drive adoption of containers and micro-services. These trends pose new challenges and opportunities for security. The number of machine-to-machine interactions is growing, as is the need to establish trust in real time across many distributed systems. In this thought-provoking session, Joy Chik will explore trends that are making identity even more central to modern security.




The Dawn of Digital IAM

Join Vadim Lander, Symantec Identity Management Security Chief Architect and CTO, Broadcom as he discusses the new realities that are driving the evolution of Identity and Access Management (IAM) and how organizations use IAM as a key pillar in the architecture for Zero Trust. Vadim will also highlight the future of the Symantec’s IAM suite of solutions and how they will help our customers build t

Join Vadim Lander, Symantec Identity Management Security Chief Architect and CTO, Broadcom as he discusses the new realities that are driving the evolution of Identity and Access Management (IAM) and how organizations use IAM as a key pillar in the architecture for Zero Trust. Vadim will also highlight the future of the Symantec’s IAM suite of solutions and how they will help our customers build their own Identity Fabric.  




Identity is the New Blue

Blue is the world’s most popular color. But this was not always the case. Originally, it was little used in art and clothing, and in turn, had little symbolic cultural value. In the course of a few key decades, however, blue overcame obstacles of sourcing and production, and its popularity exploded—rising to represent some of the highest values of society.  Subsequently, a wave of innovatio

Blue is the world’s most popular color.

But this was not always the case. Originally, it was little used in art and clothing, and in turn, had little symbolic cultural value. In the course of a few key decades, however, blue overcame obstacles of sourcing and production, and its popularity exploded—rising to represent some of the highest values of society.  Subsequently, a wave of innovation democratized the color, placing it in the hands of “normal people” and cementing its cultural legacy.

Identity finds itself on a similar path. After a period of relative obscurity, identity has begun its rise over the past decade—but the journey is just beginning. Like blue, it faces challenges to its ascendancy—both practical and ethical. We’ll extract lessons from the trajectory of the world’s most popular hue and seek to apply them to the arc of identity.

The color of the world is changing once more.



Friday, 10. September 2021

Anonym

Why Privacy by (Re)Design Better Defines Responsibility for Privacy

Mobile apps are packed with our highly sensitive personal data. But new research by South African law lecturer and High Court advocate Dusty-Lee Donnelly says privacy by design and other standard privacy protections for mobile app data (the consent model and regulations and compliance) just aren’t enough.  Donnelly takes aim at privacy by design, a

Mobile apps are packed with our highly sensitive personal data. But new research by South African law lecturer and High Court advocate Dusty-Lee Donnelly says privacy by design and other standard privacy protections for mobile app data (the consent model and regulations and compliance) just aren’t enough. 

Donnelly takes aim at privacy by design, arguing the interdisciplinary, systems engineering approach based on seven key principles by Ann Cavoukian isn’t enough to protect personal data in mobile apps because the “design decisions made by app developers are constrained by existing technologies and platform rules designed by others.” 

Instead, Donnelly endorses “privacy by (re)design, where all roleplayers in the ecosystem take privacy seriously and redesign existing platforms and technologies. But enforcing that approach will require tighter legal regulation of third party data sharing.”

Privacy by (re)design is another brainchild of Ann Cavoukian, described as a transformative process that gives organizations a standards-based framework for managing privacy projects. 

Where privacy by design puts the onus on app developers to be proactive about data privacy, privacy by (re)design redesigns the “app ecosystem to address data sharing”, spreading the burden. Donnelly gives the example of how most apps transmit data directly to third parties, like Google and Facebook, but that privacy laws don’t adequately address this third party sharing which can leave app developers exposed to liability and users unprotected. Donnelly wants to “close the privacy loop” by making the parties who design the technologies and platforms on which mobile apps are built and marketed legally accountable. 

We agree that, as an app developer, your responsibility for “privacy by design” extends to what you create AND what you consume from an app ecosystem (analytics, advertising, etc). We see privacy by (re)design as a re-definition of where the boundary of responsibility for privacy design ends. As the app publisher, you are ultimately responsible for the data you process, and “ignorance is no excuse.” In a perfect world, services with the potential for introducing privacy risk would be better regulated or regulations would make it easier for an app developer to make good privacy choices, but data is the new oil and perfect worlds rarely materialize.

The existence and success of our consumer app MySudo is proof that privacy by design is not widespread enough to provide broad spectrum protection, and that privacy by (re)design is an indirect description of another gap for which MySudo helps a person take back some control.

Image By baranq

The post Why Privacy by (Re)Design Better Defines Responsibility for Privacy appeared first on Anonyome Labs.


Dark Matter Labs

Organising #BeyondtheRules at Dark Matter Labs 1/4

An international platform for shared missions This piece was led by a member of the Dark Matter Labs team based in the UK as part of the #BeyondtheRules project, and as such is written in British English and has particular references to contexts in the UK. This blog was written in August 2021 and reflects our learning at that time. Our Context In a context of climate breakdown a
An international platform for shared missions

This piece was led by a member of the Dark Matter Labs team based in the UK as part of the #BeyondtheRules project, and as such is written in British English and has particular references to contexts in the UK.

This blog was written in August 2021 and reflects our learning at that time.

Our Context

In a context of climate breakdown and technological disruption, Dark Matter Labs works to accelerate societal transition towards collective care, shared agency, long-termism and interconnectedness. We focus on the dark matter — the invisible structures responsible for producing the majority of the world around us, from policy and regulation to finance and data, governance and democratic participation, organisational culture and identity.

We are a discovery*-based organisation — we enter most of our work not knowing the outcome — and sitting with uncertainty, complexity, and emergence is in every part of our fabric. Indeed, our own ‘dark matter’ and the organisational infrastructures that we build to shape how we show up together is also emergent. These infrastructures have had to rapidly evolve over the last two years while we have grown from 18 people to 55 and spread geographically, with operating vehicles now in the UK, the Netherlands, Canada, South Korea and Sweden.

We do not seek growth in and of itself but we know that a deeply enhanced scope and range of capabilities is needed to fulfil our missions, even though many of us instinctively have felt apprehensive about this at a time when so much of our internal systems have not felt ‘ready’ for scale. Indeed, we are increasingly accustomed to knowing that much of the work we do we may never feel fully ‘ready’ for.

Through an ongoing pandemic, and the last 20 months has been quite the ride. It has impacted, in different ways, everyone across our team. It sped up the need to find alternative ways to share stories, thoughts, reflections, deep strategies and vulnerabilities in virtual spaces that before didn’t seem possible through a 2D online video square. It required a commitment to learning and intentionally putting the time into our shared relationships and social contract throughout the way.

It is much of this that defines our context as an organisation and from which the learning that we share here is anchored. In sum, we are:

Mission-led Focused on discovery* and learning International with a planetary view Primarily remote Evolving constantly

In this 4 part blog series, we’ll share how we’ve been building the organisational infrastructure for this work and what we’re learning:

This blog (1) sets the context of our work and how we’re working towards a platform for DM that is mission-led, planetary in mindset, international in nature, primarily remote and legally compliant. Blog 2 looks at what’s needed for people to navigate complex, emergent work. In particular, at how we try to compound learning and construct legibility in our systems. Blog 3 looks at how we are working towards a distributed system of governance through self-management, legal stewardship and other means. It looks at the platform of deep care, security and safety required for this. Blog 4 looks at how we organise as a team to build organisational infrastructure and the impact that our way of organising has on our ability to do our work.

*We use the term ‘discovery’ tentatively, while trying to find a better term for it, recognising its colonial connotations and history.

Led by Planetary Missions

Exploring the ‘dark matter’ of our socio-economic systems is complex, interconnected and long-term work. Traditional top-down hierarchical structures of organising and planning are clearly not appropriate for this work. In setting up DML’s structures for organising, we took inspiration from Mariana Mazzucato and IIPP’s Mission Economy work and instigated a way for us to organise around Missions. It guides us to identify core outcomes that we consider critical, which we collaborate on building over the long-term, less swayed by the cycles of funding or projects.

By example, one of our missions is ‘Nature-Based Solutions’. It aims to provide the infrastructure components for radical collective action to regenerate, enhance and scale natural or modified ecosystems for thriving human and non-human wellbeing. This mission is made up of multiple strands of work which span from micro-actions like Magical Meadows, a citizens toolbox to facilitate citizens participation in urban greening, all the way to Trees As Infrastructure.

Trees As Infrastructure is a platform to value and invest in nature beyond carbon, which establishes nature as a critical part of urban infrastructure, alongside bridges, roads and rail, enabling investment, profitability and sustainability. An early-stage conceptual model for TreesAI was developed in 2019 with support from EIT Climate-KIC, resulting in this report. In 2020, the ideas behind these were developed within our Healthy Clean Cities and ReCode work and, alongside, we began working with NatureScot on enabling Nature-based Solutions at scale and building the systemic capacity for establishing regenerative Natural Asset Markets in Scotland, more details can be found in the published report. In 2021, our work with NatureScot continued and the ideas evolved to include a pilot implementation in Leuven and replication in Madrid & Krakow as part of the LIFE Climate Change Adaptation. As a recent recipient of the Google Impact Challenge on Climate and part of the inaugural Morgan Stanley Sustainable Solutions Collaborative Cohort, we will now be able to start building the technical platform to make the ideas possible in pilot location of Glasgow, more details can be found in our project synopsis.

Through these varied projects, we gradually collaborate towards a broader mission.

We have been working on a framework that visualises these missions in an iterative way which we look forward to sharing in full when in use.

Our current framework in progress to visualise DM missions and their sub-projects

We recently published a DM Note on what we are learning in organising around missions, which can be read here.

An international platform for missions

Dark Matter Labs was born out of Project 00 and originated with a (hugely enabling) base in London. With much of the dark matter we explore being transnational, with partners emerging in locations around the world, with missions not being geographically bounded, it was clear that our work couldn’t remain centred in London. It required an international legal platform and multi-skilled people with perspectives from across the world.

The team began to grow internationally before the pandemic and we discussed the need to organise as a team that would be geographically decentralised by default. We didn’t know we would be as strongly incentivised to do so so fast in 2020.

We now — at the start of Sep 2021 — have team members working from 15 countries ranging from India, Canada, Korea, Hong Kong, Hungary, Germany, Scotland, Sweden and more, although still with the largest mass in UK and Europe.

We currently work on strategic place-based innovation in 12 countries (some at a national level but others at a regional, city or neighbourhood level).

We knew that moving from being single-location to multi-geography would require us not to create geographical siloes. We would need to work according to the nature of the ‘dark matter’ being explored (with both local and planetary-scale questions entangled within them), enabling a cross-geographical focus whilst embedded in local contexts. Creating a system that allows for free-flowing connection and co-creation across geographies, however, swims upriver against most of the rules that we need to navigate (whilst we welcome some of the intended accountability — and at times, structure — of these rules).

When it comes to financial decisions, for example, we intend to take most of our decisions from an aggregated whole organisational perspective. This means that whilst we capture information on the financial performance of each legal entity/country in which we operate and we ensure it meets good standards, the information that guides our business model is our shared financial picture. This stops us from focusing on who or where is more sustainable/profitable but rather on ‘is the system thriving?’

This sits alongside national accounting requirements, for which we use national bookkeeping systems and aggregate the information into a shared picture; meanwhile, our cash flow information and monitoring is captured and shared primarily at an org-wide level.

Meanwhile, international tax regulations demand that any services delivered by an entity in one country on behalf of an entity in another must charge profits on the service (at internationally agreed thresholds), thus directly creating a client-provider relationship rather than a collaboration partnership across legal entities. We have Transfer Pricing Agreements between all entities to ensure that we comply with tax regulations and are accountable in our different jurisdictions, whilst also not letting the charges between our legal entities dictate the decision-making of how people spend their time.

In our governance, we have local legal stewards who are embedded in the local place, mixed with actors who take a whole-org perspective and are legal stewards in all DML entities. The finance team, which calculates the transfer pricing figures, have no legal stewardship in any operating companies to avoid conflict of interest.

Enabling this shift from London-centric to international is also about mental models, cultures, perspectives and contexts. Our team now benefits from an incredible range of cultures, languages, religions, ethnicities, traditions and more. On the organisational/operational level, reflecting this diversity within how we come together — and building towards inclusion and equity across the organisation — is a continuous and evolving process.

The art of organisational space-holding in general sets much of the cultures of how we come together, of which we will share more practical details in Blog 2 in this series. Our system of self-management (and distributed agency) is also a notable enabler to this work, which will be exploring more in Blog 3 to this series.

Timezones and language are two everyday areas that are challenging to navigate in this context. Finding a time for all team or cross-geography meetings is challenging when we now have team members in locations from Canada to Europe, India and South Korea, meaning that we span a huge range of timezones.

Cross geography timezones for a 9am meeting

When we come together - for meetings, shared decisions, connection, retreats - this becomes increasingly challenging to manage logistically.

Currently, some of our approaches are to hold team sessions with at least 2 timezone options and at times in circulating timezones so that they do not bias the geographical location of the organiser. Small tools - like people having the international clock embedded into their calendar with the different team members timezones showing - also help us to make the shift in habits in considering timezones whenever meetings are arranged.

Embedded timezone widget into calendars

Our recent hybrid gathering worked around timezones by scheduling a mixture of time all together virtually at the beginning and end of days (respective to geography), alongside time spent locally in-person that groups could self-design according to their flow.

Draft schedule of the August 2021 hybrid gathering

Language, meanwhile, codes our mental models and biases our framing of a scenario. For those working in their 2nd, 3rd (or more) language or within their first language but outside of cultural tongues, the additional effort and energy required is considerable.

English is our shared organisational language, which is perhaps to be expected as an international team with origins in London. Yet we know how important the rich diversity of language across the organisation is, including in each of our company locations. Notably, most of our team (more than 70%) speak English as their second, third or fourth language.

We continue to build ways to enable local languages to be the dominant language where possible, from holding local entity operations meetings in the local language; naming all companies in both English and the local language; translating key work relevant to local contexts into the local language; experimenting with translation headphones and other technology to allow local language led meetings that non-speakers can still understand.

DM articles and images in Swedish, Italian, French and Korean

As an organisation still with a strong UK, Europe and ‘Global North’ bias (around 85% of our team is resident in Europe) there are embedded biases and defaults towards these geographies, and we know that these will inevitably hinder rather than unleash us. We need to nurture both our capability to do the work that we do and for that work to be responsible to a plurality of perspectives. We intend to further geographically variegate over the coming years and to build on our practices towards equity as we do this.

Transnational Payroll and Contracting Areas of external regulation that we recognise we need to comply by and innovate around

In building this planetary ecosystem, team contracting and payroll are some of the knottier areas to navigate and a place where the current national-focused rules of the system particularly work in counter-current to our set-up.

With social security systems largely structured on a national (and federal) basis, having team members distributed around the world and working with mobility is a particularly challenging dance. As we have developed work within other operating countries, and our teams have grown and our contracting with partners become more numerous, we have found it necessary to set up legal entities to enable the payroll platforms and the contractual requirements of partners. Logistically, each investment into a new entity set up is significant (in time, cost, complexity, risk and more).

Alongside local payroll systems, it requires us to work with international payroll providers to set up payroll systems from these legal entities to other countries where our team is based to ensure that we are meeting the full tax contribution requirements of our network. The investment required into the intermediary providers is higher than the (important) tax contributions themselves and balancing this potential investment against others we wish to prioritise is challenging. For now, we have collectively agreed to invest into particular geographies and gradually grow these, actively setting up infrastructure for partners, companies, contracts, payroll systems and other structures there. Meanwhile, when team members need to join from other geographies (requiring new payrolls and administrative structures to be put in place when they are based outside of those countries) we will invest in that to be possible, but we expect this to be less frequently the case.

In contracting, the planetary system requires us to ensure that each contract complies with the shared principles of how we work, the national legislation of the contracting local entity and also the national legislation of the person’s country of residence. One of the unfortunate casualties of this complexity is that our ambition to redesign our contracting with one another to a way that deeply reflects how we want to show up together has been put on the backburner as we have had to invest time navigating compliance first. We hope to pick up the more visionary parts to our contracting towards the end of 2021/early 2022 and are grateful to have examples of contracts built by others — such as our valued friends at Civic Square — from which to draw inspiration.

Pay as a foundation

How we organise pay and how we contract with our team is a critical part of how we build a distributed international ecosystem. We have intentionally designed our pay and contracting systems to date in a way that is set up to avoid pay functioning as an incentive or a reward for work done or for rank, and instead tries to build it as a liberating structure to take financial worries off the table.

Our current pay formula (GBP version)

The proxy of experience (years of all experience as an adult) is intended as an (admittedly imperfect and only loosely correlated, with outliers) proxy for life costs, or a form of minimum basic income. This means that no matter where you are based geographically, and whatever role you play in the organisation and how that changes, we all share the same pay formula.

One of the projects we have had the benefit of taking part in — Beyond the Rules — undertook an exploration into Reimagining Pay, researching examples and hosting 50+ people in March 2021, from which the recording is available here. Its framing provocation shares more about why we might need to reimagine how we structure pay and for what purpose.

In exploring these pay options it is interesting to see that whilst the law protects against demographic discrimination of various types in pay (such as in the Equality Act 2010 in the UK), it does not protect against the inherent discrimination structurally baked into our current economic system. Traditional pay structures bias types of experience (e.g. expensive higher education), types of social capital (e.g. networks that open doors to opportunities) and other factors that are intrinsically linked to systemic privilege.

For Dark Matter Labs, ‘Reimagining Pay’ brought up various questions such as:

Whilst the pay formula provides a proxy for living costs, which on the macro level is fairly correlative, for some it really isn’t, and when it isn’t, it can be problematic to the point of very talented people not being able to thrive with us. It doesn’t allow for any consideration of the historical systems that we are part of, who has been structurally divested from and thus what historic equality and justice looks like in pay. For example, it doesn’t take into account differences in intergenerational wealth and how that makes flat pay inherently problematic (the brilliant Farzana Khan eloquently speaks on this).

Following the learning from Reimagining Pay, we recently discussed an alternative structure for pay, which tries to find the unique sweet spot for pay for each individual that is regenerative for both the system and for the self.

This approach might involve a facilitated self-reflective process to help people to (anonymously) establish an outline of where that sweet spot is for them.

The process invites each of us to reflect in private on the intersectional systems of privilege and injustice that we are each part of; our historical investment into the work of societal transition; how we show up in our setting; and our personal financial needs (chosen and unchosen).

The process would happen confidentially, however data would be aggregated and disaggregated by certain factors allowing the group to discuss and review pay ratios and fairness across the system and assess total needs against budget, in rounds.

At DM we recently discussed this approach, prior to which we collectively reviewed how we want to reinvest earnings into the system, including how much we intend to reinvest back into pay in the coming year.

Miro screenshot from our shard session on how we organise around finances at the August DM gathering

We are currently exploring how this iteration of pay might manifest, yet we’re aware this is the start of a journey of self-reflection and will take time. Some of what’s outlined above can be naturally uncomfortable to question in our own lives, and for some is not a reflection they are used to. We are working together on a pathway from our current system towards the principles that are embedded in this model, and we will be happy to share in due course how it goes.

If you would like to receive updates (every few weeks/months) about the #BeyondtheRules project you can do so via this short form. Previous blogs in this series include:

#BeyondtheRules (framing blog) Manual of We Reimagining the Wage Balanced governance and ‘Behaving Well’ everywhere, every day

In blog 2 to this series, we will look at the crafts that we are finding necessary to enable people to navigate our complex, emergent work. In particular, it looks at how we try to compound learning and build legibility in our work so that we can all navigate what we are doing.

This blog was authored by Annette Dhami with support from Jonathan Lapalme and refers to work done by many team members across Dark Matter Labs.

Organising #BeyondtheRules at Dark Matter Labs 1/4 was originally published in Dark Matter Laboratories on Medium, where people are continuing the conversation by highlighting and responding to this story.


Ontology

Ontology x ONTO Wallet: 3,333 Limited Edition Ontology Avatars + 500 ONG Up For Grabs!

Claim your limited Ontology Avatars NFTs for a chance to win 500 ONG! We’re releasing a selection of limited edition Ontology Avatars! Each Avatar is minted as an NFT and features a unique set of attributes. Claim your NFT now and join us in the metaverse! What are Ontology Avatars? Ontology Avatars is a collection of 3,333 unique NFTs. Each Avatar is randomly generated and can be tie
Claim your limited Ontology Avatars NFTs for a chance to win 500 ONG!

We’re releasing a selection of limited edition Ontology Avatars! Each Avatar is minted as an NFT and features a unique set of attributes. Claim your NFT now and join us in the metaverse!

What are Ontology Avatars?

Ontology Avatars is a collection of 3,333 unique NFTs. Each Avatar is randomly generated and can be tied to an ONT ID that represents the owner in the metaverse.

Each Ontology Avatar contains at least 7 attributes: a piece for an Explorer’s face type, skin tone, hair, eyes, noses, ears, and mouth.

Some Avatars might come with some extra surprises such as glasses, earrings, facial hair, or headgear.

Why are Ontology Avatars special?

Each Ontology Avatar is unique. By claiming an avatar, the avatar becomes tied to your decentralized identity via your ONT ID.

Your avatar can be used to represent yourself in the Web 3.0 metaverse. In the future, you may also be able to trade your avatar or bridge it to other blockchains and developers could build other NFTs to interact with Ontology Avatars.

How do I get an Ontology Avatar?

Ontology Avatars can be claimed via ONTO. Claiming an avatar is completely free (minus the gas fee).

Claim your NFT now with the help of our tutorial!

Note: Each ONT ID is eligible to claim only one NFT.

ONG Giveaway

Starting September 10, Follow Ontology and ONTO Wallet on Twitter and Join our Telegram groups, Post on Twitter with the hashtag #OntologyAvatar showing your Ontology Avatar, and submit the Google form for the chance to win a share of 500 ONG!

Participants who meet the requirements and submit the Google form will qualify for the draw to win ONG. Among them, a total of 30 participants will then be randomly selected to receive an equal share of 300 of ONG.

The most liked and retweeted tweets will be granted 100 ONG. Second and third place tweets will each receive 50 ONG.

Event Duration: September 10, 13:00 — September 13, 13:00 (UTC)

Step-by-Step Guide Follow Ontology and ONTO Wallet on Twitter. Get an ONT ID: onto.app. Claim your Ontology Avatars, take a screenshot and post it on Twitter with the hashtag #OntologyAvatar Join Ontology and ONTO Wallet’s Telegram groups. Fill in the Google Form.

Note: All ONTO users can participate but each ONT ID/device is counted only once.

About ONTO Wallet

ONTO is the first truly decentralized, cross-chain wallet, allowing users to securely manage their identities, data, and digital assets. ONTO users can manage their crypto assets (including NFTs), perform cross-chain swaps, keep up-to-date with the latest industry latest developments and events via the ONTO news feed, and enjoy access to a variety of dApps.

With ONTO Wallet, users can create an ONT ID, a decentralized digital identity that fully protects their private data through an encryption algorithm and enables one-click multi-chain wallet address creation and management. Users worldwide can download ONTO Wallet now via onto.app or their mobile app store. Desktop users can also install ONTO Web Wallet for Google Chrome.

About Ontology

Ontology is a high performance, open source blockchain specializing in digital identity and data. Ontology’s unique infrastructure supports robust cross-chain collaboration and Layer 2 scalability, offering businesses the flexibility to design a blockchain that suits their needs. With a suite of decentralized identity and data sharing protocols to enhance speed, security, and trust, Ontology’s features include ONT ID, a mobile digital ID application and DID used throughout the ecosystem, and DDXF, a decentralized data exchange, and collaboration framework.

LinkedIn / Medium / Facebook / Reddit / DiscordYouTube

Learn more about our decentralized data and identity solutions on our website and official Twitter account. You can also chat with us on Telegram and keep up-to-date with the latest news via our Telegram Announcement account.

Other Resources

LinkedIn / Medium / Facebook / Reddit / DiscordYouTube

Ontology x ONTO Wallet: 3,333 Limited Edition Ontology Avatars + 500 ONG Up For Grabs! was originally published in OntologyNetwork on Medium, where people are continuing the conversation by highlighting and responding to this story.


KuppingerCole

EIC Speaker Spotlight: Maarten Stultjens on the European Perspective of Identity

by Andrea Beskers Maarten Stultjens, VP Corporate Development at OneWelcome is to partake in a panel discussion entitled Identity, Privacy, Security - The European Perspective on Monday, September 13 starting at 15:50 pm at EIC 2021. To give you a sneak preview of what to expect, we asked Maarten some questions about what he will bring to the panel. There are differences in Digi

by Andrea Beskers

Maarten Stultjens, VP Corporate Development at OneWelcome is to partake in a panel discussion entitled Identity, Privacy, Security - The European Perspective on Monday, September 13 starting at 15:50 pm at EIC 2021.

To give you a sneak preview of what to expect, we asked Maarten some questions about what he will bring to the panel.



There are differences in Digital Identity between US and Europe. What is the bigger picture?

Yeah, well, I think as the first step we have to look at some global initiatives that are taking place in business. And if I have to mention two main things that are happening, one is the gig economy where the relationship between employees and the employer is changing. That employees are much more flexible and that a lot of the work is being outsourced and outsourcing can be done anywhere. And the second thing that is happening is that we are working towards anything as a service. We're used to software as a service, especially here in the IT industry, but we're also very familiar at the moment with car as a service.

And, one of our customers is also thinking of moving to ship as a service. So rather than buying a ship, you just pay for operating hours of such a ship. Well, these changes lead to changes in IT, it increases the dependency on IT. It leads to dominance of certain platforms in IT. Think of Amazon, Google, Microsoft - it leads to globalization. And of course, as a result, it also requires a higher interoperability. So, these things strongly influence the changes in digital Identity.


What are challenges between the different aspects of Digital Identity?

With these changes with the gig economy and anything as a service - or I already mentioned that there is a bigger dependency on IT, and on the big tech providers. And there are some concerns, and these concerns result in the behavior of these organizations, not only in how they treat our privacy, but also in taxation or in copyright protection. And also, think of the data sovereignty that we want to have here in Europe, where we have seen that the US has implemented the Cloud Act in 2018. We are very aware here in this geography of privacy and we have developed the GDPR and adopted the GDPR and beyond GDPR, there will be other rules and regulations like privacy.

At the same time, we are in a very fragmented landscape here where interoperability is not so easy. So, if you look for example, at data residency, then, in the past we had the Safe Harbor agreement back in 2015, it was invalidated. And as a follow up of the Safe Harbor agreement, there was the privacy shield agreement that again was invalidated last year, known as the Schrems II outcome. And currently, in the EU, we are working towards a data sovereignty - we've seen that in Russia and China - and we are implementing now our own internet, Gaia-X. We are implementing other measures to transfer data from the EU to the US contractual clauses. The UK has their own guidelines and is building their own guidelines.

And we see all kinds of interpretations in different countries, for example, in France, where they allow EU SaaS built on AWS provided that sufficient safeguards have been implemented. In the privacy area, we see that, although GDPR has been implemented, it is still only implemented in a pretty basic fashion. So going forward, I expect that, for example, consent management will get a lot more adoption, rather than the legitimate interest that we initially thought would be a ground for processing of data. And, at the same time, we see that in different industries, there are, per country, different regulations. Think of healthcare, think of insurance or banking. And last but not least, there is this interoperability question - we would like to inter-operate, we want to inter-operate across these verticals, which have their specific regulations - and also per country.

But at this moment, we see, for example, identity providers like Speed in Italy, France Connect. We see Verimi in Germany, and we see Itsme in Belgium, DigiD and eHerkenning in the Netherlands. We are working - or the EU is working towards standardization with eIDAS. But this is still a bit of a free option for the different countries because their own identities have to be notified in the eIDAS. So, a new law is currently being developed by the EU for EU wide digital identity based on the wallet. So, there are a lot of developments in this area that try to solve the challenges of digital identity in and across Europe.


How does that impact the platforms that customers need for their digital identities?

I think first of all – the question of data residency – that is a clear question. So, the platforms that customers need, need to ensure that data is kept in Europe, because our customers don't want to be opposed to these constantly changing regulations that are constantly declared invalid, and on contractual agreements. That is a clear thing, other things, with the fragmented landscape, with the fragmented identity providers across Europe, we also see a need for a lot of flexibility in building a customer journey and for the onboarding of users at every point in the customer journey, you need to be able to make a step out. And the step out in Italy will be different from France and so forth. There is, of course, also the multi-language in Europe, we speak different languages.

And, for example, I'm from the Netherlands. If I drive two hours to the south, I need to speak French, and only French. If I drive to the east, I need to speak German, and very often only German. And to the west there is the UK. And these language barriers do not only give requirements for the end user, the consumer, but also if you work business to business and you work in a delegated fashion, then your business customers, or your partners – and I think again of that “anything as a service or to gig economy” - also, you need to address these type of business users within their own language. So, language support, not only for the consumer, but in the whole chain, B2B to B2C needs to be supported. And, of course with our consciousness on privacy, it is very important that we give full control in the platforms to the consumer on the usage of their data.


What would your key take-away for the panel be?

Well, of course, for the customers, when they are looking for a platform, they need a platform that fulfils the requirements that were just mentioned here, the flexibility, the language, but it's not only that. There is a lot of dynamics in this world. The Gig economy and the SaaS and Anything as a Service are constantly evolving. That means that, if you have a vendor far away, most likely that vendor doesn't completely understand, or doesn't adopt these types of dynamics quickly enough. So, I'm advocating, being a European vendor, also to work with European vendors because they are on top of all these developments. And there is for the next years no such thing as a standard for customer Identity. I think that this place, especially in the regulated industries - Telco, energy, finance, and maybe to a lesser extent to retail and consumer goods - because things are less privacy sensitive.


Ontology

Everything You Need To Know About Ontology EVM Contract Development — Part 1: Network Details

Everything You Need To Know About Ontology EVM Contract Development — Part 1: Network Details Today, Ontology, the high speed, low cost public blockchain bringing decentralized identity and data solutions to Web 3.0, announced the official deployment of a TestNet supporting EVM and opened the EVM compatible public beta to developers around the world. At the same time, the “Ontology Security
Everything You Need To Know About Ontology EVM Contract Development — Part 1: Network Details

Today, Ontology, the high speed, low cost public blockchain bringing decentralized identity and data solutions to Web 3.0, announced the official deployment of a TestNet supporting EVM and opened the EVM compatible public beta to developers around the world. At the same time, the “Ontology Security Vulnerability and Threat Intelligence Bounty Programme” was officially launched in cooperation with SlowMist, a well-known code auditing agency. The top reward for reporting a vulnerability is $12,000 in ONG.

Through the integration of the Ethereum virtual machine, Ontology has achieved full compatibility with the Ethereum ecosystem. At present, the Ontology TestNet already supports EVM contracts and the node call method of the Ethereum chain. Developers can directly use EVM development tools such as Truffle, Remix and Web3.js on the Ontology TestNet for dApp deployment.

In order to encourage community developers to quickly and easily familiarize themselves with the Ontology EVM development environment, we specially prepared a “Handbook for Dummies”, which explains the essentials of Ontology EVM contract development.

1. Network Details

Before using the Ontology EVM, let’s first look at its configuration information including ChainID, RPC URL, and blockchain explorer address. Based on this information, you can configure your MetaMask wallet to connect to the Ontology network.

Due to the difference between the ONG precision (9 bits) in the Ontology EVM and the precision supported by Metamask (18 bits), the display in Metamask may experience errors. We recommended using the Ontology Bridge to check the ONG balance or make a transfer.

1.1 Node Network

MainNet Information

2) TestNet Information

Note: When using MetaMask to connect to the Ontology network, please select “Custom RPC” in the MetaMask network settings, and then enter and save the configuration information according to the network type.

1.2 EVM assets on the Ontology chain

TestNet

1.3 Gas Fee

The deployment of the EVM contract on the Ontology chain requires ONG as a handling fee. You can click here to receive the ONG test coin.

1.4 Ontology Bridge

Ontology Network has achieved compatibility with the Ethereum ecosystem through the Ontology EVM virtual machine. Therefore, in addition to native contracts, the contract types supported by Ontology now include NeoVM contracts, Wasm contracts, and EVM contracts. This also means that NeoVM-based OEP-4 Tokens and EVM-based ORC-20 Tokens can exist on the Ontology blockchain. Since the address format and signature method supported by EVM are different from those supported by NeoVM/WasmVM, ORC-20 assets (EVM contract implementation, similar to ERC-20 assets), the Ontology system must be stored in the Ethereum private key corresponding address (beginning with 0x), OEP-4 assets (implemented by NeoVM contract) must be stored in the address corresponding to the Ontology private key (beginning with A). As the transaction fee of the Ontology network ONG is an exception, ONG can also exist in the Ethereum account address and Ontology account address.

In order to facilitate the mutual circulation of ORC-20 assets and OEP-4 assets within Ontology network between Ethereum accounts and Ontology accounts, Ontology provides the Ontology Bridge service, which is used in Ontology network deploys a Bridge contract (implemented by Wasm contract) to realize the mutual exchange of ORC-20 assets and OEP-4 assets between two different types of accounts. For ONG, users can use Ontology Bridge to transfer money between different types of addresses.

Ontology Bridge contract implementation logic

Exchange OEP-4 for ORC-20 The user calls the oep4ToErc20 method of the Bridge contract through the Ontology private key signature. This method transfers the user’s OEP-4 assets to the Bridge contract address, and then transfers the corresponding amount of ERC-20 assets in the Bridge contract address to the user’s Ethereum private key generated address. Exchange ORC-20 for OEP-4 The user needs to first use the Ethereum private key to call the approve method of the ORC-20 assets to authorize the address corresponding to the user’s Ontology private key to be able to transfer the ORC-20 assets. The user uses the authorized Ontology private key to call the ERC-20 to OEP-4 method of the Bridge contract. This method will transfer the asset in the user’s Ethereum address to the Bridge contract address, and then transfer the corresponding amount of OEP-4 assets to the user’s Ontology address.

Note that in either of the aforementioned two asset exchange processes, the user always uses the Ontology private key to interact with the Bridge contract in order to transfer the asset in the user’s Ethereum address (the user is required to use the Ethereum private key for authorization operations). During the redemption process, remember that ORC-20 assets always have the address corresponding to the Ethereum private key, and OEP-4 assets always have the address corresponding to the Ontology private key.

Learn more about our decentralized data and identity solutions on our website and official Twitter account. You can also chat with us on Telegram and keep up-to-date with the latest news via our Telegram Announcement account.

Other Resources

LinkedIn / Medium / Facebook / Reddit / DiscordYouTube

Everything You Need To Know About Ontology EVM Contract Development — Part 1: Network Details was originally published in OntologyNetwork on Medium, where people are continuing the conversation by highlighting and responding to this story.


Tokeny Solutions

Gas Tank on Polygon

The post Gas Tank on Polygon appeared first on Tokeny Solutions.

Product Focus

Gas Tank on Polygon

We are making blockchain gas fees transparent for our users through the implementation of a “Gas Tank” service.

This content is taken from the monthly Product Focus newsletter in September 2021.

This month we take a look at how Tokeny is making blockchain fees transparent for its users through the implementation of a “Gas Tank” service.

We are, on an optional basis, providing investors with a built-in custodial wallet1 associated to their ONCHAINID digital identity. This allows users to hold assets and/or instruct transactions on the blockchain without having to safekeep their private key themselves. These wallets are available both on Ethereum and on Polygon.

Despite the fact that network fees on the Polygon network are substantially lower – roughly by a factor of 1/10’000 – than on Ethereum, they nevertheless still exist and need to be covered for transactions to be executed. This obviously means wallet holders need to make sure to have enough MATICs – the cryptocurrency used to pay the gas fees on Polygon – in their wallet to ensure their transaction(s) from not being processed. This might cause an unnecessary burden on those investors who are not familiar enough with the blockchain to monitor the MATICs they have on their wallet(s), to buy new ones when needed and to transfer them on their wallet.

To avoid such confusion and make the process of holding and transacting in security tokens deployed on Polygon as seamless as possible, we have developed a “Gas Tank” solution ensuring that, at any time, there is enough MATICs available on all built-in wallets to cover the transaction costs of the wallet holders.

In essence, the Gas Tank:

continuously monitors the level of MATICs available on the Wallets; detects the wallets which are running short and; tops-up the MATIC provision on those specific wallets.

The process is fully automated, provided at no additional cost to the wallet holders and … live!

The main benefits users can expect from the “Gas Tank” are:

a more seamless user experience; simpler operations: no need to monitor their wallet and top it up; reduced risk of transactions not being processed; reduced costs: no transaction fees for them to pay.

We trust that the implementation of this new “Gas Tank” functionality will be a significant step for us to simplify the access and the administration of security tokens on the Polygon network.

1 The built-in custodial wallets are provided in partnership with Tangany GmbH

Learn More Subscribe Newsletter

This monthly Product Focus newsletter is designed to give you insider knowledge about the development of our products. Fill out the form below to subscribe to the newsletter.

Other Product Focus Blogs Gas Tank on Polygon 10 September 2021 DvD Transfers 29 June 2021 Blockchain Layer Enhancement 8 June 2021 T-REX Factory Enhancements 29 March 2021 Security Tokens Conditional Transfer 1 March 2021 Messaging 25 January 2021 ONCHAINID Notifications 30 November 2020 Tokens Recovery 2 November 2020 Tokenize securities with us

Our experts with decades of experience across capital markets will help you to digitize assets on the decentralized infrastructure. 

Contact us

The post Gas Tank on Polygon appeared first on Tokeny Solutions.

Thursday, 09. September 2021

Indicio

Cardea Interop-athon

Cardea The post Cardea Interop-athon appeared first on Indicio Tech.

The post Cardea Interop-athon appeared first on Indicio Tech.


KuppingerCole

HID Global Fraud Prevention Offering

by John Tolbert HID Global offers robust and secure solutions for identity and access management, including a highly scalable authentication platform, physical access controls, smart identity card manufacturing and credential issuance, biometric authentication, and fraud prevention in the form of mobile/remote identity proofing, real time threat detection and strong security protocols and cryptogr

by John Tolbert

HID Global offers robust and secure solutions for identity and access management, including a highly scalable authentication platform, physical access controls, smart identity card manufacturing and credential issuance, biometric authentication, and fraud prevention in the form of mobile/remote identity proofing, real time threat detection and strong security protocols and cryptographic standards to secure digital channels. HID Global presents each of these elements into a full fraud prevention offering suitable for helping customers reduce the risk and costs associated with Account Take Over, New Account Fraud, and many other types of digital threats.

Distributed Deception Platforms (DDPs)

by John Tolbert This report provides an overview of the market for Distributed Deception Platforms (DDPs) and provides you with a compass to help you to find the solution that best meets your needs. We examine the market segment, vendor service functionality, relative market share, and innovative approaches to providing DDP solutions.

by John Tolbert

This report provides an overview of the market for Distributed Deception Platforms (DDPs) and provides you with a compass to help you to find the solution that best meets your needs. We examine the market segment, vendor service functionality, relative market share, and innovative approaches to providing DDP solutions.

Indicio

Liquid Avatar Technologies successfully demonstrates complete, interoperable health data ecosystem

Liquid Avatar The post Liquid Avatar Technologies successfully demonstrates complete, interoperable health data ecosystem appeared first on Indicio Tech.

Magic Labs

How Svelte Cybernetically Enhances Web Development

For our 7th Close-up Magic meetup, we welcomed Sean Mullen and Mattias Inokuchi to talk about: How Svelte Kit differentiates itself from other frameworks like React and Angular. The developer experience Svelte offers developers. The gaps Svelte needs to fill before it can rank as the #1 UI framework. Here are a few of our favorite takeaways. Key Takeaways Svelte uses a smarter pr

For our 7th Close-up Magic meetup, we welcomed Sean Mullen and Mattias Inokuchi to talk about:

How Svelte Kit differentiates itself from other frameworks like React and Angular. The developer experience Svelte offers developers. The gaps Svelte needs to fill before it can rank as the #1 UI framework.

Here are a few of our favorite takeaways.

Key Takeaways Svelte uses a smarter programming model than React 🧠

Like React, Svelte is a UI framework that makes it easier to write components. But instead of using a virtual DOM to track state changes and to re-render pages, Svelte pretty much avoids it. This is because React’s virtual DOM introduces unnecessary work for developers that, if done incorrectly, results in a slow performing app.

“The danger of defaulting to doing unnecessary work, even if that work is trivial, is that your app will eventually succumb to ‘death by a thousand cuts’ with no clear bottleneck to aim at once it’s time to optimise.” (src)

React’s diffing algorithm cannot identify which element in the DOM is a state that is actually prone to changes, and its JSX syntax makes it easier for developers to write components that slows the app down.

Instead of using a virtual DOM and delegating the diffing work to the browser, Svelte puts on the smart compiler hat, figures out which states could change in your app at build time, and turns your code into tiny Vanilla JavaScript code. Pretty neat, huh?

New coders will fall in love with Svelte 👏

Sean, Mattias, and I agreed on a bunch of things during our talk. My favorite was the fact that Svelte is super beginner friendly for new programmers. This is because Svelte is made up of the OG tools of web development — HTML, JavaScript, and CSS. If you write any valid HTML/CSS/JS code, it will also be valid in a Svelte app.

“As a beginner, it’s easy to recognize HTML and CSS compared to React.” — Mattias Inokuchi

Since coders are saved from studying DOM manipulation, how to write in JSX, React Hooks, and more, there’s less barrier to entry and more time to get something working faster.

Svelte is the fastest growing frontend JS framework ⚡️

One of the questions I asked Sean and Mattias is, “Will Svelte be able to capture the market share it needs to grow?” Although there weren’t any definitive answers, we discussed the positive indicators of Svelte’s continued growth.

Sean expressed that Svelte is a framework that he’s recommending to his friends. And it appears this type of word-of-mouth marketing in tech communities like Tech Twitter, Reddit and Discord is working because Svelte was found to be the fastest growing framework in August, 2021 based on NPM weekly downloads (src).

“I’ve never been in a position where I can’t find a library to do what I want. Anything that you can do in another framework, it’s either already part of svelte or there’s a library to do it. Or it’s just much easier to accomplish in Svelte in the first place.” — Sean Mullen

Sure, our key takeaways explain why developers love Svelte. But there’s more reason to love it. The blogs Rich Harris writes are always insightful and delightful, and the community behind Svelte is also super helpful.

💡 Ready to give Svelte a try? Follow the Guide Sean Mullen created here.

Q&A Session

At the end of the talk, we received a great question from one of our listeners.

Q: What do you think about integrating Svelte with Docker, Kubernetes, and working with environment variables?

Curious to know the answer? Make sure to watch the recording of the fireside chat below.

Interested in Close-up Magic?

If you ever want to be a special guest for Close-up Magic and talk about a tech you’re passionate about, schedule a chat with Maricris here.

How Svelte Cybernetically Enhances Web Development was originally published in Magic on Medium, where people are continuing the conversation by highlighting and responding to this story.


IBM Blockchain

Geospatial data: The really big picture

The combination of a pandemic and a record-setting year of extreme weather events has reminded leaders in every industry that the health of our people, our global economy and the environment are inextricably linked. Sustainability is now a strategic business imperative, critical to creating new levels of resiliency and responsible practices that preserve our planet […] The post Geospatial data:

The combination of a pandemic and a record-setting year of extreme weather events has reminded leaders in every industry that the health of our people, our global economy and the environment are inextricably linked. Sustainability is now a strategic business imperative, critical to creating new levels of resiliency and responsible practices that preserve our planet […]

The post Geospatial data: The really big picture appeared first on Blockchain Pulse: IBM Blockchain Blog.


Coinfirm

DAO Maker Hack

On 3rd of September 2021, around 10:00 PM UTC, DAO Maker, a decentralized finance platform on the Ethereum blockchain that enables startups to raise funds, was hacked for almost $4 million (although the true realized cost to DAO Maker is far greater). A collection of altcoins were stolen; DeRace Token (DERC), Capsule Coin (CAPS) Showcase...
On 3rd of September 2021, around 10:00 PM UTC, DAO Maker, a decentralized finance platform on the Ethereum blockchain that enables startups to raise funds, was hacked for almost $4 million (although the true realized cost to DAO Maker is far greater). A collection of altcoins were stolen; DeRace Token (DERC), Capsule Coin (CAPS) Showcase...

Ontology

Ontology’s EVM TestNet Officially Deployed, Now Opening EVM-Compatible Public Beta to Developers

Earn rewards for participating in Ontology’s security vulnerabilities and threat intelligence bounty programme — top prize: $12,000 of ONG! Ontology has now officially deployed its EVM TestNet and is opening its EVM-compatible public beta for developers! Developers can use the Ontology Bridge to convert Ontology’s native OEP-4 tokens to ORC-20 tokens and add them to their MetaMask wallets an
Earn rewards for participating in Ontology’s security vulnerabilities and threat intelligence bounty programme — top prize: $12,000 of ONG!

Ontology has now officially deployed its EVM TestNet and is opening its EVM-compatible public beta for developers! Developers can use the Ontology Bridge to convert Ontology’s native OEP-4 tokens to ORC-20 tokens and add them to their MetaMask wallets and then deploy dApps. The Ontology Blockchain Explorer, Developer Documentation Center and Ontology EVM-supported Web3 API is also being upgraded, incentivizing Ethereum developers to deploy dApps on TestNet.

In collaboration with code auditor, SlowMist, Ontology is setting up a bug bounty where developers can win thousands of dollars in rewards! The Ontology Security Vulnerabilities and Threat Intelligence Bounty Programme is designed to help improve the security and performance of the Ontology network and support its EVM development, with a top prize of $12,000 in ONG rewards.

Below, you can find a breakdown of the different types of vulnerabilities and their corresponding rewards, along with descriptions of how we aim to address vulnerabilities based on their severity.

Scope of Business

1. Ontology Blockchain (GitHub)

General Security

General design or implementation flaws

Network Security

Message serialization/deserialization security Network connection management security Message buffer management security

Protocol Security
Conceptual or implementation security issues in the following Ontology protocols:

VBFT Consensus Protocol Security Block Propagation Protocol Security Transaction Propagation Protocol Security P2P Communication Protocol Security

Cryptographic Primitives Security
Incorrect implementation or usage of the following cryptographic algorithms:

ECDSA EdDSA ECIES SM2 SM3 SM4 AES VRF

Smart Contract & Virtual Machine Security

NeoVM implementation flaws WasmVM implementation flaws EVM implementation flaws Transaction execution Ledger access control Transaction result notification security

Native Smart Contract Security

ONT Native contract security ONG Native contract security ONT ID Native contract security Governance Native contract security Authorization manager Native contract security Cross-chain Native contract security

2. Ontology Wallets

ONTO Wallet(Mobile) ONTO Web Wallet OWallet Processing Flow Reporting Stage

The reporter visits the “SlowMist Zone” website and goes to “Submit Bug Bounty” page to submit a vulnerability report (Status: Under Review).

Processing Stage

1. Within 1 working day, the SlowMist Security Team will confirm the vulnerability report from the “SlowMist Zone”, follow up, evaluate the problem, and send the threat intelligence back to the Ontology contact person (Status: Under Review).

2. Within 3–10 working days, the Ontology technical team will address the bug, draw conclusions and record points (Status: Confirmed/Ignored). They will communicate with the reporter if necessary, and ask the reporter for assistance.

Fixing Stage

1. The Ontology team shall fix the security bugs identified by the vulnerability report and provide updates online (Status: Fixed). The fixing time frame depends on the bug’s severity and the repair difficulty. Generally speaking, it is within 24 hours for critical and high risk bugs, within 3 working days for medium risk bugs, and within 7 working days for low risk bugs. The app security issue is limited by the version release, and the repairing timeframe is determined on a case-by-case basis.

2. The reporter will review whether the security bug has been fixed (Status: Reviewed/Reviewed With Objection).

3. After the reporter confirms that the security bug is fixed, the Ontology technical team will inform the SlowMist Security Team of the conclusion and the vulnerability score. They will issue rewards to the SlowMist Security Team (Status: Completed).

Vulnerability Level and Reward Standards

Note: The final award depends on the severity and true impact of the vulnerability. The values in the table are the highest rewards for each level. Critical vulnerabilities reward will be in the form of ONG at the price of ONG/USDT the day before the issue.

SLOWMIST is an Ethereum ERC-20 token, the ecosystem incentive token for the SlowMist Zone.

Critical Vulnerabilities

A critical vulnerability refers to a vulnerability that occurs in the core business system (the core control system, field control, business distribution system, fortress machine and other control systems that can manage a large number of systems). It can cause a severe impact, gain business system control access (depending on the situation), gain core system management staff access, and even control the core system.

Critical vulnerabilities include but are not limited to:

Smart contract overflows, conditional competition loopholes, etc. will cause serious data problems on the MainNet Arbitrary command execution on node host Destruction of data consistency across the network Transaction, block or consensus message signature forgery, replay or valid data tampering Access control flaws Private key disclosure or unauthorized call to signed API Large amounts of additional issuance or overspending of assets, large amounts of theft or excessive spending The entire network crashes, no response or consensus is stalled, and legal transactions cannot be executed High Risk Vulnerabilities

High risk vulnerabilities include but are not limited to:

Involving the unauthorized operation of the token, bypassing the payment logic (required to be successfully used) The permission control defects in the smart contract Node host crashes or becomes unresponsive Node program crashes or becomes unresponsive, unable to receive, process, and forward legal transactions or blocks Large losses or freezing of other people’s assets Leakage of sensitive information, such as unauthorized access to private data, decipherable cipher text, etc. Medium Risk Vulnerabilities

Medium risk vulnerabilities include but are not limited to:

The leakage of locally-stored sensitive authentication key information, which needs to be able to be used effectively Invalid transaction, block or consensus message data tampering Small additional issuance or overspending of assets, theft or excessive spending Small loss or freezing of other people’s assets RPC service crashes or becomes unresponsive Low Risk Vulnerabilities

Low risk vulnerabilities include but are not limited to:

Local denial-of-service vulnerabilities. It includes but is not limited to the client local denial-of-service (parsing file formats, crashes generated by network protocols), problems that are caused by Android component permission exposure, general application access, etc. Node response has dropped significantly Significantly reduce the difficulty of other attacks Other vulnerabilities that are less harmful and cannot be proven to be harmful (such as CORS vulnerability that cannot access sensitive information) Vulnerabilities That Are Not Accepted (even if such a vulnerability is submitted, it will be ignored) SPF mail forgery vulnerability Interface brute force blasting of registered username vulnerabilities Self-XSS CSRF issues for non-sensitive operations A separate issue about Android app android:allowBackup=”true” , and the service is denied locally, etc. (unless in-depth use) Some problems such as slow requests caused by changing the size of the image etc. Version leak issues such as Nginx/Tomcat, etc. Some functional bugs that do not pose a security risk issue Prohibited Behaviors It is forbidden to conduct social engineering and phishing It is forbidden to leak the details of the vulnerability Vulnerability tests are limited to PoC (proof of concept), and destructive tests are strictly prohibited. If harms are caused inadvertently during testing, they should be reported immediately. Meanwhile, sensitive operations performed in a test, such as deletion, modification, and other operations, are required to be explained in the report It is forbidden to use a scanner for large-scale scanning. If the business system or network becomes unavailable, it will be handled according to relevant laws Those who test the vulnerability should try to avoid modifying the page directly, continuing popping up the message box (dnslog is recommended for xss verification), stealing cookies, and obtaining aggressive payload such as the user information (for blind xss testing, please use dnslog). If you accidentally used a more aggressive payload, please delete it immediately. Otherwise, we have the right to pursue related legal action

Special thanks to the xianzhi and cnvd vulnerability classification criteria referred to here.

Learn more about our decentralized data and identity solutions on our website and official Twitter account. You can also chat with us on Telegram and keep up-to-date with the latest news via our Telegram Announcement account.

Other Resources

LinkedIn / Medium / Facebook / Reddit / DiscordYouTube

Ontology’s EVM TestNet Officially Deployed, Now Opening EVM-Compatible Public Beta to Developers was originally published in OntologyNetwork on Medium, where people are continuing the conversation by highlighting and responding to this story.


Dark Matter Labs

Creating a Framework for Human, Machine and Ecological Transition | Republic of North Macedonia

A New Way Forward: By Sanja Bojanic, Biljana Cvetanovska Gugoska, Lazar Pop Ivanov and Narine Sahakyan, UNDP North Macedonia; Mihai Chereji, Meggan Collins, Indy Johar, Linnéa Rönnquist and Zehra Zaidi, Dark Matter Labs The COVID-19 pandemic has been a wake-up call for governments on the vulnerability of our economic and social systems, and the ability of the machinery of government to
A New Way Forward:
By Sanja Bojanic, Biljana Cvetanovska Gugoska, Lazar Pop Ivanov and Narine Sahakyan, UNDP North Macedonia; Mihai Chereji, Meggan Collins, Indy Johar, Linnéa Rönnquist and Zehra Zaidi, Dark Matter Labs

The COVID-19 pandemic has been a wake-up call for governments on the vulnerability of our economic and social systems, and the ability of the machinery of government to be able to process rapidly changing, cascading impacts into policy, programmes, financing decisions and continuous feedback and review. We know that other threats such as climate change and automation loom large on the horizon, with an ever-shortened window to be able to mitigate their impact. So how do democratic nations build the capabilities to deal with the long-term and cascading global challenges of the next twenty years?

Introduction

As explored in ‘A Way Forward’: Governing in an Age of Emergence’, a previous collaboration between UNDP and Dark Matter Labs, over the next 20 years, governments around the world will be facing critical choices on climate, digital and democratic transition for their economy and society — or what we term “human, machine and ecological transition”. We are living in a global age of long, interlinked emergencies. Climate change (1), biodiversity loss (2), pandemics (3), antibiotic resistance (4), migration (5) and human development (6) are just some of the challenges, whose impact falls most heavily on the world’s most vulnerable people (7).

How do democratic nations build the capabilities to deal with long term and cascading global challenges of the next twenty years? Each one of these challenges can have devastating economic and social consequences — as has been laid bare by the COVID-19 pandemic. It is also evident that no government would be able to tackle all of these challenges on its own by top-down solutions, but would rather need to enable and incentivise other actors in society to embrace the policy mandate and play their part in affecting change. Fundamentally, this requires not only new innovative policy but a transformation of the machinery of government in how to formulate, disseminate and implement policy and the types of tools and methods that it uses. It requires new institutions, new ways of financing, an acceleration towards digital and analytical capability to ensure real-time evaluation against cascading risks, and the building of new capabilities not only across government but also society, and in a way that disseminates learning across society.

Finally, the question we are posing in this blog is how do we create a framework for a National Development Strategy that builds the nation’s capabilities for adaptation and resilience so that the whole of society is able to meet the future and the scale of adaptation required, and not with fear, but with renewed optimism to truly “build back better”?

Five Strategic Shifts For A New Way Forward

Human, machine and ecological transition requires us to develop strategic and critical responses that orient structural transformation towards long-termism and consideration for future generations. How we decide to use our land and resources today has long-term implications, yet our current systems are struggling to make sense of decisions that impact across multiple time horizons (from political cycles to fiscal budgets). We must ‘break the tragedy of the horizon’ (8), as Mark Carney, former Governor of the Bank of England, so eloquently stated in a much-cited speech at Lloyd’s of London in 2015.

The transition calls for a revision of our relationships with: (A) The economy, challenging the way we assign value to certain contributions over time (9); (B) The environment, addressing the increasing uninhabitability of our environment; and (C) Society, challenging ageing populations and demographic slowdown (10). The transition also demands a new pathway for countries and importantly a new lens through which to see the nation-state. There is an inherent limitation in seeing the nation-state purely as a bounded territory. A border defines the geographic territory of a country over which its government can enact legislation, but it is redundant when dealing with the constant flows in and out of a country that impact everything from the economy to the environment, or when dealing with the prevention or mitigation of any one of the interconnected global challenges set out above.

In conceptualising a framework for a National Development Strategy in North Macedonia, we have embraced five strategic shifts for a new way forward:

1. Re-imagine statecraft for an age in which we see the nation as a system. We are moving from seeing the nation as a bounded territory to seeing the nation as a knotted system of flows impacted by transnational behaviours. The level of uncertainty inherent in the nation system means we cannot accurately predict or plan for the long-term future; nor can we silo and compartmentalise interventions because when you change something in any one space, you will be creating cascading impacts throughout the whole system (See Figure 1). We can no longer have a one-to-one, “action-reaction” response to deal with strategic risks, but rather it requires a network approach consisting of a number of parallel processes involving multiple actors.

The COVID-19 pandemic can be understood as a warning sign, a probe into the structural weaknesses of our existing systems (11). It shows how futile it is to address 21st-century challenges with the institutions and methods of 20th-century governance. It will not be enough to simply respond to crises, we need to scaffold the transition to a new human contract with the world around us.

2. Build a more inclusive democracy and one in which we act as custodians for future generations. Governments are waking up to the urgent need to build the capacity of the whole of society to care about, and take decisions on, the impact that we have on our planet and future generations.

In this age of complexity, top down government is neither sustainable given the scope and scale of interventions required, nor effective given the range of actors involved in our interconnected nation system. Moreover, the increased risks faced by the nation system need bold interventions that require building legitimacy across society for such actions. One way to build legitimacy is by fostering more inclusive, transparent and accountable policy making and programmes implementation (12). We also need to reinforce the multi-party democratic system. Not only is parliamentary debate and scrutiny essential, but it becomes imperative to take a cross-party collaborative approach and to be mindful of those who would try to game the system of democracy. Issues such as climate change need to go beyond party politics and a political system that continuously rewards one party for another’s failure.

The unprecedented future that countries are facing requires a level of citizen participation that can drive collaborative rather than centralised innovation. Future imagining and collective but distributed decision making will be central to this development (13). Our current mechanisms for democratic participation struggle to incorporate meaningful deliberation. We need to design deliberative processes, planning systems, policy and regulatory frameworks, better markets, and the ability to “contract” for the future (14). Simultaneously, nations need to prioritise investment in the rebuilding of societal trust so that different non-governmental actors are ready to listen, engage with and support the policy making and programmes implementation function of government.

3. Build antifragility (15) for nation states to adjust, learn and deeply grow (16) in an age of long emergencies (as illustrated by the currents of uncertainty in the Deployment Framework Diagram in Figure 2 below). Antifragile systems are more than simply resilient and adaptable. They do not merely bounce back from shocks, or respond effectively in the wake of shocks, but thrive and improve because of such shocks. We need to build the capabilities for a nation to thrive in uncertain environments so that we are not always planning for the next crisis, whilst repairing the damage from the last one (17). Our collective strategy of renewal to “build back better” ought to be premised on a systemic response built on emergent, discursive, contingent processes of perpetual learning and self-renewal.

4. Transition as fast as possible to a “safe zone of operation” by using the Doughnut Framework by Kate Raworth (18) as the “guard rail” in our transition journey, whilst recognising the divergent development cycles of different nations.

The Doughnut is a visual “safe and just space” framework that sets the goal of operating within safe planetary boundaries and social boundaries, acting as a compass for human progress. In terms of transition strategy, it can be used to identify interconnected risks and potentials over a time horizon and is therefore an evaluation tool or framework from which human, machine and ecological development can emerge.

The Doughnut Framework is not a set of policies and institutions, but rather principles for humanity to thrive in the 21st century. It is to be noted that one of these principles is moving from the goal of endless GDP growth to thriving in the doughnut where everyone’s needs are met. For middle income and low income countries that still need to develop and grow their economy, but want to adopt aspects of the Doughnut Framework, we have pursued the idea of deep growth.

5. Embrace a new thesis of human-machine-ecological deep growth, recognising a new human economy from care to creativity, unleashed by a new machine economy revolution of automation, AI, and structured on a new foundation of ecological regeneration, repair and biomaterial circularity.

Whilst many countries are seeking growth strategies alongside an improvement in quality of life. UNDP’s Human Development Index (19) scores, and the adjusted Planetary pressures-adjusted Human Development Index (20) present another type of growth measure, beyond GDP. Any meaningful National Development Strategy needs to adopt a new theory of growth that fundamentally integrates the new human-machine-ecological economy as a virtuous system of both maintaining and expanding economic potentialities, and not see technological advancement as a threat or ecological preservation as a constraint.

Human-machine-ecological deep growth is:

National Development Strategy for a 21st Statecraft

Designing for the 21st Century
How does the nature of the transition inform how a National Development Strategy is created?

A National Development Strategy is a comprehensive umbrella policy for a country that sets a medium to long term vision not only for economic development but also considers economic, social, political and environmental dimensions in combination. It ensures synergy among various policies and programmes that contribute towards stated national priorities, with a view to achieving defined objectives within a given timeframe, and thus becomes a tool to measure ‘progress and success’.

However, the uncertainty and complexity inherent in transition presents a challenge for development strategies that aim to set defined objectives within set timeframes. Another challenge is how to move towards genuine long-termism in such strategies where, in terms of transition, a responsibility is borne to future generations?

A strategy needs to be designed in a way that enables it to stay relevant and a distributed driver for change over the time period that it is meant to guide. It cannot become outdated in 4 to 5 years’ time when there has been a change of government with new priorities, in 10 years’ time when long term trends such as migration or rural displacement have changed the social and economic fabric of regions in a country, or in 20 years’ time when the average temperature rise of the planet has created both predictable and additional, unknowable consequences.

Strategic Principles
What are the strategic principles that can guide the long term planning needed for transition?

We have identified a set of principles that are crucial to enable a twenty-year transition:

1. Long-Termism (22). A development strategy needs to be embedded in long-termism and build the social covenant necessary to scaffold large scale change. A development strategy needs to build cross-societal agreement about structural transition, as well as civic resilience against the inevitable disruptions in an age of long emergencies, such as loss of jobs as a result of large scale degenerative business models or automation.

2. Systems Approach (23). The transition required is systemic. We know climate change is fundamentally a symptom of a structural problem in how we govern and how our relationships in the world are governed. In terms of transition policy, we need to be mindful of our relationship with the future, our relationship with the natural and material world, and our relationship with each other.

3. Embedding Adaptability (24). It is impossible to accurately predict every required policy response to all future challenges. Flexibility needs to be at the heart of any National Development Strategy. We have proposed that a development strategy needs to be a living document (as opposed to a static document) that is able to adjust to real-time data, feedback and evaluation. It needs to be parametric in scope and engineered with contingent capabilities for an unknown world.

4. Capability Building (25). We are living in a global age of long, interlinked emergencies, with interconnected challenges faced by all actors in society (government, academia, industry and civil society). The dynamic and linked nature of these emergencies will require governments to become enablers for society to work together, building horizontal strategies and collaborative capabilities.

Any development plan needs to be focused not only on one-to-one, action-reaction responses to strategic risks but build the capabilities of a nation (See Figure 3). Some design questions include:

How do we build a shared language and contextual framework of the future, i.e. a whole of society approach? How do we bring more sections of society into political decision-making in an age of long emergencies (from how we decide to use our land and resources today to acting in a crisis tomorrow)? How do we build capacity for an agile, democratic state when all our institutions are designed for linear, waterfall orchestration (26)? How do we create and regulate markets for infinite games (for the purpose of maintaining) as opposed to finite games (for the purpose of gaining/winning)? How do we build the imagination, invention and innovation capacity of the whole of society? How do we build the distributed and decentralised sense making capacity of the whole of society? How do we build new public accounting capacity for long-termism, which uses methods and practices informing such liabilities, and thereby invite appropriate investment theses?

5. Funding.Traditional public finance frameworks rely heavily on ex-ante cost-benefit analysis (27), leaving little room for dynamic spillover analysis (i.e. a policy intervention can have ripple effects throughout the system, beyond what any direct cost-benefit analysis could estimate). Equally, these frameworks are stuck in annual budget cycles, struggling to unlock long-term patterns of behaviour and fundamental shortfalls in capital provision for the challenges ahead. Critical sectors such as education and health deliver outcomes with significant spillover effects, and these require sustained financing.

Key considerations for any National Development Strategy geared for transition are:

Building the fundamental financial innovation capacity to address the scale of challenge that we face such as enabling investment in and accounting for intangible asset creation; Addressing the bias towards short-termism in financing. As ecological degradation and technological risks become a reality, we no longer have the luxury of time to treat the future as a distant outpost. How can we create new instruments, mechanisms and vehicles that can invest over longer time frames, maintain the flexibility to adapt to new information, invest in the institutional deep code experimentation necessary, invest vertically in portfolios spanning deep culture change to new institutional infrastructures to accelerate the transition? Building the capacity for the decentralised capital formation necessary to address society’s complex nature of needs. We also need to simultaneously tackle the disbursement of central government funding to municipal authorities, an the issue that most nations demonstrate an over-reliance on; Building the institutional capacity to code and recode — a 21st century form of capital for operating with uncertainty, inclusion and sustainability; Building new capacities and protocols of decision making; Enabling investment in and accounting for intangible asset creation (such as trust, mental health and social cohesion). The transition requires us to build new capabilities for resilience, adaptability, creativity, self-learning, self-development and self-renewal. Outcomes-based funding still struggles to capture the intangible benefits of programmes, and the conditions attached to funding needs to create the space for this. Building new mechanisms of inclusive governance and transparency attached to funding to ensure integrity and accountability; Building the transition pathways to gradually shift donor funding to more sustainable and longitude means of financing. Background and Further Information

The Government of North Macedonia started the preparations for the development of 2021–2041 National Development Strategy in early 2021, supported by a project implemented by the UNDP in coordination with RCO North Macedonia. UK GGF funding was secured for this process. Within this project, UNDP North Macedonia has been working with Dark Matter Labs to develop a new statecraft for the development of national strategy to deal with transition, in line with the 2030 Agenda and national development and strategic priorities. For further information about this project, and wider issues of how to deal with issues of transition, please contact:

Narine Sahakyan
Resident Representative, UNDP North Macedonia
narine.sahakyan@undp.org

Indy Johar
Co-Founder, Dark Matter Labs
indy@darkmatter.org

Further reading:

Acknowledgements

Special thanks to Lejla Sadiku, Kate Raworth, for their support and leadership in this work as a whole and Meggan Collins (Dark Matter Labs) & Hyojeong Lee (Dark Matter Labs) for support on visual communication in this blog

“Unless there are immediate, rapid and large-scale reductions in greenhouse gas emissions, limiting warming to close to 1.5°C or even 2°C will be beyond reach”, IPPC Sixth Assessment Report, Working Group 1 — The Physical Science Basis, Intergovernmental Panel on Climate Change, Switzerland, 9 August 2021. Further, the UN Secretary-General António Guterres said the Working Group’s report was nothing less than “code red for humanity”. He continued that “The alarm bells are deafening, and the evidence is irrefutable”, Secretary-General’s statement on the IPCC Working Group 1 Report on the Physical Science Basis of the Sixth Assessment, 9 August 2021. The average abundance of native species in most major land-based habitats has decreased by at least 20%, (mainly since the 20th century). At the same time, about 40% of amphibian species, 33% of reef-forming corals and all marine mammals are threatened. UN (2020),”UN Report: Nature’s Dangerous Decline ‘Unprecedented’; Species Extinction Rates ‘Accelerating’”, UN Sustainable Development Goals, Paris 2020–05–26 The economic and social disruption caused by the pandemic is devastating: tens of millions of people are at risk of falling into extreme poverty, while the number of undernourished people, currently estimated at nearly 690 million, could increase by up to 132 million by the end of the year. Impact of COVID-19 on people’s livelihoods, their health and our food systems, Joint statement by ILO, FAO, IFAD and WHO, 2020–10–13 Antibiotic resistance is rising to dangerously high levels in all parts of the world. New resistance mechanisms are emerging and spreading globally, threatening our ability to treat common infectious diseases. A growing list of infections — such as pneumonia, tuberculosis, blood poisoning, gonorrhea, and foodborne diseases — are becoming harder, and sometimes impossible, to treat as antibiotics become less effective. “Antibiotic resistance”, WHO, 2020–07–31 There has been an evident increase in international migration over time — both numerically and proportionally — and at a slightly faster rate than previously anticipated. How Covid-19 is impacting these trends are yet to be found, however, climate change is already impacting migration. International Organisation for Migration, “World Migration Report 2020”, International Organisation for Migration UN, Switzerland 2020 Human development is impacted by the way our climate is changing. Both our role and our ability to play that role is transitioning and it will be central that we invest in this to ensure human development in the anthropocene and beyond. UNDP, “Human Development Report 2020: The Next Frontier, Human Development and the Anthropocene”, UNDP, 2020, retrieved 2021–06–01 http://report.hdr.undp.org/index.html Minority and low-income communities have been more vulnerable to the Covid-19 pandemic, similarly to other regular diseases and more local epidemics. Robert M. Siegel, Peter J. Mallow (2021), “The Impact of COVID-19 on Vulnerable Populations and Implications for Children and Health Care Policy”, PubMed Volume: 60 issue 2 pages 93–96, 2021–02–01 https://doi.org/10.1177/0009922820973018 The impact of climate change will move beyond current generations into future generations. In order to address this reality, we will need to challenge current and traditional 1–3 budgeting and policy making horizons. Mark Carney (2015), “Breaking the tragedy of the horizon — climate change and financial stability”, Speech by Mr Mark Carney, Governor of the Bank of England and Chairman of the Financial Stability Board, at Lloyd’s of London, London, 2015–09–29 The Boston Federal Reserve estimated in 2007 that unpaid (and thus unvalued) care work could be valued up to $151 bn/year in the state of Massachusetts alone, making up 30% of the state’s GDP. Randy Albelda, Mignon Duffy, Nancy Folbre, Clare Hammonds, and Jooyeoun Suh (2007), “Placing Value on Care Work”, Boston Federal Reserve Since the 1970’s humanity has been slowing down with decreasing GDP growth rates, life expectancy rates, fertility rates and social movement frequency. Can this be a move towards greater long-term stability? Danny Dorling (2020), “Slowdown: the end of the great acceleration- and why it’s good for the planet, the economy, and our lives”, Yale University Press, United States The world economic forum has projected that we will see 85 million jobs become redundant in the coming 5 years and that we simultaneously will need to and can see 97 million new types of jobs emerging. World Economic Forum (2020), “The future of jobs report 2020”, World Economic Forum, 2020–10–20 “Using data from over eighty interviews conducted by New York University (NYU) graduate students in 2013 and 2014 with PBNYC participants over two years, this article suggests that in council districts using PB, residents have greater feelings of access to and voice in local government, and better understanding of the complexities of spending public monies, often leading to a more positive view of government officials, and bolstering legitimacy of local government.” Rachel Swaner (2017), “Trust Matters: Enhancing Government Legitimacy through Participatory Budgeting”, New Political Science Volume 39 Issue 1 2017 pg. 95–108, published online 2017–02–13 “Public authorities from all levels of government increasingly turn to Citizens’ Assemblies, Juries, Panels and other representative deliberative processes to tackle complex policy problems ranging from climate change to infrastructure investment decisions”. OECD (2020), “Innovative Citizen Participation and New Democratic Institutions: Catching the Deliberative Wave”, OECD Publishing, Paris In the report “100 climate-neutral cities by 2030 — by and for the citizens”, the EU Mission Board for Climate Neutral Cities proposes the development of “a multi-level and co-creative process formalised in a Climate City Contract, adjusted to the realities of each city, […] aiming at the shared goal of the mission”. This is a contract to the future enabling cities, citizens, nations and Europe to collectively commit to enabling the transition. Krogh Andersen, Katrine, Vassilakou, Maria, Lumbreras, Julio, Sulling, Anne, Nicolaides, Chrysostomos, Lenz, Barbara, Ferrao, Paulo, Larsson, Allan, Reiter, Joakim, Forest, Emmanuel, Gronkiewicz-Waltz, Hanna, Jordan, Romana, Boni, Anna Lisa, Russ, Martin, Termont, Daniël (2020) “100 climate-neutral cities by 2030 — by and for the citizens”, Directorate-General for Research and Innovation (European Commission) 2020–09–24, 10.2777/46063 “Some things benefit from shocks; they thrive and grow when exposed to volatility, randomness, disorder, and stressors and love adventure, risk, and uncertainty. Yet, in spite of the ubiquity of the phenomenon, there is no word for the exact opposite of fragile. Let us call it antifragile. Antifragility is beyond resilience or robustness. The resilient resists shocks and stays the same; the antifragile gets better” — Nassim Nicholas Taleb (2012), “Antifragile: Things that gain from disorder”, Prologue, Random House, United States 2012 This has been taken from “A new way forward”, Dark Matter Labs, Europe 2021–05–04. As society is starting to open up, city officials need to invest to build urban systems that are antifragile, a quality exhibited by systems that actually improve with volatility. Remington Tonar and Ellis Talton (2020) “Cities Must Focus On Fostering Antifragility In The Post-Pandemic World”, Leadership strategy, Forbes, 2020–05–02 The Doughnut Economics framework helps us understand the safe and just space for humanity. It describes our planetary boundaries, first identified by Johan Rockström, and our social boundaries and where we are or risking overshooting. Kate Raworth (2018), “Doughnut Economics: Seven Ways to Think Like a 21st-Century Economist”, Cornerstone Book Publishers 2018–02–22 Thirty years ago, UNDP introduced a new approach for advancing human flourishing and measuring progress. Instead of relying on GDP as the sole indicator of development, countries were ranked by the more holistic Human Development Index (HDI) that accounts for a country’s achievements across a number of social and economic dimensions, including health, education and standard of living. UNDP (2020), “Human Development Reports”, UNDP retrieved 2021–06–03 Planetary pressures-adjusted Human Development Index (PHDI) | Human Development Reports. Today, UNDP’s 2020 Human Development Report calls for a just transformation that expands human freedoms while easing planetary pressures by proposing the new and experimental Planetary pressures-adjusted Human Development Index (PHDI). This even more comprehensive index adjusts the standard HDI by a country’s level of carbon dioxide emissions and material footprint on a per capita basis, reminding us of the oft-ignored fact that all growth comes at a cost. UNDP (2020), “Human Development Reports”, UNDP retrieved 2021–06–03 Planetary pressures-adjusted Human Development Index (PHDI) | Human Development Reports. “There are at least two kinds of games: finite and infinite. A finite game is played for the purpose of winning, an infinite game for the purpose of continuing the play. Finite games are those instrumental activities — from sports to politics to wars — in which the participants obey rules, recognize boundaries and announce winners and losers. The infinite game — there is only one — includes any authentic interaction, from touching to culture, that changes rules, plays with boundaries and