[Lithuania] DigiCerts and DigiID to Enterprise apps

•

0 gefällt mir•351 views

OWASP EEE

DigiCerts and DigiID to Enterprise apps. So yesterday and so tomorrow. Martynas Savick.

Internet

DigiCerts and DigiID in Enterprise apps.
So yesterday and so tomorrow.
Martynas Savicka

Types of digital certificates:
Certificate Authority (CA) certificates
Server or client certificates
Object signing certificates
User certificates

Speed!
Automation!
Do more with less!
Automation!
Cost reduction!
Automation!
Increase performance!
Automation!
Innovation!
Automation!
Value!
Business needs 2015, 2016, 2017… 2

Speed!
Automation!
Do more with
less!
Automation!
Cost reduction!
Automation!
Increase
performance!
Automation!
Innovation!
Automation!
InfoSec needs 2015, 2016, 2017… 2X
Integrity
Confidentiali
ty
Non
repudiation
Access
control
+ Fight and pushback all
this stuff 

Digi ID & Digi Sign covers:
Integrity [checked]
Confidentiality [checked]
Non-repudiation [checked]

Encryption costs close to nothing.
Encrypt and let cavalierly rest.
Goals? Sure. Compliance to:
- standards
- data classification requirements
- data privacy

Any InfoSec will fall in love with end to
end encrypted APP!

Data exchange is easy… until you hit into
InfoSec (the one who thinks he is A
Cavalierly) …

Digi Sign The document market.
What market?
ADOC [GGeDOC; GeDOC; BeDOC; CeDOC;] -
Lithuania
BDOC – current Estonian official format…
DDOC - Legacy Estonian format
EDOCs – current Latvian official format…
PDF – this is just real simple pdf…

Containers
ASiC Simple (ASiC-S). Single file object with
either one signature file or one time assertion
file.
ASiC Extended (ASiC-E). Each signature is
associated with all or part of the files in the
container

What if I do not trust online DigiSign
services?
I really don’t!

Digi ID and Digi Sign hardware tokens
advantages and disadvantages:
Smart ID [Chip on smartcard]
Mobile ID [SIM card]
Token ID [USB token]

And what if we try to change the
world?
Once again.

Adopt it in Enterprise apps and give me
some
SECURITY AUTOMATION!

Empfohlen

2015 Identity Summit - The Identity Broker as Driver for GrowthForgeRock

2015 Identity Summit - Tale of Two Views: B2C vs. B2EForgeRock

2015 Identity Summit - OpenAM: Friends with benefitsForgeRock

Navigating the Digital Transformation LandscapeWSO2

2015 Identity Summit - CTO Innovation CenterForgeRock

Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...ForgeRock

Steinberg - Customer identity as the cornerstone of our approach to digitaliz...ForgeRock

Identity Summit UK: THE IDENTITY BROKER AS DRIVER FOR GROWTHForgeRock

Empfohlen

2015 Identity Summit - The Identity Broker as Driver for GrowthForgeRock

2015 Identity Summit - Tale of Two Views: B2C vs. B2EForgeRock

2015 Identity Summit - OpenAM: Friends with benefitsForgeRock

Navigating the Digital Transformation LandscapeWSO2

2015 Identity Summit - CTO Innovation CenterForgeRock

Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...ForgeRock

Steinberg - Customer identity as the cornerstone of our approach to digitaliz...ForgeRock

Identity Summit UK: THE IDENTITY BROKER AS DRIVER FOR GROWTHForgeRock

ForgeRock Open Identity Stack Summit - Kick-off by Mike EllisForgeRock

Identity Summit UK: HOW TO MAXIMIZE RETURN ON IDENTITY IN A BRAVE NEW WORLDForgeRock

You Had Me at Hello: How Ulta Beauty Guests Benefit From Real-time CapabilitiesTIBCO Software

2015 Identity Summit - Stepping Up to New Data Protection ChallengesForgeRock

Amsterdam 2015 Identity Summit: Welcome and Keynote: Using Identity to Empowe...ForgeRock

Agrello presentation for Blockchain Expo Berlin 2017Hando Rand

Consent 2.0: Applying User-Managed Access to the Privacy ChallengeForgeRock

TDI Startup InsurTech Award - DIG slidesThe Digital Insurer

e-invoice integrationGhadaBadawi

Navigating the Digital Transformation LandscapeWSO2

Identity Summit UK: STEPPING UP TO NEW DATA PROTECTION CHALLENGESForgeRock

EBE 2020 The Evolution of E-commerce SystemsE-Commerce Berlin EXPO

Digital Identities in the Internet of Things - Securely Manage Devices at ScaleForgeRock

Kwikdesk Company Presentation - Rish BhatiaRish Bhatia

Identity Summit 2015: EnerNOC Case Study: The Transformation of IAM for EnerN...ForgeRock

McKesson Case Study: Pharmacy Systems & AutomationForgeRock

Intergen Convergence 2017 - Bringing your people on the change journeyIntergen

WSO2 Workshop , Sydney Australia.Dassana Wijesekara

WSO2 Sydney Workshop 2018Dassana Wijesekara

[Bucharest] XML Based AttacksOWASP EEE

RESUME OF MAHFUZUR RAHMAN_Oct' 15Mahfuzur Rahman

[Lithuania] Introduction to threat modelingOWASP EEE

Weitere ähnliche Inhalte

Was ist angesagt?

ForgeRock Open Identity Stack Summit - Kick-off by Mike EllisForgeRock

Identity Summit UK: HOW TO MAXIMIZE RETURN ON IDENTITY IN A BRAVE NEW WORLDForgeRock

You Had Me at Hello: How Ulta Beauty Guests Benefit From Real-time CapabilitiesTIBCO Software

2015 Identity Summit - Stepping Up to New Data Protection ChallengesForgeRock

Amsterdam 2015 Identity Summit: Welcome and Keynote: Using Identity to Empowe...ForgeRock

Agrello presentation for Blockchain Expo Berlin 2017Hando Rand

Consent 2.0: Applying User-Managed Access to the Privacy ChallengeForgeRock

TDI Startup InsurTech Award - DIG slidesThe Digital Insurer

e-invoice integrationGhadaBadawi

Navigating the Digital Transformation LandscapeWSO2

Identity Summit UK: STEPPING UP TO NEW DATA PROTECTION CHALLENGESForgeRock

EBE 2020 The Evolution of E-commerce SystemsE-Commerce Berlin EXPO

Digital Identities in the Internet of Things - Securely Manage Devices at ScaleForgeRock

Kwikdesk Company Presentation - Rish BhatiaRish Bhatia

Identity Summit 2015: EnerNOC Case Study: The Transformation of IAM for EnerN...ForgeRock

McKesson Case Study: Pharmacy Systems & AutomationForgeRock

Intergen Convergence 2017 - Bringing your people on the change journeyIntergen

WSO2 Workshop , Sydney Australia.Dassana Wijesekara

WSO2 Sydney Workshop 2018Dassana Wijesekara

Was ist angesagt? (19)

ForgeRock Open Identity Stack Summit - Kick-off by Mike Ellis

Identity Summit UK: HOW TO MAXIMIZE RETURN ON IDENTITY IN A BRAVE NEW WORLD

You Had Me at Hello: How Ulta Beauty Guests Benefit From Real-time Capabilities

2015 Identity Summit - Stepping Up to New Data Protection Challenges

Amsterdam 2015 Identity Summit: Welcome and Keynote: Using Identity to Empowe...

Agrello presentation for Blockchain Expo Berlin 2017

Consent 2.0: Applying User-Managed Access to the Privacy Challenge

TDI Startup InsurTech Award - DIG slides

e-invoice integration

Navigating the Digital Transformation Landscape

Identity Summit UK: STEPPING UP TO NEW DATA PROTECTION CHALLENGES

EBE 2020 The Evolution of E-commerce Systems

Digital Identities in the Internet of Things - Securely Manage Devices at Scale

Kwikdesk Company Presentation - Rish Bhatia

Identity Summit 2015: EnerNOC Case Study: The Transformation of IAM for EnerN...

McKesson Case Study: Pharmacy Systems & Automation

Intergen Convergence 2017 - Bringing your people on the change journey

WSO2 Workshop , Sydney Australia.

WSO2 Sydney Workshop 2018

Andere mochten auch

[Bucharest] XML Based AttacksOWASP EEE

RESUME OF MAHFUZUR RAHMAN_Oct' 15Mahfuzur Rahman

[Lithuania] Introduction to threat modelingOWASP EEE

[Russia] Give me a stable inputOWASP EEE

[Bucharest] Catching up with today's malicious actorsOWASP EEE

[Cluj] CSP (Content Security Policy)OWASP EEE

[Austria] Security by DesignOWASP EEE

Dia da MúsicaPaulo Antunes

[Lithuania] I am the cavalryOWASP EEE

[Russia] Node.JS - Architecture and VulnerabilitiesOWASP EEE

[Poland] It's only about frontendOWASP EEE

[Russia] MySQL OOB injectionsOWASP EEE

Andere mochten auch (12)

[Bucharest] XML Based Attacks

RESUME OF MAHFUZUR RAHMAN_Oct' 15

[Lithuania] Introduction to threat modeling

[Russia] Give me a stable input

[Bucharest] Catching up with today's malicious actors

[Cluj] CSP (Content Security Policy)

[Austria] Security by Design

Dia da Música

[Lithuania] I am the cavalry

[Russia] Node.JS - Architecture and Vulnerabilities

[Poland] It's only about frontend

[Russia] MySQL OOB injections

Ähnlich wie [Lithuania] DigiCerts and DigiID to Enterprise apps

LoqrCaixa Geral Depósitos

Embed trust in your software & dataStrategic Business & IT Services

Flyer Letter Gen VascoLeenVerleyen

ETDA Conference - Digital signatures: how it's done in PDFiText Group nv

Secure your BusinessVASCO Data Security

The Value of User and Data Centricity Beyond IoT Devices: Stein Myrseth and G...ForgeRock

Encap security Oslo Business Region

Digital Signatures: how it's done in PDFiText Group nv

Digital Signatures in PDF: how it's doneBruno Lowagie

IRMSummit Europe 2014 - Selected Highlightstwh4slide

Mobile technologies know your customersMyles Freedman

Going beyond MFA(Multi-factor authentication)-Future demands much moreindragantiSaiHiranma

Onegini BrochureFinTech Belgium

Case StudyAutomotive - SSLVPN case study DIGIPASS BY VAMaximaSheffield592

ForgeRock and Trusona - Simplifying the Multi-factor User ExperienceForgeRock

Digital signature price in chennaiSharpdigitalsignature

Digital signature certificate in chennaiSharpdigitalsignature

Catalogue ditriot consultingIlyes Abdelmlak

The 10 most trusted authentication solution providers of 2021CIO Look Magazine

NUS-ISS Learning Day 2018- Harnessing the power of cloud solutions in urban a...NUS-ISS

Ähnlich wie [Lithuania] DigiCerts and DigiID to Enterprise apps (20)

Loqr

Embed trust in your software & data

Flyer Letter Gen Vasco

ETDA Conference - Digital signatures: how it's done in PDF

Secure your Business

The Value of User and Data Centricity Beyond IoT Devices: Stein Myrseth and G...

Encap security

Digital Signatures: how it's done in PDF

Digital Signatures in PDF: how it's done

IRMSummit Europe 2014 - Selected Highlights

Mobile technologies know your customers

Going beyond MFA(Multi-factor authentication)-Future demands much more

Onegini Brochure

Case StudyAutomotive - SSLVPN case study DIGIPASS BY VA

ForgeRock and Trusona - Simplifying the Multi-factor User Experience

Digital signature price in chennai

Digital signature certificate in chennai

Catalogue ditriot consulting

The 10 most trusted authentication solution providers of 2021

NUS-ISS Learning Day 2018- Harnessing the power of cloud solutions in urban a...

Mehr von OWASP EEE

[Austria] ZigBee exploitedOWASP EEE

[Austria] How we hacked an online mobile banking TrojanOWASP EEE

[Poland] SecOps live cooking with OWASP appsec toolsOWASP EEE

[Cluj] Turn SSL ONOWASP EEE

[Cluj] Information Security Through GamificationOWASP EEE

[Cluj] A distributed - collaborative client certification systemOWASP EEE

[Russia] Bugs -> max, time <= TOWASP EEE

[Russia] Building better product securityOWASP EEE

[Lithuania] Cross-site request forgery: ways to exploit, ways to preventOWASP EEE

[Hungary] I play Jack of Information DisclosureOWASP EEE

[Hungary] Survival is not mandatory. The air force one has departured are you...OWASP EEE

[Hungary] Secure Software? Start appreciating your developers!OWASP EEE

[Bucharest] Your intents are dirty, droid!OWASP EEE

[Bucharest] #DontTrustTheDarkSideOWASP EEE

[Bucharest] From SCADA to IoT Cyber SecurityOWASP EEE

[Bucharest] Reversing the Apple SandboxOWASP EEE

[Bucharest] Attack is easy, let's talk defenceOWASP EEE

Mehr von OWASP EEE (17)

[Austria] ZigBee exploited

[Austria] How we hacked an online mobile banking Trojan

[Poland] SecOps live cooking with OWASP appsec tools

[Cluj] Turn SSL ON

[Cluj] Information Security Through Gamification

[Cluj] A distributed - collaborative client certification system

[Russia] Bugs -> max, time <= T

[Russia] Building better product security

[Lithuania] Cross-site request forgery: ways to exploit, ways to prevent

[Hungary] I play Jack of Information Disclosure

[Hungary] Survival is not mandatory. The air force one has departured are you...

[Hungary] Secure Software? Start appreciating your developers!

[Bucharest] Your intents are dirty, droid!

[Bucharest] #DontTrustTheDarkSide

[Bucharest] From SCADA to IoT Cyber Security

[Bucharest] Reversing the Apple Sandbox

[Bucharest] Attack is easy, let's talk defence

Kürzlich hochgeladen

Call Girls in Prashant Vihar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service9953056974 Low Rate Call Girls In Saket, Delhi NCR

Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...SUHANI PANDEY

Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...SUHANI PANDEY

(INDIRA) Call Girl Pune Call Now 8250077686 Pune Escorts 24x7Call Girls in Nagpur High Profile Call Girls

Trump Diapers Over Dems t shirts Sweatshirtrahman018755

Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort ServiceDelhi Call girls

Russian Call Girls in %(+971524965298 )# Call Girls in DubaiDubai call girls 971524965298 Call girls in Bur Dubai

VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...singhpriety023

20240508 QFM014 Elixir Reading List April 2024.pdfMatthew Sinclair

Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...SUHANI PANDEY

Real Men Wear Diapers T Shirts sweatshirtrahman018755

Yerawada ] Independent Escorts in Pune - Book 8005736733 Call Girls Available...SUHANI PANDEY

Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRLimonikaupta

Microsoft Azure Arc Customer Deck MicrosoftAanSulistiyo

Real Escorts in Al Nahda +971524965298 Dubai Escorts ServiceEscorts Call Girls

valsad Escorts Service ☎️ 6378878445 ( Sakshi Sinha ) High Profile Call Girls...Call Girls In Delhi Whatsup 9873940964 Enjoy Unlimited Pleasure

Al Barsha Night Partner +0567686026 Call Girls DubaiEscorts Call Girls

( Pune ) VIP Baner Call Girls 🎗️ 9352988975 Sizzling | Escorts | Girls Are Re...nilamkumrai

"Boost Your Digital Presence: Partner with a Leading SEO Agency"growthgrids

VIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 Bookingdharasingh5698

Kürzlich hochgeladen (20)

Call Girls in Prashant Vihar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service

Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...

Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...

(INDIRA) Call Girl Pune Call Now 8250077686 Pune Escorts 24x7

Trump Diapers Over Dems t shirts Sweatshirt

Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort Service

Russian Call Girls in %(+971524965298 )# Call Girls in Dubai

VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...

20240508 QFM014 Elixir Reading List April 2024.pdf

Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...

Real Men Wear Diapers T Shirts sweatshirt

Yerawada ] Independent Escorts in Pune - Book 8005736733 Call Girls Available...

Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL

Microsoft Azure Arc Customer Deck Microsoft

Real Escorts in Al Nahda +971524965298 Dubai Escorts Service

valsad Escorts Service ☎️ 6378878445 ( Sakshi Sinha ) High Profile Call Girls...

Al Barsha Night Partner +0567686026 Call Girls Dubai

( Pune ) VIP Baner Call Girls 🎗️ 9352988975 Sizzling | Escorts | Girls Are Re...

"Boost Your Digital Presence: Partner with a Leading SEO Agency"

VIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 Booking

[Lithuania] DigiCerts and DigiID to Enterprise apps

1. DigiCerts and DigiID in Enterprise apps. So yesterday and so tomorrow. Martynas Savicka

2. Types of digital certificates: Certificate Authority (CA) certificates Server or client certificates Object signing certificates User certificates

3. Speed! Automation! Do more with less! Automation! Cost reduction! Automation! Increase performance! Automation! Innovation! Automation! Value! Business needs 2015, 2016, 2017… 2

4. Speed! Automation! Do more with less! Automation! Cost reduction! Automation! Increase performance! Automation! Innovation! Automation! InfoSec needs 2015, 2016, 2017… 2X Integrity Confidentiali ty Non repudiation Access control + Fight and pushback all this stuff 

5. Business processes @ applications

6. Digi ID & Digi Sign covers: Integrity [checked] Confidentiality [checked] Non-repudiation [checked]

7. Encryption costs close to nothing. Encrypt and let cavalierly rest. Goals? Sure. Compliance to: - standards - data classification requirements - data privacy

8. Any InfoSec will fall in love with end to end encrypted APP!

9. Data exchange is easy… until you hit into InfoSec (the one who thinks he is A Cavalierly) …

10. Digi Sign The document market. What market? ADOC [GGeDOC; GeDOC; BeDOC; CeDOC;] - Lithuania BDOC – current Estonian official format… DDOC - Legacy Estonian format EDOCs – current Latvian official format… PDF – this is just real simple pdf…

11. Containers ASiC Simple (ASiC-S). Single file object with either one signature file or one time assertion file. ASiC Extended (ASiC-E). Each signature is associated with all or part of the files in the container

12. What if I do not trust online DigiSign services? I really don’t!

13. Digi ID and Digi Sign hardware tokens advantages and disadvantages: Smart ID [Chip on smartcard] Mobile ID [SIM card] Token ID [USB token]

14. And what if we try to change the world? Once again.

15. Adopt it in Enterprise apps and give me some SECURITY AUTOMATION!

16. Thank You! Q/A‘s