Part 3: Architecture, Standards and Deployments
Welcome to Identiverse® 2020–new virtual format, same breadth and depth of high-quality content! To help you navigate the Identiverse Virtual agenda with ease, we’re continuing our blog series leading up to the start of Identiverse. The series will focus on particular topics and themes that will be covered during our virtual conference weeks and showcasing presentations that are especially relevant to those themes. Keep in mind, these blogs aren’t intended to be exhaustive lists, so remember to check out the full agenda as you build your schedule for the coming weeks!
The standards we rely on, and the systems architectures we design, form the firm foundations upon which we deploy safe, secure, reliable, scalable and interoperable identity solutions. Staying abreast of the wealth of new technologies and techniques as they arise—and understanding what’s ready to deploy now and what just needs a watching brief—is no easy task.
As you navigate the agenda this year, note that architecture and deployment are grouped as one major topic, with standards standing by itself this year. Remember to check both of them to make sure you get a complete view.
The standards landscape has been evolving at its usual rapid but sporadic pace. Standards that were freshly minted last year have seen consolidation and adoption this year. New standards are emerging, and some protocols that we’ve heard less about recently are suddenly becoming important again as we seek to solve new problems.
FIDO and WebAuthn are definitely in the consolidation phase. We have several talks covering lessons learned from larger-scale deployments—as an example, check out David Taku and Derek Hanson’s “Is FIDO the key to a passwordless future? Three strategies for success,” as well Andrew Shikiar’s update on the standards effort itself in his session “The State of FIDO Authentication.” We’ll also be looking at strong authentication more broadly—JP Rowan explores whether our obsession with factors is impeding our adoption of strong authentication in “Has Thinking in Factors Held Us Back from Achieving Strong Authentication?”, and Kelly Robinson looks at some of the practicalities of account recovery at consumer scale with “Designing Customer Account Recovery in a 2FA World.” We’ll also host a panel discussion on the challenges of large-scale MFA deployments.
Decentralized identity technologies—including Blockchain and other distributed ledger solutions, and self-sovereign identity approaches—is another area where we’re seeing more practical experimentation this year. Among other things, we’ll look at some real-world lessons learned in Bjorn Hamel’s “POC to Production—Launching an SSI Platform,” explore some questions about scalability and resilience in Paul Madsen’s “Scalable Decentralized Identity,” and investigate new approaches to achieving more autonomous control over our identity data in Nat Sakimura and Preeti Rastogi’s “Distributed Open Identity: Self-sovereign OpenID: a status report”.