register now
May 30 - June 2, 2023 | ARIA Resort & Casino, Las Vegas, NV
register now
Identiverse 2023 • Session
CAEP Deep Dive: Implementing Session Revocation and Authorization
Architecture, Standards, Engineering
Back to Main Agenda
Juniper 4
5:40 pm - 6:05 pm
Identity Standards Architect
Session Abstract: Zero trust architectures depend upon the ability to continuously evaluate access decisions. CAEP (Continuous Access Evaluation Profile), an open standard based on the OpenID Shard Signals Framework (SSF), enables signals between different vendor systems to communicate interoperably, so decisions can be made with the right data at the point of access. We'll take a deep dive into specific scenarios critical to zero-trust success: session revocation and dynamic authorization. Session revocation is critical due to the long-lived nature of federated login sessions; user access properties may change over time and need to be communicated to all services that the user is logged into. Dynamic authorization is critical because a user may need to get access to different resources (e.g., storage buckets) based on their tasks. We'll explain how streams are set up in SSF and how various CAEP events can flow, based on mutually shared users between transmitters and receivers.
Follow us on
identity everywhere
Stay informed on the latest event updates
Identiverse: The Identity Universe
hosted by CyberRisk Alliance
register now