Technical Leader; Google, LLC
Atul is federated identity pioneer. As co-founder and CEO of Trustgenix, Inc., he helped define open standards such as the Liberty Alliance and SAML 2.0. Trustgenix defined the federation server, a concept that was later adopted by almost all technology vendors. Trustgenix was acquired by HP, where Atul continued as a Director of Federation. He was most recently the Identity Architect at MobileIron, Inc. He now provides technical leadership in Google Cloud Identity with a focus on Endpoint Management.
Thursday, June 27
2:00 - 2:25 pm Ballroom
Continuous Access Architecture Continuous Access enables independent parties to control live user session properties. For example, with Continuous Access, a cloud-based CRM can restrict access to a user if their device is detected to have moved to an insecure geography while they are logged in.
In the popular federated authentication model, authorization decisions are made only at login time. Modern endpoints, especially mobile devices have long-lived sessions during which those decisions cannot be re-evaluated. However, enterprises increasingly require that access to services be predicated not just on user authentication, but also on continuously evaluating policies that consider the accessing device and app as well as dynamic user privileges.
The Continuous Access Architecture enables independent parties such as identity providers, endpoint management services, service providers or even VPN servers to share up-to-date information and authorization decisions about live user sessions. Using a publish and subscribe approach, the Continuous Access Protocol enables relying parties to react quickly to changes in user, device and app state and updated authorization decisions. The protocol is intended to become an open standard. The talk will explore protocol implementation alternatives and how the architecture can be easily adopted by diverse relying parties such as cloud services, enterprise apps and infrastructure components.
Enter your details to receive email updates from Identiverse