Romain Lenglet

Software Engineer; Google
Romain is technical leader in application security management at Google Cloud, with a focus on federation security. His past work focused on the intersection of distributed systems, networking and security, and he architected large systems at YouTube, VMware, and Oracle Cloud. Romain holds a PhD in computer science from the Grenoble Institute of Technology and an MBA from Santa Clara University.

Romain's Session


Thursday, June 27
2:00 - 2:25 pm
Ballroom
Continuous Access Architecture
Continuous Access enables independent parties to control live user session properties. For example, with Continuous Access, a cloud-based CRM can restrict access to a user if their device is detected to have moved to an insecure geography while they are logged in. In the popular federated authentication model, authorization decisions are made only at login time. Modern endpoints, especially mobile devices have long-lived sessions during which those decisions cannot be re-evaluated. However, enterprises increasingly require that access to services be predicated not just on user authentication, but also on continuously evaluating policies that consider the accessing device and app as well as dynamic user privileges. The Continuous Access Architecture enables independent parties such as identity providers, endpoint management services, service providers or even VPN servers to share up-to-date information and authorization decisions about live user sessions. Using a publish and subscribe approach, the Continuous Access Protocol enables relying parties to react quickly to changes in user, device and app state and updated authorization decisions. The protocol is intended to become an open standard. The talk will explore protocol implementation alternatives and how the architecture can be easily adopted by diverse relying parties such as cloud services, enterprise apps and infrastructure components.

Enter your details to receive email updates from Identiverse