Subhodeep Ghosh

Lead Specialist; KPMG LLP
Subhodeep is a Lead Specialist in KPMG’s Cyber Security Services practice with 14 years of experience in designing and developing Identity and Access Management (IAM) solutions for the banking and financial services industries. He specializes in Identity and Access Management (IAM), Cryptography, 2-Factor authentication, Single Sign-On, and Identity Federation.

Subhodeep's Session


Tuesday, June 25
9:15 - 10:05 am
Monroe
KPMG Presents: API Integration with OAuth and Traditional Web Session Management
Web applications have moved on from a traditional web protection and authorization model. Modern web applications present a few challenges for authentication that are difficult to solve using conventional methods. Modern web applications often deploy in an AJAX / Single Page Application (SPA) model and leverage a complex combination of microservices APIs and standard web URL calls. The integration of traditional web sessions with OAuth tokens introduces a number of functional disconnects with respect to centralized session management, OAuth JWT token management, error handling, logout handling, and cross-origin resource sharing (CORS). This session will delve into the functional models and demonstrate some of the common failures that can arise. With examples using PingFederate and PingAccess, KPMG will provide some leading practices for the creation and integration of modern web application components into a secure infrastructure.

Enter your details to receive email updates from Identiverse