Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Hackference India 2018 | Modern Identity

Mehul Patel
December 15, 2018
Technology
0
93

Hackference India 2018 | Modern Identity

Modern identity is a lot more than just the login screen. In this talk, the audience learned about the different concepts that make up a modern identity.

Google slides: https://bit.ly/2UNyyag
Link of conference: https://hackference.in/about
Repo: https://github.com/rowdymehul/Hackference-India-2018

Mehul Patel

December 15, 2018
Tweet

More Decks by Mehul Patel

See All by Mehul Patel
Git-crypt: A tool to Secure your Secrets
rowdymehul
0
140
First look - Containers & Docker
rowdymehul
0
78
Web Security with Auth0
rowdymehul
0
110
Rust Techie-talks at gnuNify 2018
rowdymehul
2
610
Know your Identity with Auth0
rowdymehul
1
88
Why is Privacy Important?
rowdymehul
0
99
Let's play with Rust - BITS Pilani, Goa
rowdymehul
1
160
Let's play with Rust - GIRLSCRIPT SUMMIT 2017
rowdymehul
2
390
Linux is my bae! Best to Learn & Grow.
rowdymehul
0
47

Other Decks in Technology

See All in Technology
GraphQL 成熟度モデルの紹介と、プロダクトに当てはめた事例 / GraphQL maturity model
mh4gf
7
1.3k
プロトタイピングによる不確実性の低減 / Reducing Uncertainty through Prototyping
ohbarye
5
370
Next'24 事例セッションの紹介とクラウド資格を活用したキャリア形成について語りMuscle
yasumuusan
1
430
生産性向上チームの紹介
cybozuinsideout
PRO
1
850
Databricks における 『MLOps』
databricksjapan
2
160
Azure Container Apps + Bicep 〜 こんな感じで運用しています
kaz29
2
420
よく聞くけど使ったことないソフトウェアNo.1 KafkaとSnowflake
foursue
4
330
開発生産性大幅アップ!Postman VS Code拡張機能
nagix
2
360
Meta Quest 3 で動く桜マシマシ WebXR アプリを IBM Cloud Code Engine と Babylon.js で作った話
1ftseabass
PRO
0
120
本当のAWS基礎
toru_kubota
0
440
SIEMを用いて、セキュリティログ分析の可視化と分析を実現し、PDCAサイクルを回してみた
coconala_engineer
0
270
自己改善からチームを動かす! 「セルフエンジニアリングマネージャー」のすゝめ
shoota
4
120

Featured

See All Featured
Cheating the UX When There Is Nothing More to Optimize - PixelPioneers
stephaniewalter
273
13k
Fight the Zombie Pattern Library - RWD Summit 2016
marcelosomers
226
16k
Designing for Performance
lara
601
67k
How to Ace a Technical Interview
jacobian
272
22k
4 Signs Your Business is Dying
shpigford
175
21k
Design by the Numbers
sachag
274
18k
The Straight Up "How To Draw Better" Workshop
denniskardys
227
130k
The Illustrated Children's Guide to Kubernetes
chrisshort
30
46k
No one is an island. Learnings from fostering a developers community.
thoeni
15
2.1k
How to train your dragon (web standard)
notwaldorf
72
5.2k
Infographics Made Easy
chrislema
238
18k
Templates, Plugins, & Blocks: Oh My! Creating the theme that thinks of everything
marktimemedia
18
1.7k

Transcript

  1. By Mehul Patel, @rowdymehul Modern Identity Inspired by : @KukicAdo

  2. Mehul Patel Engineer at Zimbra Mentor at Mozilla Reps Auth0

    Ambassador, Auth0 Inc Rust Mobilizer Co-founder of IDF Twitter : @rowdymehul [email protected] About Me

  3. • Exposing Sensitive Data • Broken Authentication • Security Misconfiguration

    • Injection Vulnerability Common Web Security Vulnerabilities

  4. What is Identity ?

  5. What is Identity ? Authentication of an individual

  6. What is Modern Identity ? • Authentication - The way

    you login • Authorization - Right access to Right People at Right Time • Security - Protecting data in motion and at rest • Personalization - Tailored user experience

  7. Authentication ➔ Traditional Username and Password ➔ Social login via

    Facebook,Twitter, Google , etc. ➔ Enterprise Federation and Single Sign On ➔ Passwordless

  8. Traditional Username and Password • Most Common • Easy to

    Implement • Least Secure

  9. Social Login • Common • Medium Difficulty • More secure

  10. Single Sign On • Most Common in Enterprise • Difficult

    to Implement • Solve Authorization use cases

  11. Passwordless • Rare / Upcoming • Easy to Implement •

    Very secure

  12. Authorization ➔ Ensure the user has the right access at

    the right time ➔ Grant, Change and Revoke access

  13. Security Biggest concern for our valuable data

  14. Password • Complexity • Storage • Security

  15. Multi Factor Authentication • Something you know, Something you have

    , Something you are Brute Force Protection • Prevent repeated failed login attempts • Alert user and validate identity Anomaly Detection • Proactively protect users • Alert user of suspicious activity • Breached password detection

  16. Personalization ➔ Give a personal touch to each user ➔

    Make Data work for you ➔ Enhanced Analytics

  17. Auth0 Identity as a Service • Modern Identity in 10

    minutes • Free Tier ( 7000 Monthly Active users ) • Team of Security Expert

  18. Visit auth0.com

  19. None
  20. None
  21. None
  22. None
  23. None

  24. Explore... auth0.com/docs

  25. Questions ? Available on GitHub, Telegram & Twitter : @rowdymehul

  26. None