Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Architectural Layers for Security
1. Security & Identity and Interoperability
Facilitators:
Steve Plank
Cliff Evans
Presenter:
Michael Paulson, Avanade
Team:
Keith Straughan, UCMK
Mike Jolliffe, Equiniti
Chris Franklin, HMRC
Rupert Brown, Bank of America
Simon Cox, University of Southampton
In relation to one of these areas:
What does interoperability mean in this area?
What are the challenges/opportunities?
What does interop have to deliver?
2. Security is
“Enabling entities to interact by providing a control framework
that delivers confidentiality, integrity and availability”
Identity is
A set of claims made by one subject about another subject
3. Architectural Layers
Layers Interoperability characteristics
Business Examples: Risk Management:
• Consistent view of the “role” of participants and entities”
•C2B
•B2B
• “non-repudiation”
• Regulatory Compliance
•“Secure” Payments
Application •Context between entities
• Sometimes you want privacy
• The notion of “wrappers”
• Standards
• WS-Security
Infrastructure/ • STANDARDS!
Technology • X.509
• Kerberos
• PayPal
• Consistency:
•AuthN
• AuthZ
• Encryption