Mr. Hofman has been working in identity and access management projects since 2001, in various roles like project manager or lead architect. He published his experience in theory and practice of role-based access control in several magazines. Lately he got involved in security aspects of mashup corporations.

Mr. Hofman joined Capgemini in January 1990.

Presentation

Building the Trust Framework with Multi-Level Trust Models

Mashups are increasingly used for doing online business at a staggering rate and many exotic examples exist. Mashups however represent a different business model than the customary web site which results in various reasons why trust requires a specific approach. This presentation explains why Mashups require a multi-level trust model to cater for the differences in customer reliability, why Mashups need a definition of which identity and reputation attributes are required for establishing the customer's reliability and why Trust Brokers are needed to provide these attributes.

Audience:- Security architects, risk managers, architects

Key takeaways:-
1. Mashup corporations require a paradigm shift in risk management, both in thinking and acting
2. Within Mashups you don't have time to check all customer credentials. So trust and verify.
3. A Multilevel Trust Model as part of Jericho Principle

return to program