October 31 - November 1 - Co-Located Events
October 28-30 - Conference
Lyon Convention Centre - Lyon, France
More information for Open Source Summit + Embedded Linux Conference Europe 2019
Back To Schedule
Wednesday, October 30 • 16:15 - 16:50
Decentralizing OAuth2.0 for a Post-GDPR World - Mehdi Medjaoui, Progressive Identity

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
In the classic OAuth 2.0 flows, the authorization server and the resource server are behind the same firewall, giving full power and control about sharing capabilities to the Identity Provider (i.e. Facebook, Amazon, Google etc...).

Because of new regulations about data portability (GDPR in Europe and CCPA in California), now every user is able to ask a full export of its data to be stored anywhere, breaking Identity Provider monopoly and control. In that context, users can now own fully a copy of their data and share it to whom they want. To really decentralize data from permissions, make users in control and companies GDPR compliant, you need now to update OAuth2.0 dance into a stateless flow and tokenize the GDPR permission contract.

In this talk, Mehdi will explain how you can use open source technologies to automate GDPR requests for your users to export 3rd-party data in your system and tokenize your GDPR contract using ALIAS protocol (based on OAuth2.0)

avatar for Mehdi Medjaoui

Mehdi Medjaoui

CEO, Progressive Identity
Mehdi is the founder and CEO of Progressive Identity, creator of the ALIAS protocol and author of O'Reilly Book "Continuous API management".As part-time, Mehdi is Horizon 2020 European Commission Expert on Open data/Open APIs and teaches IT for business and entrepreneurship in the... Read More →

Wednesday October 30, 2019 16:15 - 16:50
Tête d'Or 2