Architecture, Perf. & Sec.Conference50min
An Introduction to the OpenID Shared Signals Framework
This talk presents the Shared Signals Framework (SSF) and related standards like CAEP and RISC, which enable secure, real-time exchange of security signals between identity providers and relying parties. It highlights how integrating SSF with Keycloak enhances threat detection, mitigation, and operational efficiency in modern identity ecosystems.
talk.summaryAiDisclaimer
Thomas DarimontIdentity Tailor GmbH
As security threats become more sophisticated, the need for efficient, real-time communication between identity providers and relying parties is essential. The Shared Signals Framework (SSF) and related specifications such as CAEP and RISC address this challenge by providing a standardised way for systems to exchange security related signals, such as session revocations, credential breaches, and other identity-related incidents, in a secure and scalable manner. This talk introduces the Shared Signals Framework and explains how it enhances security and operational efficiency in modern identity ecosystems. We'll explore how SSF can be supported in Keycloak to enable real-time event-driven communication between providers and relying parties. Attendees will learn how Keycloak can help to detect and mitigate threats, and improve overall system security with SSF.
Thomas Darimont
Thomas Darimont is a Digital Identity Consultant and Managing Director at Identity Tailor GmbH. As a long-time contributor to the Keycloak project for almost a decade, Thomas became the first external maintainer outside RedHat in 2022. He is also a member of the OpenID Foundation's Certification team, where he helps to maintain the OpenID Conformance Test Suite. In addition to consulting, Thomas actively contributes to open source projects within the Keycloak ecosystem. With a background as a software architect and IT consultant, he speaks frequently at conferences on Java, WebAssembly, Web Security, and performance.