Events
Seminar Title
ZEROTRUST ARCHITECTURE AND IDENTITY MANAGEMENT
Seminar Details
- Speaker(s): Dr. Mohamed Hamdi (PhD, habilitation) is the founding director of Elgazala Innovation Center.
- Event Agenda:
Session 1: (9:00-10:30)
- Zerotrust Vision: Setting the pillars of the multi-dimensional control place to enforce zerotrust.
- Computer Security Concepts
- Threats, Attacks, and Assets
- Security Functional Requirements
- Fundamental Security Design Principles
- Attack Surfaces and Attack Trees
- Computer Security Strategy
Session 2: (10:45-12:15)
- Technical Architecture: Elaborating the architectural design of the policy engine, policy administrator, and the policy enforcement point.
- Identity and Access Management (IAM)
- Zero Trust Network Access (ZTNA)
- Micro-segmentation
- Multi-factor Authentication (MFA)
- Continuous Monitoring and Analytics
- Policy Engine
- Data Protection Mechanisms
- Policy Enforcement Point
- Identity Governance: Establishing a framework of controls including additional authentication factors, terms of use, limited access, and other session semantics regulates access.
- Continuous Verification
- Least privilege access
- Context-aware access control
- Policy enforcement points
- Integrated/federated identity management systems
Session 3: (13:15-14:30)
- Micro-segmentation: Dynamically granting access to individual requests from a client, asset or service.
- Granular control
- Isolation of workloads
- Dynamic Policy Enforcement
- Integration with Identity and Access Management (IAM)
- Support for Cloud and Hybrid Environments
- Distributed Deployment: Designing gateway-based deployment, enclave-based deployment, and portal-based deployment.
- Decentralized Security Controls
- Zero Trust Network Access (ZTNA)
- Enhanced Security Posture
- Reducing lateral movement
- Application Shielding: Developing compartmentalized running environments on sensitive assets.
- Code obfuscation
- Anti-Tampering Mechanisms
- Runtime Application Self-Protection (RASP)
- Code encryption
- Integrity checking
Security of CI/CD pipelines
Speaker Biography
Dr. Mohamed Hamdi (PhD, habilitation) is the founding director of Elgazala Innovation Center where he leads the supervision of innovative startup projects. He co-authored more than 150 scientific publications published in international journals and conferences. He was the chair of the ‘Cloud security’ industry forum in the IEEE ICC’12 conference (Ottawa, Canada). He has also chaired and co-chaired international conferences and special issues in international conferences including the ‘Trust, Security, and Privacy’ symposium in the IEEE IWCMC 2012 conference and for the special issue on ‘Web Services in Multimedia Communication’ for the journal on Advances in Multimedia. He presented multiple tutorials and invited speeches in international conferences such as the GEOSS Forum (Globecom 2011). In addition, Dr. Hamdi has been invited at the ITU World Telecom conference to serve as a panellist in a forum on the security of social networks. He also passed prestigious professional certifications including the CISSP and the CISCO Security certifications. He is conducting research activities in the areas of cloud security and assurance, Internet of things, and security incident handling. Between 2001 and 2005, he worked for the National Digital Certification Agency (Tunisia) where he was the leader of the security risk management team.