OpenID Foundation’s Shared Signals and Events working group is poised to address. For the unfamiliar, the OpenID Foundation is a non-profit organization that promotes open, interoperable standards with OpenID at its core, most notably the standardization of a simple identity layer on top of Oauth 2.0: OpenID Connect. The Shared Signals and Events working group lives within the OpenID Foundation and is comprised of industry leaders and innovators working to promote more open communication between systems. Shared Signals and Events standards like CAEP and RISC have the goal of enabling federated systems with well-defined mechanisms for sharing security events, state changes and other signals. This communication in turn simplifies interoperability and allows organizations to get closer to the Zero Trust ideal of continuously evaluating and enforcing security. In its first ratified standard, the Shared Signals and Events working group created an open standard through which multiple services can communicate by publishing or subscribing relevant event streams. The standard drastically simplifies communication between applications with security context. For example, a cloud application might subscribe to events from an endpoint detection and response solution to quickly remove access from infected systems. Alternatively, an IAM solution might publish a change of user context used by a SIEM tool to start an investigation. An example shown below demonstrates how a device or an application performs an HTTPS service request in step 1 can trigger an update to a change in state to a policy server in step 2. Further, a policy service can determine whether that change in state needs to be broadcasted to other subscribers (step 3). A subscriber to that event can process the information and determine if a remediation response (step 4) is needed.
By communicating across an open and interoperable standard, we can move to a world where risk is assessed and addressed in real time. Risk assessment need not be done after static intervals of time but can move at the speed of contextual changes.Therefore, we are excited to share that Cisco has joined the OpenID Foundation as a sustaining member, with the goal of contributing to the Shared Signals and Events ecosystem. “Given Cisco’s pivotal role in building networked systems that underpin the internet today, we are honored to have Cisco join the Board at this critical inflection point in identity standards development,” said Gail Hodges, Executive Director of the OpenID Foundation. “Cisco is a long-standing contributor to global standards, and we look forward to collaborating to meet this moment by crafting the path and scaling an approach that will serve society.” As a first step in our contribution to the open Shared Signals and Events ecosystem, we’ve published an open-source technical reference setting up the initial communication foundations. We hope that providing this reference will make it easier for developers and vendors alike to adopt more seamless communication mechanisms, with the eventual goal of enabling more robust and dynamic implementations of Zero Trust. In the same way that we believed the WebAuthn standard would underly the passwordless authentication revolution, we believe Shared Signals and Events will enable a sea change in security – moving from opaque and siloed environments to those empowered by openly shared signals. At Cisco, we see a path forward where we can simplify the administration and collection of risk signals around access while simultaneously removing security friction to make security easy for everyone. It’s a future with far fewer unnecessary, rote re-authentications or authorizations and far more precise reactions to increased risk. While it won’t be tomorrow, we believe that the OpenID Foundation and groups like the Shared Signals Working Group are on the right track to enabling a more secure future. We are excited to share in the journey and contribute to this compelling new approach to security.