Skip to main content
#wsgarr 

Marco Basili

Ente: IPZS (Istituto Poligrafico e Zecca dello Stato)
Data intervento: 4 novembre

Biografia

Specialista in innovazione presso l’Istituto Poligrafico e Zecca dello Stato, dove si occupa di analisi e progettazione di soluzioni digitali e protocolli di sicurezza per l’identità digitale. Dopo la laurea in Ingegneria Meccanica presso l’Università Sapienza di Roma, ha maturato cinque anni di esperienza nella gestione di progetti informatici per la pubblica amministrazione.

Biografia

Specialista in innovazione presso l’Istituto Poligrafico e Zecca dello Stato, dove si occupa di analisi e progettazione di soluzioni digitali e protocolli di sicurezza per l’identità digitale. Dopo la laurea in Ingegneria Meccanica presso l’Università Sapienza di Roma, ha maturato cinque anni di esperienza nella gestione di progetti informatici per la pubblica amministrazione.

Abstract

Monitoring e compliance in OpenID Federation: da CIE a EUDI Wallet

Dal 2023 OpenID Federation è in esercizio come framework di trust per la Federazione CIE (Carta d'Identità Elettronica) in Italia. L'esperienza operativa ha permesso di sperimentare con successo le potenzialità di questo framework, che ha colmato i gap dei sistemi tradizionali negli aspetti di trust management, ponendo l'Italia tra i paesi pionieri sul tema.

Presentazioni

  • DOCUMENTO

Video

VIDEO uk-video uk-responsive

english Bio

Innovation Specialist at the Italian State Mint and Polygraphic Institute, where he deals with analysis and design of digital solutions and security protocols for digital identity. After graduating in Mechanical Engineering from Sapienza University of Rome, he gained 5 years of experience managing IT projects for the public administration.
He is currently involved in drafting the technical specifications of the IT-Wallet, collaborating with institutional and technical stakeholders.

english Abstract

Monitoring and Compliance in OpenID Federation: from CIE to EUDI Wallet

Since 2023, OpenID Federation has been in production as a trust framework for the CIE Federation (Electronic Identity Card) in Italy. The operational experience enabled the successful testing of this framework's capabilities, which addressed the gaps in traditional systems' trust management aspects, positioning Italy among the pioneering countries in this field.
Starting from the basic principles of Federation, we will analyze how continuous compliance monitoring represents both a critical challenge and a paradigm shift compared to traditional federations. In traditional federations, compliance verification typically happens only during initial registration, but what happens when an entity is no longer compliant due to deprecated algorithms, regressions, or vulnerabilities? OpenID Federation, thanks to its architecture based on REST APIs and native mechanisms for automatic and dynamic validation, enables the Trust Anchor to continuously verify the configurations of federated entities and take action in a precise and timely manner. The flexible, decentralized, and hierarchical approach of OpenID Federation guarantees, on one side, a high degree of autonomy in the management of technical components and, on the other side, allows integration tools that offer governance actors real-time visibility on the health status of the federation and allow detailed audit of entities' lifecycle, transforming trust from static to dynamic.
The evolution towards the European Wallet (EUDI Wallet) amplifies this need as this new model introduces greater complexity in terms of use cases and cross-border interoperability. In such a scenario, the native monitoring capabilities of OpenID Federation become crucial to guarantee security and manageability at a large scale.

Organised by
Sponsor
Maticmind
Leviton
Logo GARR

GARR Workshop


Contacts


  • This email address is being protected from spambots. You need JavaScript enabled to view it.