Loading…
25-27, August 2025
Amsterdam, Netherlands
View More Details & Registration
Note: The schedule is subject to change.

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for Open Source Summit Europe 2025 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

This schedule is automatically displayed in Central European Summer Time, CEST (UTC +2). To see the schedule in your preferred timezone, please select from the drop-down menu to the right. 

IMPORTANT NOTE: Timing of sessions and room locations are subject to change.
← Back to schedule
Confirming Safety of IAM Specifications and Their OSS Implementations: Keycloak as a Case Study - Takashi Norimatsu, Hitachi, Ltd.
Monday August 25, 2025 15:35 - 16:15 CEST
G106
To securely deploy an identity and access management product implementing authentication & authorisation specifications like OpenID Connect 1.0 and OAuth 2.0 respectively, we need to ensure that the specifications are safe, the product correctly implements the specifications, and the product does not contain any vulnerabilities specific to the specifications. Methods for checking these points are formal analysis, conformance testing, and vulnerability testing, respectively. However, developers are not usually familiar with them. Based on the speaker’s investigation on academic research, the speaker describes them in a straightforward way.

The speaker is a maintainer of Keycloak, identity and access management open source software, CNCF incubating project. Therefore, the speaker will use Keycloak as a case study and explain how the specifications that Keycloak implements are verified to be secure and how Keycloak is verified to be compliant with the specifications.

The audience could gain insight into how to ensure that the identity and access management product they use or develop is secure.
Speakers
avatar for Takashi Norimatsu

Takashi Norimatsu

OSS Specialist, Hitachi, Ltd.
Takashi Norimatsu, Doctor of Philosophy (PhD) in Engineering, Senior OSS Specialist, Hitachi, Ltd. is a maintainer of Keycloak, IAM OSS and CNCF project. He has been implemented and contributed security features like Financial-grade API (FAPI) security profiles, W3C WebAuthn/Passkey... Read More →
Monday August 25, 2025 15:35 - 16:15 CEST
G106
  Standards & Specifications

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Tweet Share
Need help? View Support Guides
Event questions? Contact Event Planner
©2025 Sched About Privacy Terms
Share Modal

Share this link via

Or copy link