Conference Talk at IT Summit by Heise 2025, togther with Alexander Schwarz
Regaining digital sovereignty using the example of digital identities
Digital identities are the key to digital sovereignty. Those who manage identities control access, data flows, and ultimately the rules of the game in the digital space. Using cloud services based in the USA, such as Entra ID or Okta, creates dependencies and risks for users and providers. Digital identities consolidate a variety of information about a person. Information such as usernames, email addresses, phone numbers, and permissions are shared with different applications as needed. Depending on the context, each identity has credentials such as passwords, multi-factor authentication, passkeys, recovery keys, and short-lived tokens. This presentation showcases various examples of how digital identities can be implemented and self-hosted for employees, customers, partner organizations, and citizens. Open standards like OpenID Connect and SAML, as well as open-source solutions like OpenLDAP and Keycloak, are utilized.