Skip to main content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.


The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

Identity Management & Access Control in Multiclouds Workshop and Conference

IAN Cloud Meeting

Co-hosted with Tetrate

This one-and-a-half day conference will focus on identity management and access control in multi-clouds to mitigate insider threats and return control back to owners of applications and data. Emphasis will be placed on emerging concepts such as zero-trust architecture where gaining entry through a firewall or having an IP address does not provide additional privileges. The workshop will address attacks by implementing mutual TLS, secure service discovery, traffic encryption between services, and access control at the client, service, and data level through what is referred to as a “service mesh architecture.” Service mesh architectures originated to benefit the operational infrastructure of sophisticated cloud providers but are now becoming mainstream through the availability of tool sets and open-source SDKs that streamline and eliminate much of the complexity of their deployment. 

The conference program will feature experts on service mesh architectures, identity, and access control in the modern-day cloud architecture and address the following themes:

  • Mitigating insider threat
  • Service mesh use cases, tools, analysis, and deployment experience
  • Enforcing next-generation attribute-based access controls in the multi-cloud

Tutorials, demonstrations, and vendor displays will offer attendees the opportunity to gain insights into these emerging technologies and connect with tool and integration experts.

Entrepreneurs, students, and cybersecurity professionals in particular, are encouraged to attend!

    Register For the January 22nd Session

    Join a day early for hands-on sessions and lighting talks!

    January 22, 2019  8:30 am – 12.30 pm | The Basics of Istio & Envoy | Tetrate

    Click on the "Register" usa-button to opt in for the January 22nd Session

    During this workshop you will gain hands-on experience to understand how Envoy & Istio have changed the landscape of cloud native applications. This 4-hour training will demonstrate how and why to use these tools to solve the challenges of security, observability, networking, and multi-cloud. Topics include:

    • Traffic Management and Resilient Communication between Services
    • Policy Enforcement and Rate Limiting
    • Telemetry, Monitoring and Reporting
    • Securing Communication between Microservices
    • Canary Deployment


    1/22 (Workshop)—8:30AM-12:30PM

    1/23 (Conference, Day 1) –8:30AM-4:30PM

    1/24 (Conference, Day 2)—8:30AM- 12:30PM

    Agenda (Downloadable PDF)

    Preliminary Agenda

    DAY 1: Thursday, January 23, 2020

    7:30 am

    Registration and Networking and Continental Breakfast

    101/ Foyer

    8:30 am

    Welcome, Introduction and Administrative issues





    8:40 am

    Opening Keynote: Trusting Native Cloud Applications

          Varun Talwar, Co-founder and CEO, Tetrate                                                               


    9:10 am

    Zero Trust Architecture

          Scott Rose, NIST                                                               


    9:40 am

    Industry Perspective

          RSA Security


    10:10 am

    Coffee Break





    10:30 am

    Next Generation Access Control for ZTA and Multi-Cloud

          David Ferraiolo, Manager, Secure Systems and Applications Group, NIST


    11:00 am

    SP 800-204A – (DRAFT) Guidelines for Deploying Service Mesh for Securing Microservices-based Application Systems       

       Ramaswamy Chandramouli, NIST


    11:45 am

    Istio and Envoy

       Zack Butcher, Tetrate


    12:15 pm


    NIST Cafeteria




    1:15 pm

    How did the DoD move to Kubernetes and Istio

          Nicolas M. Chaillan, Chief Software Officer, Air Force and

          Co-Lead DoD Enterprise DevSecOps Initiative


    2:00 pm

    Demo 1: ABAC for Files and DBMS elements in Multi-Cloud

          Joshua Roberts, NIST

    Demo 2: Tetrate Q + Istio for Service-to-Service Access Control

           Ignasi Barrera, Tetrate


    2:45 pm

    Coffee Break


    3:30 pm

    Panel: Future of ICAM in the Cloud
     Moderator: Name, Organization
    CISO, Company 1
    CISO, Company 2
    CISO, Company 3


    4:15 pm

    Day 1 Closing Remarks and Adjourn











    DAY 2: Friday, January 24, 2020

    7:30 am

    Registration and Networking and Continental Breakfast

    101/ Foyer







    8:30 am

    Keynote: Visionary Perspective (title pending)

     Andre’ Mendes, Chief Information Officer (Acting), Department of Commerce                                                                 


    9:15 am

    Panel: Experiences – Early Adopters
    Moderator: Name, Organization

    CISO, Company 1
    CISO, Company 2
    CISO, Company 3                                                               


    10:00 am

    Coffee Break


    10:15 am

    Applying Systems Security Engineering Concepts to Implement More Effective and Efficient Security Solutions in Cloud-based Microservice Architectures       

    Dr. Ronald Ross, NIST Fellow


    10:45 am

    Cloud Smart, Application Rationalization, and ICAM (pending approval)       

    Stephen Naumann, Senior Advisor – Data Center Practitioner, GSA


    11:15 am

    Industry Perspective (title pending)

    Guido Appenzeller, Chief Product Officer, Yubico


    11:45 pm

    Day 2 Closing Remarks and Adjourn


    12:00 pm





    Courtyard Gaithersburg Washingtonian Center

    204 Boardwalk Place Gaithersburg, Maryland 20878

    Book by: 01/01/20 Book Now >>>

    Rate available: 01/21/2020 to 01/25/2020

    *Visitor Access Requirement:

    For Non-US Citizens:  Please have your valid passport for photo identification.

    For US Permanent Residents: Please have your green card for photo identification.

    For US Citizens: Please have your state-issued driver's license. Regarding Real-ID requirements, all states are in compliance or have an extension through October 2020.

    NIST also accepts other forms of federally issued identification in lieu of a state-issued driver's license, such as a valid passport, passport card, DOD's Common Access Card (CAC), Veterans ID, Federal Agency HSPD-12 IDs, Military Dependents ID, Transportation Workers Identification Credential (TWIC), and TSA Trusted Traveler ID. 

    Created October 22, 2019, Updated December 9, 2019