OUR
SPEAKER
Ben Ashley
Senior Developer
Ben is a .NET developer with 9 years of experience working in Federal government, State government and the private sector. He has a focus on application security and analytics, with a background in mathematics and statistical programming. Ben loves solving difficult problems and getting immersed in a complex business domain.
TALKS
OAuth2 and OIDC – Best Practices for Web Applications (45 mins)
This session is suitable for technical teams who are using or wish to use OpenID Connect to secure access to their web applications and want to conform to best practice in doing so. This is not a deep dive into the protocols themselves.
This session goes through the most common use-cases of securing web applications with OpenID Connect, examining how the unique requirements and threat models of each influence how to implement the standard.
Some questions addressed in this session are:
What’s the difference between OAuth2 and OpenID Connect?
What are the tokens involved in the protocol and what should I use each of them for?
What are some of the most common attacks and how can I defend against them?
OAuth2 and OIDC – Deep Dive (60 mins)
This session is suitable for technical or semi-technical teams who wish to know more about the details of how these two protocols (on which most of our interactions with the web are built) work.
This session goes through the conception of OAuth2, how it works in various contexts as well as what purpose each of its components serves, then explores how OpenID Connect has been built on top of OAuth2 to serve a specific purpose.
Some questions addressed in this session are:
What problem was OAuth2 developed to solve?
How do the parties involved in the protocol interact?
An Idiot's Guide to Large Language Models (45 mins)
You've heard of ChatGPT, Bing Chat, and their ilk. You've probably played with one or more of them. Perhaps you used it in lieu of a search engine, to draft emails, or even to write haiku. But, do you know what's going on behind the curtain?
This talk takes a humorous and informal ramble through the insides of a Large Language Model (LLM) without recourse to fancy maths or complicated algorithms. At the end of it you should have a conceptual view of how LLMs go from your prompt to a haiku about your dog. You should also have a better understanding of the strengths and weaknesses of these models, and what to watch out for when considering their use.
The audience for this talk need not have a technical background, and should be interested in how LLMs work, but likely have limited current understanding of this.
