Who Are You? Identity, Authorization, and AI Agents in OSS Security FOSSASIA Summit 2026

FOSSASIA Summit 2026 Sunday, 8 March, 2026 9:00 AM (Asia/Bangkok) To Tuesday, 10 March, 2026 7:30 PM (Asia/Bangkok)

Info Featured Schedule Speakers Exhibition

Who Are You? Identity, Authorization, and AI Agents in OSS SecurityAt FOSSAsia 2021 I spoke about the critical need for robust security in open-source applications, laying the foundation for community-wide awareness of secure development practices. At FOSSAsia 2025 I advanced that conversation with a deep dive into identity and authorization for cloud-native open-source projects, focusing on password-less authentication, fine-grained authorization, and practical demos with Keycloak.Now, in 2026, the landscape has shifted again. The rise of AI agents and model-driven workflows has introduced new identity surfaces, authorization challenges, and privacy risks. This talk extends the IAM conversation into the age of autonomous agents and the Model Context Protocol (MCP). We will examine how agents and models acting on behalf of users, organizations, or other agents complicate traditional notions of identity, trust, and authorization, and we will map those risks to operational control plane patterns.Key themes include:<ul><li>Agent identity and trust: how do we authenticate and authorize autonomous agents, and what does "Who are you?" mean when the actor is non-human?</li><li>The death of the static API key: why long-lived secrets are a fatal threat to agentic workflows and how to phase them out.</li><li>Keycloak in action (demo): a consolidated, hands-on demonstration using Keycloak, a CNCF incubating project, to implement agent-focused IAM patterns, including:</li><ul><li>issuing just-in-time, least-privilege tokens via token exchange (RFC 8693) to minimize blast radius;</li><li>enforcing context-aware policies (attribute-based and time-based) to limit agent actions by runtime context;</li><li>binding tokens to agent cryptographic keys using proof-of-possession (DPoP) to mitigate token theft and replay.</li></ul><li>Protocol extensions and standards: applying and adapting OAuth 2.0, OpenID Connect, etc. to agent-to-agent and MCP interactions.</li><li>Threat modeling for AI agents and MCPs: prompt injection, agent impersonation, supply-chain and model poisoning, and practical mitigations.</li><li>Privacy and compliance: ensuring agent-driven workflows respect GDPR, data minimization, and privacy-preserving techniques.</li></ul>By combining IAM best practices, MCP security patterns, and an open-source demo, this session will give developers and security engineers a practical, standards-based playbook for building trustworthy, least-privilege, and privacy-preserving systems in the era of AI agents.