Upload
ravi-venkat
View
220
Download
0
Embed Size (px)
Citation preview
7/31/2019 Opportunity in Identity Crisis
1/14
DNA for Identity Crisis
A Challenge to build a globally sustainableconcurrent solution!!
to todays
Most nagging Problem!!
7/31/2019 Opportunity in Identity Crisis
2/14
The Challenge & the opportunity
Bigger than the BigData!!
Yes with the advent of Online Social Media and ElectronicCommerce.
Identity theft is Posing a significant threat to Individuals,Corporates, and all kinds of Organizations alike. It remains to bethe major nuance to be tackled with buzz words like phishing
Would you laugh if I suggest we all should be logging in to webbased portals, services without a password is this possible ??
feasible!!
7/31/2019 Opportunity in Identity Crisis
3/14
Look at a few Scenarios how some reputed
!!address!! the issue
Social Media : Twitter Guess most of them would recognize and understand the meaning of
the Tick encircled in blue embedded on some of the users.
E-Commerce trade facilitation : E-bay , AlibabaCredibility , transparency of practices followed for accredited
Sellers / Buyers. Proprietary procedures and not open for public.
Banks and certain E-commerce portals tackling phishing Those using online banking services and electronic shopping
would notice the procedure or the sequence of steps required to
authenticate and transact online e.g.: HDFC , Axis (only for analogy
sake).
7/31/2019 Opportunity in Identity Crisis
4/14
7/31/2019 Opportunity in Identity Crisis
5/14
How to address tackle these issues with available
frame-works and technologies Back to Basics
Challenge 1 : Electronic -Identity-Impersonation
Authorization into web-services Leveraging upon
digital-certificate, PKI , Cryptography.
Challenge 2 : Phishing
Leverage embeddable plugins in web-browsers,
email-clients built to take advantage of a simplequery against a UDDI (Universal Description
Discovery and Integration)
Interesting and exciting isnt it !!
7/31/2019 Opportunity in Identity Crisis
6/14
Challenge 1Problem :
Authentication into a web based service, is usually based on a user-name and password ... tackling
this with PKI and Digital Certificates.
It is being assumed the audience has a basic understanding of PKI, Digital Certificate, Cryptography. It is
advised to have a good understanding of CA (Certification Authorities) and PGP( Pretty Good Privacy)
Proposed Solution :
What if : The username is mapped to a public-key or public-certificate ?? Or if the public-key or the
public-certificate serves the purpose of the username ??
Advantages . all the way whether on chooses to map / use a public-key or a public-certificate in lieu
of / username result flexibility for Authentication , Authorization , Encryption/ Decryption , SSON
(Single Sign on .Oauth)
What am I talking about : Building A web based service that serves as an IDM (Identity Management )
repository for some or all of the above purposes , viz. a publicly
accessible directory and Lookup-service (In lay mans term digital
Yellow Pages )
Jig saw Puzzle : Yep there are more crumbs / building blocks that make the solution
interesting and scope for high commercial viability.
7/31/2019 Opportunity in Identity Crisis
7/14
Building a effective and viable solutionChallenges : where should the private-key / decryption key sit ?? , what is the
role of digital certificates and Certification Authorities.
What part of information should be publicly accessible and what part
should be private/restricted/fore-bidden from public-access childish
to discuss bring up isnt!!
what if embeddable into your browser (Locked into your laptop / PC) for
authentication into your favorite URL.voila !! .well most of your digitalcertificates currently operate on these lines then what is new!!
what if the private-key sits in the USB device portable carry anywhere
authenticate, authorize, encrypt /decrypt on, any public, private or shared
systems with confidence.
A discussion of the Classic example of the : SSL X.509 , Digital Certificates
Certification Authorities the chain of trust!! decouple the private-keys from digital
certificates leverage the chain of trust .make available/possible a online repository
.either a digital-certificate with public-key or just a public-key .OO use-case modeled
Solution for leveraging the opportunity and the infrastructure being built.
7/31/2019 Opportunity in Identity Crisis
8/14
Building a effective and viable solution
continued
Understand : How Digital Certificates are currently handled,Various algorithms used in the context of Security , Secure communications
underlying mechanics eg : RSA , Microsoft Digest etc
While I wouldnt like to delve in to the mechanics of various algorithms
their advantages or dis-advantages ??
I would like to draw attention to the following viz. UDDI , Dynamic DNS and the short URLs
(the links that appear Viz. made popular by) in the twitter feeds , a cookie and the
challenge (say as in the digest method), the JVM (java virtual machine)
A potent and potential solution : what if the user-id is just a kind of URL that resolvesback to your host / computer Reverse-engineer the UDDI offering the context in
which you can run JVM / ACTIVEX enable code-lets how are the majority of the digital
certificates purchased used for .where do they reside and what are they being used for!!
7/31/2019 Opportunity in Identity Crisis
9/14
Scope role potential of Bio-MetricsRecall Biometric authentication devices , the finger-print scanners
what if your thumb impression is your private-key or a sub-set of
the key that makes up the private-key I believe the sum of the process
that makes up a RSA finger print gathering, for an analogy.
the key-challenge what would constitute a public-key , how would you
generate one
generation private-keys with deciphering algorithm/logic a
combination of raster-graphics, vector-graphics, fractals what not
to leverage upon rather not go into the details of leveraging Biometrics
with several leading industry players in the market, with aready off the shelf, solution.
hey by the way anybody remember/ recall USB drives that come with
embedded finger print scanner that let you access to data only when
guess not!!
7/31/2019 Opportunity in Identity Crisis
10/14
Solution Modeling
Infrastructure Building Blocks
With most of the technology stack and buildingblocks discussed!!
I believe this is the right place to kickstart a dialogue set in motion a
discussion to gather right feedback on
the building blocks and also the road
blocks in solving the jigsaw puzzle.
7/31/2019 Opportunity in Identity Crisis
11/14
A Big Thank You!!Where do we stand , an opportunity or challenge .
I would like to sincerely thank everyone
for providing this opportunity topresent a valuable paper before the right audience.
you can reach me at
http://in.linkedin.com/pub/venkat-ravi-shanker/5/6b8/619
mailto:[email protected]://in.linkedin.com/pub/venkat-ravi-shanker/5/6b8/619http://in.linkedin.com/pub/venkat-ravi-shanker/5/6b8/619http://in.linkedin.com/pub/venkat-ravi-shanker/5/6b8/619http://in.linkedin.com/pub/venkat-ravi-shanker/5/6b8/619http://in.linkedin.com/pub/venkat-ravi-shanker/5/6b8/619http://in.linkedin.com/pub/venkat-ravi-shanker/5/6b8/619http://in.linkedin.com/pub/venkat-ravi-shanker/5/6b8/619http://in.linkedin.com/pub/venkat-ravi-shanker/5/6b8/619mailto:[email protected]7/31/2019 Opportunity in Identity Crisis
12/14
The un-disclosed AgendaAs with an researcher or opportunist , I too aim to profit from this papermodalities to be worked out.
With CAs already functioning I want to build a viable commercial market opportunity where multiple IDM serviceproviders can compete and render services to customers would love to have the DNS kind of model
to be leveraged for the IDM service rendering.
power and potential ...
...embedded a digital signature / certificate ...with DNA ...VALIDATION scanner on your
...credit-debit swipe cards ...that come with there own scanner and validation embedded
device !!
........enter into the world of digital commerce and POS commerce with confidence.
Ability to develop micro-devices for consumer market place that canleverage the IDM service model for authenticating, validation end-user devices (replace magnetic strip-devices, haveelectronic-chips embedded with IDM validated certificates with explorable potential of BIOmetric) to thePOS(point of sale) terminal a win-win opportunity for the consumer and merchants and merchandisers ..toleverage the IDM .
It is obivious for any kind of successful solution building it is important that all actors part of proposed solution
participate actively, hence solicitating sponsorship and geniune interest from the industry
Ravi Shanker KVvenkat ravi shanker k
00919848226880
Respect Intellectual Property
7/31/2019 Opportunity in Identity Crisis
13/14
The Myth of Shortned Url!! 3 factor
authenticationWell all have been using [email protected] as a communication / identification means .in the contextof IDM i would be looking for the IDM providers providing one with a similar or for the matterdont mind making this a legible practice viz. When someone tries to identify one-self with say forinstance [email protected] the service provider in this instance idmservice vouchs forthe identity of the individual for the web service, while at the same time if the web-servicerequests a authentication the idmservice provider intiates a validation with the registered deviceof the identity viz. say [email protected] validatedgeneratesa valid .which enables the end-user with the , say [email protected] can do / have a session with the web-service provider??
Insurance .
Advantage : some-body is taking the onus that your serviceweb-service for instance for guaranting you a valid user isauthenticating into your service ?? .get insured against identityimpersonation .digital identity etc ??
Envisage doing a transaction at POS terminal . Or your
mobiledevice embedded with a appletfrom bank-provider,authenticating into the pos terminal inlieu of
mailto:[email protected]:[email protected]:[email protected]:[email protected]:[email protected]:[email protected]:[email protected]:[email protected]:[email protected]:[email protected]:[email protected]:[email protected]:[email protected]:[email protected]:[email protected]7/31/2019 Opportunity in Identity Crisis
14/14
Where to reach me
Ravi Shanker KV
8-3-976/41, viswasanti,
Shalivahan nagar,
Srinagar colony, hyderabad
India 500073.
mailto:[email protected]:[email protected]