Eleanor McHugh, profile picture
Uploaded byEleanor McHugh
488 views

Anonymity, trust, accountability

The document discusses the quest for a global digital identity system that is secure, embraces anonymity, and can scale to global needs while adhering to common law principles. It critiques current identity solutions and proposes a unidirectional data-flow architecture to enhance security and reduce points of vulnerability. The document also outlines managing identities through immutable profiles, anchored documents, and a fine-chained distributed ledger for transaction tracking.

Embed presentation

Download to read offline
ANONYMITY, TRUST, ACCOUNTABILITY Romek Szczesniak Eleanor McHugh
Cryptographer PKI & AppSec Physicist System Architecture 1998 InterClear CA 2003 ENUM 2006 Telnic 2011 Malta E-ID 2012 HSBC GC 2014 YOTI
DIGITAL IDENTITY - THE GRAIL QUEST ➤ can we create a global identity system that: ➤ nobody owns ➤ cannot be subverted ➤ works on desktop, mobile & IoT ➤ embraces anonymity rather than pseudonymity ➤ anchors to real-world identity documents ➤ embraces UK common law ➤ scales to global needs ➤ transacts in < 500ms
CURRENT SOLUTIONS ➤ PKI ➤ SSO ➤ OpenID ➤ IAM ➤ passwords ➤ biometrics
COMMON LAW CONTRACTS & TRANSACTIONS ➤ at least one party makes an offer ➤ all parties must then reach mutual assent ➤ and have an intention to create legal relations ➤ an exchange of sufficient consideration must then occur ➤ identification of the parties is implicit ➤ and my be put to the test in court
MOBILE DEVICES SEEM RESTRICTED
BUT THEY CAN BE ANCHORED TO A TRUSTED SERVER
A NAIVE APPROACH TO SHARING IDENTITY ➤ conventional client-server architecture ➤ A must trust B and B must trust Server ➤ each link involves a request-response over HTTPS links ➤ this is noisy and each link is an attack point for flow analysis
REDUCING IDENTITY TO A CLEAN TRANSACTION ➤ unidirectional data-flow architecture ➤ B doesn't contact Server, and V doesn't contact B ➤ Server contacts both B and V ➤ each link is less susceptible to flow analysis
IMMUTABLE PROFILES ➤ PKI certificate information - too heavy ➤ Attributes – too many, changeable ➤ SSO – not enough information ➤ we need a Goldilocks solution… ➤ fixed collections of one or more attributes ➤ change attributes by creating new profiles ➤ each profile links to its antecedent ➤ use cryptography to secure the version chain
MANAGING A PERSON'S IDENTITIES ➤ anchor documents ➤ passport, driving licence, identity card, ... ➤ biometric stream ➤ successions of biometric captures for the person ➤ profile set ➤ a choice of user profiles ➤ credentials ➤ large ephemeral random identifiers ➤ assigned to the [user | device | profile]
MANAGING A PERSON'S IDENTITIES
RECEIPTS CONFIRM TRANSACTIONS
A FINE-CHAINED DISTRIBUTED LEDGER TRACKS RECEIPTS
PRODUCING A COMPLETE TRANSACTIONAL IDENTITY SYSTEM
APPLICATION: AGE VERIFICATION
APPLICATION: AGE VERIFICATION WITH SECURE CHANNEL
PATENTS ➤ US2016239658 Digital Identity ➤ US2016239653 Digital Identity ➤ US2016241532 Authentication of Web Content ➤ US2016241531 ConfidenceValues ➤ US2016239657 Digital Identity System

More Related Content

PPTX
Blockchain and Cybersecurity
bygppcpa
 
PDF
Blockchain in Real Estate
byBirthVenue
 
PDF
What is Blockchain - TIEKE
byJuha Viitala
 
PDF
Blockchain and Security Testing
byBirthVenue
 
PDF
Cloud Identity: A Recipe for Higher Education
byMike Schwartz
 
PPTX
Cryotocurrency & blockchain
byAmr Salah
 
PPTX
Blockchain technology
byRoshniThadevus
 
PDF
What is Blockchain Technology?
byPragmatic Coders
 
Blockchain and Cybersecurity
bygppcpa
 
Blockchain in Real Estate
byBirthVenue
 
What is Blockchain - TIEKE
byJuha Viitala
 
Blockchain and Security Testing
byBirthVenue
 
Cloud Identity: A Recipe for Higher Education
byMike Schwartz
 
Cryotocurrency & blockchain
byAmr Salah
 
Blockchain technology
byRoshniThadevus
 
What is Blockchain Technology?
byPragmatic Coders
 

What's hot

PPTX
Blockchain in cyber security
byPrateek Panda
 
PPTX
Blockchain Introduction
byAyham Madi
 
PDF
Block Chain Basics
byUniversity of Hertfordshire
 
PPTX
Block chain technology
byRajeshJade
 
PPTX
What is the future of blockchain in cybersecurity
byBlockchain Council
 
PPTX
How the hospitality industry take the benefits of blockchain technology
byBlockchain Council
 
PPTX
Cybersecurity aspects of blockchain and cryptocurrency
byTony Martin-Vegue
 
PPTX
Block chain technology
byAndrew Adamson
 
PPTX
Hacking blockchain
byJose L. Quiñones-Borrero
 
PDF
170321 cebit blockchain summit frank bolten
byFrank Bolten
 
PDF
Blockchain for good
byMobileInception
 
PPTX
Role of blockchain technology in critical infrastructure security
byGlobal Tech Council
 
PPTX
HashiCorp 2019: "Secure Routing and Traffic Management with Ambassador and Co...
byDaniel Bryant
 
PDF
170301 dena dialogue forum fb
byFrank Bolten
 
PDF
All About Blockchain
byJared Carmel
 
PDF
Biosphere Flow - Global Direct Collaboration Utility
byThe Other Fruit®
 
PPTX
Blockchain Development Services
byVishvendra Saini
 
PPTX
BLOCK CHAIN TECHNOLOGY
byCANiharikaGarg
 
PPTX
Bitcoin with a blink
byAsfak Asif
 
PPTX
Block chain and crypto
byyagyabuttan1
 
Blockchain in cyber security
byPrateek Panda
 
Blockchain Introduction
byAyham Madi
 
Block Chain Basics
byUniversity of Hertfordshire
 
Block chain technology
byRajeshJade
 
What is the future of blockchain in cybersecurity
byBlockchain Council
 
How the hospitality industry take the benefits of blockchain technology
byBlockchain Council
 
Cybersecurity aspects of blockchain and cryptocurrency
byTony Martin-Vegue
 
Block chain technology
byAndrew Adamson
 
Hacking blockchain
byJose L. Quiñones-Borrero
 
170321 cebit blockchain summit frank bolten
byFrank Bolten
 
Blockchain for good
byMobileInception
 
Role of blockchain technology in critical infrastructure security
byGlobal Tech Council
 
HashiCorp 2019: "Secure Routing and Traffic Management with Ambassador and Co...
byDaniel Bryant
 
170301 dena dialogue forum fb
byFrank Bolten
 
All About Blockchain
byJared Carmel
 
Biosphere Flow - Global Direct Collaboration Utility
byThe Other Fruit®
 
Blockchain Development Services
byVishvendra Saini
 
BLOCK CHAIN TECHNOLOGY
byCANiharikaGarg
 
Bitcoin with a blink
byAsfak Asif
 
Block chain and crypto
byyagyabuttan1
 

Similar to Anonymity, trust, accountability

PDF
Anonymity, identity, trust
byEleanor McHugh
 
PPTX
Mit 2014 introduction to open id connect and o-auth 2
byJustin Richer
 
PPTX
Cloud Identity Management
byDamian T. Gordon
 
PDF
Stronger/Multi-factor Authentication for Enterprise Applications
byRamesh Nagappan
 
PDF
Portabl - The state of open banking, regulations, and the intersection of SSI...
bySSIMeetup
 
PPTX
Financial Grade OAuth & OpenID Connect
byNat Sakimura
 
PPTX
Age Verification: Reaching a Tipping Point
byDr Rachel O'Connell
 
PDF
Identity & trust in Monitored Spaces
byEleanor McHugh
 
PDF
Don't Ask, Don't Tell - The Virtues of Privacy By Design
byEleanor McHugh
 
PPTX
Jan Keil - Identity and access management Facts. Challenges. Solution
byTimetogrowup
 
PPTX
Codemash-2017
byKevin Cody
 
PPTX
Catalyst 2015: Patrick Harding
byPing Identity
 
PPT
Tony Nadalin' presentation at eComm 2008
byeComm2008
 
PPTX
Gartner IAM London 2017 Session - Security, Standards & User Experience: The ...
byPing Identity
 
PPTX
Citizen centric digital and mobile-identity, personal data ecosystems and the...
byDr Rachel O'Connell
 
PPTX
Introduction to the FAPI Read & Write OAuth Profile
byNat Sakimura
 
PDF
[WSO2Con USA 2018] Identity is Eating the World!
byWSO2
 
PDF
Identity is Eating the World!
byPrabath Siriwardena
 
PDF
OpenID Foundation Workshop at EIC 2018 - Introduction to the FAPI Read & Writ...
byMikeLeszcz
 
PDF
Introduction to 
the FAPI Read & Write OAuth Profile - Jan 2018 Updates
byNat Sakimura
 
Anonymity, identity, trust
byEleanor McHugh
 
Mit 2014 introduction to open id connect and o-auth 2
byJustin Richer
 
Cloud Identity Management
byDamian T. Gordon
 
Stronger/Multi-factor Authentication for Enterprise Applications
byRamesh Nagappan
 
Portabl - The state of open banking, regulations, and the intersection of SSI...
bySSIMeetup
 
Financial Grade OAuth & OpenID Connect
byNat Sakimura
 
Age Verification: Reaching a Tipping Point
byDr Rachel O'Connell
 
Identity & trust in Monitored Spaces
byEleanor McHugh
 
Don't Ask, Don't Tell - The Virtues of Privacy By Design
byEleanor McHugh
 
Jan Keil - Identity and access management Facts. Challenges. Solution
byTimetogrowup
 
Codemash-2017
byKevin Cody
 
Catalyst 2015: Patrick Harding
byPing Identity
 
Tony Nadalin' presentation at eComm 2008
byeComm2008
 
Gartner IAM London 2017 Session - Security, Standards & User Experience: The ...
byPing Identity
 
Citizen centric digital and mobile-identity, personal data ecosystems and the...
byDr Rachel O'Connell
 
Introduction to the FAPI Read & Write OAuth Profile
byNat Sakimura
 
[WSO2Con USA 2018] Identity is Eating the World!
byWSO2
 
Identity is Eating the World!
byPrabath Siriwardena
 
OpenID Foundation Workshop at EIC 2018 - Introduction to the FAPI Read & Writ...
byMikeLeszcz
 
Introduction to 
the FAPI Read & Write OAuth Profile - Jan 2018 Updates
byNat Sakimura
 

More from Eleanor McHugh

PDF
Go for the Paranoid Network Programmer, 2025 Edition
byEleanor McHugh
 
PDF
[2024] An Introduction to Functional Programming with Go [Y Combinator Remix]...
byEleanor McHugh
 
PDF
A Gopher's Guide to *NIX Plumbing [workshop remixes!]
byEleanor McHugh
 
PDF
Y - Recursion The Hard Way GopherCon EU 2025
byEleanor McHugh
 
PDF
An introduction to functional programming with Go [redux]
byEleanor McHugh
 
PDF
Never Say, Never Say Die! - the art of low-level Ruby and other Macabre Tales
byEleanor McHugh
 
PDF
The Y Combinator, a Lightning Talk from GoLab 2025
byEleanor McHugh
 
PDF
Don't ask, don't tell the virtues of privacy by design
byEleanor McHugh
 
PDF
The Relevance of Liveness - Biometrics and Data Integrity
byEleanor McHugh
 
PDF
Distributed Ledgers: Anonymity & Immutability at Scale
byEleanor McHugh
 
PDF
The Browser Environment - A Systems Programmer's Perspective [sinatra edition]
byEleanor McHugh
 
PDF
Go for the paranoid network programmer, 3rd edition
byEleanor McHugh
 
PDF
The Browser Environment - A Systems Programmer's Perspective
byEleanor McHugh
 
PDF
Go for the paranoid network programmer, 2nd edition
byEleanor McHugh
 
PDF
[2023] Putting the R! in R&D.pdf
byEleanor McHugh
 
PDF
Going Loopy - Adventures in Iteration with Google Go
byEleanor McHugh
 
PDF
An introduction to functional programming with go
byEleanor McHugh
 
PDF
Generics, Reflection, and Efficient Collections
byEleanor McHugh
 
PDF
Implementing virtual machines in go & c 2018 redux
byEleanor McHugh
 
PDF
Hello Go
byEleanor McHugh
 
Go for the Paranoid Network Programmer, 2025 Edition
byEleanor McHugh
 
[2024] An Introduction to Functional Programming with Go [Y Combinator Remix]...
byEleanor McHugh
 
A Gopher's Guide to *NIX Plumbing [workshop remixes!]
byEleanor McHugh
 
Y - Recursion The Hard Way GopherCon EU 2025
byEleanor McHugh
 
An introduction to functional programming with Go [redux]
byEleanor McHugh
 
Never Say, Never Say Die! - the art of low-level Ruby and other Macabre Tales
byEleanor McHugh
 
The Y Combinator, a Lightning Talk from GoLab 2025
byEleanor McHugh
 
Don't ask, don't tell the virtues of privacy by design
byEleanor McHugh
 
The Relevance of Liveness - Biometrics and Data Integrity
byEleanor McHugh
 
Distributed Ledgers: Anonymity & Immutability at Scale
byEleanor McHugh
 
The Browser Environment - A Systems Programmer's Perspective [sinatra edition]
byEleanor McHugh
 
Go for the paranoid network programmer, 3rd edition
byEleanor McHugh
 
The Browser Environment - A Systems Programmer's Perspective
byEleanor McHugh
 
Go for the paranoid network programmer, 2nd edition
byEleanor McHugh
 
[2023] Putting the R! in R&D.pdf
byEleanor McHugh
 
Going Loopy - Adventures in Iteration with Google Go
byEleanor McHugh
 
An introduction to functional programming with go
byEleanor McHugh
 
Generics, Reflection, and Efficient Collections
byEleanor McHugh
 
Implementing virtual machines in go & c 2018 redux
byEleanor McHugh
 
Hello Go
byEleanor McHugh
 

Recently uploaded

PDF
OFFENSIVE OPERATIONS : THE ANATOMY OF A NETWORK TAKEOVER
byBangladesh Network Operators Group
 
PPT
INTRODUCTION_TO_SOFTWARE_APPLICATION.pptx
byMESFINBELAY4
 
PDF
DNSSEC Implementation Journey at Prime Bank’s Domain
byBangladesh Network Operators Group
 
PDF
Automating ISP Networks Using Ansible and IPAM as a Source of Truth [SoT]
byBangladesh Network Operators Group
 
PPTX
BTCFi on Starknet,Troves.fi offers automated strategies for Bitcoin users on ...
bytrovesfi
 
PPTX
ENDNOTE refrencing how to do step by step..
byhumairasohaib19
 
PDF
Cybrain Software Solutions – Building Future-Ready Digital Tools
byCybrain Software Solutions
 
PPTX
evolution of internet (internet journey)
byyamunadevi49
 
PDF
A Day in the Life of IPv6 Scanning by Matsuzaki ʻmazʼ
byBangladesh Network Operators Group
 
PPTX
ARCHITECTURESACGCHCIUOHCOHCSAKJCOQKCHUO.pptx
bymchlrdpc2921
 
PPTX
Passive Presentation pasdskpasdasdasdasf
byNoOne501682
 
PDF
A La Recherche Du Temps Perdu: In Search of the Cozy Web
byJen Looper
 
PPTX
AI Presentation it all about what is ai and how to implement in real life
byshraddhasule1710
 
PPTX
Facebook: How to Maximize for Everyday Business
byLP3I Surabaya
 
PPTX
MEANING OF EMOJIS OF SOCIAL MEDIA - RUKUNDO Emmanuel..pptx
bysongsormusics
 
OFFENSIVE OPERATIONS : THE ANATOMY OF A NETWORK TAKEOVER
byBangladesh Network Operators Group
 
INTRODUCTION_TO_SOFTWARE_APPLICATION.pptx
byMESFINBELAY4
 
DNSSEC Implementation Journey at Prime Bank’s Domain
byBangladesh Network Operators Group
 
Automating ISP Networks Using Ansible and IPAM as a Source of Truth [SoT]
byBangladesh Network Operators Group
 
BTCFi on Starknet,Troves.fi offers automated strategies for Bitcoin users on ...
bytrovesfi
 
ENDNOTE refrencing how to do step by step..
byhumairasohaib19
 
Cybrain Software Solutions – Building Future-Ready Digital Tools
byCybrain Software Solutions
 
evolution of internet (internet journey)
byyamunadevi49
 
A Day in the Life of IPv6 Scanning by Matsuzaki ʻmazʼ
byBangladesh Network Operators Group
 
ARCHITECTURESACGCHCIUOHCOHCSAKJCOQKCHUO.pptx
bymchlrdpc2921
 
Passive Presentation pasdskpasdasdasdasf
byNoOne501682
 
A La Recherche Du Temps Perdu: In Search of the Cozy Web
byJen Looper
 
AI Presentation it all about what is ai and how to implement in real life
byshraddhasule1710
 
Facebook: How to Maximize for Everyday Business
byLP3I Surabaya
 
MEANING OF EMOJIS OF SOCIAL MEDIA - RUKUNDO Emmanuel..pptx
bysongsormusics
 

Anonymity, trust, accountability

  • 1.
    ANONYMITY, TRUST, ACCOUNTABILITY RomekSzczesniak Eleanor McHugh
  • 2.
    Cryptographer PKI & AppSec Physicist SystemArchitecture 1998 InterClear CA 2003 ENUM 2006 Telnic 2011 Malta E-ID 2012 HSBC GC 2014 YOTI
  • 3.
    DIGITAL IDENTITY -THE GRAIL QUEST ➤ can we create a global identity system that: ➤ nobody owns ➤ cannot be subverted ➤ works on desktop, mobile & IoT ➤ embraces anonymity rather than pseudonymity ➤ anchors to real-world identity documents ➤ embraces UK common law ➤ scales to global needs ➤ transacts in < 500ms
  • 4.
    CURRENT SOLUTIONS ➤ PKI ➤SSO ➤ OpenID ➤ IAM ➤ passwords ➤ biometrics
  • 5.
    COMMON LAW CONTRACTS& TRANSACTIONS ➤ at least one party makes an offer ➤ all parties must then reach mutual assent ➤ and have an intention to create legal relations ➤ an exchange of sufficient consideration must then occur ➤ identification of the parties is implicit ➤ and my be put to the test in court
  • 6.
  • 7.
    BUT THEY CANBE ANCHORED TO A TRUSTED SERVER
  • 8.
    A NAIVE APPROACHTO SHARING IDENTITY ➤ conventional client-server architecture ➤ A must trust B and B must trust Server ➤ each link involves a request-response over HTTPS links ➤ this is noisy and each link is an attack point for flow analysis
  • 9.
    REDUCING IDENTITY TOA CLEAN TRANSACTION ➤ unidirectional data-flow architecture ➤ B doesn't contact Server, and V doesn't contact B ➤ Server contacts both B and V ➤ each link is less susceptible to flow analysis
  • 10.
    IMMUTABLE PROFILES ➤ PKIcertificate information - too heavy ➤ Attributes – too many, changeable ➤ SSO – not enough information ➤ we need a Goldilocks solution… ➤ fixed collections of one or more attributes ➤ change attributes by creating new profiles ➤ each profile links to its antecedent ➤ use cryptography to secure the version chain
  • 11.
    MANAGING A PERSON'SIDENTITIES ➤ anchor documents ➤ passport, driving licence, identity card, ... ➤ biometric stream ➤ successions of biometric captures for the person ➤ profile set ➤ a choice of user profiles ➤ credentials ➤ large ephemeral random identifiers ➤ assigned to the [user | device | profile]
  • 12.
  • 13.
  • 14.
    A FINE-CHAINED DISTRIBUTEDLEDGER TRACKS RECEIPTS
  • 15.
    PRODUCING A COMPLETETRANSACTIONAL IDENTITY SYSTEM
  • 16.
  • 17.
    APPLICATION: AGE VERIFICATIONWITH SECURE CHANNEL
  • 18.
    PATENTS ➤ US2016239658 DigitalIdentity ➤ US2016239653 Digital Identity ➤ US2016241532 Authentication of Web Content ➤ US2016241531 ConfidenceValues ➤ US2016239657 Digital Identity System