Leveraging Blockchain for Identity and Authentication in IoT is good for Security
Since the beginning of the internet, attempts have been made to solve the problem of privacy and security. Every effort has had challenges of inconvenience, cost and insecurity.
How do we prove our identity?
Blockchain technology and its mutual distributed ledgers (MDL) cannot be altered and allow people and companies to record, validate and track transactions throughout a network of decentralized computer systems. These MDLs are databases with a time stamped audit trail.
By leveraging this technology, an app on our device will hash our identifying information and insert this into the public Blockchain. Anytime you need to authenticate to another service or user, you share the information which is then sent through the algorithm and checked against the Blockchain. Once authenticated, your information for identification is not needed again.
If the hashed information is decentralized and provides interoperability. Personal information never leaves the device and is not stored on a centralized server. Taking the personal data, hashing it and then discarding everything but the hashes of our personal data allows the network to accept the information in the same manner as our ID cards.
These Blockchains open the door to innovation and enables more interoperability connecting various distributed services.
There can be 2 unique MDLs; one to hold the encrypted documents and a separate ledger that will hold encryption key access which are folders encompassing our identity, health or other qualifying records. Driver’s license bureaus can provide us a digitally signed copy of our driver’s license that we control. We then offer controlled usage to entities that need to inspect the documents, the information recorded on the MDL.
This use of immutable ledger can become the accepted modality of the future.
Donald Malloy is the Chairman of OATH, The Initiative for Open Authentication. OATH is an industry alliance that has opened the authentication market from proprietary systems to an open source standard based architecture promoting ubiquitous strong authentication.
Managed by the official OWASP Media Project https://www.owasp.org/index.php/OWASP_Media_Project