Virtualization Technology News and Information
Ground-breaking Tech Finally Turns Cybersecurity's Weakest Link to Its Greatest Strength, Says Deakin University

The Tide Foundation, in a joint research partnership with Deakin University have validated a new security paradigm.  Tide untangles the paradox of "who's guarding the guardian?" undermining today's security dogma. That dogma suggests that to secure something, you should fortify it heavily, lock all entrances and place a guardian to let only the authorized people in. 

Today, it's usually the identity system of an organization that authenticates the users and authorizes access to their resources. This means that if this identity system, or a person who administers it, is compromised, then every digital asset of that organization is at risk. It's proven to be a $7tn global liability and poses significant risk of liability and identity theft to every user.

Tide assumes the guardian may be compromised and strips its authority so that only when combined with the authority that each user brings with them can access be granted. The system tells the user "Here's the key you need for this visit, but it will only work in your hands, not mine."

"Adding more barricades to the door when the burglar is already in the house is redundant," said Professor Robin Doss, Director, Centre for Cyber Security Research & Innovation Deakin University. "Tide flips the act of authentication from just proving you're the right user, to include "bring your own Authority" that empowers the system to use your data."

Tide's novel Self-Sovereign-Authority technology allows the organization's IT systems to lock critically sensitive digital assets (e.g. PII, health data, IP or finances) with keys so secure, no one has access to them. Not even Tide, as the technology developer, has access.

Each user's key is generated in a zero-knowledge process across a decentralized network. Users log into the organization using a password or multi-factor authentication through the decentralized network. In essence, a user wishing to access a critical resource logs in through Tide's decentralized network to transform their identity into a digital authority for that particular asset. This capability is made possible through Tide's breakthrough in decentralized threshold multi-party cryptography.

"Using a decentralized network, authority can move outside the platform, in the hands of a collective who jointly hold the only key. It removes the need to trust anyone," said Michael Loewy, Co-founder Tide Foundation. "But unlike the blockchain world where users have run into challenges managing their key on their own, Tide's authentication gives humble passwords the effective strength of a Bitcoin wallet, but with absolutely no change to the user experience."

The collaboration between Tide and Deakin is soon to have an industry partner, a leading global password manager. An end user bringing their own authority keeps the password manager's knowledge to zero from end-to-end, even though they're holding the most sensitive secrets of their users.

Tide is already working with global IT companies, like NTT, major ERP platforms and other technology providers to secure themselves and their customers.

Published Monday, January 09, 2023 9:54 AM by David Marshall
Filed under:
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<January 2023>