Trustworthy user authentication, authorization, data integrity AND consent management

Transcription

1 RapidQube Solutions

2 Trustworthy user authentication, authorization, data integrity AND consent management I D E N T I T Y A N D A CC E S S M A N A G E M E N T S O L U T I O N RapidQube Solutions 2

3 IDENTITY AND ACCESS MANAGEMENT (IAM) Manage enterprise and customer data in a reliable manner The platform leverages decentralized ledger technology to enable users to control their own data without thirdparty involvement IDENTITY AND ACCESS MANAGEMENT Provides immutability and trust, and increased privacy protection Provides full transparency to the individual data owner and complete encrypted security DECENTRALIZED IDENTITIES ZERO TRUST DATA STORES RapidQube Solutions - IDAM SOLUTION 3 3

4 SOLUTION ARCHITECTURE Trustworthy user authentication, authorization, data integrity and consent management CHALLENGES Most recent conventional identity systems are costly and hinder the innovation and greater customer experience The idea of digital identity has been evolving for a few decades now, from centralized identities to federated identities to user-centric identities to self-sovereign identities SOLUTION As a decentralized public ledger, blockchain enables users to control their own data without third-party involvement Smart contracts to determine unauthorized access, disclosure and leak of information RESULTS Blockchain and digital identity introduce a new system for preserving people s credentials for their public services RapidQube Solutions - IDAM SOLUTION 4 4

5 IDENTITY AND ACCESS MANAGEMENT CONTEXT STATE SOLUTION FEATURES RapidQube Solutions - IDAM SOLUTION

6 STATE IDENTITY MANAGEMENT CURRENT STATE PROPOSED STATE CENTRALIZED IDENTITY DE-CENTRALIZED IDENTITY TRUSTED IDENTITY DOMAIN RISK RISK IDENTITY REPOSITORY HASH IDENTITY TRUST FABRIC HASH The key drivers are to minimize the security and privacy risk of managing identity profiles centrally. From a business perspective, It is an opportunity to address the ongoing challenge to establish trust between multiple domains. This has been a major challenge for organizations implementing a federated identity model The decentralized identity model is enabled by a more inclusive identity trust fabric that can streamline cross-domain business processes integration, regardless of where identities are originated. This property simplifies the flow of data and transactions to enhance business agility and customer experience. However, organizations are cautioned that decentralization is not all-or-nothing. Organizations should consider this phase of identity decentralization as a steppingstone RapidQube Solutions - IDAM SOLUTION 6

7 STATE ACCESS MANAGEMENT CURRENT STATE PROPOSED STATE IDENTITY ASSERTIONS IDENTITY ASSERTIONS SUBJECT HIGHLY FEDERATED ASSERTION GENERATORS ACCESS REQUEST WORKFLOW MANAGEMENT SUBJECT DECISION GATEWAY DECISION GATEWAY ACL ASSERTIONS SUBJECT WITH SELF CONTAINED IDENTITY ASSERTION FEDEERATION BOUNDARY OBJECT ACL DECISION DATA BC NODE BC NODE BC NODE Separate processes for identity assertion management and access control list management. An identity provider generates a token or assertion, with a policy enforcement process acting as a gatekeeper down into the protected objects The main external interactions tend to be at the identity layer, with access control information still sitting within the object s domain The blockchain technology is used as an access request warehouse The warehouse will contain the output from the access request workflow process that would be hashed and cryptographically made secure from a trusted access request manager After each access request, an entry would be made to the chain. Each object would then be able to make a query against the chain, to identify all corresponding entries that map to their object set, unionise all entries and work out the necessary access control result RapidQube Solutions - IDAM SOLUTION 7

8 SOLUTION Secure enterprise identity authentication and access built using the blockchain ATTRIBUTE AND IDENTITY PROVIDERS COMMERCIAL Name, Address, Gender, Mobile number, addresses GOVERNMENT date of birth, Voter register, national Insurance, Tax 4 5 DIGITAL IDENTITY & ACCESS APPLICATION 6 3 Person wishing to access online services or websites RELYING PARTIES ONLINE/CLOUD Service providers CONSUMER SITES Online retailers, ticketing GOVERNMENT SERVICES Welfare, Health, Tax 1. User requests access to a website 2. Website sends it s access policy to the application 3. Application evaluates the website access policy using the smart contract and gets the information from the identity providers 4. Application requests the required identity attributes 5. The required information is returned to the application 6. User provides consent 7. Application returns information to the website 8. Access to the website is granted RapidQube Solutions IDAM SOLUTION 8

9 FEATURES SELF SOVEREIGN IDENTITY PRINCIPLES EXISTENCE CONTROL ACCESS TRANSPARENCY PERSISTENCE PORTABILITY INTEROPERABILITY CONSENT MINIMIZATION PROTECTION These principles attempt to ensure the user control that s at the heart of self-sovereign identity For digital identity, blockchain supports the implementation of SSI and incorporates ten principles which strengthen its application Blockchain has the potential to be adopted as a digital identity system. Instead of storing all data and transactions in a secure and open way, creating an identity on the blockchain makes it easier for people to manage their identities and to grant control over who has their personal information and how they access it BLOCKCHAIN FEATURES RapidQube Solutions - IDAM SOLUTION 9

10 CONTACT TEAM OFFICE LOCATIONS Mumbai, India Chennai, India Connecticut, USA New Jersey, USA RapidQube Solutions IDAM SOLUTION 10

11 RapidQube Solutions THANKYOU