Marc Vanmaele, CEO of TrustBuilder, considers if blockchain will become a IAM turning point
From a niche cryptocurrency discussed only in the most technical part
and circles focused on calculation, in a market that captures imagination
in the official press, the bitcoin has undergone a journey of transformation
the last decade. As part of this evolution, the bitcoin public transaction register
it has also become mainstream. We are talking, of course, of blockchain.
In both the public and private sectors, multiple organizations believe that blockchain can add value to their operations. As reported in Forbes, "blockchain allows the direct exchange of value between A and B without the need for intermediaries – whether it is a central authority, a broker or a notary". It offers transparent visibility and an immutable and time-stamped registration of contracts. Easy to see, therefore, how this efficiency, reliability and robustness can be a useful mechanism in various business applications.
The role of blockchain in IAM
Identity and access management (IAM) is an area where
various attempts have been made to exploit the blockchain technology. A
for example, the blockchain-based identity management platform is using its mobile device
application to address identity theft and fraudulent activity on credit reports.
Users select the information they want to share, send and verify
their personal details that are then blocked and encrypted.
The city of Zug in Switzerland is creating digital identities that can be used as government services. All candidates personally verify their information, which is then stored on the Ethereum blockchain and can therefore be used for proof of residence or electronic voting. Meanwhile, a global photo company has developed its own blockchain-based platform, an encrypted digital ledger of image rights for photographers to license their work and collect instant payments for any online use.
So many organizations are developing blockchain-based
solutions for the management and authentication of identities for the cross-industry
Balancing privacy with security
There are, however, some challenges and restrictions in terms of
the role of blockchain within IAM. The digital identity is, of course, closely linked
with privacy and data protection issues, in particular following the
introduction of more stringent data protection rules such as GDPR. Yet privacy
is somewhat in disagreement with the notion of an immutable ledger distributed to a
significant number of parts.
As such, for blockchain to be of real value in the IAM space,
a consensus has built that identity and private information should not be
stored on public networks of blockchain. Rather, only people are unique
cryptographic identifiers must be stored and referenced.
The security of the blockchain network is another challenge
stumbling block. Distributed security is generally much more difficult to obtain than
centralized security, simply because of the larger attack surface. As such,
the security of the cryptographic key is a fundamental element of the concept of blockchain.
This means that it protects keys that allow access to the ledger and blockchain
applications are essential to ensure that blockchain solutions as a whole are secure.
Protection means not only protecting the keys as robustly as possible, but also the
recovery of lost private keys without the introduction of an escrow agent. One third
the party would cancel the concept of disintermediation of the blockchain.
All of these security problems must therefore be resolved first
concepts like Self Sovereign Identity using blockchain can become genuinely
Be selective: choose the best applications for blockchain
Furthermore, IAM includes a number of different functions.
While everyone couldvirtuallybenefit from blockchain, it is
It is important to understand which ones are the most predisposed and ready.
On the aspects of access control, while the distributed registers are such
like blockchain they are good at storing and archiving information immutably
way, they are not suitable for the management of the authorization in real time and
contextual application in real time.
On the other hand, resolving the verification of digital identity
problem – in other words, the execution of authentication – is potentially
interesting field of application. Most current business solutions for
managing identities, whether those of employees, customers or suppliers, depends
on some form of centralized identity archive. However, although these are centralized,
most organizations run even more versions of these stores, each dedicated
to their function or community. Centralized shops are expensive
administer because they are owned by a single business entity
that bears all costs: hardware, softwareisuser
administration. This last one, being human labor, can quickly accumulate expenses.
Automation of synchronization of identity data centralized to the inside and outside
the company has proved inefficient from the point of view of costs and impractical
as for the identities outside the company, whether consumers or
employees of other organizations.
Blockchain technology, because it is based on the opposite
concept to centralized stores – a distributed ledger – can then introduce
significant value. Save the costs of managing "external" and use identities
identity data directly from the & # 39; source, and not an expensive local replica
under your control
I do not see the now: hybrid blockchain
Predicting the future of technology is, of course, a precarious one
game. But it seems probable that from 2019 onwards, we will see more projects
which uses the blockchain implemented in the business context, but with some
level of control for the participants in the blockchain network.
This is what is called hybrid blockchain, as opposed to public
blockchain (that is, the ledger behind cryptocurrency transactions) or pure
private blockchain, which is generally well directed by the existing identity
federation concepts. These concepts were introduced in the early 2000s a
overcome the problem of a single party that administers multiple identities
parts, and essentially allow the same identification data to be used to obtain
access to many different systems or networks. The model is based on a restriction
set of trusted parts, while blockchain opens the number of parts a
potentially huge numbers.
The hybrid blockchain is much more suitable for commercial purposes or highly
regulated companies and governments as it allows them to maintain
flexibility and control over which data is kept private or shared on a
public ledger. It also allows the guarantee of an adequate transaction time, such as
as well as security and auditing functions that are not possible in public
As with so many emerging technologies before, Blockchain is
still discussed in breathless tones as the next big thing in the company
technology, something that could shake and transform everything it has
gone first. In terms of identity and access management, it is certainly fantastic
potential, but it is important to contextualise this potential in terms of
specific aspects of IAM and a specific (hybrid) form of blockchain.