We were discussing identity management with Civic.
It introduced three new components: 1) a variety of smart contracts 2) an indigenous utility token and
3) new software applications.
Blockchain works as the ledger in these cases. The smart contracts are the code executed on the blockchain. There is a high degree of privacy for the individual whose transactions are maintained in the ledger. The transaction does not divulge any Personally Identifiable Information but an individual can easily prove ownership of the entries.
The ledger itself is decentralized and maintained by a community where no one actor can gain enough influence to submit a fraudulent transaction or alter recorded data.
Civic introduced a proprietary token which will be used as a form of settlement between participants to an indentity related transaction. It also provides a means to reward the participants While the service provider may follow any standards such as NIST, FIPS or PIV, Civic manages the attestation and its sharing between service providers. For example:
There is a service provider A who sells a service to user. The user sends the PII for verifying identity. A calculates a hash of the PII and records its attestation on the blockchain. User visit service provider B who wants access to all or certain of the PII. The user is willing to share the requested data and A offers a price for its attestation to B which accepts the price. User B can locate and view the blockchain transaction. It would also be able to recreate the hashes for the PII and compare them to that on the blockchain. If B is satisfied, it purchases the attestation and pays the amount into escrow via Civic tokens into escrow. The civic app with the user then transmits the PII to B. To complete the transaction, the CVC from the escrow is shared between the user and A - the original validator.
While the benefits for recording attestations on a distributed ledger are widely acknowledged to foster a new ecosystem, an identity provider may lean to centralized model for offering innovative technologies.
For example, it may require users to login merely with their signatures. Efficient image processing algorithms can then compare signatures. The signature pad : http://szimek.github.io/signature_pad/ is one such example which could be considered to replace password entry on many mobile devices. The user may have to flip the screen to landscape orientation but the experience can be very close to the real thing. Moreover, signature pads are small images and purely black and white, so they are near consistent and this helps with the processing. Moreover, what people draw on the signature pads is completely their call and can even handwrite passwords instead of signature. Since the data is private both at rest and transit, this cannot be divulged with anybody else and provides a layer of security on top of the known passwords. Signature detection and segmentation is a known field of study and techniques involve shape matching. For example: http://matlab-recognition-code.com/signature-recognition-based-on-neural-networks/
3) new software applications.
Blockchain works as the ledger in these cases. The smart contracts are the code executed on the blockchain. There is a high degree of privacy for the individual whose transactions are maintained in the ledger. The transaction does not divulge any Personally Identifiable Information but an individual can easily prove ownership of the entries.
The ledger itself is decentralized and maintained by a community where no one actor can gain enough influence to submit a fraudulent transaction or alter recorded data.
Civic introduced a proprietary token which will be used as a form of settlement between participants to an indentity related transaction. It also provides a means to reward the participants While the service provider may follow any standards such as NIST, FIPS or PIV, Civic manages the attestation and its sharing between service providers. For example:
There is a service provider A who sells a service to user. The user sends the PII for verifying identity. A calculates a hash of the PII and records its attestation on the blockchain. User visit service provider B who wants access to all or certain of the PII. The user is willing to share the requested data and A offers a price for its attestation to B which accepts the price. User B can locate and view the blockchain transaction. It would also be able to recreate the hashes for the PII and compare them to that on the blockchain. If B is satisfied, it purchases the attestation and pays the amount into escrow via Civic tokens into escrow. The civic app with the user then transmits the PII to B. To complete the transaction, the CVC from the escrow is shared between the user and A - the original validator.
While the benefits for recording attestations on a distributed ledger are widely acknowledged to foster a new ecosystem, an identity provider may lean to centralized model for offering innovative technologies.
For example, it may require users to login merely with their signatures. Efficient image processing algorithms can then compare signatures. The signature pad : http://szimek.github.io/signature_pad/ is one such example which could be considered to replace password entry on many mobile devices. The user may have to flip the screen to landscape orientation but the experience can be very close to the real thing. Moreover, signature pads are small images and purely black and white, so they are near consistent and this helps with the processing. Moreover, what people draw on the signature pads is completely their call and can even handwrite passwords instead of signature. Since the data is private both at rest and transit, this cannot be divulged with anybody else and provides a layer of security on top of the known passwords. Signature detection and segmentation is a known field of study and techniques involve shape matching. For example: http://matlab-recognition-code.com/signature-recognition-based-on-neural-networks/
No comments:
Post a Comment