Tide's new approach to digital identity allows users to authorize a system, instead of the system authorizing the users.
MELBOURNE, AUSTRALIA / ACCESSWIRE / January 9, 2023 / The Tide Foundation, in a joint research partnership with Deakin University have validated a new security paradigm. Tide untangles the paradox of "who's guarding the guardian?" undermining today's security dogma. That dogma suggests that to secure something, you should fortify it heavily, lock all entrances and place a guardian to let only the authorized people in.
Today, it's usually the identity system of an organization that authenticates the users and authorizes access to their resources. This means that if this identity system, or a person who administers it, is compromised, then every digital asset of that organization is at risk. It's proven to be a $7tn global liability and poses significant risk of liability and identity theft to every user.
Tide assumes the guardian may be compromised and strips its authority so that only when combined with the authority that each user brings with them can access be granted. The system tells the user "Here's the key you need for this visit, but it will only work in your hands, not mine."
"Adding more barricades to the door when the burglar is already in the house is redundant," said Professor Robin Doss, Director, Centre for Cyber Security Research & Innovation Deakin University. "Tide flips the act of authentication from just proving you're the right user, to include "bring your own Authority" that empowers the system to use your data."
Tide's novel Self-Sovereign-Authority technology allows the organization's IT systems to lock critically sensitive digital assets (e.g. PII, health data, IP or finances) with keys so secure, no one has access to them. Not even Tide, as the technology developer, has access.
Each user's key is generated in a zero-knowledge process across a decentralized network. Users log into the organization using a password or multi-factor authentication through the decentralized network. In essence, a user wishing to access a critical resource logs in through Tide's decentralized network to transform their identity into a digital authority for that particular asset. This capability is made possible through Tide's breakthrough in decentralized threshold multi-party cryptography.
Tide's PRISM - decentralized authentication converts a password nobody holds into a cryptographic key
"Using a decentralized network, authority can move outside the platform, in the hands of a collective who jointly hold the only key. It removes the need to trust anyone," said Michael Loewy, Co-founder Tide Foundation. "But unlike the blockchain world where users have run into challenges managing their key on their own, Tide's authentication gives humble passwords the effective strength of a Bitcoin wallet, but with absolutely no change to the user experience."
The collaboration between Tide and Deakin is soon to have an industry partner, a leading global password manager. An end user bringing their own authority keeps the password manager's knowledge to zero from end-to-end, even though they're holding the most sensitive secrets of their users.
Tide is already working with global IT companies, like NTT, major ERP platforms and other technology providers to secure themselves and their customers.
About Deakin University's Centre for Cyber Security Research & Innovation
CSRI is a strategic research centre within Deakin University. Our cyber security researchers represent a diverse section of academic fields, spanning across the four Deakin faculties - Art & Education, Business & Law, Health & Science and Engineering & Built Environment. The CSRI team also includes Adjunct Industry Professors who are experts working within the private sector. This holistic approach to cyber security research uniquely positions us to collaborate and innovate in meaningful ways. For more visit: Cybercentre.org.au.
About Tide Foundation
Tide is a deep-tech startup developing true zero-trust technology, allowing platform developers to lock their systems with keys nobody holds. Led by a team with leadership experience in cyber intelligence and enterprise software development, Tide is backed by a high-profile advisory and investor base of tech veterans, cryptography professors, and policy makers. Tide is a research partner of Deakin and RMIT University, and has been awarded a National Research Council grant, been championed by global bodies like the Organization for Economic Co-operation and Development (OECD) and the U.K.'s Competition and Markets Authority, and has won numerous deep tech awards. For more visit: Tide.org.
Media Contact:
Erica Zeidenberg
Hot Tomato Marketing
[email protected]
925-518-8159 mobile
SOURCE: Tide