Managing identity and governing how it is used to access resources and services is the security cornerstone of any digital solution. Today, cloud first solutions are designed, developed and delivered very differently from enterprise solutions in the past. We have moved from a structured world of data stored in relational databases to a hybrid world where data is created and managed in semi structured files on big data platforms and unstructured objects in cloud storage. Creating identity governance solutions to secure such a hybrid world is a key requirement going forward.
Our identity governance research ranges from the hardware based secure identity schemes required by governments today to the cryptographic underpinnings of tomorrows distributed schemes. We look at the tradeoff between security and convenience, audibility and privacy, desktop and mobile.
Secure ID solutions
Online transactions require the ability to determine a person’s identity in a secure, convenient and privacy-guaranteeing manner.
IBM Identity Mixer is a cryptographic protocol suite that allows user authentication without divulging personal data.
If appropriate cryptographic techniques are applied, passwords are a secure and usable means of authentication.
Data governance & GDPR
Data tokenization and management technologies for governing data in a secure and regulatory-compliant fashion.
Cryptographic protocols that let users authenticate themselves online with virtually the same security guarantees as hardware security tokens, but without the inconvenience.