Managing identity and governing how it is used to access resources and services is the security cornerstone of any digital solution. Today, cloud first solutions are designed, developed and delivered very differently from enterprise solutions in the past. We have moved from a structured world of data stored in relational databases to a hybrid world where data is created and managed in semi structured files on big data platforms and unstructured objects in cloud storage. Creating identity governance solutions to secure such a hybrid world is a key requirement going forward.

Our identity governance research ranges from the hardware based secure identity schemes required by governments today to the cryptographic underpinnings of tomorrows distributed schemes. We look at the tradeoff between security and convenience, audibility and privacy, desktop and mobile.

Our projects

card_4

Secure ID solutions

Online transactions require the ability to determine a person’s identity in a secure, convenient and privacy-guaranteeing manner.

card_4

Identity Mixer

The Internet is like the lunar surface — it never forgets a footprint. With Identity Mixer, we can turn it into a sandy beach that regularly washes everything away.

card_4

Password-based security

If appropriate cryptographic techniques are applied, passwords are a secure and usable means of authentication.

card_4

Virtual smartcards

Our protocols prove that it is indeed possible to achieve strong security based only on easy-to-memorize passwords, contrary to the widespread belief that the use of passwords has become insecure.

Ask the experts

Gregory Neven

Gregory Neven

IBM Research scientist

Jan Camenisch

Jan Camenisch

IBM Research scientist

Maria Dubovitskaya

Maria Dubovitskaya

IBM Research scientist

Anja Lehmann

Anja Lehmann

IBM Research scientist