Call it cloud computing, call it pervasive outsourcing and telecommuting, the fact is that things have changed. In many ways, your network replaces your buildings. A widely dispersed collection of people with whom you never rub shoulders are in there, looking at files and installing software.
You need to know with a reliable measure of certainty just who those people are.
Identity used to be a rather simple matter. Personnel records from HR went into your LDAP or Active Directory and were managed by your identity management software. You knew who your people were because you saw them face-to-face every day.
Now, your users come from remote offices and suppliers and distributors and customers. Who checked the identities of these people? How sure are you that they are who they say they are?
Indeed, how sure are you that your competitors haven't taken advantage of the vague and variable ways that identities are claimed out there in the wild?
Where security technology fails us
Whether your organization’s network is hosted in the cloud, on your premises, or a mix of both. Authenticity™ brings pervasive accountability to your operations, letting you know with measurable certainty who did what when.
Almost all security technology is built upon the assumption that it’s possible to determine the intentions and character of the sender of a stream of bits. Isn’t that like asking the lobby receptionist in your office building to determine whether everyone entering the building is a good or bad person?
Instead, your receptionist asks for ID, establishing accountability for what happens while the visitor is in the building.
AUTHENTICITY in the Enterprise™ brings you
Digital Identity Certificates that carry a measure of their own reliability – the product of our rigorous enrollment procedures
CredentialBridge™ linking the existing identity credentials used by your organization to PKI key pair based identities
Accountable Micro-Segmentation assuring you that all network assets and workloads are properly isolated, and reachable only by users who are not only authorized but who possess the PENs (private keys) accompanying those identity certificates, each of which carries an Identity Quality score.
CertAuth™ – Implementing certificate authentication throughout your network
DSE™ – Digital Signatures Everywhere – assuring you that all events are digitally signed by the person responsible
Logchain™ – A network log that resembles a blockchain, with all network events immutably recorded and signed.
Behind the epidemic of cyberattacks, malware, online predation, data breaches, ransomware, identity theft, IoT-borne DDOS attacks, and other digital plagues is inauthenticity.
You can't fight inauthenticity by trying to determine the intentions and character of the sender of a stream of bits. Rather, you eliminate inauthenticity with Authenticity™.
Identity Processing is the process of identity verification, identity attestation, generation of puzzle kits (“key pairs,”) implementation of certificate signing, implementation of certificate-based authentication, and integration of digital signatures and symmetric encryption key management.
A digital signature is a mathematical process that verifies the authenticity of both the contents and the signer of a digital communication, document, image, video, or other digital file. Digital signatures provide authentication, legal non-repudiation, and integrous continuity of the message or document.
IDentity Quality Assurance assigns a numerical value that lets a relying party – a person or a piece of software – know the reliability of the claim of identity embodied in an identity credential. An Identity Quality Assurance (IDQA) score assigns a numeric value to a digital identity certificate - allowing you, as the relying party, to know at a glance to what degree the identity can be trusted.
Perhaps a password-based authentication scheme works for your organization. Authentication by itself does not solve the problem: how can I trust that this user is who they claim to be? A numerical measure of the level of confidence in an identity claim is important, regardless of the authentication method (that is, the method used for logins.)
Encryption is the process by which meaningful information is transformed into secret an unintelligible string of bits called ciphertext via any of a number of cryptographic algorithms. Symmetric encryption algorithms use the same key (typically a number) to both encrypt and decrypt. Asymmetric encryption algorithms involve pairs of numbers (keys) where anything encrypted using one of the pair can only be decrypted by the the other number in the pair.
Asymmetric cryptography is only effective for very small files. For that reason, the practical use of encryption and decryption involves encrypting the symmetric key that was used to encrypt a normal-size file using the public number (key) of the recipient, so that only the recipient can decrypt that encrypted symmetric key.