"There Are Systems 'Guarding' Your Data in Cyberspace – But Who Is Guarding the Guards?"
A "zero-trust" approach is the current best practice in secure technology architecture followed by large businesses and organizations. Zero-trust security is an approach that requires users to prove their authenticity every time they access data or a network application. In addition, every interaction must be verified through a central entity. Absolute trust is then placed in the verification system. Therefore, an attacker can gain full access by compromising this mechanism. To address this problem, "decentralization" eliminates any single point of failure. Work from researchers at RMIT University investigates and develops the algorithms needed to set up an effective decentralized verification system. Their work aims to help secure digital identities and strengthen the security of the verification processes that many of us use. The researchers refined and validated algorithms that can be used to create a decentralized verification system, which would make hacking significantly more difficult. Their industry collaborator, TIDE, developed a prototype system using the validated algorithms. When a user creates an account on an Identity and Access Management (IAM) system, they select a password, which the system encrypts and stores for later use. However, even in encrypted form, stored passwords are appealing targets. Furthermore, while Multi-Factor Authentication (MFA) is useful for authenticating a user's identity, it can be defeated by attackers. If passwords could be verified without being saved in this manner, attackers would no longer have a clear target. Decentralization comes into play here. Instead of putting trust in a single central entity, decentralization puts trust in the network as a whole, which can exist independently of the IAM system. The mathematical basis of the algorithms that support decentralized authority ensures that no single node can act independently. This article continues to discuss the work on the algorithms required to set up an effective decentralized verification system.