Mobile Identity, Credential, and Access Management Framework

Organizations today gather unprecedented quantities of data from their operations. This data is coming from transactions made by a person or from a connected system/application. From personal devices to industry including government, the internet has become the primary means of modern communication, further increasing the need for a method to track and secure these devices. Protecting the integrity of connected devices collecting data is critical to ensure the trustworthiness of the system. An organization must not only know the identity of the users on their networks and have the capability of tracing the actions performed by a user but they must trust the system providing them with this knowledge. This increase in the pace of usage of personal devices along with a lack of trust in the internet has driven demand for trusted digital identities. As the world becomes increasingly mobile with the number of smart phone users growing annually and the mobile web flourishing, it is critical to implement strong security on mobile devices. To manage the vast number of devices and feel confident that a machine’s identity is verifiable, companies need to deploy digital credentialing systems with a strong root of trust. As passwords are not a secure method of authentication, mobile devices and other forms of IoT require a means of two-factor authentication that meets NIST standards. Traditionally, this has been done with Public Key Infrastructure (PKI) through the use of a smart card. Blockchain technologies combined with PKI can be utilized in such a way as to provide an identity and access management solution for the internet of things (IoT). Improvements to the security of Radio Frequency Identification (RFID) technology and various implementations of blockchain make viable options for managing the identity and access of IoT devices. When PKI first began over two decades ago, it required the use of a smart card with a set of credentials known as the personal identity verification (PIV) card. The PIV card (something you have) along with a personal identification number (PIN) (something you know) were used to implement two-factor authentication. Over time the use of the PIV cards has proven challenging as mobile devices lack the integrated smart card readers found in laptop and desktop computers. Near Field Communication (NFC) capability in most smart phones and mobile devices provides a mechanism to allow a PIV card to be read by a mobile device. In addition, the existing PKI system must be updated to meet the demands of a mobile focused internet. Blockchain technology is the key to modernizing PKI. Together, blockchain-based PKI and NFC will provide an IoT solution that will allow industry, government, and individuals a foundation of trust in the world wide web that is lacking today

A Pragmatic Review on Security and Integrity in Wireless Networks

Wireless transmission is one of the prominent and widely used aspects for remote and trust based networks. A wireless network encompass of a set of arbitrary as well virtually connected devices using wireless transmission media. It includes assorted but compatible set of protocols so that the communication can be done with security, integrity and higher accuracy. In wireless networks, there are two key segments as “Mobile ad hoc networks (MANET) and Wireless Sensor Networks (WSN)” using which the data transmission can be established between numbers of mobile nodes called as motes. In wireless networking, there are number of dimensions in which efficiency and quality of service is a key issue. Such aspects are energy optimization, security, cryptography, routing, scheduling, cost factor and many others. Security is one of the key domains that is considered as sensitive and most addressed domains because of many applications of wireless networks in defense, corporate sector and related sensitive domains. Till now, there are number of protocols and an algorithm using encryption and hash keys but still this area is under research. In this research manuscript, an empirical review on assorted security protocols and algorithms is presented and it is extracted that a novel multilayered algorithm can be devised, developed and proposed having the concept of dynamic hash key based generation of cryptography. Using this unique and effective approach, the overall security, integrity and performance of the wireless scenario can be improved as compared to the classical approach