Published on the 03/02/2015 | Written by Beverley Head
Australian biosecurity could be an early winner from a cloud-based security breakthrough touted by IBM and being tested by the CSIRO…
IBM has announced it has developed a new cryptographic algorithm able to limit the amount of personal data that is shared online helping to reduce identify theft while stepping up privacy.
Called Identity Mixer, the cloud system encrypts identity attributes such as age, nationality, address, even credit card numbers in a digital wallet, and only shares that information which is needed to complete an online action. IBM’s argument is that what isn’t shared can’t be stolen, allowing users to limit the number of organisations able to access personal data.
The service will be launched in an experimental form on IBM’s BlueMix cloud in the next few months.
Conceptually the service works by providing online services only with the information they need. For example a video streaming service only needs to know that someone is over a certain age and able to download movies, and has a valid subscription.
All other personal data – full name, address, date of birth – is not required by the service provider. Instead that information can be authenticated in a cloud, and only the key information made available to the service provider.
Even if the video streaming service is hacked, the only information hackers would have would be someone’s sign on name and age which would not be enough to support any attempted identity theft.
Australia’s CSIRO is one of two international agencies initially testing the concept.
According to a CSIRO blog, by using Identity Mixer to encrypt specified personal data, keeping that hidden from websites “and only revealing the most relevant information, we get to hold onto our data, rather than constantly handing it over when we collaborate online”.
CISRO continued: “Identity Mixer will allow our scientists to securely authenticate who they are, and share sensitive data with experts and our partners. For example, in the event that there is a biosecurity issue, it is imperative that this team can freely share data and collaborate with partners and other labs in instances when the lab is locked down, or if the threat requires a rapid response.”
According to IBM more than a decade of research has gone into the project which is intended to ensure that there is only ever minimal disclosure of identity related data.