Decentralized Identity And Access Management
Decentralized Identity and Access Management helps you take advantage of blockchain technology. Here no third party but your organization will manage identities. Only authorized people from the organization will be able to manage identities, Roles, Groups, Permissions, etcJoin us on
What is decentralized IAM?
Decentralized Identity and access management (IAM) is built over blockchain technology. Every operation on decentralized IAM will function in the same way as any other blockchain transactions. Only authorized people ( employers ) from your organization can manage identities, roles, permission. In decentralized IAM all Users will have an organization certified digital wallet. This digital wallet will hold all personal information, public key and private key ( credential ) of that user. Here the public key would act as a unique identity similar to phone number or email address and private key will be used for authentication. With help of this service providers can access required data from digital wallets as and when required.
Why go for decentralized IAM ?
No Third Party Dependency
Only authorized people ( employers ) from your organization can manage identities, roles, permission. In decentralized IAM all Users will have an organization certified digital wallet. This digital wallet will hold all information and private key ( credential ) of that user. And service provider can access required data from digital wallet as and when required
Maintaining an IAM on private blockchain can help overcome public blockchain issues of security and privacy, while keeping the main benefits of the blockchain as it is like immutability, transparency, and traceability along with transaction governance and authorization depending on user roles and permissions.
Private blockchain resources can easily scaled as number of nodes in the private network are less
Since the NFT Minting Gas Fees are covered by the NFT buyer, no loss is incurred to NFT Creator.
Time Stamped Signatures
For better security, signatures will have a timestamp into it. With this timestamp we can prevent middle man attack for a valid signed transaction
Zero Gas Fees
As compared to a public blockchain, private blockchain will have less number of nodes. Also, and if organization wants, it can skip miners incentive on private blockchain, resulting in zero gas fees in transaction
Decentralized IAM gives organizations empowerment on transparency, traceability, and third parties involvement is confined to IAM development level only, in contrast to centralized IAM, which empowers third parties
Digital Signature Verification
Every member would need to sign the transaction with his private key before making a write request to the decentralized IAM. Once blockchain verifies digital signature that transaction will be proceeded further for the write operation
Sensitive data can be transferred through the private network to service providers and vice versa using cryptography where data can be encrypted with the public key of receiver, so that receiver can decrypt it with private key and access it
Let us understand with university example
Everyone in a university would have a university certified identity card including Students, Staff, Accountants, Head of Department, Principal, etc. This card keeps their personal details along with their ID. Based on this ID, students get access to the Library, Laboratories, staff can access data related to their classroom, Accountants would get access to university’s financial department and so on. So when university uses decentralized IAM, all people belonging to university would have university certified digital wallet that can be used by university applications/portal to provide as access based on their roles in the university
Security enhancement due to signed transactions
Nowadays everyone uses OTP or PIN to make banking transactions. This OTP or Pin is easily shareable with others. And this results in an open door for cyber crime. What if banking moves to Blockchain - A Decentralized system? Users will have a digital wallet approved by the bank. This digital wallet will contain the user's private key ( at least 64 characters long, very difficult to share with someone). In this case, when a user initiates a banking transaction, a confirm and sign prompt will appear on the user's digital wallet (similar to metamask transactions screen ) with detailed information about the transaction. Once a user confirms and signs a transaction with his private key, the bank's decentralized system would verify signed transactions with the user's public key and proceed with transaction execution. This security can be enhanced if a hardware wallet is used to store private keys.