{"id":454539,"date":"2022-05-27T18:40:18","date_gmt":"2022-05-27T15:40:18","guid":{"rendered":"https:\/\/en.buradabiliyorum.com\/there-are-systems-guarding-your-data-in-cyberspace-but-who-is-guarding-the-guards\/"},"modified":"2022-05-27T18:40:18","modified_gmt":"2022-05-27T15:40:18","slug":"there-are-systems-guarding-your-data-in-cyberspace-but-who-is-guarding-the-guards","status":"publish","type":"post","link":"https:\/\/buradabiliyorum.com\/en\/there-are-systems-guarding-your-data-in-cyberspace-but-who-is-guarding-the-guards\/","title":{"rendered":"#There are systems &#8216;guarding&#8217; your data in cyberspace, but who is guarding the guards?"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_85 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<label for=\"ez-toc-cssicon-toggle-item-6a3ac15aba341\" class=\"ez-toc-cssicon-toggle-label\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #dd3333;color:#dd3333\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #dd3333;color:#dd3333\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/label><input type=\"checkbox\"  id=\"ez-toc-cssicon-toggle-item-6a3ac15aba341\" checked aria-label=\"Toggle\" \/><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-1'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/buradabiliyorum.com\/en\/there-are-systems-guarding-your-data-in-cyberspace-but-who-is-guarding-the-guards\/#%E2%80%9CThere_are_systems_%E2%80%98guarding_your_data_in_cyberspace_but_who_is_guarding_the_guards%E2%80%9D\" >&#8220;There are systems &#8216;guarding&#8217; your data in cyberspace, but who is guarding the guards?&#8221;<\/a><\/li><\/ul><\/nav><\/div>\n<h1><span class=\"ez-toc-section\" id=\"%E2%80%9CThere_are_systems_%E2%80%98guarding_your_data_in_cyberspace_but_who_is_guarding_the_guards%E2%80%9D\"><\/span>&#8220;There are systems &#8216;guarding&#8217; your data in cyberspace, but who is guarding the guards?&#8221;<span class=\"ez-toc-section-end\"><\/span><\/h1>\n<div>\n<div class=\"article-gallery lightGallery\">\n<div data-thumb=\"https:\/\/scx1.b-cdn.net\/csz\/news\/tmb\/2022\/there-are-systems-guar.jpg\" data-src=\"https:\/\/scx2.b-cdn.net\/gfx\/news\/hires\/2022\/there-are-systems-guar.jpg\" data-sub-html=\"Credit: Shutterstock\">\n<figure class=\"article-img\">\n            <img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/scx1.b-cdn.net\/csz\/news\/800a\/2022\/there-are-systems-guar.jpg\" alt=\"There are systems 'guarding' your data in cyberspace \u2013 but who is guarding the guards?\" title=\"Credit: Shutterstock\" width=\"800\" height=\"394\"\/><figcaption class=\"text-darken text-low-up text-truncate-js text-truncate mt-3\">\n                Credit: Shutterstock<br \/>\n            <\/figcaption><\/figure>\n<\/p><\/div>\n<\/div>\n<p>We use internet-connected devices to access our bank accounts, keep our transport systems moving, communicate with our colleagues, listen to music, undertake commercially sensitive tasks\u2014and order pizza. Digital security is integral to our lives, every day.<\/p>\n<p>                                                                                And as our IT systems become more complex, the potential for vulnerabilities increases. More and more organizations are being breached, leading to financial loss, interrupted supply chains and identity fraud. <\/p>\n<p>The current best practice in secure <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/technology\/\" data-internallinksmanager029f6b8e52c=\"4\" title=\"Technology\" target=\"_blank\" rel=\"noopener\">technology<\/a> architecture used by major businesses and organizations is a &#8220;zero trust&#8221; <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/download-scripts-themes-apps\/\" data-internallinksmanager029f6b8e52c=\"9\" title=\"Download Scripts &amp; Themes &amp; Apps\" target=\"_blank\" rel=\"noopener\">app<\/a>roach. In other words, no person or system is trusted and every interaction is verified through a central entity.  <\/p>\n<p>Unfortunately, absolute trust is then placed in the verification system being used. So breaching this system gives an attacker the keys to the kingdom. To address this issue, &#8220;decentralization&#8221; is a new paradigm that removes any single point of vulnerability.<\/p>\n<p>Our work investigates and develops the algorithms required to set up an effective decentralized verification system. We hope our efforts will help safeguard digital identities, and bolster the security of the verification processes so many of us rely on.<\/p>\n<p><b>Never trust, always verify<\/b><\/p>\n<p>A zero trust system implements verification at every possible step. Every user is verified, and every action they take is verified, too, before implementation.<\/p>\n<p>Moving towards this approach is considered so important that U.S. President Joe Biden made an <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.whitehouse.gov\/briefing-room\/presidential-actions\/2021\/05\/12\/executive-order-on-improving-the-nations-cybersecurity\/\">executive order<\/a> last year requiring all US federal government organizations to adopt a zero trust architecture. Many commercial organizations are following suit.  <\/p>\n<p>However, in a zero trust environment absolute faith is (counter intuitively) placed in the validation and verification system, which in most cases is an Identity and Access Management (IAM) system. This creates a single trusted entity which, if breached, gives unencumbered access to the entire organizations systems.  <\/p>\n<p>An attacker can use one user&#8217;s stolen credentials (such as a username and password) to impersonate that user and do anything they&#8217;re authorized to do\u2014whether it&#8217;s opening doors, authorizing certain payments, or copying sensitive data. <\/p>\n<div class=\"article-gallery lightGallery\">\n<div data-thumb=\"https:\/\/scx1.b-cdn.net\/csz\/news\/tmb\/2022\/there-are-systems-guar-1.jpg\" data-src=\"https:\/\/scx2.b-cdn.net\/gfx\/news\/2022\/there-are-systems-guar-1.jpg\" data-sub-html=\"Decentralisation (the same concept which underpins the blockchain) refers to a transference of authority within a system, from a central point of control, to several different entities. Credit: Shutterstock\">\n<figure class=\"article-img text-center\">\n            <img decoding=\"async\" src=\"https:\/\/scx1.b-cdn.net\/csz\/news\/800a\/2022\/there-are-systems-guar-1.jpg\" alt=\"There are systems 'guarding' your data in cyberspace \u2013 but who is guarding the guards?\"\/><figcaption class=\"text-left text-darken text-truncate text-low-up mt-3\">\n                Decentralisation (the same concept which underpins the blockchain) refers to a transference of authority within a system, from a central point of control, to several different entities. Credit: Shutterstock<br \/>\n            <\/figcaption><\/figure>\n<\/p><\/div>\n<\/div>\n<p>However, if an attacker gains access to the entire IAM system, they can do anything the system is capable of. For instance, they may grant themselves authority over the entire payroll.<br \/>\n                                            <!-- Google middle Adsense block --><\/p>\n<p>In January, identity management company <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.forbes.com\/sites\/thomasbrewster\/2022\/03\/23\/okta-hack-exposes-a-huge-hole-in-tech-giant-security\/?sh=7ad0dbfb35a5\">Okta<\/a> was hacked. Okta is a single-sign-on service that allows a company&#8217;s employees to have one password for all the company&#8217;s systems (as large companies often use multiple systems, with each requiring different login credentials).  <\/p>\n<p>Following Okta&#8217;s hack, the large companies using its services had their accounts compromised\u2014giving hackers control over their systems. So long as IAM systems are a central point of authority over organizations, they will continue to be an attractive target for attackers. <\/p>\n<p><b>Decentralizing trust<\/b><\/p>\n<p>In our latest work, we refined and validated algorithms that can be used to create a decentralized verification system, which would make hacking a lot more difficult. Our industry collaborator, <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/tide.org\/\">TIDE<\/a>, has developed a  prototype system using the validated algorithms.<\/p>\n<p>Currently, when a user sets up an account on an IAM system, they choose a password which the system should encrypt and store for later use. But even in an encrypted form, stored passwords are attractive targets. And although multi-factor authentication is useful for confirming a user&#8217;s identity, it can be circumvented.<\/p>\n<p>If passwords could be verified without having to be stored like this, attackers would no longer have a clear target. This is where decentralization comes in. <\/p>\n<p>Instead of placing trust in a single central entity, decentralization places trust in the network as a whole, and this network can exist outside of the IAM system using it. The mathematical structure of the algorithms underpinning the decentralized authority ensure that no single node that can act alone. <\/p>\n<p>Moreover, each node on the network can be operated by an independently operating organization, such as a bank, telecommunication company or government departments. So stealing a single secret would require hacking several independent nodes. <\/p>\n<p>Even in the event of an IAM system breach, the attacker would only gain access to some user data\u2014not the entire system. And to award themselves authority over the entire organization, they would need to breach a combination of 14 independently operating nodes. This isn&#8217;t impossible, but it&#8217;s a lot harder.<\/p>\n<p>But beautiful mathematics and verified algorithms still aren&#8217;t enough to make a usable system. There&#8217;s more work to be done before we can take decentralized authority from a concept, to a functioning network that will keep our accounts safe.\n                                                                                                                        <\/p>\n<hr\/>\n<div class=\"article-main__explore my-4 d-print-none\">\n<p>                                            Zero-trust architecture may hold the answer to cybersecurity insider threats\n                                        <\/p><\/div>\n<hr class=\"mb-4\"\/>\n<div class=\"d-inline-block text-medium my-4\">\n                                                Provided by<br \/>\n                                                                                                    The Conversation<br \/>\n                                                                                                        <a rel=\"nofollow noopener\" target=\"_blank\" class=\"icon_open\" href=\"https:\/\/theconversation.com\"><br \/>\n                                                        <svg>\n                                                            <use href=\"https:\/\/techx.b-cdn.net\/tmpl\/v2\/img\/svg\/sprite.svg#icon_open\" x=\"0\" y=\"0\"\/>\n                                                        <\/svg><br \/>\n                                                    <\/a><\/p><\/div>\n<p class=\"article-main__note mt-4\">\n                                                This article is republished from <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/theconversation.com\">The Conversation<\/a> under a Creative Commons license. Read the <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/theconversation.com\/there-are-systems-guarding-your-data-in-cyberspace-but-who-is-guarding-the-guards-183041\">original article<\/a>.<img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/counter.theconversation.com\/content\/183041\/count.gif?distributor=republish-lightbox-advanced\" alt=\"The Conversation\" width=\"1\" height=\"1\"\/><\/p>\n<p>                                        <!-- print only --><\/p>\n<div class=\"d-none d-print-block\">\n<p>                                                 <strong>Citation<\/strong>:<br \/>\n                                                 There are systems &#8216;guarding&#8217; your data in cyberspace, but who is guarding the guards? (2022, May 27)<br \/>\n                                                 retrieved 29 May 2022<br \/>\n                                                 from https:\/\/techxplore.com\/<a href=\"https:\/\/buradabiliyorum.com\/en\/category\/news\/\" data-internallinksmanager029f6b8e52c=\"2\" title=\"News\" target=\"_blank\" rel=\"noopener\">news<\/a>\/2022-05-cyberspace.html<\/p>\n<p>                                            This document is subject to copyright. Apart from any fair dealing for the purpose of private study or research, no<br \/>\n                                            part may be reproduced without the written permission. The content is provided for information purposes only.<\/p><\/div>\n<\/p><\/div>\n<p><script id=\"facebook-jssdk\" async=\"\" src=\"https:\/\/connect.facebook.net\/en_US\/sdk.js\"><\/script><\/p>\n<blockquote><p><strong><span style=\"color: #ff6600;\">If you liked the article, do not forget to share it with your friends. Follow us on\u00a0<span style=\"color: #ff0000;\"><a style=\"color: #ff0000;\" href=\"https:\/\/news.google.com\/publications\/CAAqBwgKMLG0nwswvr63Aw\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Google News<\/a><\/span>\u00a0too, click on the star and choose us from your favorites.<\/span><\/strong><\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\">For forums sites go to <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/forum.buradabiliyorum.com\/\" target=\"_blank\" rel=\"noopener\">Forum.BuradaBiliyorum.Com<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\"><strong>If you want to read more Like this articles, you can visit our <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/en.buradabiliyorum.com\/science\/\" target=\"_blank\" rel=\"noopener\">Science category.<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n<p><span style=\"color: black;\"><a style=\"color: #ff9900;\" href=\"https:\/\/techxplore.com\/news\/2022-05-cyberspace.html\" target=\"_blank\" rel=\"noopener\">Source<\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>&#8220;There are systems &#8216;guarding&#8217; your data in cyberspace, but who is guarding the guards?&#8221; Credit: Shutterstock We use internet-connected devices to access our bank accounts, keep our transport systems moving, communicate with our colleagues, listen to music, undertake commercially sensitive tasks\u2014and order pizza. Digital security is integral to our lives, every day. And as our&#8230;<\/p>\n","protected":false},"author":1,"featured_media":454540,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/scx2.b-cdn.net\/gfx\/news\/hires\/2022\/there-are-systems-guar.jpg","fifu_image_alt":"","footnotes":""},"categories":[16],"tags":[],"class_list":["post-454539","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-sciencee"],"_links":{"self":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/454539","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/comments?post=454539"}],"version-history":[{"count":0,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/454539\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media\/454540"}],"wp:attachment":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media?parent=454539"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/categories?post=454539"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/tags?post=454539"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}