Blockchain for Internet-wide Assured Combat ID

The Number and Type of Digital Forces With the ongoing military digitization of traditional forces and the increasing deployment of autonomous vehicles and other types of Internet of Things devices, reliable CID of the exploding network forces will become even more difficult. These small, low-cost, wearable devices and other types of digital forces require a commensurately small, low-cost, secure identity solution that is open, standards-based, interoperable, decentralized, and managed to affordably scale the Internet. . gridded battlefield.

Blockchain-enabled CID solution

Distributed ledger technology (aka blockchain) solves the digital identity problem by providing a scalable, decentralized, low-cost, highly secure way to cryptographically bind an entity’s identity to a private and public key pair, while also widely and securely distributing it. In a blockchain-based digital identity solution, an immutable hash of chained transaction blocks stored in a ledger immutably binds a new type of globally unique, immutable digital identifier (W3C Decentralized Identifiers, or DID) to a public key. The blockchain consensus mechanism ensures that each distributed ledger in the blockchain network independently records the identifiers/public keys associated with its own ledger. Thus, the entity’s DID and cryptographically locked public key are automatically and immutably distributed among all physically distinct and independently managed nodes of the distributed blockchain network. To verify an identity’s digital signature, a relying party looks up the subject’s DID at a local blockchain ledger node and obtains an immutably locked public key.

Since this key use case for blockchain technology has been recognized, several open source organizations have emerged to develop a common IP architectural framework and supporting open standards and applications. The resulting highly secure digital identity solution is known as self-sovereign identity, decentralized identity, and decentralized public key infrastructure.

When implemented, these standards and technologies take the form of small software agents and secure digital wallets installed on each participating network-connected device. Software agents and secure digital wallets use standardized protocols and cryptography to automate the provisioned CID. Agents of any communicating digital forces automatically establish a secure channel (pairs exchange public keys) and then exchange cryptographically verifiable claims about their identities, capabilities, and data through a small, lightweight, machine-readable, schema-defined system. they use an encrypted channel. , digitally signed verifiable credentials. Verifiable credentials are issued to digital forces (representing people, organizations and objects) by well-known reputable trusted issuers registered in the blockchain ledger. Verifiers of the verified credential look up the issuer’s DID on the blockchain, obtain the associated public key, and verify the issuer’s digital signature on the verified credential.

CID is implemented when agents verify the signatures of verifiable credentials exchanged and use attributes to perform mutual identification, authentication, and authorization. Once a trusted CID is completed, devices use the established trusted connection to perform various use cases.

For example, a sensor device transmits collected images to its controller over some complex multi-hop route. Because the sensor and its controller keep each other’s connection-specific identifier tied to their public key, sensor data and controller authentication are digitally signed and end-to-end encrypted between devices, regardless of any transport layer encryption. The receiving controller has high confidence that the image data comes from a valid sensor and has not been tampered with. The sensor has high confidence that the trusted controller actually received it.

The sensor can also store in its wallet some types of verifiable credentials that make various claims about the sensor itself, such as the camera’s manufacturer-approved resolution. This way, the controller can make better decisions about how to best use this sensor. For example, if the camera only captures wide-angle images, the controller will not attempt to assign it a collection task that requires zoom capability.

Value for you

Decentralized identity open standards and technologies powered by blockchain can provide CIDs of digital forces reliable enough to decouple command from control to the extent necessary to trust military decision makers in collapsing data furnaces, automate high-value decision making, and significantly shorten the kill chain. can

Tim Olson is a principal customer engineering solution architect for IBM. You can connect with him on LinkedIn:

The views expressed in this article should not be construed as official or as representing the views of AFCEA International.

Source link