Unified Access Control – Explained

The current cyber crisis is the result of a misapplication of technology based on a misunderstanding applying security protocols. Much of the current cyber crisis was created by a choice made last century. ANY path forward requires analysis of past decisions. Why were the choices made? Were those decisions correct? Are they still valid?

When secure activity entered the Internet, the digital security theorists fell into three major camps:

  1. Create a parallel Internet for secure activity. This was rejected.
  2. Require a second Factor in addition to data for authentication.
  3. Place a portal to secure data in a public environment.

The overwhelming choice was option 3. Once the choice was made billions of dollars were spent to mitigate the damage created by this choice. The result of this CHOICE is an environment where data is secure until an attacker arrives. Then security fails.

In order to justify choosing Option 3 marketing was applied making scientifically unsupported claim & falsely applying terminology. This has exacerbated the problem by giving people unversed in computer SCIENCE a false sense of security.

The Multi-Factor Authentication (MFA) is an example of weakened security passed off as an improvement. It was introduced to harden Access Control in a public environment. Was this because real security was too inconvenient? In reality MFA is a multiple step process in which data is gathered. Multi-Factor means TWO or more UNIQUE factors. Data is always ONE factor.

In science, words have defined meanings. Marketing may confuse people but it doesn’t change the definition of terms. MFA is conceptually and scientifically invalid. Yet “Experts” continue to explain how gathering data multiple times equates to two or more factors.

Two-Factor Authentication (2FA), as deployed, merged options 2 and 3. Those organizations that chose this path were driven by the need to join the digital world and understood that data-only authentication was inadequate in any access control protocol. They acted responsibly and should be applauded.

However, there are three problems with existing 2FA solutions. First, public access was retained. Second, the solution is deployed at the endpoint while at the server, 2FA remained data-only authentication. Third, 2FA failed to evolve with the Internet.

The correct solution was to merge options 1 and 2. The digital security theorists were correct, a parallel method for secure activity and hardware are required. However they were also wrong. What was needed was a hardware-based factor to create a parallel Internet access method rather than an entire second set of cables, routers, switches: hardware. (Really, these were valid discussions in their day.)

A parallel secure Internet with hardware as a second UNIQUE factor is the solution. If the 2FA providers focused as much effort on analysis as they did on marketing, they would have evolved to Physical Presence technology. However they choose to stagnate. Worse, the assumptions from their past became given facts today. Those decisions were invalid and have yet to be reviewed.

An option 1 and 2 solution uses hardware to create a parallel access environment that is integrated into the token. The token must be present to create the parallel access method, present to authenticate the environment BEFORE granting portal access, present as part of secondary credential authentication and present to maintain the environment.

A Unified Access Control Model requires a Presence-Factor throughout activity and a knowledge factor to authenticate access, This process limits access to a single individual with a uniquely serialized token with a singe related data credential.

Unified Access Control focuses security on a secure environment as an independent parallel Internet. Each authorized individual maintains the only token that will create their own uniquely serialized private parallel access method that exists only when they are interacting with the environment.

Underlying Premise.

There are three major classes of Data on the Internet: “Public” (self-explanatory), “Classified” (secure data that is created by public access) and “Secure” (data with a known audience).

Segregation of Secure data is an essential first step. Public and Classified data are part of public activity. Secure data is a special class with a requirement for special access. There is nothing public about Secure data. The most basic security protocol is to limit access to authorized entities therefore placing a portal on a public website is a correctable mistake. Remove the portal.

Once the website portal is removed there is no longer a valid reason to retain browser-based access. Remove it as well. Loading any secure data and conducting any secure activity via an environment that is built on content-mining was completely illogical in the first place. The fact that so many plugins also content-mine further compromised this environment.

Unified Access Control is as much a mindset as it is a methodology and system. Secure Access Control begins by requiring token-based access. An individual is forced to recognize that they are performing secure activity and the individual is responsible for their action. AND, for the first time in Internet history a solution can prove with a high degree of assurance exactly what activity a user is performing in a secure environment. This provides a method of accountability.

Security requires a buy-in from everyone or it fails. The current access control model places secure access responsibility and liability on a secure environment owner while requiring little from authorized individuals. Again, half a solution; both parties must participate and be responsible for security to be effective!

Designing security access to the lowest common denominator has driven access control technology to failure. The only way to fix this problem is educating people to use proper security, raising the level of the lowest common denominator rather than removing critical security protocols.

Seatbelt usage is a result of educating the public about auto safety. People can also be taught to act responsibly online; it just requires the business community to decide the damage is unsustainable. Equifax, in fact, destroyed the existing access control model.

The Technology

Skipping the technical explanation for now, at its essence deploying Unified Access Control is very simple:

  • Identify authorized entities
  • Distributed to authorized entities
  • A field is added to the user database for the public key associated with the individual’s token
  • Ship the correct token to the correct individual (a process already accomplished with credit and debit cards)
  • Remove portal from website and place proxy (reverse proxy) for access
  • Block all other connections that are not authorized and secure
  • With the removal of public access monitoring other connections will be more effective
  • Done

Figure 1

The current access control model for a secure environment can best be represented in Figure 1. Seven billion plus potential connections to a single public portal where every set of valid DATA credentials are accepted, Filtering unlimited uncontrolled access to only authorized individuals is next to impossible, the mistake in this model is even worse. Every bit of secure data for EVERY authorized individual is available at the exact same uncontrolled public portal. A breach at the public portal has the potential of compromising every authorized user.

Unified Access Control changes the approach to securing an environment. A Physical Presence token is distributed to authorized individuals, website portals are removed and browser-based access is blocked. Analysis for individual environments must start here.

Figure 2

A Physical Presence token is connected to a local device. The token initiates a session that creates a uniquely serialized operational-environment for interaction. At the secure environment role-based security can be initiated prior to presenting portal access rather than after data credentials are received.

New Call-to-action

With a token-based solution there is a UNIQUE method to create access. No matter how nuanced the conversation is, at its core a website portal is a path into a secure environment that can be exploited. The only solution is to remove this path of attack.

Public access to a Secure environment is a known persistent exploited weakness. If everything else around a secure environment stays exactly the same, how much better would every security product perform when access is limited to known entities?

The path to security never ends. But it also never begins until the first step is taken. Once public access is removed security experts can focus on the next step. In a binary environment after every decision there is always another decision to make. Everything on the wrong fork in a binary environment will wither and die. Perceptive tech companies will evolve quickly to take advantage of the non-public access fork.

The ripple effect from every step forward in a binary environment ALWAYS calls into question the decisions on the other fork. What is really needed? Is the product still necessary? How many connects were hidden in the noise of public access?

Unified Access Control is the beginning of securing data on the WWW. Unified Access Control does not fix everything. It fixes the FIRST highest level mistake.

Figure 3

(A token can take any form-factor and use any connector. Figure 3 is just a representation of ONE option of a token’s form-factor.)

A physical presence token must be device agnostic, install no software and use no installed software. The token must be serialized, hardened and Read-Only. It must contain RAM to maintain secure data related to secure activity, software to create a pristine environment each and every time and upon removing the token no footprint can be left behind. The environment must be backward compatible so existing browser-based operations transfer with minimal effort.

The token is integrated into the operational environment. When secure interaction is complete, the token is removed and all session data evaporates. Remove the token during the session, the session implodes and all session data evaporates.

Step-by-step walk-through

Usage of a unified access control model requires the individual to CONNECT their token to a device. Every individual has a uniquely serialized token that must be present for the entire session. Figure 4 is an overview of the process.

Figure 4

Let’s address wireless connectivity now. RFID in security is an inappropriate use of technology at best and I will not waste time on it. Bluetooth is the “secure option”.  “What is BlueBorne? Billions of phones, laptops and TVs at risk of silent Bluetooth hack”, Jason Murdock – International Business Times.

  • The process begins with the connection (7) of the token (1) to any device to create an operational-environment (2) initiating the process
  • The token’s operational-environment opens and then provisions the token’s RAM and connects (8) to an Authentication Server (3) passing a public key.
  • The Authentication Server (3) accepts the connection from the environment and verifies the token hasn’t been reported lost of stolen
  • If stolen, the Authentication Server (3) sends a self-destruct code
  • If not, the Authentication Server (3) initiates a challenge and response protocol
  • Authentication Server (3) sends a challenge question back to the environment (8). The operational-environment (2) uses the token (1) to process the challenge and the response is returned (8)
  • The Authentication Server (3) processes the response and if valid, the path to the token’s secure environment is passed back (8)
  • The token is blind to both its owner and its secure environment until this point. Now the token knows only its community.
  • The operational-environment (2) connects (9) to a secure community Proxy Server (4) passing the tokens public key and session ID
  • The proxy sever calls to the community (5)(6) to verify the token is still valid and to retrieve role-based data for session control
  • Proxy Server (4) connects (10) to the Authentication Server (3) requesting the token’s session ID.
  • If the session ID does NOT match, the Proxy Server (4) rejects the connection and the operational-environment implodes
  • If the session ID matches, the Proxy Server triangulates communication (8)(9)(10)
  • Once the Proxy Server (4) completes securing the environment, access and the communication, the logon screen is passed (9) to the Operational-Environment (2) and user interaction begins.

At this point in the process Unified Access Control passes operational control to the environment. The communication from the community to the individual is direct with no content mining. The only data retained by the process is the IP address of the token and the timestamps for session start and end.

For the end user interaction with Unified Access Control is also a process:

  1. Plug in the token
  2. Initiate session (a click)
  3. Enter credentials and interact exactly the same as they do through a browser and website portal. (Access Control cannot get any easier for the end user!)
  4. Remove the token when complete and all trace of the session evaporates.

Unified Access Control requires every aspect of the system to be present and validated or the model fails, the operational-environment implodes and a new session must be imitated. The entire access methodology and system is secure or it will not operate.

Simply a Physical-Factor (the token) integrated into an Operation-Factor creates a UNIQUE Presence-Factor for every individual/token combination.

A New Landscape

Once a Presence-Factor is part of cyber security protocols the entire landscape changes. Credit card data can be compromised in too many places to be trusted digitally (card-not-present transactions). A breach at any retailer provides data that can be used at every retailer. Yet, a bank with a Presence-Factor can mitigate the breach before it happens. Adding a “Presence Check” to authorization protocols requires both the bank and the consumer to act responsibly.

The consumer must log into the bank for presence when shopping. The Bank captures the IP address of the logon and monitors the connection for continued presence. The consumer goes to a retailer and completes a purchase EXACTLY as they do now. The retailer passes the SAME data they do now.

Unified Access Control secures the bank and the consumer from theft. If the Bank requires the IP address of the transaction along with the current credentials, an IP address check can provide additional assurance.

Medical record access, requiring a Presence-Factor, accomplishes what HIPAA set out to do and so much more. Taking into consideration the convoluted method records have been stored, access is made difficult because of product incompatibility. A Presence-Factor still provides a tremendous value beyond access control!

Basic analysis of the landscape: Medical data is decentralized without a unifying method to share the data. The population is mobile so an individual can receive treatment anywhere, anytime. The only uniform location for data, for those who are insured, is the insurance company. Every time an insured is treated the bill is submitted to their insurance company for payment.

Now let’s consider the effect of a Presence-Factor in medical insurance. The insurance company merges Physical Presence technology into their insurance cards. This part only requires the insurer to act. Of course the insurer can remove the website portal and browser-based access to insured’s data but this is just the beginning.

When an Insured patient visits a physician they present their insurance card. The physician logs into the card. The insurance company can provide a treatment overview by a simple query to their billing database. They pull every bill, treatment code, diagnosis code, drug code and other required data related to the Insured. This data can then be displayed so the physician has a more robust understanding of the patient’s health.

Now, if the Insurer requires a link to the record for payment, the Insurer becomes a SECURE gateway to medical records while exceeding every access standard set by HIPAA.

Proper tracking inside the insurance companies environment provides a wealth of information that can be utilized. When the physician is reviewing the data with the patient, unauthorized treatments can be identified and reported placing both the insured and the physician actively into the fraud prevention model.

The fact that the physician and insured’s insurance card were present at the same time can be used to identify billing anomalies with a high degree of accuracy. If the card is NOT present, trigger a flag. This is just adding a log check to the billing approval process. Again the consumer is only being asked to act responsibility, the Insurer is taking advantage of their responsible action to improve overall security.

No matter what technology is introduced security will always come down to conscious responsible action. Until we demand that action, security will continue to fail.

The first step to responsible action is accepting that a mistake was made before most people in cyber security were in cyber security. There is no one to blame so let’s not point fingers when hindsight is 20/20. I know that when I was 20 I knew everything. Now I look back and realized I was clueless. It is an effect of maturity.

The time for cyber security to mature has arrived. Demanding PROOF-of Identity for secure activity is not only reasonable, but is necessary.

Unified Access Control is the first necessary step to a secure cyber environment. The future path of existing technology will be profoundly changed. Let me state: “I personally stand firmly AGAINST a universal identifier for secure access. The thought of that much power in the hands of a single entity is horrifying!”

Still the cloud’s capabilities are just being touched upon. Imagine a cloud offering desktop hosting. Everything currently housed on a local device stored in the cloud and requiring a uniquely serialized token to create a serialized environment to interact with the desktop. Local devices can go back to dumb terminals with only minimal operability and drivers. This will minimize local exposure to devices being compromised.

All the technology related to Unified Access Control already exists and has been proven. Cyber Security Experts just need to change there viewing point not their point of view. Unified Access Control is everything they know applied in a way they never considered.

The future is waiting for YOU!


Arrange a Conversation 


Article by channel:

Read more articles tagged: Cyber Security, Featured