Today’s method for Internet interaction was designed on the fly and built without any knowledge of what the Internet was or what it would become. Browsers were designed to browse this wild new digital world in a “user-friendly” fashion. Browser brought the public to the Internet by making navigation easy.
A frightening truth is that cybersecurity began failing the moment alleged secure portals were added to this browser-based environment. This single action undermines every current cybersecurity solution. Granting secure portal access to unknown individuals in an uncontrolled environment violates security protocols.
At the time the drive was for usage, not security. When security stood in the way of convenient public access to secure services, it was rejected as a hurtle to the adoption of services by consumers and it was ignored. This harsh truth still applies today and is a contributing factor to the cyber crisis.
The time has arrived to go back and re-evaluate uninformed decisions from the past with knowledge garnered from years of experience. Indirect assertion of Identity is the best that can be achieved in a browser-based environment. Browser-based access is designed for public activity and cramming secure activity into this environment was, is and will continue to violate security protocols.
The first cybersecurity error was granting public access to secure services. Therefore, the first step to correcting the problem is to remove public access to secure services. This can only be accomplished by removing website portal access and browsing from secure activity.
What is Existence
The following definitions apply:
- Existence is “having objective reality”
- An Aura is a physical device used as identification.
Existence-based access provides a unique non-data factor at the point of authentication. An Aura is integrated into the server-side operations. A serialized private portal, created by the Aura, requires elements from the server and the server requires elements from the Aura or the connection fails. The Aura creates and maintains a state-of-existence, “presence” for authentication.
Existence requires an interdependent system where the endpoint, server and communication are unified into a single process. If any part of the system is not present the system will not operate.
When an Aura is connected to a computing device it is present at the device. When the private portal software is executed a connection is created between the Aura, local computing device, authentication server and existence server. If any part of the process is compromised, or the Aura is removed, the entire process implodes leaving no session data on the local computing device or the Aura.
Existence-based Access Expalined
Existence is an empty container much like a bottle. When a bottle is filled with milk, soda, juice, etc. it is referred to by the content of the bottle. You go to the refrigerator for milk, soda or a beer never thinking about the container, be it a bottle or can.
The existence container takes on the properties of what is loaded into it, much like the bottle. Secure Aura is introducing a blockchain payment system in the container, so it becomes a payment system. Cyber Safety Harbor offers a private communication suite for messages and file transfer, in this case the Aura is an existence communication suite.
It does not matter what is loaded into an existence solution. The key to the system is the ability to:
- Remove public access to secure services
- Identify an Aura before granting access to a portal
- Apply role-based access prior to user interaction
- Evaporate when access is completed leaving the only record of activity within the secure environment
Existence is focused on protecting the use of data. Existence can be deployed in parallel to existing infrastructure. The immediate change for current systems is adding a function to verify presence before executing a transaction. (If I’m not present, it is not me.)
As existence’s functionality is fully realized, it creates a closed secure existence community of known users thus, improving overall data security. A basic physical security protocol is to limit access to known users, existence applies this protocol before portal access.