| Future Potential |
>>>
page 1 - page 2 - |
 |
| Single Sign-On |
|
| The Trust Nexus
offers a unique opportunity to create an efficient single sign-on
process. One of the goals of single sign-on is to eliminate the hassles (for both
users and administrators) of managing multiple usernames and passwords. |
|
| Rather than entering a user name and password
into a web form or corporate identity system, under the The
Trust Nexus a user would simply place his/her cell phone into a computer's
NFC docking port, enter his/her PIN and then click the "Sign-On" button on a web
page. Through the NFC interface and an Internet browser plugin, the user's private
key would be used to encrypt a transaction ID in a hidden form field. The user's legal
identity would also be sent from the user's digital wallet to the web application
provider. |
|
| The web application provider will have access
to the user's legal identity and the associated public key by accessing The Trust Nexus Repository. If the provider can decrypt the transaction ID by using the
user's public key the provider can be certain of the user's identity. |
|
| Web application providers could also be
identified in the The Trust
Nexus Repository.
This would enable mutual authentication between users and providers thus eliminating phishing scams. |
|
| The Trust Nexus
will nearly eliminate fraudulent Internet transactions. |
|
| One of the most significant benefits in using The Trust Nexus for single sign-on is that there
are no administrative requirements for managing or coordinating passwords. This
process is far superior to the "federated identity" process provided by the Liberty Alliance framework. |
|
 |
|
| Simplified Identity
Federation |
|
| Utilizing the infrastructure created by The Trust Nexus it will be a very simple process for organizations to federate the
identity of their users. The organization will provision a credential to their
users' digital wallets. This credential will contain the identity and rights of the
user. An encrypted hash of the credential will be stored in the The Trust Nexus Repository enabling anyone to authenticate the credential when the user
presents it. |
|
| In a variation of this process the
provisioning institution does not store the encrypted hash value in The Trust Nexus Repository; rather, the credential itself could contain a reference to a
repository maintained by the provisioning institution. This reference to the
repository could be authenticated by an entry contained within The Trust Nexus Repository (through the institution's primary credential). In this way
an institution could federate the identity of it's users simply by adding a credential to
each of it's user's digital wallet and creating an institutional reference within The Trust Nexus Repository. |
|
|
|
| Medical Records
Security and Transportability |
|
| The Trust Nexus
will enable users to secure and instantly access their medical and insurance
records. This should greatly improve the efficiency of the world's health care
system by, "streamlining patient interactions and enhancing patient satisfaction
throughout the healthcare process." |
|
|
|
| Corporate and Network
Security (the end of cyber-crime) |
|
| The Trust Nexus
will make corporate identity cards obsolete. Corporations and government agencies
will be able to install and manage their own identity repositories for managing user
access, authentication and authorization. Corporations and government agencies will also
be able to use the principles of the The Trust Nexus
to authenticate, authorize and manage network systems. |
|
| The Trust Nexus
will nearly eliminate system "hacking". |
|
|
| >>> page 1 - page 2 - |
|
