Year-long research partnership results in RMIT validating Tide’s breakthrough in “True Zero-Trust” security, culminating in invitation to present at coveted national security event, the Technology Surprise Forum.
Digital security is vital to everyone – individuals, companies and nations – to protect everything, from bank accounts and private health data, to managing self-driving cars, protecting confidential commercial processes, and safeguarding our national security.
Yet in spite of all the efforts to protect our sensitive online assets, IT systems have never seemed so vulnerable. The number and sophistication of cyber attacks is increasing every year. In January 2022, TechNewsWorld reported that almost 6 billion accounts were compromised globally in data breaches during 2021. In the current geo-political environment, these statistics and the potential for further and more significant breaches makes this reality even more dangerous.
The ‘Zero Trust’ methodology is considered the Holy Grail in cybersecurity today. Its importance was cemented in US President Joe Biden’s 2021 executive order directing all federal government agencies to move towards a Zero Trust architecture.
The Zero Trust paradigm is rooted in the principle of “never trust, always verify,” it assumes that every user is potentially compromised and must therefore be continually verified.
However, even with most Zero Trust implementations, the final authority that performs validation still resides in a single, centralised process, accessible to key people within the organisation or their suppliers - making them vulnerable to a breach.
Dr Joanne Hall, Cybersecurity Senior Lecturer from RMIT University states “Identity and Access Management Systems, which sit at the core of many organisations’ security, require blind trust in a central authority to maintain security. This reality makes them a primary target for hackers – and is an Achilles’ Heel that, when exploited, is potentially catastrophic.”
Following a year-long research partnership, RMIT and the Tide Foundation have validated a solution to the potential vulnerability of the root authority, using novel secure multi-party-cryptographic technology.
This solution is made possible via a breakthrough, world-changing concept – dubbed ‘Blind Secret Processing’ – which changes the cybersecurity paradigm and could make large data breaches and unauthorised access to critical infrastructure things of the past.
The first true Zero Trust Identity and Access Management system, enabled by Blind Secret Processing, operates entirely blind to the authority it yields. With it, the authoritative keys to an organisation’s digital assets (e.g. data, funds, cyber-physical infrastructure) are decoupled from the system and reside fragmented and split across swarms of servers on a decentralised network.
“Individually, those servers are oblivious to the keys they partially hold, the process they partially action or the assets they unlock. However, together, as a swarm, they operate as a cohesive yet unimpeachable authority.” Said Michael Loewy, Co-Founder of the Tide Foundation.
The decentralised design allows non-trusting parties to protect each other, introducing exponentially greater security to any system for SMEs through to large enterprises. This means that there’s no one individual, system, organisation or vulnerability that can control or compromise the keys to the kingdom. A core breach of an Identity and Access Management system, no longer means a compromised authority.
Since 2019, the patented, open source technology has been verified and its impact recognised by a number of experts in cybersecurity, including RMIT, NTT, the Organisation for Economic Co-operation and Development (OECD) and the United Kingdom and Australian governments.
In 2022, Tide and RMIT have been invited to showcase this breakthrough technology at the joint Australian National University/Defence Science and Technology Group Technology Surprise Forum , being held on 13 May.
Tide is a deep-tech start-up introducing an entirely new cybersecurity paradigm of “Cyber Herd Immunity” through a fundamental breakthrough in Multi-party cryptography. This core technology enables new trust capabilities using a decentralised network of independent servers performing intelligent cloud processing with a secret no one has access to.
Tide was AISA Cybersecurity start-up of the year 2021, Winner of Tech23 2020, and has been awarded an Australian Research Council Grant.
RMIT is a multi-sector university of technology, design and enterprise with more than 96,000 students and almost 9,000 staff globally. RMIT’s mission is to help shape the world through research, innovation, quality teaching and engagement, and to create transformative experiences for students, getting them ready for life and work.
The University’s College of Business and Law is one of the largest business schools in the Asia Pacific region, offering industry responsive programs to both students and the future needs of employers, and delivering research and innovation with social impact.
Acknowledgement of Country
RMIT University acknowledges the people of the Woi wurrung and Boon wurrung language groups of the eastern Kulin Nation on whose unceded lands we conduct the business of the University. RMIT University respectfully acknowledges their Ancestors and Elders, past and present. RMIT also acknowledges the Traditional Custodians and their Ancestors of the lands and waters across Australia where we conduct our business - Artwork 'Luwaytini' by Mark Cleaver, Palawa.