introduction to ent (entity network translation)

The Trust Technology

Entity Network Translation {ENT}

1All information contained in this presentation is proprietary. Copyright ENT Technologies 2015. All Rights Reserved.

The need for our digital systems to operate in a trustworthy way has never been greater. But our current trust technologies are failing us – bigger and more frequently.

In Our Digital Systems, Trust Is Critical… And Failing


INTRODUCTION TO ENT

The reason for the failures? We’re forced to rely on trust domains.

“2014: The Year of the Hacker, More To Come in 2015” ~ CIO-Today.com

“The security industry is failing. It has failed.” ~ Amit Yoran, CEO of RSA; Fortune.com interview, April 2015

Currently, all digital transactions occur in someone’s trust domain – a transaction network where trust is guaranteed by an owner who issues and enforces identity.

3

Trust Domains: Required For Trusted Transactions

All information contained in this presentation is proprietary. Copyright ENT Technologies 2015. All Rights Reserved.

Trust domainowners manage

accounts and identitiesvia PKI,

passwords,etc.

INTRODUCTION TO ENT

User Accountsvia passwords

Company AUser and MachineIdentities via PKI

Company B

Alice wants to transact with Bob. The only way they can trust each other’s identity is to choose a trust domain and create accounts. The domain guarantees their identity.

4

Trust Domains: An Example


[email protected]@CompanyA.com

Company A owns all the accounts and data in this

domain

INTRODUCTION TO ENT

Company A

Alice

f

• Inside a trust domain, entities can transact freely.

• No transactions occur between trust domains. There is no way to enforce trust.

5

Trust Domain Interaction

Transactions OK Transactions OK


INTRODUCTION TO ENT

Company A Company B

f

• A trust domain owner effectively owns all user identities and data in their domain.

• This prevents one organization from using another’s domain.

6

Trust Domain Ownership = Incompatible Domains

“Use our trust domain. It’s great!”

“No. That would give you too much

control.”


INTRODUCTION TO ENT

Company A Company B

1. Trust domain owners are responsible for protecting user identities and data.

2. Domain users have no control of their identity/data, which increases their anxiety.

3. Data breaches and privacy legislation represent major risks to trust domain owners.

7

Trust Domain Ownership = Increased Risk

Company A has de-factoownership of everything

in their trust domain, and this attracts risk.

User has no ownership

Risk FromLegislation

Risk FromBreaches

Valuable data poolattracts threats


INTRODUCTION TO ENT

Company A

• Current trust domains set one-size-fits-all rules for accounts or identities.

• This doesn’t work for every need, and it’s ultimately unsafe because users find insecure workarounds.

8

Trust Domain Rules Don’t Fit User Needs

Required: Password20 characters max

Required: Password + device key10 character max

Unmet Needs =Insecure

Workarounds

Trust domain rules can’t be

decided by users or changed to fit

their needs


“I forget my passwords.”

“I needbiometric.”

INTRODUCTION TO ENT

Company A Company B

The Internet of Things (IoT) is rapidly growing into billions of devices – always on, installed everywhere, connected into critical systems. This is a security and privacy nightmare, impossible to adequately manage with a trust domain approach.

9

Trust Domains Can’t Scale For The Internet of Things


INTRODUCTION TO ENT

Already difficult to protect

Practically impossible to protect NW: What should enterprises worry about when it

comes to the Internet of things?

Schneier: Everything.

NW: What practical steps should a CSO/CISO take now, anticipating there will be this IoT to deal with?

Schneier: There’s nothing you can do…No one’s paying any attention to security, no one’s doing updates, no one knows anything - it’s all really, really bad and it’s going to come crashing down…The Internet of Things is attached to your IT infrastructure so it’s going to be pretty serious.

~ Bruce Schneier, Cryptography/Security ExpertInterview with NetworkWorld.com

10

Trust Domain Limitations Cause Serious ProblemsTechnological limitations force users into trust domain membership without any control, and are the central cause of our current massive digital problems:

1. Lack of Ownership: Someone else owns our data.

2. Lack of Privacy: Someone else manages the exposure of our information.

3. Lack of Security: Someone else manages our identity and access.

4. Lack of Interoperability: Current trust domains can’t inter-connect.

5. Catastrophic Failure: Big trust domains have big risks, and big failures.

6. Physical Safety Threats: In the IoT, trust failures have real-world consequences.


INTRODUCTION TO ENT


NONE of the existing trust technologies can directly connect users, devices and other network entities at a global scale. They can only be connected by trust domains.

fff

“Security has failed… If we don’t succeed and turn the current paradigm around,I think there is a catastrophic situation for technology in general…”

~ Amit Yoran, CEO of RSA; Fortune.Com Interview, April 2015

Trust Domains Have Failed.

ENT’s next-gen technology solves this problem with a brand new approach.

INTRODUCTION TO ENT


ENT’s Approach: Entities That Manage Their Own Trust Entities are anything that can be represented digitally in a network system. Each entity controls its own identity, data and access levels. Entities form trusted, permission-based connections between each other at will. Entities connect at near-zero cost and can run in practically any environment.

Company B’s shipping solution connects directly

to vehicle

Company A ownsand connects

directly to vehicle

Vehicle manages its own trusted connections,

security & data privacy

ENT ENTCompany A Company B

INTRODUCTION TO ENT


ENT Works For Any Entity, Anywhere, For Any Purpose

Humans

Data

PhysicalGoods

Devices

Software

NetworkConnections

Components

Groups

Concepts LikeCorporations

Controller1.Devices.Company

An entity is anythingin a system.

Entities connectto each other in

any configuration.

ENT’s automated system issues identities and enforces every entity’s

rules for its trusted connections.

Every entity managesits own strong identity and

trusted connections.

INTRODUCTION TO ENT


Internet

Security added on; No entity-level identity, privacy, control

Security added on; No entity-level identity, privacy, control

Every entity has identity & control

Every entity has identity & control

Secure,Private

Connection

Secure,Private

Connection

Secure,Private

Connection

Secure,Private

Connection

Machine-to-Machine Connections Entity-to-Entity Connections

Inte

rnet

With machine-to-machine connections, security is an add-on and privacy is missing.

With entity-to-entity connections, security & privacy are a natural outcome.

Direct Entity Connections Naturally Solve Big Problems

INTRODUCTION TO ENT


Trusted Entity Connections Are A Revolution In Systems

NetworkA

NetworkB

Internet

EntityA

EntityB

ENT

The Internet revolution allowed computer networks to interconnect, but trust wasn’t built into its root technology, forcing everyone to rely on trust domains.

ENT allows individual network entities to directly connect with trust –a revolution in digital systems that will be as significant as the Internet itself.

INTRODUCTION TO ENT


ENT Is Built On A Radical New Approach To Cryptography Relational Key Infrastructure (RKI) is ENT’s new patent-pending crypto-architecture.

RKI’s innovations enable trusted, decentralized micro-networking between entities.

RKI re-engineers asymmetric cryptography, eliminating the requirement for central authorities or manual key management of any kind.

RKI is a fundamental breakthrough that solves difficult problems that have been around since the Internet began.

Multiple RKI patents are pending in the United States and abroad. We expect our current portfolio to expand to thirty or more high quality inventions.

INTRODUCTION TO ENT


INTRODUCTION TO ENT

ENT has just four simple components with a wide variety of possible deployment options.

ENT’s Decentralized System Is Uniform, Robust & Versatile

2. VERINYMS

Verinyms are uniform, integrated “virtual machine” objects that can represent any entity in ENT’s system. Verinyms have powerful RKI-based network functionality like identity, title, control, resolution, and more. Verinyms have direct authorized operations with other verinyms, store their own data and are mobile across nodes - a fully distributed system.

Sensor

Multi-Processor

Gateway

ASIC/Dedicated

1. NODES

Nodes execute & enforce user-determined, authorized operations as directed by verinyms. Nodes operate autonomously and run in a wide variety of environments.

3. API

Allows programmatic access to the node.

4. USER INTERFACE

The UI allows for contact manager style verinym administration


INTRODUCTION TO ENT

ENT maps system actors into decentralized, strongly identified and integrated entities.

Entity owners self-manage ownership, actuation & trusted network connections.

Entity authorizations exactly match real-world trust structures & scale to context.

ENT Maps Real-World Trust Directly To Digital

[ CEO.Company AND CTO.Company AND Managers.Company AND DesignGroup.Company ]

CEO.CompanyOwned By:

BoardMembers.Company

Controlled By:AliceSmith.Person

CTO.CompanyOwned By:

CEO.Company, HR.Company

Controlled By:BobDoe.Person

Managers.CompanyOwned By:

CTO.Company

Joint Group Control By:Manager1.Company, Manager2.Company,

Manager3.Company

Device.Specs.CompanyOwned By:

Managers.Company

Controlled By:DesignGroup.Company

In this example, a strategic decision to change a high-value designrequires a joint authorization in a specific pattern:


INTRODUCTION TO ENT

With ENT, security is a natural outcome of a decentralized system.

ENT Security: End-to-End, Arbitrary Levels Of Strength

Resilient identity No external dependencies No central points of failure

Entity-level access to arbitrary levels of strength Heterogeneous encryption

Explicit, Multi-AuthConnections OnlyArbitrary auth levels; unauthorized requests are rejected

Precisely Scoped NetworkDirect entity-to-

entity connection, no middleman

HeterogeneousEncryption

Encrypted channel; any algorithm can be used for each channel

Decentralized,Resilient IdentityRKI/multi-auth IDis not tied to centralvulnerable authority

Integrated Entities, NoExternal DependenciesBlack box operation reduces attack vectors

DesignGroup.Company Device.Specs.Company


INTRODUCTION TO ENT

ENT Data Privacy: Decentralized System Reduces Breach Risks

PartitioningData exposure is reduced to a single source or record that is strongly identified and changes locations across nodes.

Engineer.Vendor

Proprietary.Device.Specs.Company

VendorChip.Device.Specs.Company

Heterogeneous EncryptionData is encrypted in transit and at rest; variety of algorithms

Per-Datum AccessAuthorizationData is a first class system entity with arbitrary levels of access control for authorized entities Authentic Schema

For Data AssuranceVia semantic matching, user can have assurance of data composition, type, and what parts are being exposed.

With ENT, data privacy is a natural outcome of a decentralized system. Data partitioned into small pieces across many locations Datum-level identity Datum-level access to arbitrary levels of strength Advanced privacy techniques

DesignGroup.Company


INTRODUCTION TO ENT

ENT includes and exceeds the best-in-class characteristics of current crypto system technologies, avoids their limitations, and solves the right problem – entity-level trust.

PKI(Certificate Authorities)

GOOD: Administrated Trust Roots/Domains;Included in ENT

PKI Problems…

Catastrophic Key Loss

Manual Issuance & High Cost Per Crypto Key

Centralized Control

Costly Key Protection

Vulnerability From Human Error

Lack Of Interoperability

PGP(Personal Crypto Keys)

GOOD: Direct, Trusted Connections;Included in ENT


Lack Of Scalability

Not Interoperable

No Durable Identity

Human-Only Usage Limitations

PGP Problems…

Symmetric(Usernames, Passwords)

GOOD: Inexpensive, Simple To Implement;Included in ENT

Human-only Usage Limitations

Vulnerable to Social Engineering Attacks

Vulnerable to User Work-arounds for Management

Easy To Spoof Identity

Developer Implementations Are Often Uneven/Insecure

Symmetric Problems…

Blockchains(Bitcoin, Ethereum)

GOOD: Decentralized, Automated Enforcement;Included in ENT


Vulnerability From Systemic Collusion

Complicated Issuance, Mining/Assurance System, Incentives & Transactions

Lack Of Efficiency, Privacy, Interoperability

Long-Term Ramifications Not Well Understood

Blockchain Problems…

ENT Exceeds Current Standards, Without The Downsides


INTRODUCTION TO ENT

ENT is a comprehensive solution for intractable trust challenges dating back to the beginning of the Internet, and a foundational advancement in robust, next-generation global systems.

ENT Is A Fundamental Breakthrough

Identity For EverythingHumans, devices, software, data, groups, physical objects, concepts

Scalable SecuritySimple access to complex multi-authorization scenarios

ResilientNo single point of failure, rapid recovery in case of disruption

Versatile, AgileUseful for any purpose, able to easily change as needs change

Robust Data PrivacyPublic visibility to military-grade data masking

Scalable OperationEmbedded devices to complex global networks

Cost-Effective, EfficientInexpensive to operate, better ROI from development investments

Uniform, InteroperableStandardized operation across difficult, diverse domains

User EmpowermentUsers and organizations make the rules and the system enforces them

True Digital OwnershipDigital assets are as exclusive and transferable as physical property

Grid Computing“Big Data” processing; storage, bandwidth, & compute commoditized

Trusted ComputingData and software ownership rights are enforced everywhere

Use Case: Automated Vehicles, Step 1 - Configuration


INTRODUCTION TO ENT

At the time of an emergency, an ad-hoc Dispatch Control Group is formed that includes 911 and hospital dispatch, and the local roadside beacons on the route.

The automated Controllers are provisioned to require a signed directive in a specific DoT-approved emergency format from the Dispatch Control Group and each vehicle’s verification system.

The vehicle Controllers require mutual agreement to perform joint actions, such as moving to the side of the road.

All entities have strong identity & trusted connections. Coordinated or high-risk actions require agreement.

dd d

d dd

d d

dd

d

dd

d

dd d

Truck

Ambulance Car

DispatchControlGroup

ControllerA

ControllerC

Controller B

HospitalDispatch

RoadsideBeacons

911 Dispatch

Use Case: Automated Vehicles, Step 2 - Activation Ambulance sends Truck notification that it is approaching – its identity, speed and location.

The Truck’s controller gets agreement on Ambulance data from its speed sensor and GPS chip.

The Truck’s controller pulls over the truck, and notifies the Car to pull over as well.

All vehicles have strong identity & trusted connections. High-risk actions require agreement.


INTRODUCTION TO ENT

Truck CarAmbulance

SpeedSensor

GPS Chip

Use Case: Medical Record Data Privacy With ENT, Bob owns and controls his own medical record data, including where it is stored.

Bob’s doctor requests access to the medical data. Bob grants access, but he first requires the doctor to sign his own terms of use agreement. The doctor now has direct, time-limited access.

Only Bob, his data and the doctor are involved. The transaction is fully private and secure.


Bob

Bob’s Medical Record

Doctor

Bob ownshis medical

data

Doctor signsBob’s terms of use

for time-limited access to data

INTRODUCTION TO ENT

Use Case: The Potential of Real Data Ownership The output and activity of our business and personal lives are as much digital as they are physical.

The value of our digital assets is enormous, but currently no viable ownership mechanism exists.

With ENT, digital assets gain all the exclusivity, value and transferability of physical property.


INTRODUCTION TO ENT

IoT Data

Every piece of data from any device or system – individually or in

aggregate – is as much a property asset as the hardware source it came from. Every datum can be

exclusively transacted by the owner, from a subscription model to a

complete transfer of property rights.

3D Printing Designs

The rise of on-demand fabrication for construction, medicine, fashion and more means that value of a product will begin to migrate away from its

manufacturing process and more into the design itself. The designer’s ability to exclusively control and iterate their own intellectual property becomes an

extremely valuable asset.

Personal Genome

Our genomes contain some of the most personal, and valuable, information

about who we are. Our personal ownership over this information

should be total and exclusive, including our ability to allow discrete paid

access by researchers and businesses to its wealth of insights.


INTRODUCTION TO ENT

Use Case: Increased Developer ROI= Requires dev investment & ongoing support

ENT = User-Driven Platform, High ROI

Value-Add Application

ENT Slim Open Standard API

User-Defined Stack

StorageRouting Auth DataUser Mgmt

ENT Open Standard PlatformCommodity hardware/processing

= Requires developer visibility/knowledge

Current Tech = Manual/Fixed Stack, Low ROI

API

Server Infrastructure

HTTPS, Bluetooth, 6LoPAN, Zigbee, etcTransport

StorageRouting Auth DataUser Mgmt

Value-Add Application


INTRODUCTION TO ENT

Case StudiesExplore the real-world

advantages of ENT systems

ENT SystemGet a detailed overview of ENT’s design & operation

Take A Deeper Dive Into ENT’s Decentralized Trust SystemENT is a revolutionary step forward – a decentralized, entity-to-entity trust infrastructure.

ENT eliminates common hassles like spam and passwords, makes true data privacy and ownership possible, dramatically decreases vulnerabilities in even the most high-risk, ad-hoc environments, and lays the foundation for real trusted computing.

Contact us to learn more about ENT’s decentralized trust solution!

RKIExamine ENT’s innovative

crypto-architecture in-depth

www.ent.net

Business DevelopmentToll Free 844.837.4696 ~ [email protected]

F O R I N Q U I R I E S , P L E A S E C O N T A C T

All information contained in this presentation is proprietary. Copyright ENT Technologies 2015. All Rights Reserved. 29

introduction to ent (entity network translation)

Technology

trust domain ownership

someones trust domain

ent company

domain introduction

current trust technologies

current trust domains

copyright ent technologies

domain users