1. Mobile Device and Attribute
Validation (MDAV)
R&D Topic Area
Access control at the
point of need
PI: Steve Wilson
Lockstep Technologies, Sydney, Australia
swilson@lockstep.com.au
+61 414 488851
http://lockstep.com.au/technologies
1
2. MDAV: Customer Need
Field
Manager
First
Responder I’m here to help!
Great!
But what are you?
First responders working across jurisdictions need to convince field
personnel of their credentials.
“Provenance” is critical. How was the credential issued? How has it been
conveyed?
E.g. Concealed firearms permit, hazmat ticket, security clearance etc.
2
3. MDAV: Approach
Anon/pseudonymous certificates holding authoritative attributes
convey provenance of issuer and of the device used to present it.
Individual
3
Concealed Carry XYZ
Credentialing Agency
Smart phone Model M
1. Smart device controlled
by Individual
2. An authority issues an
attribute and seals it in
a digital certificate.
3. Cert bound to
device via key pair
Device
with private key store
Certificate
MOBILE DEVICE AND
ATTRIBUTE VALIDATION
4. Strong proof of credentials with no need for
extraneous personal details; privacy enhancing
Provenance: Certificates convey the (1) authority that
issued the credential, and (2) what device carried it
Credentials are verifiable in offline and occasionally-
connected environments
Strong audit trails
Fast, de-centralized, light-weight processing
Standards-based; leverages native cryptography in
smart phones, smartcards, future IoT devices
Will value-add ID smart cards and phone apps; invert
the traditional privacy concerns with chips.
MDAV: Benefits
4
5. MDAV: Potential Transition Activities
First Responder Field Manager
Digital wallet of attributes
on capable device
Relying Party App.
1. Do you have a permit?
Concealed Carry XYZ
Credentialing Agency
Smart phone Model M
2. Yes:
Prototype in M2M manual access control); transition to mobile-to
system or card-to-system with PACs/LACs partners.
Productize credential certificate mgt with commercial PKI CSPs.
Standard crypto APIs, so solution can diffuse into many form
factors and enterprise systems, eg smart license initiatives and
IoT. 5
Editor's Notes
Descriptive text for picture: An iterative algorithm for finding a good classifier. Noise is added at each step in order to ensure privacy protection, while maintaining classifier accuracy.