Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Lamont29
Community Champion
‎03-24-2019 09:44 AM
‎03-24-2019 09:44 AM

Problem Solving: Social Security Number Replacement

I have heard the idea that the federal government should consider utilizing blockchain as the answer to replacing Social Security numbers, and that will make us more secure, safeguarding our privacy. However, I summarily disagree with this idea. Private business is the root cause of the problem. Social security numbers were never intended for financial transactions in the business space. Private business, with the largely unsanctioned credit bureaus hijacked consumers and mandated the use of social security numbers. Private industry shall bear the responsibility for resolving this problem. Simply replacing a flawed process with a process that will be rendered flawed is not the solution.

 

We have enough technology and certainly enough brilliant minds right here on this forum as (ISC)2 professionals, that we can devise a proper solution and publish it for government and business consumption. Now I can be wrong about leaving the solutions in the hands of private industry, but I’d like to learn what others think about this issue.

 

Why don’t we try this - if only for hobbyist activity. Hey, we might actually contribute to the betterment of our society by making all Americans more secure!

Lamont Robertson
M.S., M.A., CISSP, CISM, CISA, CRISC, CDPSE, MCSE
8 Replies
Flyslinger2
Community Champion
‎03-25-2019 08:03 AM
‎03-25-2019 08:03 AM

I wrote a white paper a couple of years ago addressing this issue. With the Federal PKI as the backbone, cradle to grave tokens could be issued for U.S. citizens world wide (Post Office) and integrated with every federal system, SocSec, credit bureaus to lock your accounts, and your healthcare container to name a few.

 

With the protocols supported by the Fido Alliance, something like a Yubi Key and decent integration it could be accomplished.  

Lamont29
Community Champion
‎03-25-2019 08:16 AM
‎03-25-2019 08:16 AM

That's great! We could probably examine your work for further studies as we embark upon this strategy.
Lamont Robertson
M.S., M.A., CISSP, CISM, CISA, CRISC, CDPSE, MCSE
0 Kudos
DudleyI
Viewer II
‎03-27-2019 05:14 AM
‎03-27-2019 05:14 AM

This article is very relevant to this topic:

https://medium.com/@blake_hall/moving-beyond-social-security-numbers-part-1-claiming-your-unique-dig...
Lamont29
Community Champion
‎03-27-2019 07:53 AM
‎03-27-2019 07:53 AM

Hey Dudley,

 

 

That's a very good article relating to this topic. I will finish reading all of the parts on my lunch break. I think that a lot of conceptual work has already been put in and I was hoping that I could spark more evangelism of those ideas from (ISC)2 professionals, so I am hoping that this topic catches fire. Thanks for sharing this.

Lamont Robertson
M.S., M.A., CISSP, CISM, CISA, CRISC, CDPSE, MCSE
0 Kudos
Jknox0111
Viewer III
‎05-09-2019 04:28 PM
‎05-09-2019 04:28 PM

This might be the perfect use case for a blockchain based National ID. Decentralized enough to have evolving use. Secure enough to incorporate the use of public and private keys. Public enough for identification and transparency. Private enough to support financial transactions. Secure enough, as the person with their keys. 

Lamont29
Community Champion
‎05-09-2019 04:33 PM
‎05-09-2019 04:33 PM

So, has someone published a whitepaper on this as a proof of concept? How would this work in practice?
Lamont Robertson
M.S., M.A., CISSP, CISM, CISA, CRISC, CDPSE, MCSE
0 Kudos
Jknox0111
Viewer III
‎05-09-2019 04:41 PM
‎05-09-2019 04:41 PM

There is a whole community of people moving in this direction. You can find out more about it at 

("https://sovrin.org/")
 
Before you go any further... ***Disclaimer***

 

I do not support nor am I connected with any of the content provided by this community. I am just aware that there are people looking to take on the challenge of finding a better way of securing identity by utilizing a digital means. 

 

Now that, that's out of the way, here is the companies linkedin as well. 

 

("https://www.linkedin.com/company/sovrin-foundation/")

 

Lamont29
Community Champion
‎05-14-2019 10:30 AM
‎05-14-2019 10:30 AM

The information looks exciting @Jknox0111, I just wonder how much traction they'll get. I hope that they do well in this endeavor.

 
Lamont Robertson
M.S., M.A., CISSP, CISM, CISA, CRISC, CDPSE, MCSE
0 Kudos