---
- - --- - - ---
2021-07-06
Specific Algorithm
Protected Identification (SAPI), the technology underpinning the authentication
infrastructure in the internet era (IR90)
Source (資訊來源):
http://weijintang.blogspot.com/2007/08/specific-algorithm-protected.html
Info cited on 2021-07-06-WD2 (資訊引用於 中華民國110年西元2021年7月6日) by 湯偉晉 (WeiJin Tang)
#
- - - - - - - -
Specific Algorithm Protected Identification (SAPI), the technology
underpinning the authentication infrastructure in the internet era (IR90).doc
Specific Algorithm Protected Identification (SAPI),
the technology underpinning the authentication infrastructure in the internet
era (IR90)
What is Specific Algorithm Protected Identification (SAPI)?
Specific Algorithm Protected Identification (SAPI) is the technology
supporting United States
Patent 6,185,682 titled "Authentication System";
it can be used to implement the most secure authentication system ever invented. As a matter of fact, it's the theoretical
limit of a perfect authentication mechanism if correctly implemented.
What an authentication system is and why is it so significant?
Authentication refers to the process a system uses to authenticate
(roughly the same as identify) the identity of a user (e.g. a real human or a
software object). In a computer system, the most obvious example of an
authentication process is the login process which is certainly significant. Highly
reliable authentication system is critical to the security on an enterprise
computer system. As a matter of fact, the most significant technical reason
impeding the well-expected and long-promised e-commerce phenomenon on the internet relates deeply to the lack
of a reliable authentication infrastructure. For instance, if
an extremely reliable and highly effective authentication system did exist,
then most of the daily operations a bank is currently doing can be fully
automated. And, troublesome issues like identity theft or credit card fraud can be easily solved.
What can Specific Algorithm Protected Identification (SAPI) offers to
our world?
From a technical view point, the operations running everyday every
minutes in the real world are fundamentally influenced and implicitly
controlled by two
behind-the-scenes forces, money and power. If we trace back to the very origins of
these two forces in modern democratic countries, surprisingly enough, they both converge to the same
point, an authentication system. A
reliable, secure and global authentication infrastructure could lay the
foundations and serve as the most critical infrastructure of the global
monetary system in the internet era. Why; because money in the
internet era is simply represented by a highly secure and authenticated message. Actually,
even the origin of power (e.g. the power of the president in a democratic
country) in an internet era is, technically speaking, also rooted in an
anonymous, yet reliably authenticated message (e.g. the electronic ballot in an
internet-based election voting system). Furthermore, if we carefully compare
the business activities running in the real world and those currently running
on the internet (the destined reality of the inevitable and ubiquitous
e-commerce on the internet), we reach the same conclusion again; if reliable
authentications can be assured on the internet ( i.e. the real identities of
all relevant parties and the authenticity of exchanged messages), most
of the real-world business activities could be replaced by the online
counterparts (even including some of the roles a traditional government plays).
Begin content quoted from page 362 on book [Business @ the speed of thought] by Bill Gates:
For government transactions
such as these, as well as for all commercial transactions, security is a
prerequisite. Security has two dimensions: protection of
personal data while it's in transit over the network and authentication of
the person carrying out the transaction.
End content quoted from page 362 on book [Business @ the speed of thought] by Bill Gates:
Specific Algorithm Protected Identification (SAPI) nicely fulfills the
protection and authentication requirements at the same time. Due to the
tightly-bound relations an authentication system has to money and power, a
reliable and secure authentication infrastructure will be one of the technology
cornerstones in the highly-connected digital world. The lack of such an infrastructure in place is
actually one of the major technical reasons why a fully exercised democratic
system is actually not ready yet, judging from a scientific and technical view
point.
Features of Specific Algorithm Protected Identification (SAPI)
Any fraudulent or un-authorized use of a device based on SAPI will be automatically detected anytime it is used
by the legitimate owner. By design, its security won't be compromised even if
it is attacked by a joint efforts from groups of people including the inventor
(i.e. me, Mr. WeiJin Tang), the manufacturers of the devices, the legitimate
owner of a specific device and anyone else. Even at the worst extreme
(though it's extremely unlikely), say, a device was compromised for any reason
that particular incident won't spread out catastrophically (in sharp contrast,
most current systems will suffer in such a case; e.g. the quick spreading of
virus and malicious code, or the fraudulent uses of credit cards) due to the
very nature of one of its original design goals, each device is fully isolated by using totally different
algorithms . A web site implementing its authentication mechanism
based on SAPI will have the ability to unambiguously distinguish a legitimate
transaction from lots of fraudulent ones at the very beginning of the
transaction . It should be and will be the hackers or the malicious others
hacking our web site been afraid and defeated instead of our hopeless
frightening as we used to, if SAPI based authentication is adopted by that web
site. The required security level (and thus the implied computational cost) can
be dynamically adjusted. Large quantities of small amount online
transaction are also economically feasible using SAPI. Lots
of identities serving different purposes can be securely hosted in a single
device. In fact, in a society with SAPI fully adopted that one device (to
be implemented on a PDA, Personal Digital Assistant) actually representing
the very identity of a real person. It will, loyally and securely,
communicate with and command the world on behalf of its owner. Authentication
infrastructures based on SAPI can peacefully co-exist and run parallel with
any current systems since it can run independently of all other
authentication systems in use today.
Reference: Authentication System
(United States Patent 6,185,682)
For more information or having any comments, please feel free to contact
Mr. WeiJin Tang (湯偉晉 先生) via any of the following channels:
Mr. WeiJin Tang
Manager, R&D Division
SoftHuman Corporation
Mobile Phone:
0958-227-243
Phone Number:
886-2-2872-9913 (Office)
WeiJin.Tang@gmail.com
湯偉晉 先生
研發部 經理
善解科技股份有限公司
行動電話 :
0958-227-243
公司電話 :
886-2-2872-9913
WeiJin.Tang@gmail.com
Thanks for spending your precious time reading this document! Have a good
day!
湯偉晉 先生
善解科技股份有限公司
- - - - -- -- - -
--- --- - - --- ---
要立志做一個好人,而不只是一個有錢的人!湯偉晉先生的部落格; By WeiJin Tang (湯偉晉); Email (電子郵件): WeiJin.Tang@gmail.com; Cell phone (行動電話): 0958-227-243 (in Taiwan, ROC)
No comments:
Post a Comment