There exist numerous computing solutions allowing for the management of authorizations and identities of connected objects. In general, these solutions are based on a single, centralized management platform. The trust in this solution is generally ensured by the reputation of the centralized platform and the self-applied rules of the centralized platform. However, such centralization leads to problems of data security both in terms of data loss and non-authorized modification of the platform integrity.
Databases are available that ensure the storage of authorizations in which data are distributed over a few sites or with a few players. However, these databases are based on the principle of a single ledger replicated at several points. For example, distributed databases such as NoSQL bases (e.g. Cassandra) are based on a single reference base called a “master”, which is replicated and shared on each of the sites. When there are a large number of players, this type of mechanism based on replication becomes too complex to implement and its performance is largely reduced and its coherency is not guaranteed. Therefore, this type of solution does not meet the emerging needs of increasingly numerous and connected objects, or the needs of decentralization, control and auditing of access authorizations, which would make conventional replication solutions too complex to carry out. In addition, this type of architecture is unique: one player is the master and the others are slaves. Accordingly, the master has a different role to play than those of the other players. Yet, in some situations it is not possible or desirable to have a centralized master-slave platform, even if it is replicated. For example, in a multi-player process i.e. those involving separate legal entities (several companies, etc.), it is not always easy, from a legal or commercial viewpoint, to decide which player will play the central role of platform host.
The exponential rise in the number of connected objects and of these centralized platforms leads to the complex management of identities and authorizations both for users and platforms. This is especially so since existing systems are generally specialized in a category of connected objects for which they manage identity and authorizations, since these systems are controlled by a third party and do not provide users with easy migration of identities and/or proof of authorization to other systems.
The use of a blockchain can also secure data. After data is disseminated within a blockchain community, the data cannot be rewritten, and therefore cannot be falsified. Accordingly, computing systems for the management of transactions based on blockchains such as International Patent Application Pub. No. WO2016197055 and U.S. Patent Application Pub. No. US20160261690 have been suggested. These systems are based on the management of connected objects not requiring a controlling authority, and base trust in the system on a large number of participants and cryptographically verifiable consensus of content.
Therefore, there is no satisfactory solution to ensure the management of access authorizations and identities involving several players. There is a need for systems and methods to manage connected object authorizations.