ICS / SCADA systems are vulnerable.
You need to know with measurable certainty the identities of all who have access to Critical Infrastructure.
IT’S ALL ABOUT
Most security technology is about trying to determine the intentions and character of the sender of a stream of bits. Isn’t that like asking the lobby receptionist in your office building to determine the intentions and character of everyone who walks through the door?
Instead, you’d ask the receptionist to get some ID, establishing accountability for what happens while the visitor is in the building – right? Trying to catch the bad guys does not work. The only sure way to accomplish Critical Infrastructure Protection in your ICS/SCADA system is with pervasive accountability for all who touch the system.
And the only way to accomplish that is with digital identity certificates that carry a measure of their own reliability.
Know with measurable certainty the identity of everyone who accesses your system for any purpose.
Let AuthentiCIP bring accountability to your critical infrastructure system.
AuthentiCIP brings measurably reliable digital identity certificates using PKIDR – PKI Done Right – to give you the assurance of pervasive accountability throughout your critical infrastructure operations.
Learn about PKI:
...and learn about how PKIDR lets this remarkable “digital construction material” solve real-world challenges such as the protection of your critical infrastructure...
Who we are
PKIDR = Authenticity
The Authenticity Infrastructure, licensed from The Authenticity Institute and provided to operators of SCADA systems by AuthentiCIP, brings the accountability of PKI Done Right to your Critical Infrastructure system.
- Pervasive accountability brings Real Security to operators of SCADA systems.
- The identity of those who access your SCADA systems is reliably available.
- The reliable identity can be applied to both access to elements of the system and to every act performed by those who touch the system.
According to Pierluigi Paganini, reporting in Infosec Resources,
“Critical infrastructures are frighteningly vulnerable, having been designed and built with a level of attention to security that is entirely inadequate for current reality. Prior to the discovery of the Stuxnet computer worm in June 2010, security of PLCs received little attention.”
What is Authenticity?
What we do
In a nutshell, Authenticity™ is Pervasive Accountability with Real Privacy.
Expanding that a little, Authenticity™ is the condition that exists when we have:
Digital Signatures Everywhere
It means that every event in a system's logs is digitally signed by either the person who did it, or the individual person who is responsible for the actions of an IoT device or other automated element.
Taking liberties with the term “digital signature,” it also refers to authentication to the whole system.
Measurably Reliable Identity
refers to the Identity Quality Assurance (IDQA) system that is an essential part of the Authenticity Infrastructure. This IDQA is essentially an aggregated score based on the measures outlines below.
- Degree of Protection of Personal Assets
- Quality of Enrollment Practices
- Quality of Means of Assertion
- Quality of Authoritative Attestation
- Quality of Other Attestations
- Quality of the Credential
- Quality of Assumption of Liability
- Reputation of the Credential
Owned By Their Users
Since the Osmio VRD identity certificate is part of a universal credential that gates access to health records, financial accounts, social sites and other things of personal value, it is unlikely to be shared.
What we offer
The Company will provide a complete package of services to enterprises and organizations that want the benefit of pervasive accountability in the operation of the CNI/SCADA systems for which they are responsible.
AuthentiCIP will be in a position to describe precisely a solution that will be fit for purpose within the CIP community. This will most likely be in the form of a solution that organisations can buy in under a package option to include consultation, implementation and training therefore providing the customer with a full solution to address inauthenticity within the enterprise.
The licensed Authenticity Enterprise (named Reliable Identities, Inc.) will provide enrollments that produce secure certificate-based identity credentials in whatever form factor is desired by the client.