Ping Identity and stealth start-up Swirlds Monday announced a breakthrough identity management application and a unique distributed consensus platform designed to heal the ills of blockchain.
At Monday’s opening keynote of this year’s Cloud Identity Summit (CIS) in New Orleans, Swirlds (a mashup of Shared Worlds) will introduce itself publicly for the first time and show off its Hashgraph Distributed Consensus Platform. The Swirlds platform brings three unique capabilities to distributed consensus models — high throughput, fairness and community consensus that is guaranteed as opposed to chance variation, or probabilistic, like blockchain.
Consensus simply means an agreement among different people over what is true or false. The most popular consensus model today is blockchain.
Hashgraph creator Leemon Baird, Swirlds CEO, said the platform supports applications such as trading markets, banking, identity applications and gaming. Baird will show stock market and gaming demonstrations Tuesday at CIS.
On top of this platform, Ping, which led the initial seed funding round for Swirlds, has built a distributed session management application that for the first time provides system administrators a ‘kill switch’ to shutdown all activity and applications where a specific user is logged in. Today, identity protocols such as Security Assertion Markup Language (SAML), OAuth and OpenID Connect (OIDC) do not support distributed session logout, which provides security and administrative control across all devices, and can support the theory of continuous authentication, a set of identity checks that follow a user across networks.
“Hashgraph is new technology that makes it possible to explore identity issues and solve identity problems in a fundamentally different way then what we have considered in the past,” said Mance Harmon, senior director of architecture and labs at Ping Identity. Harmon’s blog this week focused on distributed consensus algorithms.
Hashgraph is a platform that runs on a laptop or desktop along with apps that run on top of that platform. The Hashgraph provides the ability to prove not only that something happened, but a timestamp of when it happened, which blockchain cannot do, according to Baird. Consensus is not by vote, it is inherent in the system, and Hashgraph provides a cryptographic receipt that a community participant was heard and recorded.
Where blockchain slows down in order to solve mathematical equations that produce blocks, a process that takes on average about 10 minutes, Hashgraph does not rely on equations to solve, or miners to solve them. Hashgraph never throws any information away and nothing is ignored, which helps produce fairness as the entire community decides what happened first.
“Nobody is talking about building a stock market on Bitcoin blockchain, but you could do it on Swirlds,” said Baird, who holds a Ph.D from Carnegie Mellon University and has a number of research interests including machine learning, artificial intelligence, cryptography, security, computer science theory, and programming languages. “No one is looking at doing matching [such as in stock trades] on blockchain because to do it you need high throughput and fairness,” said Baird.
Swirlds allows the creation of an infinite number of apps and each app can create any number of Shared Worlds, just like Microsoft Word can be used to create many Word docs, says Baird.
He says he can imagine a future when a driver’s license is not a piece of plastic but a notation in a ledger. “The DMV can update it and you have the power to let someone see it.” That scenario creates privacy by allowing people to control the sharing of their information.
In the end, Baird says, Swirlds is about trust. “It would be the trust layer of the Internet,” he says. “The layer that creates trust where it did not exist before. We are generating trust.”
That concept maps to identity, an area where trust and its derivatives are kings.
Ping Identity has taken Hashgraph and built a proof-of-concept distributed session management application that may just well get the identity industry over some major hurdles. At its simplest level, the application uses Hashgraph to keep identity session databases in sync to enable global session logout. In addition, with Swirlds as the underlying platform, more applications, including continuous authentication, are possible, according to Harmon.
Ping Identity is working with the OpenID Foundation to explore transforming the distributed session management concept into a standard that could become a building block for other identity applications.
“With distributed session you get verifiable and shared state in a database,” said Harmon. “So the identity provider knows for certain when an app receives a command to shut down a session. There is a timestamp. There is proof.”
Harmon said Hashgraph supports apps with throughput of thousands of transaction per second as opposed to 3-7 per second on Bitcoin blockchain.
One goal is to explore continuous authentication, where a user’s identity follows them as they traverse sessions and applications. The end-game is to eliminate the notion of session, which means the user is logged into an application or activity.
“The reason for application sessions is we don’t have continuous authentication, and if the identity in the session goes away, you need a kill switch that works across client types,” said Harmon.
This week in New Orleans, Swirlds CEO Baird will make a Hashgraph SDK publicly available.