Quite a few difference:
1. OFID number
The OFID platform issues a OFID number to every user. Each OFID number is mapped to multiple identity addresses. Each identity address is used solely to correspond with one service provider.This methodology ensures that user identity is not comprised by identity theft even through data mining.
2. Bi-directional Signature
Bi-directional Signature is a confirmative proof that both parties have approved the signed content.
a. To mark the consent of both parties. When the User submits the signed PII, a certificated validator signs the data again to verify the validity of the data.
b. To form a correspondence between addresses. The data validated on an application corresponding to an address under the same OFID number can be used on an application corresponding to another address under the current OFID number without having to re-validate it.
c. To correspond an anonymous blockchain address to a real name OFID address. Attributes such as skill, character, and quality etc. lack official certification. However, the OFID platform allows public to recognize and confirm such attributes of a user. OFID allows multiple users to endorse a single user. In such cases, there would be multiple Bi-directional Signatures on the same content. In this way, an unofficial verification and evaluation system can be established.
3. The Double-Layer Public Key Structure
The existing technology that protects data on the Internet is mainly dependent on discrete algorithm logarithm problem. However, the rapidly increasing computational power of quantumcomputers combined with the shor algorithm can crack the current public-key cryptographyschemes. It means the current encryption algorithms are no longer safe. This is where the double-layer public key structure comes to the rescue. Leveraging this double-layer public key structure,the OFID platform has upgraded the existing encryption algorithm to implement the latest securitystandards, effectively resisting external attacks.
4. Trusted Computing
The most vulnerable segment of the verification system is the management server. Identity data is stored on a distributed cloud. If a separate node is hacked, it will not affect the Identity data.However, if the management server is hacked or invaded, the data will be lost. Trusted computingoffers a perfect solution to this challenge.
Trusted computing is a paradigm aimed at enforcing trustworthy behaviour on computing platformsby identifying a complete ‘chain of trust’ and a list of all hardware and software that has been used.This chain of software can then be compared to a list of known ‘good’ applications.
5. Distributed Storage
Many organizations store the confidential data like PII in their data centers and storage areanetworks. However, data centers are the most vulnerable elements in an organization. When asecurity breach occurs on the storage server, sensitive data gets into the hands of the attackercausing huge losses to the organization and people. This is where distributed storage comes to the rescue.
Distributed storage system has adopted secret sharing scheme which is widely used to split secret data into various different kinds of pieces and stored at different locations. To retrieve this data, you should gather the plural pieces and construct that data. This method is known as Shamir’s (k, n)threshold scheme. The main idea is to split a secret S into n pieces (shares) for storage. To retrievethat data, a number of k pieces should be gathered for reconstruction. This theoretic securityfurnishes information that even if an attacker collects shares as far as they are less than the giventhreshold being represented by k, then they cannot get any information.
6. Open Algorithms (OPAL)
The OPAL project is an advanced model that aims at creating an extensive list of available data tobe inspected and analyzed without violating personal data privacy. Open Algorithms paradigm involves moving algorithm to the data and implementing at the data repository location so that the unprocessed data is never out of its repository. Only cumulative answers are reverted. Anothermain aspect is that the algorithms must be scrutinized by experts to be “secure” from any privacy requirement violation.
In future, OFID aims to use the open algorithms pattern to facilitate sharing of more rich information by the participants in the ecosystem. The OFID platform eventually shifts from an attributes-based unidirectional model to a richer algorithms-based interaction.