Dock partners with university for anonymous cyber incident reporting using VCs

Organizations have been known to hesitate to report cybersecurity incidents within their infrastructure due to concerns about damaging their reputation and facing potential legal repercussions. However, these concerns can be mitigated through anonymous reporting of cyber threats. To address this, the University of Arkansas at Little Rock (UA Little Rock) has collaborated with Dock, a provider of digital identity platforms.

The goal is to integrate Dock’s reusable digital ID platform, Certs, into the university’s security incident sharing platform via the U.S. Department of Energy’s emerging threat information sharing and analysis center (ET-ISAC). By facilitating anonymous reporting, this initiative will allow members of the university community to report incidents and bolster collective cybersecurity readiness.

The Dock Certs APIs can be integrated with existing systems, allowing organizations to incorporate “biometric-bound” verifiable credentials and digital identity management. According to Dock, the integration requires one API call to create verifiable, fraud-proof data, without requiring extensive knowledge of blockchain or cryptography.

“This pioneering approach in threat management reinforces the security and privacy of the reporting process and positions the University of Arkansas at Little Rock at the forefront of cybersecurity innovation,” says Nick Lambert, chief executive officer of Dock.

Establishing a trust can be challenging for anonymous cyber threat reports. Dock addresses this by utilizing verifiable digital ID credentials supported by cryptographic techniques like zero-knowledge proofs (ZKPs). With ZKPs, members can validate their community membership without disclosing personal identity details.

The process for reporting cyber incidents begins with joining the ET-ISAC, where members receive verifiable digital ID credentials stored in Dock’s wallet. Incidents can then be reported by scanning a QR code, which prompts the ID wallet to generate a ZKP for member authentication, the company says. This allows members to submit data sets and inquiries anonymously.

“Dock plays a pivotal role in eliminating obstacles for our members, thereby fortifying our collective defenses against our adversaries in cyberspace,” says Dr. Philip Huff, director of the ET-ISAC at UA Little Rock.

The emergence of reusable digital identities is a relatively recent development in the biometrics market. Trinsic launched a reusable digital ID network for identity verification with partners including Clear, Yoti, IDVerse, Airside, and Dentity in May.

Article Topics

biometrics  |  cybersecurity  |  data privacy  |  digital ID  |  Dock  |  identity-bound biometrics  |  reusable digital ID  |  verifiable credentials