The Lockstep Group
Lockstep Consulting & Lockstep Technologies
Lockstep is dedicated to strategic research, analysis and advice in digital identity and privacy. Lockstep Consulting helps organisations come to grips with emerging identity technologies (especially public key infrastructure and smartcards), by developing strategy, policy and best practice. Lockstep Technologies conducts a self-funded R&D program in digital identity and privacy protection, and has made several award-winning breakthroughs applying smart authentication technologies to address Card Not Present fraud, medical records confidentiality, age proofing and e-voting.
Is your identity management strategy likely to last more than a year?
Digital Identity has become a complex field -- we think too complex sometimes. You may be trying to combat identity fraud, streamline services, improve digital confidence, simplify security technology, and/or comply with emerging best practice, while actually accelerating online services to your customers, partners and staff. You will probably experience pressure to "federate" identity but you may be lost in the jungle amongst "NSTIC", "NEAF", "OpenID", "Cardspace" and "Kantara".
What does all this really mean to you?
Many organisations are caught somewhere between analysis paralysis and jumping too soon onto a bandwagon with an unknown outlook.
Lockstep Consulting offers independent research, analysis, advice, strategy and policy development, to help organisations break through the identity management challenge. Lockstep is expert in:
- digital identity
- Privacy Impact Assessment (PIA)
- Threat & Risk Assessment (TRA)
- IdM technologies like smartcards and PKI
- the verticals of government, e-health and financial services, and
- governance and regulatory regimes.
Lockstep was founded in 2004 by Stephen Wilson, an international authority on digital identity and authentication. Stephen has helped organisations throughout the Asia Pacific, with advice and management consulting in security strategy, architecture, privacy, risk management, Privacy Impact Assessment, governance, public policy, and technology selection. He is a widely respected writer and commentator on all issues relating to digital identity. His career spans 25 years in IT, software engineering and R&D management, in both Australia and the USA, with 17 years dedicated to digital identity.
Lockstep's analysis and advice is always:
- penetrating, and
Our professional services are technologically sophisticated; we avoid platitudes and hollow management cliches, grounding our advice instead in many years of our own independent R&D.
Further details on specific areas of technical expertise may be found in the links at the top-left, while a broad spectrum of white papers, published articles and conference presentations are available in the Lockstep Library.
We have a proven track record of innovation. We don't take security and privacy for granted; we think deeply about these issues, eschew many of the fads, and see things that others have missed.
- Stepwise - a unique patented privacy enhancing technology that could solve digital identity theft in most of the forms as we know it today
- "Privacy Engineering" - our special cross-disciplinary approach to designing privacy in to information systems (rather than auditing it in)
- an iconoclastic view of the popular Federated Identity movement; in particular, we have identified a set of fatal flaws in most federation models and we've developed a significant alternative theory
- Public Key Superstructure - a family of enhancements to transform PKI, including such original concepts as "Relationship Certificates" and the "Security Printer" model for PKI operations
- a novel statistical model for quantifying Return on Security Investment, since adopted by the US Department of Defence.