The Lockstep Group
Lockstep Consulting & Lockstep Technologies
Lockstep is dedicated to strategic research, analysis and advice in digital identity. Lockstep Consulting helps organisations come to grips with emerging authentication technologies (especially public key infrastructure and smartcards), best practice and regulations. Lockstep Technologies conducts its own R&D program in digital identity and privacy protection, and has made several breakthroughs applying smart authentication technologies to address Card Not Present fraud, medical records confidentiality, age proofing and e-voting.
Innovation
We have a proven track record of innovation. We don't take security and privacy for granted; we think deeply about these issues, eschew many of the fads, and see things that others have missed.
Examples include:
- Stepwise - a unique patented privacy enhancing technology that could solve digital identity theft in most of the forms as we know it today
- "Privacy Engineering" - our special cross-disciplinary approach to designing privacy in to information systems (rather than auditing it in)
- an iconoclastic view of the popular Federated Identity movement; in particular, we have identified what we believe is the fatal flaw in most authentication broker proposals
- Public Key Superstructure - a family of enhancements to transform PKI, including such original concepts as "Relationship Certificates" and the "Security Printer" model for PKI operations
- a novel statistical model for quantifying Return on Security Investment, since adopted by the US Department of Defence.
For a small firm we have published what is probably an unequalled body of work, covering all aspects of digital identity, and including several peer reviewed academic papers.
Looking ahead: Is your identity management strategy likely to last more than a few months?
Identity management has become a complex field -- we think too complex sometimes. You may be trying to combat identity fraud, streamline services, improve confidence, simplify security technology, and comply with a host of new regulatory requirements, while actually accelerating online services to your customers, partners and staff. You may be detecting a lot of excitement around "federated identity" but getting lost in the vendor jungle amongst "OpenID", "Cardspace" and "Liberty Alliance". Who's the new kid on the block -- "Kantara"? -- and what do they mean to me?
Many organisations are caught somewhere between analysis paralysis and jumping off too soon onto a bandwagon with an unknown outlook.
Lockstep Consulting offers independent research, analysis, advice, strategy and policy development, to help organisations break through the identity management challenge. Lockstep is expert in:
- digital identity
- privacy
- technologies like smartcards and PKI
- verticals like government, e-health and financial services, and
- governance and regulatory regimes.
Lockstep was founded in early 2004 by Stephen Wilson, a leading international authority on identity management, authentication and information security. Stephen has helped organisations throughout the Asia Pacific, with advice and management consulting in security strategy, architecture, privacy, risk management, governance, public policy, and technology selection. He is a widely respected writer and commentator on all issues relating to digital identity. His career spans 23 years in IT, software engineering and R&D management, in both Australia and the USA, with 15 years dedicated to identity security.
Lockstep's analysis and advice is always:
- frank
- transparent
- independent
- decisive
- penetrating and
- innovative.
Our professional services are technologically sophisticated; we avoid platitudes and hollow management cliches, grounding our advice instead in many years of our own independent R&D.
Further details on specific areas of technical expertise may be found in the links at the top-left, while a broad spectrum of white papers, published articles and conference presentations are available in the Lockstep Library.