zero-trust = new app opportunities

Published in

ZeroDarkCloud

7 min readAug 24, 2019

History constantly reminds us that when technology solves a difficult problem it opens the floodgates to new opportunities as well as disrupting existing ones.

Look at how the development of the internal combustion engine didn’t just replace horses; it created entirely new industries to support the resulting changes in society. Innovations in road paving, proliferations of motels, and the invention of fast food are the obvious examples that come to mind.

Similarly the invention of the iPhone/App Store didn’t simply put desktop apps onto a mobile phone. People were now walking around with the internet in their pocket which triggered an explosion of new business models. Uber wouldn’t make sense as a desktop app.

Today we are catching glimpses of the next series of floodgates. Continual data breaches are resulting in a deluge of privacy regulations (GDPR, HIPAA, and CCPA). Advertiser driven privacy invasions by Facebook, Google, et. al. are creating consumer distaste of the advertising business model. The people whom we trust with our data aren’t doing a very good job of protecting it, and the way we think about data ownership no longer makes sense.

On the flip-side, these difficult data privacy problems are brewing the perfect storm for new business opportunities. Zero-trust solutions are the new technology that will drive the market.

Zero-trust means that the data stored in the cloud is protected by end-to-end encryption rather than just the gatekeeper of administrative settings.

This application of cryptography is a big deal! It does more than just protect files. It’s a fundamental shift concerning how we look at the ownership of data. The data can only be used by those who have access to the encryption keys. And your app gets to decide who has those keys (i.e. which users, services, apps, etc). The best part is, those choices are enforced with modern cryptography instead of the whims of the provider.

Enter ZeroDark.cloud

ZeroDark.cloud is one such zero-trust solution. It’s an open-source (available for audit) developer framework that handles all the syncing, encryption, networking, messaging, notifications, and setup. It allows you to focus on what you do best, your app. And it’s easy for developers to ease into and afford since it uses a pure pay-as-you-go model (similar to AWS).

Client-side encryption to the cloud is performed automatically, before data ever leaves your device. This gives your app the highest level of security, and ensures the privacy of your users.

What can you build?

A lot! Here’s a short list:

HIPAA-compliant communications

The HIPAA Security Rule requires that all electronic protected health information guard against unauthorized access when stored or transmitted over an electronic communications network. Building these kinds of apps are a natural fit for ZeroDark.cloud. Not only does it automatically provide end-to-end encryption (E2EE) but it also encrypts your data at rest on your device. ZeroDark.cloud also provides a robust system that addresses the HIPAA Unique User Identification requirements and goes the extra steps to protect key authenticity using the Ethereum blockchain.

Confidential file transfer for legal and professional services

Law firms have a vital need to maintain privacy when storing and transferring confidential documents to clients and associates. The same hold true for the real-estate title processing business, since they have been especially prone to data breaches and internet fraud.

These firms are especially sensitive to security breaches as they can become high profile resulting in enormous costs. This concern was even recently noted in ABA Formal Opinion 477, Securing Communication of Protected Client Information:

Law firms are targets for two general reasons: (1) they obtain, store and use highly sensitive information about their clients while at times utilizing safeguards to shield that information that may be inferior to those deployed by the client, and (2) the information in their possession is more likely to be of interest to a hacker and likely less voluminous than that held by the client.

The end-to-end encryption and the built-in data at rest protection in ZeroDark.cloud can give a software developer making apps for this lucrative market a critical edge over their competitors.

Video surveillance apps

While most modern video surveillance systems all have the ability to upload either video or images to the cloud, I have been hard pressed to find any that secure the content on the server with anything more than administrative protection. There is even evidence that many of the surveillance systems regularly share their content without user consent.

Even though the market size is estimated to be around 68 Billion USD, there is still a huge untapped number of potential customers whose privacy concerns prevent them from purchasing.

ZeroDark.cloud is the perfect tool for developers in this realm. First, it makes it easy to upload cryptographically protected video to the cloud. Second, it’s built on AWS, and automatically transitions data to S3 Glacier storage for durable secure long-term storage at the best price in the industry. And finally, it supports streaming and scrubbing of video files in the cloud.

A whole new class of applications

Where it gets really interesting is when we look at the whole new class of applications that are wide open for exploration.

Estate planning for digital assets

So much of our lives today is being lived online. We all have valuable digital documents and irreplaceable items that exist only as bits (digital assets). If we learned anything from some of Bitcoin’s horror stories, it's the importance of backing up keys. People don’t think twice about life insurance, but what about insuring the continuity of your digital assets? The same concept applies to disaster recovery and to theft mitigation. How do we handle what happens when we lose our devices?

This obvious opportunity for a killer app, the market is fairly sparse and unexplored territory.

There is an interesting feature built into ZeroDark.cloud that a developer can leverage to stand out in this market. It’s called social-key-splitting. The framework allows a user to split a key into multiple parts, so that only a specified subset is needed to recover it. For example you could split a key into 5 parts and give one each to your trusted parties (attorney, spouse, children) and require only three to recover it. The actual numbers are up to the user.

The cryptography and user interface is already built into ZeroDark.cloud. The user even has the ability to revoke the split at a later time. After all, sometimes trust in real life is not as permanent as we’d like.

Cryptocurrency wallet

People who use cryptocurrency are familiar with the concept of wallets. But the current generation is rather primitive. Plus there’s the ever present fear of losing keys. This has driven many users to chose to use custodial exchanges. How risky is this endeavor? Consider that fraud and theft cost users and exchanges a record $4.25 billion in the first half 2019 alone. These kind of events prompt the the phrase “Not your keys, not your Bitcoin.”

Wallets should do more than just protect the keys, they should facilitate transactions to fit real-life needs. For example:

Alice wants to send a payment to Bob. So she needs to get payment information from Bob. Like a Bitcoin address. Most cryptocurrency wallet designers imagine that Alice & Bob will both take out their phones, and nerd-ily scan a QR-code. The problem is, that’s not what actually happens in real life. Consider the following scenarios:

Alice paid for Bob because Bob left his wallet & phone in his other jacket.
Alice & Bob were at a noisy bar, and it was easier to put both drinks on one tab.

The solution that actually works is:

Alice can use her wallet app to search for Bob, and find the information she needs to send him a payment.

Image, if Alice’s wallet can securely communicate with Bob’s wallet, then she can get a Bitcoin address from Bob without Bob revealing that address to world. This zero-knowledge communication between the wallets is the missing formula for cryptocurrency wallets to go mainstream.

There is even a potential design sketched out in the examples.

Secure deployment of machine learning models

Recent updates in technology has made it possible to integrate machine learning algorithms and models into mobile and desktop applications. It won’t be long before it is standard practice to download and deploy updates to the models to devices separately from the software itself. This approach is especially attractive for a software developer who is gated by the Google Play or Apple’s App Store review processes. There is even talk of creating model stores.

These machine learning models are intellectual property. They can have value in the millions, especially if you factor in the competitive advantage it can give a company. While some developers have taken to securing patents for their models, this isn’t always an option, given the cost and nature of how dynamic this field can be.

In any event, it makes sense to protect the model files and their distribution with end-to-end encryption. Such a system would store encrypted models on the cloud and automatically notify the apps when an update is available. This design is a natural fit for the syncing you get with ZeroDark.cloud and the AWS serverless architecture and gives your app access to more than 20 different geographic regions their global infrastructure.