CanDID: Can-Do Decentralized Identity with Legacy Compatibility, Sybil-Resistance, and Accountability

Maram, Deepak; Malvai, Harjasleen; Zhang, Fan; Jean-Louis, Nerla; Frolov, Alexander; Kell, Tyler; Lobban, Tyrone; Moy, Christine; Juels, Ari; Miller, Andrew

doi:10.1109/sp40001.2021.00038

Cited by 65 publications

(50 citation statements)

References 25 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The straightforward approach is to help them enable FIM or SSI. Either as an interim solution or if services do not want to cooperate, CanDID [154] based on DECO [155] may be another way. CanDID by Maram et al empowers the end user by issuing credentials from existing, unmodified web service providers.…”

Section: Technical Factorsmentioning

confidence: 99%

eID and Self-Sovereign Identity Usage: An Overview

2021

View full text Add to dashboard Cite

The COVID-19 pandemic helped countries to increase the use of their mobile eID solutions. These are based on traditional identity management systems, which suffer from weaknesses, such as the reliance on a central entity to provide the identity data and the lack of control of the user over her or his data. The introduction of self-sovereign identity (SSI) for e-government systems can strengthen the privacy of the citizens while enabling identification also for the weakest. To successfully initiate SSI, different factors have to be taken into account. In order to have a clear understanding of the challenges, but also lessons learned, we provide an overview of existing solutions and projects and conducted an analysis of their experiences. Based on a taxonomy, we identified strong points, as well as encountered challenges. The contribution of this paper is threefold: First, we enhanced existing taxonomies based on the literature for further evaluations. Second, we analyzed eID solutions for lessons learned. Third, we evaluated more recently started SSI projects in different states of their lifecycle. This led to a comprehensive discussion of the lessons learned and challenges to address, as well as further findings.

show abstract

Section: Technical Factorsmentioning

confidence: 99%

eID and Self-Sovereign Identity Usage: An Overview

2021

View full text Add to dashboard Cite

show abstract

“…Several commercial companies are also promoting DID technology solutions, such as Indy [52], Veramo [53] and civic [54]. Recent work by Maram [55] describes a DID system the authors developed (CanDID) that is a step towards a user-oriented DID system.…”

Section: Decentralized Identity (Did)mentioning

confidence: 99%

OpenIaC: Open Infrastructure as Code - The Network is My Computer

Rong

Geng

Hacker

et al. 2021

Preprint

View full text Add to dashboard Cite

Modern information systems are built fron a complex composition of networks, infrastructure, devices, services, and applications, interconnected by data flows that are often private and financially sensitive. The 5G networks, which can create hyperlocalized services, have highlighted many of the deficiencies of current practices in use today to create and operate information systems. Emerging cloud computing techniques, such as Infrastructure-as-Code (IaC) and elastic computing, o↵er a path for a future re-imagining of how we create, deploy, secure, operate, and retire information systems. In this paper, we articulate the position that a comprehensive new approach is needed for all OSI layers from layer 2 up to applications that are built on underlying principles that include reproducibility, continuous integration/continuous delivery, auditability, and versioning. There are obvious needs to redesign and optimize the protocols from the network layer to the application layer. Our vision seeks to augment existing Cloud Computing and Networking solutions with support for multiple cloud infrastructures and seamless integration of cloud-based microservices. To address these issues, we propose an approach named Open Infrastructure as Code (OpenIaC), which is an attempt to provide a common open forum to integrate and build on advances in cloud computing and blockchain to address the needs of modern information architectures. The main mission of our OpenIaC approach is to provide services based on the principles of Zero Trust Architecture (ZTA) among the federation of connected resources based on Decentralized Identity (DID). Our objectives include the creation of an open-source hub with fine-grained access control for an open and connected infrastructure of shared resources (sensing, storage, computing, 3D printing, etc.) managed by blockchains and federations. Our proposed approach has the potential to provide a path for developing new platforms, business models, and a modernized information ecosystem necessary for 5G networks.

show abstract

“…DID applications may require the fundamental authentication information. This ensures the authenticity of the identity and prevents Sybil attacks [25,40].…”

Section: Architecturementioning

confidence: 99%

DID-eFed: Facilitating Federated Learning as a Service with Decentralized Identities

Geng,

Kanwal,

Jaatun

et al. 2021

Preprint

View full text Add to dashboard Cite

We have entered the era of big data, and it is considered to be the "fuel" for the flourishing of artificial intelligence applications. The enactment of the EU General Data Protection Regulation (GDPR) raises concerns about individuals' privacy in big data. Federated learning (FL) emerges as a functional solution that can help build high-performance models shared among multiple parties while still complying with user privacy and data confidentiality requirements. Although FL has been intensively studied and used in real applications, there is still limited research related to its prospects and applications as a FLaaS (Federated Learning as a Service) to interested 3rd parties. In this paper, we present a FLaaS system: DID-eFed, where FL is facilitated by decentralized identities (DID) and a smart contract. DID enables a more flexible and credible decentralized access management in our system, while the smart contract offers a frictionless and less error-prone process. We describe particularly the scenario where our DID-eFed enables the FLaaS among hospitals and research institutions.

show abstract

CanDID: Can-Do Decentralized Identity with Legacy Compatibility, Sybil-Resistance, and Accountability

Cited by 65 publications

References 25 publications

eID and Self-Sovereign Identity Usage: An Overview

eID and Self-Sovereign Identity Usage: An Overview

OpenIaC: Open Infrastructure as Code - The Network is My Computer

DID-eFed: Facilitating Federated Learning as a Service with Decentralized Identities

Contact Info

Product

Resources

About