Cross-domain identity and discovery framework for web calling services

Javed, Ibrahim Tariq; Copeland, Rebecca; Crespi, Noël; Emmelmann, Marc; Corici, Andreea Ancuta; Bouabdallah, Ahmed; Zhang, Tuo; Jaouhari, Saad El; Beierle, Felix; Göndör, Sebastian; Küpper, Axel; Corre, Kevin; Crom, Jean-Michel; Oberle, Frank; Friese, Ingo; Caldeira, Ana Sofia Pereira; Dias, Gil; Santos, Nuno; Chaves, Ricardo; Pereira, Ricardo Lopes

doi:10.1007/s12243-017-0587-2

Cited by 7 publications

(5 citation statements)

References 17 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In centralized IdM, the identity provider has complete control to manage the identity of users and provide them authentication services. Most of the current services and applications use centralized IdM to create a silo of users where users identified in a specific domain cannot authenticate themselves to other domains [6]. Federated IdM, on the other hand, is an arrangement between two or more organizations to allow users from one domain to authenticate and access services of other domains [26], for instance, single-sign-on systems such as Facebook connect [27].…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Health-ID: A Blockchain-Based Decentralized Identity Management for Remote Healthcare

et al. 2021

Self Cite

View full text Add to dashboard Cite

COVID-19 has made eHealth an imperative. The pandemic has been a true catalyst for remote eHealth solutions such as teleHealth. Telehealth facilitates care, diagnoses, and treatment remotely, making them more efficient, accessible, and economical. However, they have a centralized identity management system that restricts the interoperability of patient and healthcare provider identification. Thus, creating silos of users that are unable to authenticate themselves beyond their eHealth application’s domain. Furthermore, the consumers of remote eHealth applications are forced to trust their service providers completely. They cannot check whether their eHealth service providers adhere to the regulations to ensure the security and privacy of their identity information. Therefore, we present a blockchain-based decentralized identity management system that allows patients and healthcare providers to identify and authenticate themselves transparently and securely across different eHealth domains. Patients and healthcare providers are uniquely identified by their health identifiers (healthIDs). The identity attributes are attested by a healthcare regulator, indexed on the blockchain, and stored by the identity owner. We implemented smart contracts on an Ethereum consortium blockchain to facilities identification and authentication procedures. We further analyze the performance using different metrics, including transaction gas cost, transaction per second, number of blocks lost, and block propagation time. Parameters including block-time, gas-limit, and sealers are adjusted to achieve the optimal performance of our consortium blockchain.

show abstract

Section: Related Workmentioning

confidence: 99%

“…The centralized IdM creates silos of users restricting inter-operable identification between different applications [6]. For each application, the consumer has to identify and authenticate themselves separately.…”

Section: Introductionmentioning

confidence: 99%

Health-ID: A Blockchain-Based Decentralized Identity Management for Remote Healthcare

et al. 2021

Self Cite

View full text Add to dashboard Cite

show abstract

“…They therefore concluded that secure browsers are essential in preventing existing vulnerabilities. Other studies such as the ones in [24], [53] and [54] have also emphasized web system hardening in mitigating attacks. According to [55], secure web systems are characterized by three components; input validity, state integrity and logic correctness.…”

Section: Introductionmentioning

confidence: 99%

Review of the security challenges in web-based systems

Awuor¹

2023

World J. Adv. Eng. Technol. Sci.

View full text Add to dashboard Cite

Web-based systems are vulnerable to security issues similar to any other applications. Due to the characteristics of web-based systems such as their distributable nature and cross platform accessibility, security challenges are predominant. Recently, more focus has been placed on how to handle security concerns in web systems. Current solutions to counteract the web-based system security challenges include web system languages, firewalls, Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), cryptographic techniques, digital certificates and signatures among others. However, attacks and threats such as cross site scripting (XSS), Distributed Denial of Service (DDoS), cross-site request forgery (CSRF) and structured query language (SQL) injection attacks are still common. This gives the impression that there are still security challenges in this regard, despite the efforts for detection and prevention of attacks. Consequently, due to their dynamism, secure architectures are pivotal for the security of web-based systems. The focus of this paper therefore, is to review the existing security challenges of web-based systems. It is evident from this literature study that most security challenges in web-based systems stem from the threat of unauthorized access and risks from implementing technologies and standards that are under developed as regards security.

show abstract

“…In addition, a single patient’s identity data may be distributed in multiple healthcare service institutions, and the information cannot be interoperable between them. The identity authentication management of patients is isolated [ 5 ], i.e., patients need to register different digital identities between institutions [ 6 ]. Thus, when patients visit the institution, some operations, such as information recovery and repeated registration, are inevitable because they forget the account.…”

Section: Introductionmentioning

confidence: 99%

Health-zkIDM: A Healthcare Identity System Based on Fabric Blockchain and Zero-Knowledge Proof

Bai

et al. 2022

Sensors

View full text Add to dashboard Cite

The issue of identity authentication for online medical services has been one of the key focuses of the healthcare industry in recent years. Most healthcare organizations use centralized identity management systems (IDMs), which not only limit the interoperability of patient identities between institutions of healthcare, but also create isolation between data islands. The more important matter is that centralized IDMs may lead to privacy disclosure. Therefore, we propose Health-zkIDM, a decentralized identity authentication system based on zero-knowledge proof and blockchain technology, which allows patients to identify and verify their identities transparently and safely in different health fields and promotes the interaction between IDM providers and patients. The users in Health-zkIDM are uniquely identified by one ID registered. The zero-knowledge proof technology is deployed on the client, which provides the user with a proof of identity information and automatically verifies the user’s identity after registration. We implemented chaincodes on the Fabric, including the upload of proof of identity information, identification, and verification functions. The experiences show that the performance of the Health-zkIDM system can achieve throughputs higher than 400 TPS in Caliper.

show abstract

Cross-domain identity and discovery framework for web calling services

Cited by 7 publications

References 17 publications

Health-ID: A Blockchain-Based Decentralized Identity Management for Remote Healthcare

Health-ID: A Blockchain-Based Decentralized Identity Management for Remote Healthcare

Review of the security challenges in web-based systems

Health-zkIDM: A Healthcare Identity System Based on Fabric Blockchain and Zero-Knowledge Proof

Contact Info

Product

Resources

About