Who Am I? Secure Identity Registration on Distributed Ledgers

Azouvi, Sarah; Al-Bassam, Mustafa; Meiklejohn, Sarah

doi:10.1007/978-3-319-67816-0_21

Cited by 21 publications

(13 citation statements)

References 10 publications

(8 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Another example of this approach is smart contract-based PKI (SCPKI) [51], which stores all identifiers and credentials on a single smart contract and allows relying parties to use a web-of-trust to decide whether or not an identifier is authorized to perform some action. SCPKI can also be extended with blind signatures in order to provide privacy [52].…”

Section: This Approach Is Followed In Smart Contract Federated Identimentioning

confidence: 99%

A Taxonomic Approach to Understanding Emerging Blockchain Identity Management Systems

Lesavre

Varin²,

Mell³

et al. 2020

View full text Add to dashboard Cite

Identity management systems (IDMSs) are widely used to provision user identities while managing authentication, authorization, and data sharing within organizations and on the web. Traditional identity systems typically suffer from single points of failure, lack of interoperability, and privacy issues, such as enabling mass data collection and user tracking. Blockchain technology has the potential to alleviate these concerns: it can support the ability for users to control the custody of their own identifiers and credentials, enabling novel data ownership and governance models with built-in control and consent mechanisms. Hence, blockchain-based IDMSs, which could benefit both users and businesses, are beginning to proliferate. This work categorizes these systems into a taxonomy based on differences in blockchain architectures, governance models, and other salient features. Context is provided for the taxonomy through the description of related terms, emerging standards, and use cases while highlighting relevant security and privacy considerations. Keywords blockchain; data custody; data ownership; decentralized identifier; distributed ledger; identity management; public key infrastructure; self-sovereign identity; smart contract; user-controlled identity wallet; verifiable credential; zero-knowledge proof Disclaimer Any mention of commercial products or reference to commercial organizations is for information only; it does not imply recommendation or endorsement by the National Institute of Standards and Technology (NIST), nor does it imply that the products mentioned are necessarily the best available for the purpose.

show abstract

Section: This Approach Is Followed In Smart Contract Federated Identimentioning

confidence: 99%

A Taxonomic Approach to Understanding Emerging Blockchain Identity Management Systems

Lesavre

Varin²,

Mell³

et al. 2020

View full text Add to dashboard Cite

show abstract

“…Moreover, they used authentication services provided by their identity solution to build a more secure messaging application. Azouvi et al [57] also proposed a privacy preserving identity solution using blind signatures. They set up a threat model, performed a security analysis and implemented their solution in Ethereum.…”

Section: The Rise Of Blockchain Identity Solutionsmentioning

confidence: 99%

Identity Management Systems for the Internet of Things: A Survey Towards Blockchain Solutions

Zhu

Badr

2018

Sensors

121

View full text Add to dashboard Cite

The Internet of Things aims at connecting everything, ranging from individuals, organizations, and companies to things in the physical and virtual world. The digital identity has always been considered as the keystone for all online services and the foundation for building security mechanisms such as authentication and authorization. However, the current literature still lacks a comprehensive study on the digital identity management for the Internet of Things (IoT). In this paper, we firstly identify the requirements of building identity management systems for IoT, which comprises scalability, interoperability, mobility, security and privacy. Then, we trace the identity problem back to the origin in philosophy, analyze the Internet digital identity management solutions in the context of IoT and investigate recent surging blockchain sovereign identity solutions. Finally, we point out the promising future research trends in building IoT identity management systems and elaborate challenges of building a complete identity management system for the IoT, including access control, privacy preserving, trust and performance respectively.

show abstract

“…Meanwhile, IDM Contracts are only deployed once per authorised party, unless preexisting contracts can be used, and they can be reused for more than one SW or BHS Contract. 3 https://etherscan.io Let us take for example an individual assuming both the roles of Maintainer and Developer of three distinct software projects, each with monthly updates released to two different SDPs. The one-time setup costs in this scenario would consist of deploying one IDM Contract, three SW Contracts, and six BHS Contracts, so $ 13.335 in total.…”

Section: Costs and Scalabilitymentioning

confidence: 99%

“…Both Software Developers and Maintainers create Identity Management Contracts and store references to them in their respective other contracts. It is important to point out that identity management on Blockchains is an area of research in itself with many different approaches[1,3,6] that could serve as replacements for IDM Contracts.…”

mentioning

confidence: 99%

Access Control for Binary Integrity Protection using Ethereum

Stengele

Baumeister

Birnstill

et al. 2019

Proceedings of the 24th ACM Symposium on Access Control Models and Technologies

View full text Add to dashboard Cite

The integrity of executable binaries is essential to the security of any device that runs them. At best, a manipulated binary can leave the system in question open to attack, and at worst, it can compromise the entire system by itself. In recent years, supply-chain attacks have demonstrated that binaries can even be compromised unbeknownst to their creators. This, in turn, leads to the dissemination of supposedly valid binaries that need to be revoked later. In this paper, we present and evaluate a concept for publishing and revoking integrity protecting information for binaries, based on the Ethereum Blockchain and its underlying peer-to-peer network. Smart Contracts are used to enforce access control over the publication and revocation of integrity preserving information, whereas the peer-to-peer network serves as a fast, global communication service to keep user clients informed. The Ethereum Blockchain serves as a tamper-evident, publicly-verifiable log of published and revoked binaries. Our implementation incurs costs comparable to registration fees for centralised software distribution platforms but allows publication and revocation of individual binaries within minutes. The proposed concept can be integrated incrementally into existing software distribution platforms, such as package repositories or various app stores.

show abstract

Who Am I? Secure Identity Registration on Distributed Ledgers

Cited by 21 publications

References 10 publications

A Taxonomic Approach to Understanding Emerging Blockchain Identity Management Systems

A Taxonomic Approach to Understanding Emerging Blockchain Identity Management Systems

Identity Management Systems for the Internet of Things: A Survey Towards Blockchain Solutions

Access Control for Binary Integrity Protection using Ethereum

Contact Info

Product

Resources

About