Advertisement

A Comparative Analysis of Trust Requirements in Decentralized Identity Management

  • Andreas GrünerEmail author
  • Alexander MühleEmail author
  • Tatiana GayvoronskayaEmail author
  • Christoph MeinelEmail author
Conference paper
Part of the Advances in Intelligent Systems and Computing book series (AISC, volume 926)

Abstract

Identity management is a fundamental component in securing online services. Isolated and centralized identity models have been applied within organizations. Moreover, identity federations connect digital identities across trust domain boundaries. These traditional models have been thoroughly studied with regard to trust requirements. The recently emerging blockchain technology enables a novel decentralized identity management model that targets user-centricity and eliminates the identity provider as a trusted third party. The result is a substantially different set of entities with mutual trust requirements. In this paper, we analyze decentralized identity management based on blockchain through defining topology patterns. These patterns depict schematically the decentralized setting and its main actors. We study trust requirements for the devised patterns and, finally, compare the result to traditional models. Our contribution enables a clear view of differences in trust requirements within the various models.

References

  1. 1.
    Williamson, G., Yip, D., Sharoni, I., Spaulding, K.: Identity Management: A Primer. MC Press Online, LP (2009)Google Scholar
  2. 2.
    Nakamoto, S.: Bitcoin: A Peer-to-Peer Electronic Cash System (2008). https://bitcoin.org/bitcoin.pdf. Accessed 18 Jan 2019
  3. 3.
    Wood, G.: Ethereum: a secure decentralised generalised transaction ledger. https://pdfs.semanticscholar.org/ac15/ea808ef3b17ad754f91d3a00fedc8f 96b929.pdf. Accessed 18 Jan 2019
  4. 4.
    Meinel, C., Gayvoronskaya, T., Schnjakin, M.: Blockchain: hype oder innovation. Hasso-Plattner Institute, Prof.-Dr.-Helmert-Straße 2-3, 14482 Potsdam, Germany (2018)Google Scholar
  5. 5.
    Jøsang, A., Fabre, J., Hay, B., Dalziel, J., Pope, S.L.: Trust requirements in identity management. In: Proceedings of the 2005 Australasian Workshop on Grid Computing and e-Research. ACSW Frontiers 2005, Darlinghurst, Australia, vol. 44, pp. 99–108. Australian Computer Society, Inc., (2005). http://dl.acm.org/citation.cfm?id=1082290.1082305
  6. 6.
    Kylau, U., Thomas, Y., Menzel, M., Meinel, C.: Trust requirements in identity federation topologies. In: 2009 International Conference on Advanced Information Networking and Applications, pp. 137–145, May 2009Google Scholar
  7. 7.
    Ferdous, M.S., Poet, R.: Analysing attribute aggregation models in federated identity management. In: Proceedings of the 6th International Conference on Security of Information and Networks. SIN 2013, pp. 181–188. ACM (2013)Google Scholar
  8. 8.
    Jøsang, A., Ismail, R., Boyd, C.: A survey of trust and reputation systems for online service provision. Decis. Support Syst. 43(2), 618–644 (2007)CrossRefGoogle Scholar
  9. 9.
    Castelfranchi, C., Falcone, R.: Trust Theory: A Socio-Cognitive and Computational Model, 1st edn. Wiley, Hoboken (2010)CrossRefGoogle Scholar
  10. 10.
    McKnight, D.H., Chervany, N.L.: The meanings of trust. University of Minnesota, Technical report (1996)Google Scholar
  11. 11.
    Satariano, A.: What the G.D.P.R., Europe’s tough new data law, means for you (2018). https://www.nytimes.com/2018/05/06/technology/gdpr-european-privacy-law.html. Accessed 18 Jan 2019
  12. 12.
    Grüner, A., Mühle, A., Gayvoronskaya, T., Meinel, C.: A quantifiable trust model for blockchain-based identity management. In: 2018 International Conference on Blockchain, August 2018Google Scholar
  13. 13.
    Blockchain and identity (2018). https://github.com/peacekeeper/blockchain-identity. Accessed 18 Jan 2019
  14. 14.
    Lundkvist, C., Heck, R., Torstensson, J., Mitton, Z., Sena, M.: uPort: a platform for self-sovereign identity (2016). http://blockchainlab.com/pdf/uPort_whitepaper_DRAFT20161020.pdf. Accessed 18 Jan 2019
  15. 15.
    Reed, D., Law, J., Hardman, D.: The Technical Foundations of Sovrin. A white paper from the Sovrin foundation (2016). https://www.evernym.com/wp-content/uploads/2017/07/The-Technical-Foundations-of-Sovrin.pdf. Accessed 18 Jan 2019
  16. 16.
    Sporny, M., Longley, D.: W3C community group draft report. Verifiable claims data model and representations 1.0 (2018). https://www.w3.org/2017/05/vc-data-model/CGFR/2017-05-01/. Accessed 18 Jan 2019
  17. 17.
  18. 18.
    Windley, P.: Digital Identity. O’Reilly Media Inc., Newton (2005)Google Scholar

Copyright information

© Springer Nature Switzerland AG 2020

Authors and Affiliations

  1. 1.Hasso Plattner Institute (HPI)University of PotsdamPotsdamGermany

Personalised recommendations