Logo des Repositoriums

P293 - Open Identity Summit 2019

https://dl.gi.de/handle/20.500.12116/20979
Auflistung nach:

Auflistung P293 - Open Identity Summit 2019 nach Schlagwort "blockchain"

1 - 2 von 2
  • Textdokument
    Blockchain-based consent manager for GDPR compliance
    (Open Identity Summit 2019, 2019) Vargas; Juan Camilo
    The General Data Protection Regulation represents great challenges for companies. This paper proposes a model of consent management for personal data that uses blockchain technology to help address part of these challenges. On the one hand, the model aims to facilitate compliance with the regulation and offer an agile tool for consent control and interaction between data subjects, controllers and processors. On the other hand, it aims to offer data subjects a tool to assert their rights and get bigger control over their consents and indirectly over personal data. A proof of concept was developed using Hyperledger Fabric and allowed to identify the benefits and challenges of the model.
  • Textdokument
    Smart Contract Federated Identity Management without Third Party Authentication Services
    (Open Identity Summit 2019, 2019) Mell, Peter; Dray, Jim; Shook, James
    Federated identity management enables users to access multiple systems using a single login credential. However, to achieve this a complex privacy compromising authentication has to occur between the user, relying party (RP) (e.g., abusiness), and a credential service provider(CSP) that performs the authentication. In this work, we use a smart contract on a blockchain to enable an architecture where authentication no longer involves the CSP. Authentication is performed solely through user to RP communications (eliminating fees and enhancing privacy). No third party needs to be contacted, not even the smart contract. No public key infrastructure (PKI) needs to be maintained. And no revocation lists need to be checked. In contrast to competing smart contract approaches, ours is hierarchically managed (like a PKI) enabling better validation of attribute providers and making it more useful for large entities to provide identity services for their constituents (e.g.,a government) while still enabling users to maintain a level of self-sovereignty.