Logo des Repositoriums

Auflistung nach Schlagwort "Self-Sovereign Identity"

1 - 6 von 6
  • Konferenzbeitrag
    Fulfilling Principles of Self-Sovereign Identity: Towards a Conformity Assessment Approach for Human Wallets
    (Open Identity Summit 2024, 2024) Doege, Dustin; Bochnia, Ricardo; Anke, Jürgen
    Self-Sovereign Identity (SSI) represents a paradigm shift toward user-centric digital identity management by emphasizing principles such as user control and privacy. However, there is a notable gap in assessing how these principles are implemented within existing SSI products despite the ongoing research interest in the theoretical principles of SSI. Our research introduces a structured conformity assessment approach to bridge the gap between theoretical ideals and practical implementation. This approach enables the assessment of SSI products based on fulfilling requirements derived from SSI principles. This provides developers and policymakers with a tool to assess the adherence of SSI products to the fundamental principles. Thus, it may serve developers as a design guideline and policymakers as a basis for certification processes.
  • Konferenzbeitrag
    Gaining Back the Control Over Identity Attributes: Access Management Systems Based on Self-Sovereign Identity
    (Open Identity Summit 2024, 2024) Keil, Kenneth-Raphael; Bochnia, Ricardo; Gudymenko, Ivan; Köpsell, Stefan; Anke, Jürgen
    Digital employee cards used for door access control offer benefits, but concerns about traceability, profiling and performance monitoring have led to opposition from workers’ councils and employees. However, the emerging identity management approach, Self-Sovereign Identity (SSI), can address these concerns by giving control over disclosed identity attributes back to the end user. This paper analyzes a real-world access management scenario in a hospital building and applies the SSI paradigm to address the identified issues. The analysis assumes a semi-honest observing attacker sniffing on the payload and the transport layer. The SSI-based proof of concept is shown to have a high potential to protect against traceability and profiling. However, in addition to the careful technical implementation of SSI, it is important to consider non-technical factors such as governance for a holistic solution. We propose potential strategies to further minimize privacy risks associated with SSI-based employee identity management using mediators.
  • Konferenzbeitrag
    Integration of Self-Sovereign Identity into Conventional Software using Established IAM Protocols: A Survey
    (Open Identity Summit 2022, 2022) Kuperberg, Michael; Klemens, Robin
    Self-Sovereign Identity (SSI) is an approach based on asymmetric cryptography and on decentralized, user-controlled exchange of signed assertions. Most SSI implementations are not based on hierarchic certification schemas, but rather on the peer-to-peer and distributed “web of trust” without root or intermediate CAs. As SSI is a nascent technology, the adoption of vendor-independent SSI standards into existing software landscapes is at an early stage. Conventional enterprise-grade IAM implementations and cloud-based Identity Providers rely on widely established pre-SSI standards, and both will not be replaced by SSI offerings in the next few years. The contribution of this paper is an analysis of patterns and products to bridge unmodified pre-SSI applications and conventional IAM with SSI implementations. Our analysis covers 40+ SSI implementations and major authentication protocols such as OpenID Connect and LDAP.
  • Research Paper
    Nutzungsqualität im Fokus: Ergebnisse einer Fokusgruppe zur Wahrnehmung der Nutzungsqualität einer SSI-Anwendung mit Dongle
    (7. Fachtagung Rechts- und Verwaltungsinformatik (RVI 2024): Neue Wege der Zusammenarbeit und Vernetzung für digitale Transformation und Verwaltungsmodernisierung, 2024) Ebert, Sarah; Krauß, Anna-Magdalena; Biedermann, Ben; Jürgenssen, Olivia; Anke, Jürgen
    Die vorliegende Arbeit untersucht die Nutzungsqualität von Self-Sovereign Identity (SSI) Wallets mit einem zusätzlichen Hardware-Kryptographie-Faktor. Mithilfe einer Fokusgruppe, bestehend aus fünf Teilnehmenden unterschiedlicher technischer Kompetenz, wurde eine Wallet mit Dongle im Kontext eines ÖPNV-Anwendungsfalls getestet und anschließend diskutiert. Die Ergebnisse unterstreichen die Notwendigkeit benutzerfreundlicher Technologien, um das Vertrauen der Nutzenden zu gewinnen. Zudem zeigen sie die Bedeutung von Transparenz und offenen Standards für die Akzeptanz der Lösung auf. Abschließend wurden Propositionen formuliert, die weitere Forschung ermöglichen.
  • Konferenzbeitrag
    On the Search for Trust: Self-Sovereign Identity and the Public Sector
    (6. Fachtagung Rechts- und Verwaltungsinformatik (RVI 2023), 2023) Richter, Daniel; Krauß, Anna-Magdalena; Ebert, Sarah; Handke, Stefan
    Trust in the government can be seen both as a prerequisite as well as an outcome for public sector digitization. Recently, Self-sovereign Identity (SSI) has been pursued as a means to provide an infrastructure for the secure exchange of digital credentials to public services. To enable SSI’s potentially trust-enhancing properties in digital public services, we gather necessary design factors from the perspective of the system’s user experience (UX) and the governance of technical artifacts and users. We provide a concretization of generic antecedents to trust found in the literature by using them as an analytical lens for the case of a digital public service utilizing SSI: the implementation of the direct-democratic instrument of the citizen’s initiative (“Bürgerbegehren”) in the city of Dresden, Germany. We highlight gaps in the case and literature and give recommendations concerning both the UX and credential governance to foster trust-enhancing implementations of SSI in public services.
  • Konferenzbeitrag
    Towards Building GDPR-Friendly Consent Management Systems on Top of Self-Sovereign Identity Ecosystems
    (Open Identity Summit 2024, 2024) Schramm, Julia; Eichinger, Tobias
    Consent is a legal basis that legitimizes the processing of personal data under the General Data Protection Regulation (GDPR). Implementing consent management systems in a GDPR-compliant fashion has proven difficult. A major pain point of current implementations is that users only have insufficient means to prove that they withdrew consent. Controllers can, therefore, plausibly deny having received a notification of consent withdrawal and it is thus at their discretion to continue the processing of personal data against the user’s will. As a remedy, it has been proposed to log consent withdrawal events in blockchains to make them non-repudiable by controllers. This approach is typically at odds with the GDPR’s fundamental principle of Storage Limitation. The issue is that a consent withdrawal event has to permit identification of the user who submitted it, yet only until the controller has received it. However, if they are logged in a blockchain, identification is possible indefinitely, as blockchains are append-only databases that do not facilitate deletion. In the paper at hand, we alleviate this issue and present work in progress on a consent management system in which users (i) give consent by issuing a verifiable credential to a controller and (ii) withdraw consent by revoking it. These two functions are natively provided in Self-Sovereign Identity (SSI) ecosystems.