Auflistung nach Schlagwort "Self-sovereign identity"
1 - 9 von 9
Treffer pro Seite
Sortieroptionen
- ZeitschriftenartikelDigital Identities and Verifiable Credentials(Business & Information Systems Engineering: Vol. 63, No. 5, 2021) Sedlmeir, Johannes; Smethurst, Reilly; Rieger, Alexander; Fridgen, Gilbert
- KonferenzbeitragEstablishing Trust in SSI Verifiers(Open Identity Summit 2023, 2023) Chadwick, David W.; Kubach, Michael; Sette, Ioram; Johnson Jeyakumar, Isaac HendersonWe present a conceptual model that enables a user/holder with a wallet holding W3C Verifiable Credentials (VCs) to determine if the verifier is trusted to conform to GDPR so that it might be given the user’s personal identifying information contained in their VCs. We describe the implementation of this model using the TRAIN trust infrastructure and how wallets might interoperate with verifiers using different trust infrastructures. This leverages the OIDC GAIN proof of concept network currently being built using the draft OIDC Federation specification. We briefly describe the experiments that we have undertaken to date and the research that is still outstanding
- KonferenzbeitragA lightweight trust management infrastructure for self-sovereign identity(Open Identity Summit 2021, 2021) Kubach, Michael; Roßnagel, HeikoDecentralized approaches towards digital identity management, often summarized under the currently popular term Self-sovereign identity (SSI) are being associated with high hopes for a bright future of identity management (IdM). Numerous private, open source as well as publicly funded research initiatives pursue this approach with the aim to finally bring universally usable, trustworthy, interoperable, secure, and privacy friendly digital identities for everyone and all use cases. However, a major challenge that so far has been only rudimentary addressed, is the trust management in these decentralized identity ecosystems. This paper first elaborates this problem before presenting an approach for a trust management infrastructure in SSI ecosystems that is based on already completed work for trust management in digital transactions.
- KonferenzbeitragModeling the Threats to Self-Sovereign Identities(Open Identity Summit 2023, 2023) Pöhn, Daniela; Grabatin, Michael; Hommel, WolfgangSelf-sovereign identity (SSI) is a relatively young identity management paradigm allowing digital identities to be managed in a user-centric, decentralized manner, often but not necessarily utilizing distributed ledger technologies. This emerging technology gets into the focus through the new electronic IDentification, Authentication and trust Services (eIDAS) regulation in Europe. As identity management involves the management and use of personally identifiable information, it is important to evaluate the threats to SSI. We apply the STRIDE (Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, and Elevation of Privilege) threat modeling approach to the core components of SSI architecture and the interactions between them. Based on the summarized results, we discuss relevant mitigation methods and future research areas.
- KonferenzbeitragA novel approach to establish trust in verifiable credential issuers in Self-sovereign identity ecosystems using TRAIN(Open Identity Summit 2022, 2022) Johnson Jeyakumar, Isaac H.; Chadwick, David W.; Kubach, MichaelSelf-sovereign identity (SSI) promises to bring decentralized privacy friendly identity management (IdM) ecosystems to everyone. Yet, trust management in SSI remains challenging. In particular, it lacks a holistic approach that combines trust and governance frameworks. A practical and scalable mechanism is needed for verifiers to externally verify their trust in credential issuers. This paper illustrates how TRAIN (Trust mAnagement INfrastructure), an approach based on established components like ETSI trust lists and the Domain Name System (DNS), can be used as a trust registry component to provide a holistic approach for trust management in SSI ecosystems. TRAIN facilitates individual trust decisions through the discovery of trust lists in SSI ecosystems, along with published credential schemas, so that verifiers can perform informed trust decisions about issued credentials.
- KonferenzbeitragOn the Market for Self-Sovereign Identity: Structure and Stakeholders(Open Identity Summit 2021, 2021) Kubach, Michael; Sellung, RachelleFor SSI solutions to make a significant impact, they need to be designed to cater to the requirements of the market to be adopted. Therefore, this paper proposes a structure of the market for SSI solutions, analyses its stakeholders, and surveys its current state.
- ZeitschriftenartikelSelbstbestimmte Identitäten im E-Commerce:(HMD Praxis der Wirtschaftsinformatik: Vol. 61, No. 3, 2024) Braun, Simone; Sauer, Max; Sürmeli, Jan; Thessen, JonasDer Online-Handel verzeichnet seit Jahren ein stetiges Wachstum. Durch die COVID-19-Pandemie kaufen nun auch Nutzende, die zuvor physische Kanäle bevorzugten, vermehrt online ein. Der Anbietererfolg hängt dabei wesentlich von der Kenntnis über die Kund*innen ab. Allerdings dominieren einige große Anbieter den Markt, während kleinere Online-Shops Schwierigkeiten haben, ihre Angebote zu personalisieren. Eine Lösung bietet der Ansatz selbstbestimmter Identitäten. Dieser ermöglicht Kund*innen, ihre eigenen Shoppingdaten zu kontrollieren und sie selektiv mit Online-Shops zu teilen. Dadurch können individuelle Wünsche und Anforderungen der Kund*innen in Online-Shops berücksichtigt und ein personalisiertes Angebot sowie eine gute Nutzungserfahrung geboten werden. Trotz des großen Potenzials selbstbestimmter Identitäten ist der Ansatz in Deutschland kaum verbreitet. Dieser Beitrag beleuchtet den Einsatz selbstbestimmter Identitäten im Online-Handel. Mithilfe eines menschenzentrierten Gestaltungsprozesses wurden Personas und Ist-Szenarien erstellt, sowie daraus resultierend Anforderungen erhoben und Potenziale identifiziert. Auf Basis dessen konnte ein Daten- und Architekturmodell zur Integration von selbstbestimmten Identitäten im Online-Handel entwickelt werden. E‑commerce has been growing for years. With the COVID-19 pandemic, even users who previously preferred physical channels are increasingly shopping online. The success of online retailers depends largely on knowing their customers. However, a few major players dominate the market, leaving smaller online shops struggling to personalize their offerings. One solution is the approach of self-sovereign identity. This allows customers to control their own shopping data and selectively share it with online shops. Thus, online shops can consider individual customer preferences and requirements, providing personalized recommendations and user experience. Despite the great potential of self-sovereign identity, this approach is scarcely widespread in Germany. This article examines the use of self-sovereign identity in e‑commerce. With the help of a human-centered design process, personas and actual scenarios were created and the resulting requirements and potentials identified. On this basis, a data and architecture model for the integration of self-sovereign identities in e‑commerce was developed.
- KonferenzbeitragSelf-sovereign and Decentralized identity as the future of identity management?(Open Identity Summit 2020, 2020) Kubach, Michael; Schunck, Christian H.; Sellung, Rachelle; Roßnagel, HeikoBlockchain-based Self-sovereign and Decentralized identity approaches are seen by many as the future of identity management. These solutions are supposed to finally bring universally usable, trustworthy, secure, and privacy friendly digital identities for everyone and all use cases. This paper first presents the promises of this technological app
- KonferenzbeitragX out of N Credential Requests using Presentation Exchange(Open Identity Summit 2023, 2023) Otto, Sarah; Meisel, MichaelSelf-sovereign identity (SSI) is a new management model for digital identities. Here, the exchange of so-called verifiable credentials - digitally signed pieces of (personal) data - is one of the main aspects of "using" such an identity. Therefore, one party called a verifier requests credentials from another one holding them. We note that the main problem is to find a way to formulate a credential request in such a way that the holding party can choose which credentials to be sent from a predefined pool. Using the Presentation Exchange specification in its current version 2.0.0 is the only way to achieve this directly. Finally, we describe a sample implementation that supports such a mechanism using this specification as part of DIDComm messages.