Modeling the Threats to Self-Sovereign Identities

Self-sovereign identity (SSI) is a relatively young identity management paradigm allowing digital identities to be managed in a user-centric, decentralized manner, often but not necessarily utilizing distributed ledger technologies. This emerging technology gets into the focus through the new electronic IDentification, Authentication and trust Services (eIDAS) regulation in Europe. As identity management involves the management and use of personally identifiable information, it is important to evaluate the threats to SSI. We apply the STRIDE (Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, and Elevation of Privilege) threat modeling approach to the core components of SSI architecture and the interactions between them. Based on the summarized results, we discuss relevant mitigation methods and future research areas.

Pöhn, Daniela; Grabatin, Michael; Hommel, Wolfgang (2023): Modeling the Threats to Self-Sovereign Identities. Open Identity Summit 2023. DOI: 10.18420/OID2023_07. Bonn: Gesellschaft für Informatik e.V.. PISSN: 1617-5468. ISBN: 978-3-88579-729-6. pp. 85-96. Regular Research Papers. Heilbronn, Germany. 15.-16. June 2023

Schlagwörter

Self-sovereign identity , identity management , security analysis , threat modeling

DOI

10.18420/OID2023_07

Sammlungen

P335 - Open Identity Summit 2023

Komplettanzeige

Modeling the Threats to Self-Sovereign Identities

Volltext URI

Dokumententyp

Dateien

Zusatzinformation

Datum

Autor:innen

Zeitschriftentitel

ISSN der Zeitschrift

Bandtitel

Quelle

Verlag

Zusammenfassung

Beschreibung

Schlagwörter

Zitierform

DOI

Tags

Sammlungen