Gaining Back the Control Over Identity Attributes: Access Management Systems Based on Self-Sovereign Identity
| dc.contributor.author | Keil, Kenneth-Raphael | |
| dc.contributor.author | Bochnia, Ricardo | |
| dc.contributor.author | Gudymenko, Ivan | |
| dc.contributor.author | Köpsell, Stefan | |
| dc.contributor.author | Anke, Jürgen | |
| dc.contributor.editor | Roßnagel, Heiko | |
| dc.contributor.editor | Schunck, Christian H. | |
| dc.contributor.editor | Sousa, Filipe | |
| dc.date.accessioned | 2024-06-07T08:59:58Z | |
| dc.date.available | 2024-06-07T08:59:58Z | |
| dc.date.issued | 2024 | |
| dc.description.abstract | Digital employee cards used for door access control offer benefits, but concerns about traceability, profiling and performance monitoring have led to opposition from workers’ councils and employees. However, the emerging identity management approach, Self-Sovereign Identity (SSI), can address these concerns by giving control over disclosed identity attributes back to the end user. This paper analyzes a real-world access management scenario in a hospital building and applies the SSI paradigm to address the identified issues. The analysis assumes a semi-honest observing attacker sniffing on the payload and the transport layer. The SSI-based proof of concept is shown to have a high potential to protect against traceability and profiling. However, in addition to the careful technical implementation of SSI, it is important to consider non-technical factors such as governance for a holistic solution. We propose potential strategies to further minimize privacy risks associated with SSI-based employee identity management using mediators. | en |
| dc.identifier.doi | 10.18420/OID2024_05 | |
| dc.identifier.isbn | 978-3-88579-744-9 | |
| dc.identifier.pissn | 1617-5468 | |
| dc.identifier.uri | https://dl.gi.de/handle/20.500.12116/44104 | |
| dc.language.iso | en | |
| dc.publisher | Gesellschaft für Informatik e.V. | |
| dc.relation.ispartof | Open Identity Summit 2024 | |
| dc.relation.ispartofseries | Lecture Notes in Informatics (LNI) - Proceedings, Volume P-350 | |
| dc.subject | Self-Sovereign Identity | |
| dc.subject | Traceability | |
| dc.subject | Privacy | |
| dc.subject | Access Control | |
| dc.subject | Profiling | |
| dc.subject | Architecture | |
| dc.title | Gaining Back the Control Over Identity Attributes: Access Management Systems Based on Self-Sovereign Identity | en |
| dc.type | Text/Conference Paper | |
| gi.citation.endPage | 72 | |
| gi.citation.publisherPlace | Bonn | |
| gi.citation.startPage | 61 | |
| gi.conference.date | 20.-21. June 2024 | |
| gi.conference.location | Porto, Portugal | |
| gi.conference.sessiontitle | Regular Research Papers |
Dateien
Originalbündel
1 - 1 von 1