Privacy-Preserving eID Derivation for Self-Sovereign Identity Systems

Andreas Abraham (Speaker), Felix Hörandner, Olamide Omolola, Sebastian Ramacher

Research output: Chapter in Book or Conference ProceedingsConference Proceedings with Oral Presentationpeer-review

Abstract

As centralized identity management solutions amass identity data, they increasingly become attractive targets for cyber attacks, which entail consequences for users that range from service disruptions to exposure of sensitive user data. Self-sovereign identity (SSI) strives to return the control over identity data to the users by building on decentralized architectures. However, the adoption of SSI systems is currently hampered by a lack of qualified identity data that satisfies the services’ requirements. Additionally, there is a gap w.r.t the user’s privacy: Intermediate components (e.g., importers or SSI network nodes) learn the users’ sensitive attributes during the derivation of eID data.

In this work, we present a decentralized eID derivation concept that preserves the users’ privacy while maintaining the data’s trustworthiness without revealing the plain data to any component outside the users’ control. Our proposed system also enables users to selectively disclose only relevant parts of the imported identity assertion according to the service’s requirements. We also implement and evaluate a proof-of-concept to demonstrate the feasibility and performance of our concept.
Original languageEnglish
Title of host publicationInformation and Communications Security. ICICS 2019
EditorsJianying Zhou , Xiapu Luo , Qingni Shen , Zhen Xu
PublisherSpringer
Pages307-323
Number of pages16
Volume11999
ISBN (Print)16113349 03029743
DOIs
Publication statusPublished - 2020
Event21st International Conference on Information and Communications Security, ICICS 2019 - Beijing, Beijing, China
Duration: 15 Dec 201917 Dec 2019

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Conference

Conference21st International Conference on Information and Communications Security, ICICS 2019
Country/TerritoryChina
CityBeijing
Period15/12/1917/12/19

Research Field

  • Cyber Security

Fingerprint

Dive into the research topics of 'Privacy-Preserving eID Derivation for Self-Sovereign Identity Systems'. Together they form a unique fingerprint.

Cite this