Andrea De Salve , Damiano Di Francesco Maesa , Paolo Mori , Laura Ricci , Alessandro Puccia
{"title":"A multi-layer trust framework for Self Sovereign Identity on blockchain","authors":"Andrea De Salve , Damiano Di Francesco Maesa , Paolo Mori , Laura Ricci , Alessandro Puccia","doi":"10.1016/j.osnem.2023.100265","DOIUrl":null,"url":null,"abstract":"<div><p>The recent interest for decentralised systems and decentralisation of the control over users’ data brings a shift in the way identities and their information are managed. Self Sovereign Identity (SSI) has been proposed as the next generation paradigm for decentralised identity management. Research on SSI is getting more and more traction, focusing mainly on the management of users’ identifiers and on providing a standard way to express and verify credentials. Instead, this paper focuses on the understanding of the role of trust in SSI and it provides new insight into the trust relationships existing between the different SSI actors. Indeed, the analysis of such roles and the relationships existing between SSI actors reveals that the current paradigm suffers from trust issues between the verifier and the issuer of a verifiable credential.</p><p>In order to cope this problem, the paper proposes a new multi-layer framework that exploits trust relationships defined by the actors of the SSI standards (verifiers and issuers of verifiable credentials). An implementation of the framework through Solidity smart contracts has been proposed and deployed on both private and public blockchain networks in order to assess its capabilities. In addition, a dataset related to the spread of spam reviews has been exploited to test the benefits and performance of the proposed framework, demonstrating that it is able to improve the reliability of the SSI paradigm in real-world scenario.</p></div>","PeriodicalId":52228,"journal":{"name":"Online Social Networks and Media","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2023-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Online Social Networks and Media","FirstCategoryId":"1085","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S2468696423000241","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"Social Sciences","Score":null,"Total":0}
引用次数: 0
Abstract
The recent interest for decentralised systems and decentralisation of the control over users’ data brings a shift in the way identities and their information are managed. Self Sovereign Identity (SSI) has been proposed as the next generation paradigm for decentralised identity management. Research on SSI is getting more and more traction, focusing mainly on the management of users’ identifiers and on providing a standard way to express and verify credentials. Instead, this paper focuses on the understanding of the role of trust in SSI and it provides new insight into the trust relationships existing between the different SSI actors. Indeed, the analysis of such roles and the relationships existing between SSI actors reveals that the current paradigm suffers from trust issues between the verifier and the issuer of a verifiable credential.
In order to cope this problem, the paper proposes a new multi-layer framework that exploits trust relationships defined by the actors of the SSI standards (verifiers and issuers of verifiable credentials). An implementation of the framework through Solidity smart contracts has been proposed and deployed on both private and public blockchain networks in order to assess its capabilities. In addition, a dataset related to the spread of spam reviews has been exploited to test the benefits and performance of the proposed framework, demonstrating that it is able to improve the reliability of the SSI paradigm in real-world scenario.
最近对去中心化系统和对用户数据控制的去中心化的兴趣带来了身份及其信息管理方式的转变。自我主权身份(Self - Sovereign Identity, SSI)被认为是下一代去中心化身份管理的范例。SSI的研究越来越受到关注,主要集中在用户标识符的管理和提供一种标准的方式来表达和验证凭据。相反,本文侧重于对信任在SSI中的作用的理解,并为不同SSI参与者之间存在的信任关系提供了新的见解。事实上,对这些角色和SSI参与者之间存在的关系的分析表明,目前的范式存在可验证凭证的验证者和颁发者之间的信任问题。为了解决这个问题,本文提出了一个新的多层框架,利用由SSI标准的参与者(可验证凭据的验证者和颁发者)定义的信任关系。已经提出了通过Solidity智能合约实现该框架,并将其部署在私有和公共区块链网络上,以评估其功能。此外,利用与垃圾邮件评论传播相关的数据集来测试所提议框架的好处和性能,证明它能够提高SSI范式在现实场景中的可靠性。