Vaios Bolgouras, Anna Angelogianni, Ilias Politis, C. Xenakis
{"title":"可信和安全的自我主权身份框架","authors":"Vaios Bolgouras, Anna Angelogianni, Ilias Politis, C. Xenakis","doi":"10.1145/3538969.3544436","DOIUrl":null,"url":null,"abstract":"Digitization, in terms of online services, work environment and other day-to-day procedures, has lead to the wide adoption and use of the respective digital identities. Users utilize their digital personas and their corresponding attributes on a daily basis, in order to gain access to resources and services. This is achieved through the use of numerous identity management schemes, which often suffer from multiple vulnerabilities and are susceptible to threats. This results in the compromise of user privacy and data security. In the recent years, new technologies related to identity management, like the Self-Sovereign Identity (SSI) and eIDAS concepts, are employed to mitigate these issues. This paper presents an architecture that combines state-of-the-art technologies regarding identity management, authentication and secure storage. More specifically, the proposed framework utilizes IOTA-based SSI, the eIDAS framework, FIDO protocol and Trusted Execution Environment (TEE), resulting in a trusted and secure identity management framework. Our solution is thoroughly presented via scenarios, showcasing its robustness and how well it copes in relation to our threat model.","PeriodicalId":306813,"journal":{"name":"Proceedings of the 17th International Conference on Availability, Reliability and Security","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2022-08-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":"{\"title\":\"Trusted and Secure Self-Sovereign Identity framework\",\"authors\":\"Vaios Bolgouras, Anna Angelogianni, Ilias Politis, C. Xenakis\",\"doi\":\"10.1145/3538969.3544436\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Digitization, in terms of online services, work environment and other day-to-day procedures, has lead to the wide adoption and use of the respective digital identities. Users utilize their digital personas and their corresponding attributes on a daily basis, in order to gain access to resources and services. This is achieved through the use of numerous identity management schemes, which often suffer from multiple vulnerabilities and are susceptible to threats. This results in the compromise of user privacy and data security. In the recent years, new technologies related to identity management, like the Self-Sovereign Identity (SSI) and eIDAS concepts, are employed to mitigate these issues. This paper presents an architecture that combines state-of-the-art technologies regarding identity management, authentication and secure storage. More specifically, the proposed framework utilizes IOTA-based SSI, the eIDAS framework, FIDO protocol and Trusted Execution Environment (TEE), resulting in a trusted and secure identity management framework. Our solution is thoroughly presented via scenarios, showcasing its robustness and how well it copes in relation to our threat model.\",\"PeriodicalId\":306813,\"journal\":{\"name\":\"Proceedings of the 17th International Conference on Availability, Reliability and Security\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-08-23\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"4\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 17th International Conference on Availability, Reliability and Security\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3538969.3544436\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 17th International Conference on Availability, Reliability and Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3538969.3544436","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Trusted and Secure Self-Sovereign Identity framework
Digitization, in terms of online services, work environment and other day-to-day procedures, has lead to the wide adoption and use of the respective digital identities. Users utilize their digital personas and their corresponding attributes on a daily basis, in order to gain access to resources and services. This is achieved through the use of numerous identity management schemes, which often suffer from multiple vulnerabilities and are susceptible to threats. This results in the compromise of user privacy and data security. In the recent years, new technologies related to identity management, like the Self-Sovereign Identity (SSI) and eIDAS concepts, are employed to mitigate these issues. This paper presents an architecture that combines state-of-the-art technologies regarding identity management, authentication and secure storage. More specifically, the proposed framework utilizes IOTA-based SSI, the eIDAS framework, FIDO protocol and Trusted Execution Environment (TEE), resulting in a trusted and secure identity management framework. Our solution is thoroughly presented via scenarios, showcasing its robustness and how well it copes in relation to our threat model.