Plataforma para Gestão de Identidades Descentralizadas Baseada em Blockchain

Silvio Queiroz; Fabíola Greve; Leobino N. Sampaio; Eduardo Marques

doi:10.5753/sbseg.2021.17304

Silvio Queiroz UFBA http://orcid.org/0000-0001-6904-6662
Fabíola Greve UFBA https://orcid.org/0000-0001-6748-8440
Leobino N. Sampaio UFBA https://orcid.org/0000-0003-4855-0936
Eduardo Marques UEFS https://orcid.org/0000-0002-6706-4303

DOI: https://doi.org/10.5753/sbseg.2021.17304

Abstract

Identity is fundamental for recognizing entities (i.e., individuals, things, and organizations) and their diverse relationships in the context they are located. The Identity Management (GId) establishes procedures for authentication, authorization, accountability, and auditing to preserve the security of access to organizations’ resources. Once centralized or federated, GId systems can evolve into a decentralized and self-sovereign model (IDD), through which the user himself becomes the administrator of information about his identity and indeed becomes unique and shareable in the entire ecosystem. This paper presents the ChainID platform for managing decentralized identities through the blockchain. It contemplates the decentralized management of identities, their attributes, and credentials, being sufficiently generic to abstract the complexity of the communication standards and protocols involved in the solution, thus providing the IDD infrastructure in different usage flows safely and transparently. As a proof of concept, an authentication component has been developed, benefiting federated networks, such as Cafe by RNP.

Keywords: Decentralized Digital Identity, Decentralized Identifiers, Self-Sovereign Identity, Identity Management, Blockchain, Authentication, IM, IDP, DID, SAML

References

ACA-Py (2021). In Hyperledger Aries Cloud Agent - Python. Hyperledger Aries. [link].

Androulaki, E., Barger, A., Bortnikov, V., Cachin, C., Christidis, K., De Caro, A., Enyeart, D., Ferris, C., Laventman, G., Manevich, Y., et al. (2018). Hyperledger Fabric: a distributed operating system for permissioned blockchains. In Proceedings of the Thirteenth EuroSys Conference, page 30. ACM.

Aries, H. (2021a). In Hyperledger Aries. Hyperledger Aries. [link].

Aries, H. (2021b). In Hyperledger Aries. Hyperledger Aries. [link].

Bano, S., Sonnino, A., Al-Bassam, M., Azouvi, S., McCorry, P., Meiklejohn, S., and Danezis, G. (2017). SoK: Consensus in the age of blockchains. Technical report, University College London, United Kingdom. https://arxiv.org/pdf/1711.03936.pdf.

Bhattacharya, M. P., Zavarsky, P., and Butakov, S. (2020). Enhancing the security and privacy of self-sovereign identities on hyperledger indy blockchain. In 2020 International Symposium on Networks, Computers and Communications (ISNCC), pages 1–7.

Buterin, V. et al. (2014). A next-generation smart contract and decentralized application platform. white paper, 3(37).

García, A. L., Fernandez-del Castillo, E., and Puel, M. (2013). Identity federation with voms in cloud infrastructures. In 2013 IEEE 5th International Conference on Cloud Computing Technology and Science, volume 1, pages 42–48.

Gemmill, J., Robinson, J., Scavo, T., and Bangalore, P. (2009). Cross-domain authorization for federated virtual organizations using the myvocs collaboration environment. Concurrency and Computation: Practice and Experience, 21:509–532.

ITU (2009). In NGN Identity Management Framework - Recommendation Y.2720. [S.l.]. ITU. http://www.itu.int/rec/T-REC-Y.2720-200901-I/en.

Kubach, M., Schunck, C., Sellung, R., and Rossnagel, H. (2020). Self-sovereign and decentralized identity as the future of identity management? In Open Identity Summit.

Liu, Y., He, D., Obaidat, M., Kumar, N., Khan, M. K., and Choo, K.-K. R. (2020). Blockchain-based identity management systems: A review. J. Netw. Comput. Appl., 166:102731.

López, M. A. (2020). SELF-SOVEREIGN IDENTITY: The Future of Identity: Self-Sovereignity, Digital Wallets, and Blockchain. Inter-American Development Bank.

Naik, N. and Jenkins, P. (2020). uport open-source identity management system: An assessment of self-sovereign identity and user-centric data platform built on blockchain. In 2020 IEEE International Symposium on Systems Engineering (ISSE), pages 1–7.

Narayanan, A., Bonneau, J., Felten, E., Miller, A., and Goldfeder, S. (2016). Bitcoin and cryptocurrency technologies. Princeton University Press.

Sovrin (2018). In A Protocol and Token for SelfSovereign Identity and Decentralized Trust. The Sovrin Foundation. [link].

Tobin, A. and Reed, D. (2017). In The Inevitable Rise of Self-Sovereign Identity, volume 29. The Sovrin Foundation.

Vullings, E., Dalziel, J., and Buchhorn, M. (2007). Secure federated authentication and authorisation to grid portal applications using saml and xacml. J. Res. Pract. Inf. Technol., 39:101–114.

W3C (2019a). In Decentralized Identifiers (DIDs) v1.0: Core architecture, data model, and representations. W3C. https://w3c-ccg.github.io/did-spec/.

W3C (2019b). In Verifiable Credentials Data Model 1.0: Expressing verifiable information on the Web. W3C. https://www.w3.org/TR/vc-data-model/.

ChainID - Blockchain-based Decentralized Identity Management Platform

Abstract

References

Most read articles by the same author(s)