paint-brush
Self-Sovereign Identity Based Access Controls or SSIBACs: An Overviewby@rafaelbelchior
157 reads

Self-Sovereign Identity Based Access Controls or SSIBACs: An Overview

by Rafael BelchiorOctober 20th, 2020
Read on Terminal Reader
Read this story w/o Javascript
tldt arrow

Too Long; Didn't Read

A recent academic paper uses Hyperledger infrastructure to conduct access control processes using decentralized identifiers, verifiable credentials, and conventional access control models. The paper proposes Self-Sovereign Identity Based Access Control (SSIBAC), an access control model for cross-organization identity management. The project has been implemented in the context of the European Union project Qualichain (http://qualichain.epu.ntua.gr/) The paper has been published in the form of an academic paper.
featured image - Self-Sovereign Identity Based Access Controls or SSIBACs: An Overview
Rafael Belchior HackerNoon profile picture

A recent academic paper uses Hyperledger infrastructure to conduct access control processes using decentralized identifiers, verifiable credentials, and conventional access control models.

According to its main project page, “Hyperledger Aries provides a shared, reusable, interoperable tool kit designed for initiatives and solutions focused on creating, transmitting and storing verifiable digital credentials. It is infrastructure for blockchain-rooted, peer-to-peer interactions”.

On its turn, Hyperledger Indy “provides tools, libraries, and reusable components for providing digital identities rooted on blockchains”. It is the utilization of conventional access control models over the union of this projects that gives birth to SSIBAC.

This project has been implemented in the context of the European Union project Qualichain (http://qualichain.epu.ntua.gr/)

Here is the abstract,which provides an holistic view of the paper:

Ineffective data management practices pose serious issues to individuals and companies, e.g., risk of identity theft and online exposure.

Self-sovereign identity (SSI) is a new identity management approach that ensures users have full control of their personal data. In this work, we alleviate data breach and user privacy problems by showing how SSI can fit within the context of established enterprise identity and access management technologies.

In light of recent endeavors, we explore the use of decentralized identifiers, verifiable credentials, and blockchains that support SSI. We propose Self-Sovereign Identity Based Access Control (SSIBAC), an access control model for cross-organization identity management.

SSIBAC leverages conventional access control models and blockchain technology to provide decentralized authentication, followed by centralized authorization.

The access control process does not require storing user sensitive data. A prototype was implemented and evaluated, processing 55,000 access control requests per second with a latency of 3 seconds.

Read the full paper: https://rafaelapb.github.io/academic