DT-SSIM: A Decentralized Trustworthy Self-Sovereign Identity Management Framework
- 14 September 2021
- journal article
- research article
- Published by Institute of Electrical and Electronics Engineers (IEEE) in IEEE Internet of Things Journal
- Vol. 9 (11), 7972-7988
- https://doi.org/10.1109/jiot.2021.3112537
Abstract
In a ubiquitous environment enclosing cooperative Internet-of-Things (IoT) devices, individuals, and entities, digital identity management (DIM) becomes critical and challenging. DIM pertains to device identities authentication and verification to enable trustworthy service exchange, data collection, and decision making. DIM is the supporting pillar for all online services and the foundation for security and authentication mechanisms. Due to the extreme heterogeneity, scale, and configuration complexity of such environments, enabling trustworthy DIM is crucial and seriously challenging. In an IoT context, devices use local digital identities stored within a tamper-proof unit and verified by a centralized authority for authentication. The recent attacks on IoT systems showed how vulnerable such a design is. It is also an inherent problem that influences humans. From that, self-sovereign identity (SSI) has emerged as a decentralized DIM approach embracing the concept of portable self-possession identity. SSI was presented to couple the digital identity from the owner to enable large-scale cooperation. However, digital identity storage and verification still occur on the device and in a centralized manner. Utilizing a local single-point-of-failure storage memory for verifiable credentials is one of the considerable drawbacks in contemporary SSI. In this regard, this article introduces decentralized trustworthy-self-sovereign identity management (DT-SSIM), a novel decentralized trustworthy SSI management framework. DT-SSIM integrates the secret share scheme with the blockchain-based smart contracts technologies to provide transparent and trustworthy SSI-based DIM services for IoT. Storing IoT identity credentials outside the devices’ local storage preserves the identity credentials from being tampered with or misused. Evaluations and discussions show the resiliency assessment of the system and the cost and estimated running times for verification processes in DT-SSIM.Keywords
Funding Information
- National Science Foundation (CNS-2120279, CNS-1828593, OAC-1829771, EEC-1840458, CNS-1950704)
- Office of Naval Research (N00014-20-1-2065)
- National Security Agency (H98230-21-1-0165, H98230-21-1-0278)
- Commonwealth Cyber Initiative (HS-4Q21-005)
This publication has 39 references indexed in Scilit:
- A Light-Weight Mutual Authentication Protocol for IoT SystemsPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2017
- Entropies of Weighted Sums in Cyclic Groups and an Application to Polar CodesEntropy, 2017
- Smart Cities: A Survey on Data Management, Security, and Enabling TechnologiesIEEE Communications Surveys & Tutorials, 2017
- Crowdsourcing low-power wide-area IoT networksPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2017
- An entropy-based demonstration of the security of Shamir's secret sharing schemePublished by Institute of Electrical and Electronics Engineers (IEEE) ,2014
- A Survey on Identity Management for the Future NetworkIEEE Communications Surveys & Tutorials, 2012
- Sumset and Inverse Sumset Theory for Shannon EntropyCombinatorics, Probability and Computing, 2010
- World Wide Web Consortium (W3C)Published by Taylor & Francis Ltd ,2009
- Performance Comparison of Secure Comparison ProtocolsPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2009
- A new (t,n) multi-secret sharing scheme based on Shamir’s secret sharingApplied Mathematics and Computation, 2005