Abstract
Existing identity management systems either use a centralized authentication server or rely on identity providers to authenticate users for gaining access to various services. These systems have failed to safeguard user data privacy and do not encourage the portability of identity data. Self-sovereign identity is a new approach in identity management where entities have control of their digital identity. The emerging blockchain technology enables self-sovereign identity management, a decentralized identity management model that eliminates identity providers as a trusted third party. Due to the decentralized nature of blockchain network, this new paradigm of identity management demands different trust requirements. This research provides the first thorough review in literature addressing trust management for blockchain-based self-sovereign identity. A formal and comprehensive trust model proposed for blockchain-based Self-Sovereign IDM will be explored. Besides reviewing trust requirements, the paper also surveys the state-of-the-art of blockchain technology for self-sovereignty in identity management. This survey provides a critical analysis for existing research which sheds light on various opportunities for enhancing security and privacy of blockchain-based self-sovereign identity management and the improvement of trust management. The paper concludes with presenting research gaps and suggestions for future work in the area.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Y. Liu et al., Blockchain-based identity management systems: A review. J. Netw. Comput. Appl. 166, 102731 (2020)
S.Y. Lim, M.L.M.K, T.F. Ang, Security issues and future challenges of cloud service authentication. Acta Polytechnica Hungarica 14(2), 69–89 (2017)
M. Swan, Blockchain: Blueprint for a New Economy (O'Reilly Media, Inc, 2015)
D.R. Andrew Tobin, The Inevitable Rise of Self-Sovereign Identity. 2017
S.Y. Lim et al., Blockchain technology the identity management and authentication service disruptor: A survey. Int. J. Adv. Sci. Eng. Inf. Technol 8(4–2), 1735–1745 (2018)
P.D.F. Aaron Wright, Decentralized Blockchain Technology and the Rise of Lex Cryptographia (2015)
M. Schäffner, Analysis and evaluation of blockchain-based self-sovereign identity systems. Master’s thesis (2019)
D. Reed, J. Law, D. Hardman, The technical foundations of Sovrin. The Technical Foundations of Sovrin (2016)
L. Lesavre, A Taxonomic Approach to Understanding Emerging Blockchain Identity Management Systems (2020)
A. Jøsang, R. Ismail, C. Boyd, A survey of trust and reputation systems for online service provision. Decis. Support. Syst. 43(2), 618–644 (2007)
J.-H. Cho, K. Chan, S. Adali, A survey on trust modeling. ACM Computing Surveys (CSUR) 48(2), 1–40 (2015)
W. Dou, The research on trust-aware P2P topologies and constructing technologies [Ph. D. Thesis] (National University of Defense Technology, Changsha, 2003)
E. Gilman, D. Barth, Zero Trust Networks (O'Reilly Media, Incorporated, 2017)
J.M. De Valmaseda, G. Ionescu, M. Deriaz, TrustPos model: Trusting in mobile users’ location, in International Conference on Mobile Web and Information Systems, (Springer, 2013)
Z. Yan, P. Zhang, A.V. Vasilakos, A survey on trust management for Internet of Things. J. Netw. Comput. Appl. 42, 120–134 (2014)
H. Yu et al., A survey of trust and reputation management systems in wireless communications. Proc. IEEE 98(10), 1755–1772 (2010)
W. Sherchan, S. Nepal, C. Paris, A survey of trust in social networks. ACM Comput. Surveys (CSUR) 45(4), 1–33 (2013)
J.-H. Cho, A. Swami, R. Chen, A survey on trust management for mobile ad hoc networks. IEEE Commun. Surveys Tutorials 13(4), 562–583 (2010)
T. Grandison, M. Sloman, A survey of trust in internet applications. IEEE Commun Surveys Tutorials 3(4), 2–16 (2000)
A.B. Filho et al., A study on trust models in cloud computing, in 2019 IEEE/ACS 16th International Conference on Computer Systems and Applications (AICCSA), (2019)
A. Albuali, T. Mengistu, D. Che, ZTIMM: A zero-trust-based identity management model for volunteer cloud computing, in International Conference on Cloud Computing, (Springer, 2020)
K. Bendiab et al., A novel Blockchain-based trust model for cloud identity management. arXiv preprint arXiv:1903.04767 (2019)
A. Mühle et al., A survey on essential components of a self-sovereign identity. Comput. Sci. Rev 30, 80–86 (2018)
D.L. Manu Sporny, D. Chadwick, Verifiable Credentials Data Model 1.0. 2019.; Available from: https://www.w3.org/TR/vc-data-model/
L. Lesavre et al., A taxonomic approach to understanding emerging blockchain identity management systems. arXiv preprint arXiv:1908.00929 (2020)
M.S. Drummond Reed, D. Longley, C. Allen, R. Grant, M. Sabadello, Decentralized Identifiers (DIDs) v1.0 Core Architecture, Data Model, and Representations (W3C: W3.org, 2021)
N. Naik, P. Jenkins, Self-sovereign identity specifications: Govern your identity through your digital wallet using blockchain technology, in 2020 8th IEEE International Conference on Mobile Cloud Computing, Services, and Engineering (MobileCloud), (IEEE, 2020)
X. Li et al., A survey on the security of blockchain systems. Futur. Gener. Comput. Syst. 107, 841–853 (2020)
T.W. Brent Zundel, M. Varley, M. Csernai, Peer DID Method Specifcation Report (Rebooting the Web of Trust VIII, 2019)
K.K. Daniel Buchner, DID Credential Manifest (GitHub, 2019)
T.F.C. Jeff Bohrer, S. Gance, M. Gylling, V. Haag, A. Hripak, N. Otto, J. Pitcher, A. Reis, J. Schmidt, Open Badges 2.0 Implementation Guide IMS Final Release (2018)
H. Fabric, Smart Contracts and Chaincode (2020); Available from: https://hyperledger-fabric.readthedocs.io/en/release-2.2/smartcontract/smartcontract.html.
V. Acharya, A.E. Yerrapati, N. Prakash, Oracle Blockchain Quick Start Guide: A Practical Approach to Implementing Blockchain in your Enterprise (Packt Publishing Ltd, 2019)
H. Howard, ARC: Analysis of Raft Consensus (University of Cambridge, Computer Laboratory, 2014)
HyperledgerIndy. Indy's Plenum Documentation. 2018; Available from:https://hyperledger-indy.readthedocs.io/projects/plenum/en/latest/main.html.
T. Neudecker, H. Hartenstein, Network layer aspects of permissionless blockchains. IEEE Commun. Surveys Tutorials 21(1), 838–857 (2018)
S.S. Gupta, Blockchain. IBM Onlone (http://www.ibm.com), 2017
LinuxFoundation. Hyperledger Indy 2020; Available from: https://github.com/hyperledger/indy-node#about-indy-node
D.K. Michael Lodder, Anonymous credentials 2.0. 2019.; Available from: https://wiki.hyperledger.org/download/attachments/6426712/Anoncreds2.1.pdf?version=1&modificationDate=1551851745000&api=v2
LinuxFoundation. Hyperledger Aries 2020; Available from: https://github.com/hyperledger/aries
LinuxFoundation. Hyperledger Ursa 2020; Available from: https://github.com/hyperledger/ursa
Androulaki, E., et al., Hyperledger fabric: a distributed operating system for permissioned blockchains, in Proceedings of the Thirteenth EuroSys Conference. 2018, Association for Computing Machinery: Porto, Portugal. p. Article 30
LinuxFoundation, Hyperledger Fabric 2020; Available from: https://github.com/hyperledger/fabric#releases
R.C. Mayer, J.H. Davis, F.D. Schoorman, An integrative model of organizational trust. Acad. Manag. Rev. 20(3), 709–734 (1995)
P.S. Challagidad, V. Reshmi, M.N. Birje, Reputation Based Trust Model in Cloud Computing (2017)
J. Kindervag, No More Chewy Centers: The Zero-Trust Model of Information Security (Forrester Research, Inc., dated Mar, 2016) 23
S. Garfinkel, PGP: Pretty Good Privacy (O'Reilly Media, Inc, 1995)
A. Selvaraj, S. Sundararajan, Evidence-based trust evaluation system for cloud services using fuzzy logic. Int. J. Fuzzy Syst 19(2), 329–337 (2017)
Sovrin, Sovrin Provisional Trust Framework (2017)
D. Weller, R. Dijksman, Blockchain's Relationship with Sovrin for Digital Self-Sovereign Identities (2019)
R.H. Christian Lundkvist, J. Torstensson, Z. Mitton, M. Sena, UPORT: A Platform for Self-Sovereign Identity (2016)
P. Mell, J. Dray, J. Shook, Smart contract federated identity management without third party authentication services. arXiv preprint arXiv:1906.11057 (2019)
C. Grinyer, Designing blockchain based services, in Tensions, Paradoxes+ Plurality: Proceedings of the ServDes. 2020 Conference, (Linköping University Electronic Press, 2020)
J.L. Charleen Fei, E. Rusu, K. Szawan, K. Wagner, N. Wittenberg, Jolocom: Decentralization By Design (2018)
A. Grüner et al., A Comparative Analysis of Trust Requirements in Decentralized Identity Management (Springer International Publishing, Cham, 2020)
A. Grüner et al., A quantifiable trust model for blockchain-based identity management, in 2018 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData), (IEEE, 2018)
K. Bendiab et al., WiP: A novel blockchain-based trust model for cloud identity management, in 2018 IEEE 16th Intl Conf on Dependable, Autonomic and Secure Computing, (IEEE, 2018)
M. Al-Bassam, SCPKI: A Smart Contract-Based PKI and Identity System (2017), pp. 35–40
D. Baars, Towards self-sovereign identity using blockchain technology (2016)
X. Liu, A. Datta, E.-P. Lim, Computational Trust Models and Machine Learning (CRC Press, 2014)
H. Jiang et al., To trust or not to trust a classifier, in NeurIPS, (2018)
Acknowledgments
This work was supported in part by the Fundamental Research Grant Scheme, Ministry of Higher Education Malaysia (FRGS/1/2018/ICT04/UNITAR/03/1).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this chapter
Cite this chapter
Lim, S.Y., Musa, O.B., Al-Rimy, B.A.S., Almasri, A. (2022). Trust Models for Blockchain-Based Self-Sovereign Identity Management: A Survey and Research Directions. In: Maleh, Y., Tawalbeh, L., Motahhir, S., Hafid, A.S. (eds) Advances in Blockchain Technology for Cyber Physical Systems. Internet of Things. Springer, Cham. https://doi.org/10.1007/978-3-030-93646-4_13
Download citation
DOI: https://doi.org/10.1007/978-3-030-93646-4_13
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-93645-7
Online ISBN: 978-3-030-93646-4
eBook Packages: Computer ScienceComputer Science (R0)