Abstract
Authentication and authorization of a user’s identity are generally done by the service providers or identity providers. However, these centralized systems limit the user’s control of their own identity and are prone to massive data leaks due to their centralized nature. We propose a blockchain-based identity management system to authenticate and authorize users using attribute-based access control policies and privacy-preserving algorithms and finally returning the control of a user’s identity to the user. Our proposed system would use a private blockchain, which would store the re-certification events and data access and authorization requests for users’ identities in a secure, verifiable manner, thus ensuring the integrity of the data. This paper suggests a mechanism to digitize documents such as passports, driving licenses, and electricity bills, issued by any government authority or other authority in an immutable and secure manner. The data owners are responsible for authenticating and propagating the users’ identities as and when needed using the OpenID Connect protocol to enable single sign-on. We use advanced cryptographic algorithms to provide pseudonyms to the users, thus ensuring their privacy. These algorithms also ensure the auditability of transactions as and when required. Our proposed system helps in mitigating some of the issues in the recent privacy debates. The project finds its applications in citizen transfers, inter-country service providence, banks, ownership transfer, etc. The generic framework can also be extended to a consortium of banks, hospitals, etc.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
- 2.
- 3.
- 4.
- 5.
- 6.
See footnote 3.
- 7.
- 8.
References
Agrawal A, Rathor S (2020) A robust verification system for recruitment process by using blockchain technology. Int J Bifurc Chaos 1:389
Almadhoun R, Kadadha M, Alhemeiri M, Alshehhi M, Salah K (2018) A user authentication scheme of iot devices using blockchain-enabled fog nodes. In: 2018 IEEE/ACS 15th international conference on computer systems and applications (AICCSA), pp 1–8. https://doi.org/10.1109/AICCSA.2018.8612856
Androulaki E, Barger A, Bortnikov V, Cachin C, Christidis K, De Caro A, Enyeart D, Ferris C, Laventman G, Manevich Y, et al (2018) Hyperledger fabric: a distributed operating system for permissioned blockchains. In: Proceedings of the thirteenth EuroSys conference, pp 1–15
Basney J, Flanagan H, Fleury T, Gaynor J, Koranda S, Oshrin B (2019) CILogon: enabling federated identity and access management for scientific collaborations. PoS ISGC2019:031. https://doi.org/10.22323/1.351.0031
Beltran V, Martinez JA, Skarmeta AF (2017) User-centric access control for efficient security in smart cities. In: 2017 Global Internet of Things Summit (GIoTS), pp 1–6. IEEE
Bendiab G, Shiaeles SN, Boucherkha S, Ghita BV (2019) Fcmdt: a novel fuzzy cognitive maps dynamic trust model for cloud federated identity management. Comput Secur 86:270–290
Berghel H (2020) The equifax hack revisited and repurposed. Computer 53(5):85–90
Bethencourt J, Sahai A, Waters B (2007) Ciphertext-policy attribute-based encryption. In: 2007 IEEE symposium on security and privacy (SP’07), pp 321–334. IEEE
Burr WE, Dodson DF, Newton EM, Perlner RA, Polk WT, Gupta S, Nabbus EA (2011) Sp 800-63-1. Electronic authentication guideline
Cai X, Geng S, Zhang J, Wu D, Cui Z, Zhang W, Chen J (2021) A sharding scheme-based many-objective optimization algorithm for enhancing security in blockchain-enabled industrial internet of things. IEEE Trans Indus Inform 17(11):7650–7658. https://doi.org/10.1109/TII.2021.3051607
Cui Z, Xue F, Zhang S, Cai X, Cao Y, Zhang W, Chen J (2020) A hybrid blockchain-based identity authentication scheme for multi-wsn. IEEE Trans Serv Comput 13(2):241–251. https://doi.org/10.1109/TSC.2020.2964537
Das P, Erwig A, Faust S, Loss J, Riahi S (2021) The exact security of bip32 wallets. In: Proceedings of the 2021 ACM SIGSAC conference on computer and communications security, pp 1020–1042
Dunphy P, Petitcolas FA (2018) A first look at identity management schemes on the blockchain. IEEE Secur Priv 16(4):20–29
Ekblaw A, Azaria A, Halamka JD, Lippman A (2016) A case study for blockchain in healthcare : “medrec” prototype for electronic health records and medical research data
Faber B, Michelet GC, Weidmann N, Mukkamala RR, Vatrapu R (2019) Bpdims: a blockchain-based personal data and identity management system. In: Bui T (ed) 52nd Hawaii international conference on system sciences, HICSS 2019, Grand Wailea, Maui, Hawaii, USA, January 8–11, 2019, pp 1–10. ScholarSpace/AIS Electronic Library (AISeL). http://hdl.handle.net/10125/60121
Francisco K, Swanson D (2018) The supply chain has no clothes: technology adoption of blockchain for supply chain transparency. Logistics 2(1). https://doi.org/10.3390/logistics2010002, https://www.mdpi.com/2305-6290/2/1/2
Gao S, Su Q, Zhang R, Zhu J, Sui Z, Wang J (2021) A privacy-preserving identity authentication scheme based on the blockchain. Secur Commun Netw
Gao Z, Xu L, Turner G, Patel B, Diallo N, Chen L, Shi W (2018) Blockchain-based identity management with mobile device. Association for Computing Machinery, New York. https://doi.org/10.1145/3211933.3211945
Gokhale P, Malik S, Gilda SS, Rizvi SH, Poulose R (2021) Identity attribute confidence scoring while certifying authorization claims, 7 Sep 2021, US Patent 11,115,419
Goyal V, Pandey O, Sahai A, Waters B (2006) Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of the 13th ACM conference on computer and communications security, pp 89–98
Grech A, Sood I, Ariño L (2021) Blockchain, self-sovereign identity and digital credentials: Promise versus praxis in education. Front Blockchain 4. https://doi.org/10.3389/fbloc.2021.616779, https://www.frontiersin.org/article/10.3389/fbloc.2021.616779
Gutoski G, Stebila D (2015) Hierarchical deterministic bitcoin wallets that tolerate key leakage. In: International conference on financial cryptography and data security, Springer, pp 497–504
Hammi MT, Hammi B, Bellot P, Serhrouchni A (2018) Bubbles of trust: a decentralized blockchain-based authentication system for iot. Comput Secur 78:126–142. https://doi.org/10.1016/j.cose.2018.06.004, https://www.sciencedirect.com/science/article/pii/S0167404818300890
Hardjono T, Pentland A (2019) Core identities for future transaction systems. MIT Press
Hardjono T, Smith N, Pentland AS (2014) Anonymous identities for permissioned blockchains
Hu VC, Kuhn DR, Ferraiolo DF, Voas J (2015) Attribute-based access control. Computer 48(2):85–88. https://doi.org/10.1109/MC.2015.33
Josh (2021) What methods are used by wallets to generate keys? https://cryptochamp.com/what-methods-are-used-by-wallets-to-generate-keys/
Laborde R, Oglaza A, Wazan S, Barrere F, Benzekri A, Chadwick DW, Venant R (2020) A user-centric identity management framework based on the w3c verifiable credentials and the fido universal authentication framework. In: 2020 IEEE 17th annual consumer communications networking conference (CCNC), pp 1–8. https://doi.org/10.1109/CCNC46108.2020.9045440
Lenz T, Krnjic V (2018) Towards domain-specific and privacy-preserving qualified eid in a user-centric identity model. In: 2018 17th IEEE international conference on trust, security and privacy in computing and communications/12th IEEE international conference on big data science and engineering (TrustCom/BigDataSE), pp 1157–1163. https://doi.org/10.1109/TrustCom/BigDataSE.2018.00160
Liang K, Liu Z, Tan X, Wong DS, Tang C (2012) A CCA-secure identity-based conditional proxy re-encryption without random oracles. In: International conference on information security and cryptology, pp 231–246. Springer
Liu Y, He D, Obaidat MS, Kumar N, Khan MK, Raymond Choo KK (2020) Blockchain-based identity management systems: a review. J Netw Comput Appl 166:102731. https://doi.org/10.1016/j.jnca.2020.102731, https://www.sciencedirect.com/science/article/pii/S1084804520302058
M’Raihi D, Machani S, Pei M, Rydell J (2011) Totp: time-based one-time password algorithm. Tech Rep
Nofer M, Gomber P, Hinz O, Schiereck D (2017) Blockchain. Bus Inform. Syst Eng 59:3. https://doi.org/10.1007/s12599-017-0467-3
Premarathne US, Khalil I, Tari Z, Zomaya A (2017) Cloud-based utility service framework for trust negotiations using federated identity management. IEEE Trans Cloud Comput 5(2):290–302. https://doi.org/10.1109/TCC.2015.2404816
Rathee T, Singh P (2022) A self-sovereign identity management system using blockchain. In: Khanna K, Estrela VV, Rodrigues JJPC (eds) Cyber security and digital forensics. Springer, Singapore, pp 371–379
Ruffing T, Moreno-Sanchez P, Kate A (2014) Coinshuffle: practical decentralized coin mixing for bitcoin. In: Kutyłowski M, Vaidya J (eds) Computer security–ESORICS 2014. Springer International Publishing, Cham, pp 345–364
Ruffing T, Moreno-Sanchez PA, Kate A (2016) P2p mixing and unlinkable bitcoin transactions anonymity of the people, by the people, and for the people
Saberi S, Kouhizadeh M, Sarkis J, Shen L (2019) Blockchain technology and its relationships to sustainable supply chain management. Int J Prod Res 57(7):2117–2135. https://doi.org/10.1080/00207543.2018.1533261, https://doi.org/10.1080/00207543.2018.1533261
Sakimura N, Bradley J, Jones M, De Medeiros B, Mortimore C (2014) Openid connect core 1.0. The OpenID foundation, p S3
Saxena A, Misra J, Dhar A (2014) Increasing anonymity in bitcoin. In: Böhme R, Brenner M, Moore T, Smith M (eds) Financial cryptography and data security. Springer, Berlin, pp 122–139
Selvanathan N, Jayakody D, Damjanovic-Behrendt V (2019) Federated identity management and interoperability for heterogeneous cloud platform ecosystems. In: Proceedings of the 14th international conference on availability, reliability and security
Singh BC, Carminati B, Ferrari E (2021) Privacy-aware personal data storage (p-pds): learning how to protect user privacy from external applications. IEEE Trans Depend Secure Comput 18:889–903
Wang W, Xu H, Alazab M, Gadekallu TR, Han Z, Su C (2021) Blockchain-based reliable and efficient certificateless signature for iiot devices. IEEE Trans Indus Inform 1. https://doi.org/10.1109/TII.2021.3084753
Xu J, Xue K, Tian H, Hong J, Wei DSL, Hong P (2020) An identity management and authentication scheme based on redactable blockchain for mobile networks. IEEE Trans Ve Technol 69(6):6688–6698. https://doi.org/10.1109/TVT.2020.2986041
Yaqoob I, Salah K, Jayaraman R, Al-Hammadi Y (2021) Blockchain for healthcare data management: opportunities, challenges, and future recommendations. Neural Comput Appl. https://doi.org/10.1007/s00521-020-05519-w
Yu K, Tan L, Aloqaily M, Yang H, Jararweh Y (2021) Blockchain-enhanced data sharing with traceable and direct revocation in iiot. IEEE Trans Indus Inform 17(11):7669–7678. https://doi.org/10.1109/TII.2021.3049141
Zheng Z, Xie S, Dai HN, Chen X, Wang H (2018) Blockchain challenges and opportunities: a survey. Int J Web Grid Serv 14:352. https://doi.org/10.1504/IJWGS.2018.095647
Zhuang C, Dai Q, Zhang Y (2022) Bcppt: a blockchain-based privacy-preserving and traceability identity management scheme for intellectual property. Peer-to-Peer Netw Appl 15:1–15. https://doi.org/10.1007/s12083-021-01277-1
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Gilda, S., Jain, T., Dhalla, A. (2023). None Shall Pass: A Blockchain-Based Federated Identity Management System. In: Smys, S., Kamel, K.A., Palanisamy, R. (eds) Inventive Computation and Information Technologies. Lecture Notes in Networks and Systems, vol 563. Springer, Singapore. https://doi.org/10.1007/978-981-19-7402-1_24
Download citation
DOI: https://doi.org/10.1007/978-981-19-7402-1_24
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-19-7401-4
Online ISBN: 978-981-19-7402-1
eBook Packages: EngineeringEngineering (R0)