Skip to main content
SpringerLink
Log in

None Shall Pass: A Blockchain-Based Federated Identity Management System

  • Conference paper
  • First Online:
Inventive Computation and Information Technologies

Part of the book series: Lecture Notes in Networks and Systems ((LNNS,volume 563))

  • 423 Accesses

Abstract

Authentication and authorization of a user’s identity are generally done by the service providers or identity providers. However, these centralized systems limit the user’s control of their own identity and are prone to massive data leaks due to their centralized nature. We propose a blockchain-based identity management system to authenticate and authorize users using attribute-based access control policies and privacy-preserving algorithms and finally returning the control of a user’s identity to the user. Our proposed system would use a private blockchain, which would store the re-certification events and data access and authorization requests for users’ identities in a secure, verifiable manner, thus ensuring the integrity of the data. This paper suggests a mechanism to digitize documents such as passports, driving licenses, and electricity bills, issued by any government authority or other authority in an immutable and secure manner. The data owners are responsible for authenticating and propagating the users’ identities as and when needed using the OpenID Connect protocol to enable single sign-on. We use advanced cryptographic algorithms to provide pseudonyms to the users, thus ensuring their privacy. These algorithms also ensure the auditability of transactions as and when required. Our proposed system helps in mitigating some of the issues in the recent privacy debates. The project finds its applications in citizen transfers, inter-country service providence, banks, ownership transfer, etc. The generic framework can also be extended to a consortium of banks, hospitals, etc.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 189.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 249.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    https://www.zdnet.com/article/onelogin-hit-by-data-breached-exposing-sensitive-customer-data/.

  2. 2.

    https://www.fox46.com/news/easy-to-get-fake-degrees-creating-real-problems/.

  3. 3.

    https://github.com/bitcoin/bips/blob/master/bip-0032.mediawiki.

  4. 4.

    http://www.secg.org/sec2-v2.pdf.

  5. 5.

    https://about.fb.com/news/2021/07/age-verification/.

  6. 6.

    See footnote 3.

  7. 7.

    https://www.theverge.com/2019/8/14/20805194/suprema-biostar-2-security-system-hack-breach-biometric-info-personal-data.

  8. 8.

    https://www.varonis.com/blog/box-mfa-bypass-totp.

References

  1. Agrawal A, Rathor S (2020) A robust verification system for recruitment process by using blockchain technology. Int J Bifurc Chaos 1:389

    Google Scholar 

  2. Almadhoun R, Kadadha M, Alhemeiri M, Alshehhi M, Salah K (2018) A user authentication scheme of iot devices using blockchain-enabled fog nodes. In: 2018 IEEE/ACS 15th international conference on computer systems and applications (AICCSA), pp 1–8. https://doi.org/10.1109/AICCSA.2018.8612856

  3. Androulaki E, Barger A, Bortnikov V, Cachin C, Christidis K, De Caro A, Enyeart D, Ferris C, Laventman G, Manevich Y, et al (2018) Hyperledger fabric: a distributed operating system for permissioned blockchains. In: Proceedings of the thirteenth EuroSys conference, pp 1–15

    Google Scholar 

  4. Basney J, Flanagan H, Fleury T, Gaynor J, Koranda S, Oshrin B (2019) CILogon: enabling federated identity and access management for scientific collaborations. PoS ISGC2019:031. https://doi.org/10.22323/1.351.0031

  5. Beltran V, Martinez JA, Skarmeta AF (2017) User-centric access control for efficient security in smart cities. In: 2017 Global Internet of Things Summit (GIoTS), pp 1–6. IEEE

    Google Scholar 

  6. Bendiab G, Shiaeles SN, Boucherkha S, Ghita BV (2019) Fcmdt: a novel fuzzy cognitive maps dynamic trust model for cloud federated identity management. Comput Secur 86:270–290

    Article  Google Scholar 

  7. Berghel H (2020) The equifax hack revisited and repurposed. Computer 53(5):85–90

    Article  Google Scholar 

  8. Bethencourt J, Sahai A, Waters B (2007) Ciphertext-policy attribute-based encryption. In: 2007 IEEE symposium on security and privacy (SP’07), pp 321–334. IEEE

    Google Scholar 

  9. Burr WE, Dodson DF, Newton EM, Perlner RA, Polk WT, Gupta S, Nabbus EA (2011) Sp 800-63-1. Electronic authentication guideline

    Google Scholar 

  10. Cai X, Geng S, Zhang J, Wu D, Cui Z, Zhang W, Chen J (2021) A sharding scheme-based many-objective optimization algorithm for enhancing security in blockchain-enabled industrial internet of things. IEEE Trans Indus Inform 17(11):7650–7658. https://doi.org/10.1109/TII.2021.3051607

    Article  Google Scholar 

  11. Cui Z, Xue F, Zhang S, Cai X, Cao Y, Zhang W, Chen J (2020) A hybrid blockchain-based identity authentication scheme for multi-wsn. IEEE Trans Serv Comput 13(2):241–251. https://doi.org/10.1109/TSC.2020.2964537

    Article  Google Scholar 

  12. Das P, Erwig A, Faust S, Loss J, Riahi S (2021) The exact security of bip32 wallets. In: Proceedings of the 2021 ACM SIGSAC conference on computer and communications security, pp 1020–1042

    Google Scholar 

  13. Dunphy P, Petitcolas FA (2018) A first look at identity management schemes on the blockchain. IEEE Secur Priv 16(4):20–29

    Article  Google Scholar 

  14. Ekblaw A, Azaria A, Halamka JD, Lippman A (2016) A case study for blockchain in healthcare : “medrec” prototype for electronic health records and medical research data

    Google Scholar 

  15. Faber B, Michelet GC, Weidmann N, Mukkamala RR, Vatrapu R (2019) Bpdims: a blockchain-based personal data and identity management system. In: Bui T (ed) 52nd Hawaii international conference on system sciences, HICSS 2019, Grand Wailea, Maui, Hawaii, USA, January 8–11, 2019, pp 1–10. ScholarSpace/AIS Electronic Library (AISeL). http://hdl.handle.net/10125/60121

  16. Francisco K, Swanson D (2018) The supply chain has no clothes: technology adoption of blockchain for supply chain transparency. Logistics 2(1). https://doi.org/10.3390/logistics2010002, https://www.mdpi.com/2305-6290/2/1/2

  17. Gao S, Su Q, Zhang R, Zhu J, Sui Z, Wang J (2021) A privacy-preserving identity authentication scheme based on the blockchain. Secur Commun Netw

    Google Scholar 

  18. Gao Z, Xu L, Turner G, Patel B, Diallo N, Chen L, Shi W (2018) Blockchain-based identity management with mobile device. Association for Computing Machinery, New York. https://doi.org/10.1145/3211933.3211945

  19. Gokhale P, Malik S, Gilda SS, Rizvi SH, Poulose R (2021) Identity attribute confidence scoring while certifying authorization claims, 7 Sep 2021, US Patent 11,115,419

    Google Scholar 

  20. Goyal V, Pandey O, Sahai A, Waters B (2006) Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of the 13th ACM conference on computer and communications security, pp 89–98

    Google Scholar 

  21. Grech A, Sood I, Ariño L (2021) Blockchain, self-sovereign identity and digital credentials: Promise versus praxis in education. Front Blockchain 4. https://doi.org/10.3389/fbloc.2021.616779, https://www.frontiersin.org/article/10.3389/fbloc.2021.616779

  22. Gutoski G, Stebila D (2015) Hierarchical deterministic bitcoin wallets that tolerate key leakage. In: International conference on financial cryptography and data security, Springer, pp 497–504

    Google Scholar 

  23. Hammi MT, Hammi B, Bellot P, Serhrouchni A (2018) Bubbles of trust: a decentralized blockchain-based authentication system for iot. Comput Secur 78:126–142. https://doi.org/10.1016/j.cose.2018.06.004, https://www.sciencedirect.com/science/article/pii/S0167404818300890

  24. Hardjono T, Pentland A (2019) Core identities for future transaction systems. MIT Press

    Google Scholar 

  25. Hardjono T, Smith N, Pentland AS (2014) Anonymous identities for permissioned blockchains

    Google Scholar 

  26. Hu VC, Kuhn DR, Ferraiolo DF, Voas J (2015) Attribute-based access control. Computer 48(2):85–88. https://doi.org/10.1109/MC.2015.33

    Article  Google Scholar 

  27. Josh (2021) What methods are used by wallets to generate keys? https://cryptochamp.com/what-methods-are-used-by-wallets-to-generate-keys/

  28. Laborde R, Oglaza A, Wazan S, Barrere F, Benzekri A, Chadwick DW, Venant R (2020) A user-centric identity management framework based on the w3c verifiable credentials and the fido universal authentication framework. In: 2020 IEEE 17th annual consumer communications networking conference (CCNC), pp 1–8. https://doi.org/10.1109/CCNC46108.2020.9045440

  29. Lenz T, Krnjic V (2018) Towards domain-specific and privacy-preserving qualified eid in a user-centric identity model. In: 2018 17th IEEE international conference on trust, security and privacy in computing and communications/12th IEEE international conference on big data science and engineering (TrustCom/BigDataSE), pp 1157–1163. https://doi.org/10.1109/TrustCom/BigDataSE.2018.00160

  30. Liang K, Liu Z, Tan X, Wong DS, Tang C (2012) A CCA-secure identity-based conditional proxy re-encryption without random oracles. In: International conference on information security and cryptology, pp 231–246. Springer

    Google Scholar 

  31. Liu Y, He D, Obaidat MS, Kumar N, Khan MK, Raymond Choo KK (2020) Blockchain-based identity management systems: a review. J Netw Comput Appl 166:102731. https://doi.org/10.1016/j.jnca.2020.102731, https://www.sciencedirect.com/science/article/pii/S1084804520302058

  32. M’Raihi D, Machani S, Pei M, Rydell J (2011) Totp: time-based one-time password algorithm. Tech Rep

    Google Scholar 

  33. Nofer M, Gomber P, Hinz O, Schiereck D (2017) Blockchain. Bus Inform. Syst Eng 59:3. https://doi.org/10.1007/s12599-017-0467-3

    Article  Google Scholar 

  34. Premarathne US, Khalil I, Tari Z, Zomaya A (2017) Cloud-based utility service framework for trust negotiations using federated identity management. IEEE Trans Cloud Comput 5(2):290–302. https://doi.org/10.1109/TCC.2015.2404816

    Article  Google Scholar 

  35. Rathee T, Singh P (2022) A self-sovereign identity management system using blockchain. In: Khanna K, Estrela VV, Rodrigues JJPC (eds) Cyber security and digital forensics. Springer, Singapore, pp 371–379

    Chapter  Google Scholar 

  36. Ruffing T, Moreno-Sanchez P, Kate A (2014) Coinshuffle: practical decentralized coin mixing for bitcoin. In: Kutyłowski M, Vaidya J (eds) Computer security–ESORICS 2014. Springer International Publishing, Cham, pp 345–364

    Chapter  Google Scholar 

  37. Ruffing T, Moreno-Sanchez PA, Kate A (2016) P2p mixing and unlinkable bitcoin transactions anonymity of the people, by the people, and for the people

    Google Scholar 

  38. Saberi S, Kouhizadeh M, Sarkis J, Shen L (2019) Blockchain technology and its relationships to sustainable supply chain management. Int J Prod Res 57(7):2117–2135. https://doi.org/10.1080/00207543.2018.1533261, https://doi.org/10.1080/00207543.2018.1533261

  39. Sakimura N, Bradley J, Jones M, De Medeiros B, Mortimore C (2014) Openid connect core 1.0. The OpenID foundation, p S3

    Google Scholar 

  40. Saxena A, Misra J, Dhar A (2014) Increasing anonymity in bitcoin. In: Böhme R, Brenner M, Moore T, Smith M (eds) Financial cryptography and data security. Springer, Berlin, pp 122–139

    Chapter  Google Scholar 

  41. Selvanathan N, Jayakody D, Damjanovic-Behrendt V (2019) Federated identity management and interoperability for heterogeneous cloud platform ecosystems. In: Proceedings of the 14th international conference on availability, reliability and security

    Google Scholar 

  42. Singh BC, Carminati B, Ferrari E (2021) Privacy-aware personal data storage (p-pds): learning how to protect user privacy from external applications. IEEE Trans Depend Secure Comput 18:889–903

    Article  Google Scholar 

  43. Wang W, Xu H, Alazab M, Gadekallu TR, Han Z, Su C (2021) Blockchain-based reliable and efficient certificateless signature for iiot devices. IEEE Trans Indus Inform 1. https://doi.org/10.1109/TII.2021.3084753

  44. Xu J, Xue K, Tian H, Hong J, Wei DSL, Hong P (2020) An identity management and authentication scheme based on redactable blockchain for mobile networks. IEEE Trans Ve Technol 69(6):6688–6698. https://doi.org/10.1109/TVT.2020.2986041

    Article  Google Scholar 

  45. Yaqoob I, Salah K, Jayaraman R, Al-Hammadi Y (2021) Blockchain for healthcare data management: opportunities, challenges, and future recommendations. Neural Comput Appl. https://doi.org/10.1007/s00521-020-05519-w

    Article  Google Scholar 

  46. Yu K, Tan L, Aloqaily M, Yang H, Jararweh Y (2021) Blockchain-enhanced data sharing with traceable and direct revocation in iiot. IEEE Trans Indus Inform 17(11):7669–7678. https://doi.org/10.1109/TII.2021.3049141

    Article  Google Scholar 

  47. Zheng Z, Xie S, Dai HN, Chen X, Wang H (2018) Blockchain challenges and opportunities: a survey. Int J Web Grid Serv 14:352. https://doi.org/10.1504/IJWGS.2018.095647

    Article  Google Scholar 

  48. Zhuang C, Dai Q, Zhang Y (2022) Bcppt: a blockchain-based privacy-preserving and traceability identity management scheme for intellectual property. Peer-to-Peer Netw Appl 15:1–15. https://doi.org/10.1007/s12083-021-01277-1

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer and Information Science and Engineering, University of Florida, Gainesville, FL, 32608, USA

    Shlok Gilda, Tanvi Jain & Aashish Dhalla

Authors
  1. Shlok Gilda
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Tanvi Jain
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Aashish Dhalla
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Shlok Gilda .

Editor information

Editors and Affiliations

  1. Department of Computer Science Engineering, RVS Technical Campus, Coimbatore, Tamil Nadu, India

    S. Smys

  2. Department of Computer Science, College of Science and Technology, Texas Southern University, Houston, TX, USA

    Khaled A. Kamel

  3. Department of Business Administration, The Gerald Schwartz School of Business, StFX University, Antigonish, NS, Canada

    Ram Palanisamy

Rights and permissions

Reprints and permissions

Copyright information

© 2023 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Gilda, S., Jain, T., Dhalla, A. (2023). None Shall Pass: A Blockchain-Based Federated Identity Management System. In: Smys, S., Kamel, K.A., Palanisamy, R. (eds) Inventive Computation and Information Technologies. Lecture Notes in Networks and Systems, vol 563. Springer, Singapore. https://doi.org/10.1007/978-981-19-7402-1_24

Download citation

  • DOI: https://doi.org/10.1007/978-981-19-7402-1_24

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-19-7401-4

  • Online ISBN: 978-981-19-7402-1

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation