Logo des Repositoriums
 
Konferenzbeitrag

Gaining Back the Control Over Identity Attributes: Access Management Systems Based on Self-Sovereign Identity

Vorschaubild

Volltext URI

Dokumententyp

Text/Conference Paper

Zusatzinformation

Datum

2024

Zeitschriftentitel

ISSN der Zeitschrift

Bandtitel

Verlag

Gesellschaft für Informatik e.V.

Zusammenfassung

Digital employee cards used for door access control offer benefits, but concerns about traceability, profiling and performance monitoring have led to opposition from workers’ councils and employees. However, the emerging identity management approach, Self-Sovereign Identity (SSI), can address these concerns by giving control over disclosed identity attributes back to the end user. This paper analyzes a real-world access management scenario in a hospital building and applies the SSI paradigm to address the identified issues. The analysis assumes a semi-honest observing attacker sniffing on the payload and the transport layer. The SSI-based proof of concept is shown to have a high potential to protect against traceability and profiling. However, in addition to the careful technical implementation of SSI, it is important to consider non-technical factors such as governance for a holistic solution. We propose potential strategies to further minimize privacy risks associated with SSI-based employee identity management using mediators.

Beschreibung

Keil, Kenneth-Raphael; Bochnia, Ricardo; Gudymenko, Ivan; Köpsell, Stefan; Anke, Jürgen (2024): Gaining Back the Control Over Identity Attributes: Access Management Systems Based on Self-Sovereign Identity. Open Identity Summit 2024. DOI: 10.18420/OID2024_05. Bonn: Gesellschaft für Informatik e.V.. PISSN: 1617-5468. ISBN: 978-3-88579-744-9. pp. 61-72. Regular Research Papers. Porto, Portugal. 20.-21. June 2024

Zitierform

Tags