Figure 1 - available via license: CC BY
Content may be subject to copyright.
Source publication
Identity management (IdM) is a method used to determine user identities. The centralized aspect of IdM introduces a serious concern with the growing value of personal information, as well as with the General Data Protection Regulation (GDPR). The problem with currently-deployed systems and their dominating approach, with identity providers (IdP) an...
Context in source publication
Context 1
... IdM is quite difficult to handle when it comes to security challenges [28], and in order to meet the challenges, several schemas and models resulted in a balance between complexity and security. Figure 1 presents a digital identity life cycle of the online identity framework. In an optimistic scenario, online transactions would mimic face-to-face ones by having clients presenting identity documents such as a passport or driving license. ...
Similar publications
Industrial Internet technology has developed rapidly, and the security of industrial data has received much attention. At present, industrial enterprises lack a safe and professional data security system. Thus, industries urgently need a complete and effective data protection scheme. This study develops a three-layer framework with local/fog/cloud...
Citations
... These works propose solutions that take advantage of the characteristics of blockchain. For example, in references [19], [10], [24], [25], [27], [30], blockchain is used to address the protection of the integrity of the information of users and systems to deliver different solutions related to video surveillance, IoT, supply chain systems, among others. Another application in this field is found in [21], [22], [23], [13], [26], [14], [28], where the problem of identities storage and management is solved by using the decentralized characteristic of blockchain. ...
... Intelligent Transportation Systems (ITS) are the application of new technologies within the transportation industry with the aim of improving its operation, efficiency and traffic conditions [62]. In this area, blockchain technology can be used to provide a reliable system for vehicle identity authentication and management [19]. ...
... One of the problems of crowdsensing is privacy, so references [25], [55] integrate blockchain to preserve privacy and prevent data from being manipulated. Cybersecurity [17], [18], [19], [20], [21], [10], [22], [23], [24], [13], [25], [26], [27], [14], [28], [29], [30] Business [7], [11], [31], [32], [33], [34] IoT, GIoT, IIoT [8], [35], [36], [37], [38], [39], [9], [40], [15], [41], [4], [42], [43], [44], [59], [50] Traceability [5], [7], [36], [45], [33], [34] ITS [19] Networks [46], [38], [47], [21], [9], [48], [49], [40], [50] Software Development [5] Health [6], [51], [45], [52], [4], [53] IoV [54], [55], [56], [57] Electronic Voting [58] Crowdsensing [25], [55] Games [12] Cloud Computing [47] Games: One of the problems of online games is that many of them require a central server which can slow down the game experience, so the possibility of changing this approach from a central server to a Peer-to-Peer model is being explored [12]. But this approach can cause some node to try to cheat within the video game, so reference [12] proposes a new consensus algorithm called Proof-of-Play. ...
... • Data Sharing: Alsayed et al. presented a personal data sharing protocol using SSI in [100]. They did not use the Hyperledger Aries framework, opting for Ethereum as the backbone instead. ...
Creating and utilizing digital identities are fundamental steps towards accessing online services. In order to facilitate the management of user identities, the concept of identity management has been introduced. Various systems and protocols have been developed to manage online identities. However, these systems are provider-centric, focusing on aiding providers in managing their user bases. As a result, users often have limited control over their identity data and remain unaware of how centralized identity providers use or potentially misuse their data. Self-Sovereign Identity (SSI) has emerged as a new paradigm in the digital identity management landscape, aiming to empower users by allowing them greater control over their identity data. Although SSI is a relatively new domain, there have been numerous efforts, primarily from the industry, to introduce SSI standards, protocols, and systems, with multiple options in each category. Researchers eager to contribute to the SSI domain might find it challenging to understand the interconnections among these components. Notably, the SSI domain faces several challenges, as highlighted in various research works. These challenges must be addressed before SSI can achieve widespread adoption. This article presents a comprehensive systematic literature review of SSI, offers a detailed taxonomy, and identifies and analyzes the open challenges in SSI.
... Alsayed Kassem et al. [119] also discuss IDM with blockchain for GDPR compliance, Campanile et al. [120] discuss DP systems of records. ...
Compliance with the General Data Protection Regulation (GDPR) or related laws by organizations could require organizational and technological changes. This topic has gained significant attention from management and scholars alike. Although the literature presents some reviews and research articles discussing challenges and enablers for GDPR compliance, they are often scattered and fragmented. One particular challenge is the implementation roadmap gap that arises when using ISO-based standards for compliance in isolation. On the other hand, as enablers for compliance, it raises the potential use of information governance (IG) and enterprise architecture management (EAM) disciplines. This research aims to provide a systematic literature review of the challenges and enablers for GDPR compliance and address this gap. The findings include a categorized list of challenges and enablers, a strategy for bridging the roadmap gap using IG and EAM, and the development of five propositions based on some challenges and enablers around this gap. Moreover, the study proposes a research agenda that includes conceptual work to build an IG-EAM framework, empirical research to verify those propositions, and developing new hypotheses stemming from the review’s challenges and enablers. These contributions could enhance both the body of knowledge and managerial privacy practices.
... Provider and insurer identities use a public key infrastructure. Access tokens encode user roles and permissions [28]. ...
With the digitization of healthcare, an immense amount of sensitive medical data are generated and shared between various healthcare stakeholders—however, traditional health data management mechanisms present interoperability, security, and privacy challenges. The centralized nature of current health information systems leads to single points of failure, making the data vulnerable to cyberattacks. Patients also have little control over their medical records, raising privacy concerns. Blockchain technology presents a promising solution to these challenges through its decentralized, transparent, and immutable properties. This research proposes ZeroTrustBlock, a comprehensive blockchain framework for secure and private health information exchange. The decentralized ledger enhances integrity, while permissioned access and smart contracts enable patient-centric control over medical data sharing. A hybrid on-chain and off-chain storage model balances transparency with confidentiality. Integration gateways bridge ZeroTrustBlock protocols with existing systems like EHRs. Implemented on Hyperledger Fabric, ZeroTrustBlock demonstrates substantial security improvements over mainstream databases via cryptographic mechanisms, formal privacy-preserving protocols, and access policies enacting patient consent. Results validate the architecture’s effectiveness in achieving 14,200 TPS average throughput, 480 ms average latency for 100,000 concurrent transactions, and linear scalability up to 20 nodes. However, enhancements around performance, advanced cryptography, and real-world pilots are future work. Overall, ZeroTrustBlock provides a robust application of blockchain capabilities to transform security, privacy, interoperability, and patient agency in health data management.
... Self-sovereign identity (SSI) is a method which ensures an entity must comprise full ownership and control over their identity without the intervention of a third party [1]. It enables users to manage distinct sets of elements from credentials which may include Data of Birth, citizenship information, business licenses, etc. [42]. ...
... Requestors may be used to deceive other users by acquiring multiple certificates for a single node. DNS-IdM: A blockchain identity management system to secure personal data sharing in a network [18] Circumvent the limitations and vulnerabilities of identity attributes, including persistence, request, and verification, as well as overhead and security. ...
... ShoCard is an example of a decentralized IdM system, while Sovrin and uPort are examples of SSI systems (Zaeem & Barber, 2020). Table 3 presents a comparison of the ShoCard, uPort, and Sovrin IdM systems (Kassem et al., 2019). ...
... There is no central server in the uPort system, and users have complete control over their data. Its aims to provide a decentralized identity for services like banking and email (Kassem et al., 2019). Sovrin. ...
... Identities are created between nodes known as stewards. IdM can either be done by the user themselves or through a designated "guardian service" (Kassem et al., 2019). ...
Blockchain technology, as a distributed digital ledger, enables users to control their credentials without being breached by third parties. From a tourism perspective, it allows tourists to pass through checkpoints and/or bookings without waiting and
having to go through third-party transactions. Hence, this paper aims to discuss traditional identity management (IdM) system challenges and what blockchain might offer as a counterpoint to conventional travel experiences within the tourism domain. We have tried to identify challenges, issues, and implementation areas of IdM in the tourism industry domain
... Digital identities can be stored on a Blockchain using only trusted nodes that can take part in the consensus mechanism that approves user identities. This blockchain that stores users' identities would not be a public ledger but a permissioned ledger that runs according to a trust framework (Kassem et al., 2019). Each identity stored would have a pair of public and private keys managed by the user and can be used when requesting services from a financial intermediary. ...
... An important use case or application of Blockchain technology that can be used for the unbanked population to gain access to financial services is by hosting digital identities on a Blockchain network (Kassem et al., 2019). This would mean that individuals would not need any formal documentation but rather biometric or personal data that can be used as a unique identifier. ...
Blockchain technology is an emerging and disruptive innovation that has the potential to revolutionise the financial services industry. Most individuals living in developing countries do not have access to essential financial services for many reasons, such as a lack of formal identification and funds required to operate a bank account. This research aims to investigate how Blockchain technology can be used to enable financial inclusion using multiple case studies on different blockchain organizations. To achieve this, the research follows an interpretive philosophy, an abductive approach to theory, and semi-structured interviews. The research purpose will be exploratory and will be qualitative in nature. The Blockchain Technology Adoption framework was used to guide the research by supporting or rejecting the propositions derived from the literature. The outcome of this study suggests that Blockchain technology has the potential to be used by the unbanked population to gain access to financial services. However, this is only possible if the unbanked can easily use and understand the application of the technology and if there is widespread adoption from the public.
... Fig. 6 illustrates the general architecture of uPort. [17] is an IDMS that enables SSI and helps users to maintain their identities with associated attributes. Also, it facilitates the verification process by using real-world identity attribute benefactors. ...
... Architecture[17]. uPort is built on the top of Ethereum ledger and relies on a set of components: smart contracts, developer libraries, and a mobile application. The developer libraries for third-party applications integration. ...
... DNS-IdM Architecture[17]. ...
The involvement of digital identity in almost all online services contributes to the growing reliance on Identity Management Systems (IDMS) that establish, verify, and manage digital identities. However, digital identities are still kept in central repositories. Which are controlled by a single authority that may have many vulnerabilities due to low security, leading attackers to exploit these vulnerabilities and causing various security breaches such as identity theft or disclosure of sensitive information. Additionally, powerful entities who have access to these repositories, could gather and abuse users' information without their knowledge or consent. The concept of Self-sovereign Identity (SSI) allows users to exert ownership of their identity and gain insight into how their data is being used. The development of Blockchain technology has made a breakthrough in achieving SSI by giving individuals the ability to be the final arbiter of who can access and use their own identity. This paper overviews the traditional identity management (IdM) models and presents the next generation of distributed IDMS using Blockchain technology that targets user-centricity and eliminates the identity provider as a trusted third party. Furthermore, It gives an analysis of the recent Blockchain-based IdM solutions, discussing their architecture, components, and features. It also, reveals their weaknesses to identify the gaps between these solutions for future secure IDMS.
... However, there are also difficulties with higher education's digital transition. Institutions must make sure that the personal data of students are safe on their digital systems [7]. Additionally, they must make costly investments in the gear, software, and infrastructure required to support digital learning [8]. ...
Digital transformation is a rapidly growing trend that has captured the attention of institutions and stakeholders worldwide. This phenomenon has become a top priority for higher education institutions, as universities play a critical role in the development and empowerment of societies. To address this pressing need, this paper proposes the establishment of a sustainable digital transformation environment based on the best national and international practices and recommendations. The goal of this proposal is to overcome the challenges faced by universities and provide the most convenient mechanisms to achieve their duties. Furthermore, this proposal aims to be a successful part of achieving Saudi Arabia Kingdom’s Vision 2030, which seeks to revolutionize the education and scientific research system. By adopting this proposed approach, universities in Saudi Arabia can proactively anticipate and address emerging trends and thereby ensure that they are offering the highest quality education to their students. Digital transformation is a crucial trend that cannot be ignored. By embracing this trend and implementing sustainable digital transformation environments, universities can ensure that they are providing the best possible education to their students and contributing to the development and empowerment of societies.
