Abstract
Identity management is a principle component of securing online services. In the advancement of traditional identity management patterns, the identity provider remained a Trusted Third Party (TTP). The service provider and the user need to trust a particular identity provider for correct attributes amongst other demands. This paradigm changed with the invention of blockchain-based Self-Sovereign Identity (SSI) solutions that primarily focus on the users. SSI reduces the functional scope of the identity provider to an attribute provider while enabling attribute aggregation. Besides that, the development of new protocols, disregarding established protocols and a significantly fragmented landscape of SSI solutions pose considerable challenges for an adoption by service providers. We propose an Attribute Trust-enhancing Identity Broker (ATIB) to leverage the potential of SSI for trust-enhancing attribute aggregation. Furthermore, ATIB abstracts from a dedicated SSI solution and offers standard protocols. Therefore, it facilitates the adoption by service providers. Despite the brokered integration approach, we show that ATIB provides a high security posture. Additionally, ATIB does not compromise the ten foundational SSI principles for the users.
Highlights
Online services require identity management to provide personalized functionality for their users
1) GENERAL CONCEPT We introduced the initial concept for ATIB, Attribute Trust-enhancing Identity Broker, in [39]
The emerging blockchain-based Self-Sovereign Identity (SSI) pattern significantly changes this situation by implementing a decentralized Identity Provider (IdP) and eventually decoupling the identifier from the attributes of an identity
Summary
Online services require identity management to provide personalized functionality for their users. A. Grüner et al.: ATIB: Design and Evaluation of Architecture for Brokered SSI Integration number of enrolled users at an IdP, the more information or credentials can be illegitimately retrieved by an attacker. The user has full control abouts its identity This development reduces the role of the former TTP IdP to a sole Attribute Provider (AP) [4]. Our contribution, presented in this paper, comprises the design and evaluation of an architecture for brokered SSI integration and trust-enhancing attribute aggregation.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
