BIA: A Blockchain-based Identity Authorization Mechanism

Abstract

The abuse of personal identity information is one of the most serious problems worldwide. Most social services or businesses use the identity authorization to confirm their validity and legality and the copies of users’ identity certification are usually recorded by the service providers. It is easy to leak the users’ identity information due to the untrustworthy service provider or single-point security failure, and various social problems are then caused. To deal with such problems, this paper proposes a Blockchain-based Identity Authorization mechanism (BIA). First, an Identity Authorization Module (IAM) is devised, which reads the identity certificate and transform the identity plaintext to ciphertext under the authorization by the user’s identity certificate entity and password. IAM guarantees the security of identity information by keeping its plaintext offline. Second, a Business Contract Module (BCM) is designed, which provides a general smart contract framework for identity authorization that can be adopted by most of social services or businesses. Third, a double-chain blockchain infrastructure is developed, whereby the encrypted identity information and service smart contracts are respectively recorded in the tamper-resistant, non-repudiable, and publicly verifiable way. Finally, a prototype system has been developed to verify the security, feasibility and effectiveness of the proposed BIA.