Identity and access management using distributed ledger technology: A survey

Abstract

SummaryAs the basic building block of any information security system, identity and access management (IAM) solutions play vital role in enterprise's security programmes. Providing centric solutions for IAM is inefficient in terms of having single point of failure, high cost, duplication and complexity to the users. Recently, emerging the distributed ledger technology (DLT) has attracted significant scientific interests in research areas like identity management, authentication and access control processes. In these contexts, Blockchain can offer greater data and rule confidentiality and integrity, as well as increasing the availability of the system by removing the single point of failure in the procedure. In this paper, we provide a comprehensive overview of the IAM solutions based on their basic components including identity management, authentication and access control. In the identity concept, we discuss about self‐sovereign identity which enhances privacy and security of distributed digital identities by providing individual's consolidated digital identity and verified attributes for enabling them to utilize their ownership. To offer a clearer understanding of the state of the art, we propose taxonomy to categorize them based on their features. For the conclusion of the paper, we compare the existing methods based on proposed taxonomy. Also, considering the advantages and disadvantages of existing methods, we discussed about the possible future directions.