Abstract
The traditional protected web services rely on a user authentication process. The utilisation of an identifier (e.g. username, email address and so on) and credential (e.g. password) still remains the most widely deployed user authentication process, even though such an authentication process is one of the major sources of security breaches. Moreover, in this traditional setting, the management and sharing of user identity information is cumbersome with limited user controls over their identity data. In recent times, SSI has emerged as a new mechanism for managing and exchanging identity information in a more user-centric and privacy-friendly way. There are many explorations of SSI in different application domains, however, its utility for the web mostly remains unexplored. In this work, we present SSI4Web, a framework for integrating Self-sovereign Identity (SSI) for providing web services in a secure passwordless manner with much more user control and greater flexibility. We provide its architecture, discuss its implementation details, sketch out its use-case with an analysis of its advantages and limitations.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
