Self-sovereign identity management in ciphertext policy attribute based encryption for IoT protocols
【Author】 Deng, Weichu; Li, Jin; Yan, Hongyang; Koe, Arthur Sandor Voundi; Huang, Teng; Wang, Jianfeng; Peng, Cong
【Source】JOURNAL OF INFORMATION SECURITY AND APPLICATIONS
【影响因子】4.960
【Abstract】In the Internet of Things, access control and identity management rely on centralized platforms. However, centralized platforms will compromise user privacy with identity leakage. Self-sovereign identity (SSI) is a novel model for identity management that does not require third-party centralized authority. Thus, SSI is a potential solution to the identity management problem in IoT access control. This paper's motivation is to address the problems of lack of identity sovereignty, centralized authorization, and high computational overhead for IoT access control. We propose a novel access control scheme for IoT that decentralizes identity management and tackles single-point-of-failure issues. This scheme leverages ciphertext policy attribute-based encryption (CP-ABE) and SSI to achieve the overall goal. Specifically, Our scheme eliminates the central authority and empowers users to manage their identity, allowing users to decide what attributes they disclose. Regarding the distribution of roles in the architecture, this paper follows the generic SSI model (ISSUER-HOLDER- VERIFIER) that allows a user to access a service from a service provider. To enable real-world deployment of our scheme, we establish an attribute authorization authority(such as the government) as a trusted identity point of entry. Users generate decentralized identifiers to enjoy services of interest in a privacy-preserving manner. The analysis demonstrates the practicality and superiority of our scheme. Our scheme requires less computation and is suitable for resource-constrained IoT scenarios.
【Keywords】Access control; Self-sovereign identity; Ciphertext policy ABE; Secret sharing; Blockchain
【发表时间】2024 NOV
【收录时间】2024-09-23
【文献类型】理论模型
【主题类别】
区块链技术-核心技术-身份管理
评论