Self-Sovereign Identity (SSI) Attribute-Based Web Authentication

Biagio Boi; Marco De Santis; Christian Esposito

doi:10.5220/0012121400003555

Self-Sovereign Identity (SSI) Attribute-Based Web Authentication

Biagio Boi, Marco De Santis, Christian Esposito

2023

Abstract

Web authentication is primarily based on password usage, representing the weakest link in the entire security chain. The number of services offered over the web is continuously increasing, and with them also the number of required passwords that users need to create and securely store. Despite various standards for password-less or multi-factor authentication, another issue is that most web authentication means use an identity provider (or a federation of providers) advocated to create, manage and check digital identity claims; able to profile user habits related to web navigation and violate rights in terms of privacy. Recently, we are witnessing a radical change of perspective, where identity checks and enforcement are moved away from the providers and more focused on users. Within such user-centric approaches, Self-Sovereign Identity (SSI) has faced progressive popularity, and some authentication mechanisms based on SSI have been proposed. This paper aims to describe a solution based on Hyperledger Aries which is capable to achieve zero-knowledge proof to make an attribute-based authentication and authorization for the web able to cope with the recent legal obligations in terms of privacy.

Download

Paper Citation

in Harvard Style

Boi B., De Santis M. and Esposito C. (2023). Self-Sovereign Identity (SSI) Attribute-Based Web Authentication. In Proceedings of the 20th International Conference on Security and Cryptography - Volume 1: SECRYPT; ISBN 978-989-758-666-8, SciTePress, pages 758-763. DOI: 10.5220/0012121400003555

in Bibtex Style

@conference{secrypt23,
author={Biagio Boi and Marco De Santis and Christian Esposito},
title={Self-Sovereign Identity (SSI) Attribute-Based Web Authentication},
booktitle={Proceedings of the 20th International Conference on Security and Cryptography - Volume 1: SECRYPT},
year={2023},
pages={758-763},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0012121400003555},
isbn={978-989-758-666-8},
}

in EndNote Style

TY - CONF

JO - Proceedings of the 20th International Conference on Security and Cryptography - Volume 1: SECRYPT
TI - Self-Sovereign Identity (SSI) Attribute-Based Web Authentication
SN - 978-989-758-666-8
AU - Boi B.
AU - De Santis M.
AU - Esposito C.
PY - 2023
SP - 758
EP - 763
DO - 10.5220/0012121400003555
PB - SciTePress