Toward the Foundation of Digital Identity Theory

Pierre Saha; Mohamed Mejri; Kamel Adi

doi:10.5220/0012838100003767

Toward the Foundation of Digital Identity Theory

Pierre Saha, Mohamed Mejri, Kamel Adi

2024

Abstract

Verifiable Credentials (VC) have become today a de facto digital credentials standard and play an increasingly important role in network exchanges. They often contain a large number of attributes that disclosure could have unfortunate consequences. Formally verifying whether the user can access the requested service and ensuring that their disclosed identity attributes generate the slightest risk, therefore, becomes very important. In this paper, using the product family algebra, we show how the consideration of verifiable credentials can help to easily and formally settle the question of whether a user can access a service and to respect the need-to-know principle. To this end, we propose a translation of product family algebra into first-order Boolean logic and vice versa. We then propose a Boolean equivalence of the product family algebra refinement operation. Using all these tools, we show how the problem of verifying a user’s ability to authenticate, expressed using product family algebra, easily translates into an SMT problem. In order to guarantee the preservation of privacy and ensure the need-to-know principle, we associate VC attributes with a risk score and show how the question of disclosing the attributes generating the least risk can easily be resolved with Maximum Weighted SMT. So we can easily use the z3 solver to solve these problems in SMT form.

Download

Paper Citation

in Harvard Style

Saha P., Mejri M. and Adi K. (2024). Toward the Foundation of Digital Identity Theory. In Proceedings of the 21st International Conference on Security and Cryptography - Volume 1: SECRYPT; ISBN 978-989-758-709-2, SciTePress, pages 812-819. DOI: 10.5220/0012838100003767

in Bibtex Style

@conference{secrypt24,
author={Pierre Saha and Mohamed Mejri and Kamel Adi},
title={Toward the Foundation of Digital Identity Theory},
booktitle={Proceedings of the 21st International Conference on Security and Cryptography - Volume 1: SECRYPT},
year={2024},
pages={812-819},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0012838100003767},
isbn={978-989-758-709-2},
}

in EndNote Style

TY - CONF

JO - Proceedings of the 21st International Conference on Security and Cryptography - Volume 1: SECRYPT
TI - Toward the Foundation of Digital Identity Theory
SN - 978-989-758-709-2
AU - Saha P.
AU - Mejri M.
AU - Adi K.
PY - 2024
SP - 812
EP - 819
DO - 10.5220/0012838100003767
PB - SciTePress