Privacy-Preserving Identity Management as a Service

Privacy enhancing technologies (PETs) allow to achieve user’s transactions unlinkability across different online Service Providers. However, current PETs fail to guarantee unlinkability against the Identity Provider (IdP), which becomes a single point of failure in terms of privacy and security, and therefore, might impersonate its users. To address this issue, OLYMPUS EU project establishes an interoperable framework of technologies for a distributed privacy-preserving identity management based on cryptographic techniques that can be applied both to online and offline scenarios. Namely, distributed cryptographic techniques based on threshold cryptography are used to split up the role of the Identity Provider (IdP) into several authorities so that a single entity is not able to impersonate or track its users. The architecture leverages PET technologies, such as distributed threshold-based signatures and privacy attribute-based credentials (p-ABC), so that the signed tokens and the ABC credentials are managed in a distributed way by several IdPs. This paper describes the Olympus architecture, including its associated requirements, the main building blocks and processes, as well as the associated use cases. In addition, the paper shows how the Olympus oblivious architecture can be used to achieve privacy-preserving M2M offline transactions between IoT devices.

Download Full-text

OLYMPUS: A distributed privacy-preserving identity management system

2020 Global Internet of Things Summit (GIoTS) ◽

10.1109/giots49054.2020.9119663 ◽

2020 ◽

Author(s):

Rafael Torres Moreno ◽

Jesus Garcia Rodriguez ◽

Cristina Timon Lopez ◽

Jorge Bernal Bernabe ◽

Antonio Skarmeta

Keyword(s):

Management System ◽

Identity Management ◽

Privacy Preserving ◽

Identity Management System

Download Full-text

VeryIDX - A Privacy Preserving Digital Identity Management System for Mobile Devices

2009 Tenth International Conference on Mobile Data Management: Systems, Services and Middleware ◽

10.1109/mdm.2009.55 ◽

2009 ◽

Cited By ~ 3

Author(s):

Federica Paci ◽

Ning Shang ◽

Kevin Steuer Jr. ◽

Ruchith Fernando ◽

Elisa Bertino

Keyword(s):

Mobile Devices ◽

Management System ◽

Identity Management ◽

Privacy Preserving ◽

Digital Identity ◽

Identity Management System ◽

Digital Identity Management

Download Full-text

Privacy-preserving Biometric-driven Data for Student Identity Management: Challenges and Approaches

Adjunct Proceedings of the 29th ACM Conference on User Modeling, Adaptation and Personalization ◽

10.1145/3450614.3464470 ◽

2021 ◽

Author(s):

Christos Fidas ◽

Marios Belk ◽

David Portugal ◽

Andreas Pitsillides

Keyword(s):

Identity Management ◽

Privacy Preserving ◽

Student Identity

Download Full-text

Governing Principles of Self-Sovereign Identity Applied to Blockchain Enabled Privacy Preserving Identity Management Systems

2020 IEEE International Symposium on Systems Engineering (ISSE) ◽

10.1109/isse49799.2020.9272212 ◽

2020 ◽

Author(s):

Nitin Naik ◽

Paul Jenkins

Keyword(s):

Identity Management ◽

Privacy Preserving ◽

Management Systems ◽

Identity Management Systems

Download Full-text

Enabling Secure and Privacy Preserving Identity Management via Smart Contract

2019 IEEE Conference on Communications and Network Security (CNS) ◽

10.1109/cns.2019.8802771 ◽

2019 ◽

Author(s):

Yaoqing Liu ◽

Guchuan Sun ◽

Stephanie Schuckers

Keyword(s):

Identity Management ◽

Privacy Preserving ◽

Smart Contract

Download Full-text

Privacy-Preserving and Scalable Data Access Control Based on Self-sovereign Identity Management in Large-Scale Cloud Storage

Security, Privacy, and Anonymity in Computation, Communication, and Storage - Lecture Notes in Computer Science ◽

10.1007/978-3-030-68851-6_1 ◽

2021 ◽

pp. 1-18

Author(s):

Min Xiao ◽

Zhongyue Ma ◽

Tao Li

Keyword(s):

Access Control ◽

Cloud Storage ◽

Large Scale ◽

Identity Management ◽

Data Access ◽

Privacy Preserving ◽

Data Access Control

Download Full-text

Holistic Privacy-Preserving Identity Management System for the Internet of Things

Mobile Information Systems ◽

10.1155/2017/6384186 ◽

2017 ◽

Vol 2017 ◽

pp. 1-20 ◽

Cited By ~ 14

Author(s):

Jorge Bernal Bernabe ◽

Jose L. Hernandez-Ramos ◽

Antonio F. Skarmeta Gomez

Keyword(s):

Internet Of Things ◽

Management System ◽

Large Scale ◽

Identity Management ◽

Privacy Preserving ◽

Security And Privacy ◽

The Internet ◽

Identity Management System ◽

Anonymous Credential ◽

The Internet Of Things

Security and privacy concerns are becoming an important barrier for large scale adoption and deployment of the Internet of Things. To address this issue, the identity management system defined herein provides a novel holistic and privacy-preserving solution aiming to cope with heterogeneous scenarios that requires both traditional online access control and authentication, along with claim-based approach for M2M (machine to machine) interactions required in IoT. It combines a cryptographic approach for claim-based authentication using the Idemix anonymous credential system, together with classic IdM mechanisms by relying on the FIWARE IdM (Keyrock). This symbiosis endows the IdM system with advanced features such as privacy-preserving, minimal disclosure, zero-knowledge proofs, unlikability, confidentiality, pseudonymity, strong authentication, user consent, and offline M2M transactions. The IdM system has been specially tailored for the Internet of Things bearing in mind the management of both users’ and smart objects’ identity. Moreover, the IdM system has been successfully implemented, deployed, and tested in the scope of SocIoTal European research project.

Download Full-text