RC
R.M. Chotkan
info
Please Note
<p>This page displays the records of the person named above and is not linked to a unique person identifier. This record may need to be merged to a profile.</p>
2 records found
1
Industry-Grade Self-Sovereign Identity
On the Realisation of a Fully Distributed Self-Sovereign Identity Architecture
This research has been performed in pursuit of the MSc Computer Science at Delft University of Technology in collaboration with the Dutch National Office for Identity Data (RvIG), part of the Dutch Ministry of the Interior and Kingdom Relations. Self-Sovereign Identity (SSI) is a relatively new concept part of a movement aspiring to create a universal identity layer for the Internet. SSI aims to put the citizen at the centre of their data, making them the sovereign over their digital presence. Wherein the current ecosystem personal information is stored in centralised or federated settings, SSI delegates this responsibility entirely to the user. Functioning SSI schemes have been proposed and deployed, even with governmental support. However, we identify that the key issue that remains to be solved is revocation: the invalidation of credentials. Proposed revocation mechanisms typically rely on centralised infrastructure for revocations, defying the principles of SSI itself and, furthermore, lack offline verification capabilities. This research addresses these issues and proposes the first fully distributed revocation mechanism in SSI, using a gossip-based propagation algorithm. Our revocation mechanism requires no centralised infrastructure or strict network requirements and enables offline verification of credentials in case of disaster. Propagation is handled by honest clients, requires no direct communication with authorities and is shown to be robust in case of unreliable communication links. Furthermore, revocation acceptance is at the discretion of individual clients, making our mechanism fully adhere to the principles of Self-Sovereignty. This revocation and verification structure is part of our Industry-Grade Self-Sovereign Identity (IG-SSI) architecture. IG-SSI is a purely academic fully distributed SSI scheme with intrinsic equality across the network. Furthermore, communication is facilitated peer-to-peer, requiring no specialised infrastructure. The architecture allows for the signing, verification and presentation of credentials using Zero-Knowledge Proofs. We believe that the characteristics of our system provide it with use for decades to come, hence, we deem it to be industry-grade. Our simulation portrays that a network comprised of 10,000 clients gossips 1 million revocations within 25 seconds. Feasibility on smartphones is shown through a government-backed real-life trial. Based on our results, we claim that IG-SSI is a viable candidate for facilitating the needs for a digital identity of the European Union.
...
This research has been performed in pursuit of the MSc Computer Science at Delft University of Technology in collaboration with the Dutch National Office for Identity Data (RvIG), part of the Dutch Ministry of the Interior and Kingdom Relations. Self-Sovereign Identity (SSI) is a relatively new concept part of a movement aspiring to create a universal identity layer for the Internet. SSI aims to put the citizen at the centre of their data, making them the sovereign over their digital presence. Wherein the current ecosystem personal information is stored in centralised or federated settings, SSI delegates this responsibility entirely to the user. Functioning SSI schemes have been proposed and deployed, even with governmental support. However, we identify that the key issue that remains to be solved is revocation: the invalidation of credentials. Proposed revocation mechanisms typically rely on centralised infrastructure for revocations, defying the principles of SSI itself and, furthermore, lack offline verification capabilities. This research addresses these issues and proposes the first fully distributed revocation mechanism in SSI, using a gossip-based propagation algorithm. Our revocation mechanism requires no centralised infrastructure or strict network requirements and enables offline verification of credentials in case of disaster. Propagation is handled by honest clients, requires no direct communication with authorities and is shown to be robust in case of unreliable communication links. Furthermore, revocation acceptance is at the discretion of individual clients, making our mechanism fully adhere to the principles of Self-Sovereignty. This revocation and verification structure is part of our Industry-Grade Self-Sovereign Identity (IG-SSI) architecture. IG-SSI is a purely academic fully distributed SSI scheme with intrinsic equality across the network. Furthermore, communication is facilitated peer-to-peer, requiring no specialised infrastructure. The architecture allows for the signing, verification and presentation of credentials using Zero-Knowledge Proofs. We believe that the characteristics of our system provide it with use for decades to come, hence, we deem it to be industry-grade. Our simulation portrays that a network comprised of 10,000 clients gossips 1 million revocations within 25 seconds. Feasibility on smartphones is shown through a government-backed real-life trial. Based on our results, we claim that IG-SSI is a viable candidate for facilitating the needs for a digital identity of the European Union.
Bachelor thesis
(2019)
-
Rowdy Chotkan, Paul van der Laan, Brian Planje, Mika Kuijpers, Sander van den Oever, Huijuan Wang, Otto Visser
Relive is a sports application that seeks to increase the retention rate of its user base. The project entails a route builder that can be incorporated in the Relive app. A route builder has several challenges, both in supporting user-friendly interaction, rendering the map and calculating the route. These challenges lead to design goals, such as a user experience focus, optimization of performance, and continuation of the project. To achieve these goals, the project is approached in an agile way with weekly planning meetings and tri-weekly stand-ups to keep it organized and well planned. The front-end features are based on a specific target audience: the Relive users that do not use a third party app for sporting activities. The screen is intuitive and supports storing of planned routes. A route can be created, edited and loaded in the Record functionality of the Relive app. To support the front-end, the back-end handles route calculation and route storing. The route calculation is done using Dijkstra’s shortest path algorithm. In addition, a proof of concept customized route calculation is created that focuses on popularity oriented routing. Route storing makes use of the internal databases of Relive and is integrated in the existing systems. Each feature is tested with automated end-to-end and unit tests. Additionally, user tests are performed to get valuable feedback from external users. Apart from active user participation, random users were selected to join a route builder experiment. During the project, more than 22 thousand users obtained the route builder feature. Each click is timed and tracked to make sure that the feature performed as expected. Based on the events and user surveys, another iteration of the application was made by making improvements based on the acquired information. These improvements are validated using event tracking to measure the desired improvements.
...
Relive is a sports application that seeks to increase the retention rate of its user base. The project entails a route builder that can be incorporated in the Relive app. A route builder has several challenges, both in supporting user-friendly interaction, rendering the map and calculating the route. These challenges lead to design goals, such as a user experience focus, optimization of performance, and continuation of the project. To achieve these goals, the project is approached in an agile way with weekly planning meetings and tri-weekly stand-ups to keep it organized and well planned. The front-end features are based on a specific target audience: the Relive users that do not use a third party app for sporting activities. The screen is intuitive and supports storing of planned routes. A route can be created, edited and loaded in the Record functionality of the Relive app. To support the front-end, the back-end handles route calculation and route storing. The route calculation is done using Dijkstra’s shortest path algorithm. In addition, a proof of concept customized route calculation is created that focuses on popularity oriented routing. Route storing makes use of the internal databases of Relive and is integrated in the existing systems. Each feature is tested with automated end-to-end and unit tests. Additionally, user tests are performed to get valuable feedback from external users. Apart from active user participation, random users were selected to join a route builder experiment. During the project, more than 22 thousand users obtained the route builder feature. Each click is timed and tracked to make sure that the feature performed as expected. Based on the events and user surveys, another iteration of the application was made by making improvements based on the acquired information. These improvements are validated using event tracking to measure the desired improvements.