Towards Data Resilience for Fully Distributed Self-Sovereign Identity Managers
K.K. Kostadinov (TU Delft - Electrical Engineering, Mathematics and Computer Science)
M.A. de Vos – Mentor (TU Delft - Data-Intensive Systems)
J.A. Pouwelse – Graduation committee member (TU Delft - Data-Intensive Systems)
F. Kuipers – Coach (TU Delft - Embedded Systems)
More Info
expand_more
Other than for strictly personal use, it is not permitted to download, forward or distribute the text or part of it, without the consent of the author(s) and/or copyright holder(s), unless the work is under an open content license such as Creative Commons.
Abstract
Self-Sovereign Identities provide a solution to the identity crisis as their goal is bringing back control over identities to their owners. Nonetheless, currently deployed SSI managers lack data resilience. Consequently, one's identity is lost if the device holding it becomes inaccessible. We achieve data resilience through identity backups. Unfortunately, there is no research on the matter. Thus, we discover that traditional backup systems need eight additional requirements to become suitable for identity backups. Then we describe two existing solutions and introduce a novel one designed by us. A comparison between them follows, from which we conclude that our novel solution satisfies the most requirements. We then extend an existing SSI manager with a proof-of-concept implementation of our solution. Our implementation consists of three main components. The first one takes care of identity recovery. The second one allows verifiers to check whether identities and their backups are consistent before verifying their attested claims. And the last mechanism takes care of access revocation.