A Truly Self-Sovereign Identity System

Conference paper (2021)

Authors

Q.A. Stokkink Data-Intensive Systems - EEMCS
G. Ishmaev Data-Intensive Systems - EEMCS
D.H.J. Epema Data-Intensive Systems - EEMCS
J.A. Pouwelse Data-Intensive Systems - EEMCS
Research Group
Data-Intensive Systems (EEMCS) (TU Delft)
Privacy Anonymity Peer-to-peer Identity management systems Pseudonymity Self-sovereign identity
More Info
expand_more

Published Date

2021

Language

English

Reuse Rights

Other than for strictly personal use, it is not permitted to download, forward or distribute the text or part of it, without the consent of the author(s) and/or copyright holder(s), unless the work is under an open content license such as Creative Commons.

Faculty

Electrical Engineering, Mathematics and Computer Science

Department

Software Technology

Research Group

Data-Intensive Systems

Abstract

Existing digital identity management systems fail to deliver the desirable properties of control by the users of their own identity data, credibility of disclosed identity data, and network-level anonymity. The recently proposed Self-Sovereign Identity (SSI) approach promises to give users these properties. However, we argue that without addressing privacy at the network level, SSI systems cannot deliver on this promise. In this paper we present the design and analysis of our solution TCID, created in collaboration with the Dutch government. TCID is a system consisting of a set of components that together satisfy seven functional requirements to guarantee the desirable system properties. We show that the latency incurred by network-level anonymization in TCID is significantly larger than that of identity data disclosure protocols but is still low enough for practical situations. We conclude that current research on SSI is too narrowly focused on these data disclosure protocols.