论文信息 - Gnomon: Decentralized Identifiers for Securing 5G Iot Device Registration and Software Update

Gnomon: Decentralized Identifiers for Securing 5G Iot Device Registration and Software Update

Decentralized Identifiers (DIDs) are a new class of cryptographically secure identifier that does not require a centralized trust anchor for attesting to the validity of keying material. DIDs are based on distributed ledger (blockchain) technology and allow the entity itself to manage its own identifier, hence the name "self-sovereign" which is often applied to them. In this paper, we describe Gnomon, a system that uses DIDs to securely register 5G IoT devices and install firmware/software into the device. Gnomon is designed to avoid the kind of difficulties that plague current technology, which is largely based on Public Key Infrastructure (PKI) and X.509 public key certificates. After a short introduction, we review current practice and briefly describe DIDs and verifiable credentials, a mechanism based on DIDs to securely assert information about the identified entity. We then describe the architecture of Gnomon and a prototype we built, based on the ION DID scheme, for applying DIDs and verifiable credentials to 5G IoT device registration and software installation.

[1] Russ Housley,et al. Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile , 2002, RFC.

[2] Y. Kortesniemi,et al. Enabling Decentralised Identifiers and Verifiable Credentials for Constrained Internet-of-Things Devices using OAuth-based Delegation , 2018 .

[3] Nikos Fotiou,et al. Improving the Privacy of IoT with Decentralised Identifiers (DIDs) , 2019, J. Comput. Networks Commun..

[4] Hannes Tschofenig,et al. Authentication and Authorization for Constrained Environments Using the OAuth 2.0 Framework (ACE-OAuth) , 2020, RFC.

[5] Youakim Badr,et al. Identity Management Systems for the Internet of Things: A Survey Towards Blockchain Solutions , 2018, Sensors.