A Blockchain-Based Self-Sovereign Identity Approach for Inter-Organizational Business Processes

Blockchain presents a promising and revolutionary technology for organizations’ collaboration, particularly for Inter-Organizational Business Processes (IOBP). It addresses the lack-of-trust problem thanks to its transparency and decentralized features. However, while the adoption of Blockchain technology can alleviate some of IOBP’s challenges, it does so at the expense of significant privacy issues. In fact, some process execution data, such as customers’ data or business secrets, cannot be shared across the collaborating organizations owing to regulatory restrictions such as the General Data Protection Regulation (GDPR). To address trust and privacy issues in IOBP, this paper presents a Blockchain-based Self-Sovereign Identity (SSI) approach. The SSI concept is combined with a registry proof smart contract to provide an efficient privacy-preserving solution. The proposed approach is applied to the pharmaceutical supply chain case study and implemented on the Ethereum Blockchain.

[1]  V. Lemieux,et al.  A Decentralized Identity-Based Blockchain Solution for Privacy-Preserving Licensing of Individual-Controlled Data to Prevent Unauthorized Secondary Data Usage , 2021, Ledger.

[2]  G. Fridgen,et al.  Digital Identities and Verifiable Credentials , 2021, Business & Information Systems Engineering.

[3]  Artemij Voskobojnikov,et al.  Addressing Audit and Accountability Issues in Self-Sovereign Identity Blockchain Systems Using Archival Science Principles , 2021, 2021 IEEE 45th Annual Computers, Software, and Applications Conference (COMPSAC).

[4]  Saoussen Cheikhrouhou,et al.  NovidChain: Blockchain‐based privacy‐preserving platform for COVID‐19 test/vaccine certificates , 2021, Softw. Pract. Exp..

[5]  Ben Taylor,et al.  A Proposal for Decentralized, Global, Verifiable Health Care Credential Standards Grounded in Pharmaceutical Authorized Trading Partners , 2021, Blockchain in healthcare today.

[6]  A. Guzzo,et al.  ID-Service: A Blockchain-Based Platform to Support Digital-Identity-Aware Service Accountability , 2020, Applied Sciences.

[7]  Bogdan Franczyk,et al.  Increasing the Reusability of IoT-aware Business Processes , 2020, FedCSIS.

[8]  Ingo Weber,et al.  Controlled flexibility in blockchain-based collaborative business processes , 2020, Inf. Syst..

[9]  N. Pohlmann,et al.  An SSI Based System for Incentivized and SelfDetermined Customer-to-Business Data Sharing in a Local Economy Context , 2020, 2020 IEEE European Technology and Engineering Management Summit (E-TEMS).

[10]  David W. Chadwick,et al.  Improved Identity Management with Verifiable Credentials and FIDO , 2019, IEEE Communications Standards Magazine.

[11]  Saoussen Cheikhrouhou,et al.  Modelling and Executing Time-Aware Processes in Trustless Blockchain Environment , 2019, CRiSIS.

[12]  Joaquim Ferreira,et al.  Self-Sovereign Identity: Use-cases, Technologies, and Challenges for Industrial IoT , 2019, 2019 24th IEEE International Conference on Emerging Technologies and Factory Automation (ETFA).

[13]  Orlenys López-Pintado,et al.  Caterpillar: A business process execution engine on the Ethereum blockchain , 2018, Softw. Pract. Exp..

[14]  Uyen Trang Nguyen,et al.  A New Approach to Client Onboarding Using Self-Sovereign Identity and Distributed Ledger , 2018, 2018 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData).

[15]  Doina Cosovan,et al.  Private Data System Enabling Self-Sovereign Storage Managed by Executable Choreographies , 2017, DAIS.

[16]  I. Sertkaya,et al.  Self Sovereign Identity Based E-petition Scheme , 2021 .

[17]  Krzysztof Kluza,et al.  Characteristic and comparison of UML, BPMN and EPC based on process models of a training company , 2021, FedCSIS.

[18]  Antonios Stasis,et al.  Designing an academic electronic identity management system for student mobility using eIDAS eID and Self-Sovereign Identity technologies , 2020 .

[19]  Ingo Weber,et al.  Lorikeet: A Model-Driven Engineering Tool for Blockchain-Based Business Process Execution and Asset Management , 2018, BPM.

[20]  Paul Voigt,et al.  The EU General Data Protection Regulation (GDPR) , 2017 .

[21]  Daniel Davis Wood ETHEREUM: A SECURE DECENTRALISED GENERALISED TRANSACTION LEDGER , 2014 .

[22]  S. Nakamoto,et al.  Bitcoin: A Peer-to-Peer Electronic Cash System , 2008 .