DNS-IdM: A Blockchain Identity Management System to Secure Personal Data Sharing in a Network

Identity management (IdM) is a method used to determine user identities. The centralized aspect of IdM introduces a serious concern with the growing value of personal information, as well as with the General Data Protection Regulation (GDPR). The problem with currently-deployed systems and their dominating approach, with identity providers (IdP) and single-point services, is that a third party is in charge of maintaining and controlling the personal data. The main challenge to manage data securely lies in trusting humans and institutes who are responsible for controlling the entire activity. Identities are not owned by the rightful owners or the user him/herself, but by the mentioned providers. With the rise of blockchain technology, self-sovereign identities are in place utilizing decentralization; unfortunately, the flaws still exist. In this research, we propose DNS-IdM, a smart contract-based identity management system that enables users to maintain their identities associated with certain attributes, accomplishing the self-sovereign concept. DNS-IdM has promising outcomes in terms of security and privacy. Due to the decentralized nature, DNS-IdM is able to avoid not only the conventional security threats, but also the limitations of the current decentralized identity management systems.

[1]  Christian Catalini,et al.  Blockchain Technology for Healthcare: Facilitating the Transition to Patient-Driven Interoperability , 2018, Computational and structural biotechnology journal.

[2]  Tiago M. Fernández-Caramés,et al.  A Review on the Use of Blockchain for the Internet of Things , 2018, IEEE Access.

[3]  Khaled Salah,et al.  IPFS-Blockchain-Based Authenticity of Online Publications , 2018, ICBC.

[4]  Jong-Hyouk Lee,et al.  BIDaaS: Blockchain Based ID As a Service , 2018, IEEE Access.

[5]  Divyakant Agrawal,et al.  Towards Global Asset Management in Blockchain Systems , 2019, ArXiv.

[6]  Er. Gurleen Kaur,et al.  A Survey Paper on Social Sign-On Protocol OAuth 2.0 , 2013 .

[7]  Alun Preece,et al.  A block chain based architecture for asset management in coalition operations , 2017, Defense + Security.

[8]  Abdulsalam Yassine,et al.  Blockchain Technology in Healthcare: A Comprehensive Review and Directions for Future Research , 2019, Applied Sciences.

[9]  Wouter Joosen,et al.  Chained Anomaly Detection Models for Federated Learning: An Intrusion Detection Case Study , 2018, Applied Sciences.

[10]  Jaap-Henk Hoepman,et al.  The Identity Crisis. Security, Privacy and Usability Issues in Identity Management , 2011, ArXiv.

[11]  Ron Poet,et al.  A comparative analysis of Identity Management Systems , 2012, 2012 International Conference on High Performance Computing & Simulation (HPCS).

[12]  Fabien A. P. Petitcolas,et al.  A First Look at Identity Management Schemes on the Blockchain , 2018, IEEE Security & Privacy.

[13]  Khaled Salah,et al.  IoT security: Review, blockchain solutions, and open challenges , 2017, Future Gener. Comput. Syst..

[14]  Chul-Soo Kim,et al.  Proof-of-Familiarity: A Privacy-Preserved Blockchain Scheme for Collaborative Medical Decision-Making , 2019, Applied Sciences.

[15]  Rolf Oppliger,et al.  Security of Microsoft's Identity Metasystem and CardSpace , 2011 .

[16]  Sarwar Sayeed,et al.  On the effectiveness of blockchain against cryptocurrency attacks , 2018 .

[17]  Clare Sullivan Digital Identity: An Emergent Legal Concept: Digital Identity – Introduction , 2011 .

[18]  Bart van Delft,et al.  A Security Analysis of OpenID , 2010, IDMAN.

[19]  Arvind Narayanan,et al.  An Empirical Study of Namecoin and Lessons for Decentralized Namespace Design , 2015, WEIS.

[20]  Rachna Dhamija,et al.  The Seven Flaws of Identity Management: Usability and Security Challenges , 2008, IEEE Security & Privacy.

[21]  Daniel Davis Wood,et al.  ETHEREUM: A SECURE DECENTRALISED GENERALISED TRANSACTION LEDGER , 2014 .

[22]  Caterina Urban,et al.  Formal analysis of Facebook Connect Single Sign-On authentication protocol , 2010 .

[23]  Jeff Garzik,et al.  Blockchain 101: An Introduction to the Future , 2018 .

[24]  Thomas J. Smedinghoff Introduction to Online Identity Management , 2008 .

[25]  Alvaro Martin,et al.  Digital Identity: the current state of affairs , 2018 .

[26]  Ralf Küsters,et al.  The Web SSO Standard OpenID Connect: In-depth Formal Security Analysis and Security Guidelines , 2017, 2017 IEEE 30th Computer Security Foundations Symposium (CSF).

[27]  Hector Marco-Gisbert,et al.  Assessing Blockchain Consensus and Security Mechanisms against the 51% Attack , 2019, Applied Sciences.