Personal tools



Jump to: navigation, search


Title RAIAP: renewable authentication on isolated anonymous profiles
Author Micael Pedrosa, André Zúquete, Carlos Costa
Journal Peer-to-Peer Networking and Applications
Pages 23
Month April
Year 2020
DOI 10.1007/s12083-020-00914-5
Group Biomedical Informatics and Technologies, Information Systems and Processing
Group (before 2015) Information Systems and Telematics Laboratory
Indexed by ISI Yes

Implementing pseudonymity, key-management, non-repudiation and data minimisation features in isolated procedures is trivial. However, integrating all of them in one consistent architecture has several challenges to tackle. This work proposes data structures to represent Self-Sovereign Identities and to handle those features in a consolidated architecture. Key-management is constructed using secret sharing principles, capable of recovering from a lost or compromised key to anew one without losing track of the original account. Pseudonymity and data minimisation is established using anonymous profiles, showing different views of the same identity. Non-repudiation is contemplated in the profile disclosure process.Profiles are protected against tampering with the use of digital signatures and blockchain cryptographic constructions. All profiles and registries are controlled with a single asymmetric key pair that can be provided by a smart card. Flexible structures are defined that can be used to register claims, attestations, authorisation grants, user consents, or any other activities. All definitions take into consideration the rules of the General Data Protection Regulation (GDPR).