P325 - Open Identity Summit 2022

Permanent URI for this collectionhttps://dl.gi.de/handle/20.500.12116/38695

Authors with most Documents  

Fähnrich, Nicolas
2
Kubach, Michael
2
Schunck, Christian H.
2
Schwalm, Steffen
2
Alamillo, Ignacio
1

Browse

Subject: search.filters.subject.SSI

Search Results

1 - 4 of 4
  • Conference Paper
    eIDAS 2.0: Challenges, perspectives and proposals to avoid contradictions between eIDAS 2.0 and SSI
    (Gesellschaft für Informatik e.V., 2022) Schwalm, Steffen; Albrecht, Daria; Alamillo, Ignacio; Roßnagel, Heiko; Schunck, Christian H.; Mödersheim, Sebastian
    The proposal for review of the eIDAS Regulation from 2021 has opened strong expectations for a deep change in traditional identity models. The user-centric identity model proposed starts with the creation of European Digital Identity Wallets that will enable citizens’ control over their data in identification and authentication processes without control by entities providing the identification services. Likewise, with the proposed legal rules for giving legal certainty to electronic ledgers and blockchains, [eIDAS2]opens possibilities to decentralization, especially for the provision and management of user’s attributes. The implementation of qualified trust services for attestations or electronic ledgers limits decentralization by requirement of a trusted 3rd party. Standardization will be key in assuring interoperability at the EU level. What are the challenges and opportunities of eIDAS 2.0? And what are the main focuses and needs of (European) standardization? These and other questions will be analysed and discussed in the paper.
  • Conference Paper
    Integration of Self-Sovereign Identity into Conventional Software using Established IAM Protocols: A Survey
    (Gesellschaft für Informatik e.V., 2022) Kuperberg, Michael; Klemens, Robin; Roßnagel, Heiko; Schunck, Christian H.; Mödersheim, Sebastian
    Self-Sovereign Identity (SSI) is an approach based on asymmetric cryptography and on decentralized, user-controlled exchange of signed assertions. Most SSI implementations are not based on hierarchic certification schemas, but rather on the peer-to-peer and distributed “web of trust” without root or intermediate CAs. As SSI is a nascent technology, the adoption of vendor-independent SSI standards into existing software landscapes is at an early stage. Conventional enterprise-grade IAM implementations and cloud-based Identity Providers rely on widely established pre-SSI standards, and both will not be replaced by SSI offerings in the next few years. The contribution of this paper is an analysis of patterns and products to bridge unmodified pre-SSI applications and conventional IAM with SSI implementations. Our analysis covers 40+ SSI implementations and major authentication protocols such as OpenID Connect and LDAP.
  • Conference Paper
    A novel approach to establish trust in verifiable credential issuers in Self-sovereign identity ecosystems using TRAIN
    (Gesellschaft für Informatik e.V., 2022) Johnson Jeyakumar, Isaac H.; Chadwick, David W.; Kubach, Michael; Roßnagel, Heiko; Schunck, Christian H.; Mödersheim, Sebastian
    Self-sovereign identity (SSI) promises to bring decentralized privacy friendly identity management (IdM) ecosystems to everyone. Yet, trust management in SSI remains challenging. In particular, it lacks a holistic approach that combines trust and governance frameworks. A practical and scalable mechanism is needed for verifiers to externally verify their trust in credential issuers. This paper illustrates how TRAIN (Trust mAnagement INfrastructure), an approach based on established components like ETSI trust lists and the Domain Name System (DNS), can be used as a trust registry component to provide a holistic approach for trust management in SSI ecosystems. TRAIN facilitates individual trust decisions through the discovery of trust lists in SSI ecosystems, along with published credential schemas, so that verifiers can perform informed trust decisions about issued credentials.
  • Conference Paper
    Combination of x509 and DID/VC for inheritance properties of trust in digital identities
    (Gesellschaft für Informatik e.V., 2022) Bastian, Paul; Stöcker, Carsten; Schwalm, Steffen; Roßnagel, Heiko; Schunck, Christian H.; Mödersheim, Sebastian
    The proposal for review of the eIDAS Regulation from 2021 has opened strong expectations for a deep change in traditional identity models. The user-centric identity model proposed starts with the creation of European Digital Identity Wallets that will enable citizens’ control over their data in identification and authentication processes without control by entities providing the identification services. Likewise digital identities and digital signatures are in place and interoperability between existing solutions mainly based on x509 certificates and decentralized PKI using DID/VC foreseeable. The paper provides various options to address different aspects in combining x509 and DID/VC approaches.
Load citations