Search Results (50)

The growing need for secure and privacy-preserving identity management in industrial environments has exposed the limitations of traditional, centralized authentication systems. In this context, SIBERIA was developed as a modular solution that empowers users to control their own digital identities, while ensuring robust protection of critical services. The system is designed in alignment with European standards and regulations, including EBSI, eIDAS 2.0, and the GDPR. SIBERIA integrates a Self-Sovereign Identity (SSI) framework with a decentralized blockchain-based infrastructure for the issuance and verification of Verifiable Credentials (VCs). It incorporates multi-factor authentication by combining a voice biometric module, enhanced with spoofing-aware techniques to detect synthetic or replayed audio, and a behavioral biometrics module that provides continuous authentication by monitoring user interaction patterns. The system enables secure and user-centric identity management in industrial contexts, ensuring high resistance to impersonation and credential theft while maintaining regulatory compliance. SIBERIA demonstrates that it is possible to achieve both strong security and user autonomy in digital identity systems by leveraging decentralized technologies and advanced biometric verification methods. Full article

Self-sovereign identity (SSI) is an emerging model for digital identity management that empowers individuals to control their credentials without reliance on centralized authorities. This work presents YouGovern, a blockchain-based SSI system deployed on Binance Smart Chain (BSC) and compliant with W3C Decentralized Identifier (DID) standards. The architecture includes smart contracts for access control, decentralized storage using the Inter Planetary File System (IPFS), and long-term persistence via Web3.Storage. YouGovern enables users to register, share, and revoke identities while preserving privacy and auditability. The system supports role-based permissions, verifiable claims, and cryptographic key rotation. Performance was evaluated using Ganache and Hardhat under controlled stress tests, measuring transaction latency, throughput, and gas efficiency. Results indicate an average DID registration latency of 0.94 s and a peak throughput of 12.5 transactions per second. Compared to existing SSI systems like Sovrin and uPort, YouGovern offers improved revocation handling, lower operational costs, and seamless integration with decentralized storage. The system is designed for portability and real-world deployment in academic, municipal, or governmental settings. Full article

Counterfeit products cause financial losses for both the manufacturer and the enduser; e.g., fake foods and medicines pose significant risks to the public’s health. Moreover, it is challenging to ensure trust in a product’s supply chain, preventing counterfeit goods from being distributed throughout the network. However, fake product detection methods are expensive and need to be more scalable, whereas a unified traceability system for packaged products is not available. Therefore, this research proposes a product traceability system, named Trusted Traceability Service (TTS), using Blockchain and Self-Sovereign Identity (SSI). The TTS can be incorporated across diverse industries because of its generic and manageable four-layer product packaging strategy. Blockchain-enabled SSI empowers distributed nodes, to verify them without a centralized client–server authorization architecture. Moreover, due to its distributed nature, the proposed TTS framework is scalable and robust, with the use of web3.0 distributed application development. The adoption of Fantom, a public blockchain infrastructure, allows the proposed system to handle thousands of successful transactions more cost-effectively than the Ethereum network. The deployment of the proposed framework in both public and private blockchain networks demonstrated its superiority in execution time and number of successful transactions. Full article

This paper presents a secure 5G offloading mechanism leveraging Blockchain technology and Self-Sovereign Identity (SSI). The advent of 5G has significantly enhanced the capabilities of all sectors, enabling innovative applications and improving security and efficiency. However, challenges such as limited infrastructure, signal interference, and high upgrade costs persist. Offloading processes already address these issues but they require more transparency and security. This paper proposes a Blockchain-based marketplace using Hyperledger Fabric to optimize resource allocation and enhance security. This marketplace facilitates the exchange of services and resources among operators, promoting competition and flexibility. Additionally, the paper introduces an SSI-based authentication system to ensure privacy and security during the offloading process. The architecture and components of the marketplace and authentication system are detailed, along with their data models and operations. Performance evaluations indicate that the proposed solutions do not significantly degrade offloading times, making them suitable for everyday applications. As a result, the integration of Blockchain and SSI technologies enhances the security and efficiency of 5G offloading. Full article

With the advent of NextG wireless networks, the reliance on centralized identity and service management systems poses significant challenges, including limited interoperability, increased privacy vulnerabilities, and the risk of unauthorized tracking or monitoring of user activity. To address these issues, there is a critical need for a decentralized framework that empowers users with self-sovereignty over their subscription information while maintaining trust and privacy among network entities. This article presents a novel framework to enable Self-Sovereign Federated NextG (SSFXG) wireless communication networks. The SSFXG framework separates identity management from the service management layer typically controlled by network operators to foster interoperability functionalities with enhanced privacy and trace-resistant assurances in the NextG landscape. The proposed model relies on blockchain technology as an infrastructure to enable single-authority-free service provisioning and boost mutual trust among federated network components. Further, the SSFXG framework facilitates subscribers’ self-sovereignty over their subscription information while ensuring anonymity and enhanced privacy preservation, avoiding unnecessary network activity monitoring or tracking. Preliminary evaluations demonstrated the effectiveness and efficiency of the proposed framework, making it a promising solution for advancing secure and interoperable NextG wireless networks. Full article

Lawful Interception refers to the acquisition of the contents of communications between private individuals or organizations by subjects authorized by law. It involves three actors: the network operator (NO), the Law Enforcement Agency (LEA), and the Law Enforcement Monitoring Facility (LEMF). In the literature, standards and scientific solutions are proposed for the interception procedure and the interaction between the NO and the LEMF. However, no standard has been proposed for the interaction between the LEMF and the LEA. The absence of standards for controlling LEA (or a delegated agency) access to intercepted contents stored by the LEMF is a significant gap that should be overcome. This prevents the implementation of secure, interoperable, and automated procedures, leading to inefficiencies and security risks. In this paper, we propose to cover the above gap by adopting the Self-Sovereign Identity (SSI) paradigm. The adopted research methodology follows a multi-phase approach that includes studying existing solutions, system design, and technical feasibility testing. The study first examines existing standards and identity management frameworks and their limitations. Next, an SSI-based architecture is proposed to manage the interactions between LEA (or a delegated agency) and LEMF. Finally, a proof of concept of the proposed solution written in Python and using the Hyperledger Indy blockchain has been implemented to assess whether our proposal is technically feasible. The proposed solution enhances automation, security, and interoperability in lawful interception. Indeed, it enables machine-readable authorizations, reducing errors and improving efficiency by eliminating manual operations. Additionally, verifiable credentials and decentralized identifiers strengthen security and standardize interactions across jurisdictions, ensuring privacy-preserving identity management. By standardizing interactions between LEA and LEMF, this research contributes to a more secure, privacy-preserving, and legally compliant lawful interception process. Full article

The education sector has witnessed a significant shift towards digitising student records, with relevant data now stored in centralized data repositories. While traditional identity management solutions in education are functional, they often face various challenges, including data privacy concerns, limited portability, and reliability challenges. As the volume of student data continues to grow, inadequate data management practices have led to several problems. These include students losing control and empowerment over their educational information, increased vulnerability to potential data breaches and unauthorized access, a lack of transparency and accountability, data silos and inconsistencies, and administrative inefficiencies. To address these limitations, the implementation of a blockchain-assisted self-sovereign identity (Ba-SSI) concept in the education system presents a viable solution. Self-sovereign identity (SSI) represents a paradigm shift from traditional centralized identity systems, allowing individuals to maintain full control of their identity data without relying on centralized authorities. By leveraging the decentralized nature, SSI frameworks can ensure security, interoperability, and scalability, thereby improving user-centric identity management. This survey paper explores the potential of Ba-SSI within the context of education. It thoroughly reviews the current state of digital identity management in education, highlighting the limitations of conventional systems and the emerging role of blockchain technology in addressing these challenges. The paper discusses the fundamental principles of blockchain technology and how it can be utilized to enhance security, interoperability, and scalability in identity management. Additionally, it examines the insights and benefits of this approach for the education system. Finally, the paper concludes by addressing the issues, challenges, benefits, and future research directions in this domain, underscoring the potential of Ba-SSI solutions to revolutionize the management and empowerment of student data within the education sector. Full article

In recent years, with the development of blockchain technology and increased awareness of personal privacy, Self-Sovereign Identity (SSI) has become a hot topic. SSI gives customers more autonomy over their personal information, allowing them to control who can access and use their personal information. This provides customers with higher levels of privacy protection, as their data are no longer controlled by centralized institutions. To address the credit assessment needs of financial institutions, this paper proposes a Customer Self-Sovereign Identity and access-control framework (CSSI) based on SSI technology. Customers can securely store assessable assets and credit data on the blockchain using this framework. These data are then linked to a digital account address. With customer authorization, financial institutions processing loan applications can comprehensively evaluate customers’ repayment capabilities and conduct risk management by accessing this credit data. CSSI assists financial institutions in optimizing complex and repetitive processes involved in customer credit assessment and loan origination through SSI and access control, thereby reducing unnecessary risks. Full article

Within the framework of 6G networks, the rapid proliferation of Internet of Things (IoT) devices, coupled with their decentralized and heterogeneous characteristics, presents substantial security challenges. Conventional centralized systems face significant challenges in effectively managing the diverse range of IoT devices, and they are inadequate in addressing the requirements for reduced latency and the efficient processing and analysis of large-scale data. To tackle these challenges, this paper introduces a zero-trust access control framework that integrates blockchain technology with inner-product encryption. By using smart contracts for automated access control, a reputation-based trust model for decentralized identity management, and inner-product encryption for fine-grained access control, the framework ensures data security and efficiency. Firstly, smart contracts are employed to automate access control, and software-defined boundaries are defined for different application domains. Secondly, through a trust model based on a consensus algorithm of node reputation values and a registration-based inner-product encryption algorithm supporting fine-grained access control, zero-trust self-sovereign enhanced identity management in the 6G environment of the Internet of Things is achieved. Furthermore, the use of multiple auxiliary chains for storing data across different application domains not only mitigates the risks associated with data expansion but also achieves micro-segmentation, thereby enhancing the efficiency of access control. Finally, empirical evidence demonstrates that, compared with the traditional methods, this paper’s scheme improves the encryption efficiency by 14%, reduces the data access latency by 18%, and significantly improves the throughput. This mechanism ensures data security while maintaining system efficiency in environments with large-scale data interactions. Full article

Global supply chains, especially in commodity trading, are plagued by fragmentation, lack of transparency, and trust deficits among participants. These issues lead to inefficiencies, increased costs, and an over-reliance on intermediaries. The present Communication describes a blockchain-based platform that leverages Self-Sovereign Identity (SSI) and Verifiable Credentials (VCs) to address these challenges in supply chain management. Developed in collaboration with coffee industry stakeholders, our approach proposes a platform with an integrated marketplace for seller discovery, enables precise order definition with detailed terms and conditions, and actively guides both buyers and sellers throughout the shipping process, managing financial guarantees and ensuring a secure transaction flow. The platform is compatible with both traditional banking infrastructure and modern crypto-based systems, enabling seamless financial transactions. In cases where disputes arise, we empower users to easily collect all communications and documents to present to legal authorities, expediting the resolution process. The platform is implemented using the Internet Computer Protocol (ICP) for secure, on-chain storage and application hosting, and is integrated with the Ethereum blockchain to leverage its extensive decentralized finance (DeFi) ecosystem, significant liquidity, and robust stablecoin infrastructure, thereby facilitating secure financial transactions. Moreover, we introduce an SSI-based authentication and authorization framework that spans across the entire platform, including both the Ethereum Virtual Machine (EVM) and Internet Computer Protocol (ICP), enabling unified role-based access control through verifiable credentials. A value-added of the present Communication, the framework is demonstrated by means of a detailed case study in the coffee industry, highlighting the technical challenges addressed during implementation. While quantitative efficiency metrics will be established through upcoming real-world testing with industry partners, the platform’s design aims to streamline operations by reducing intermediary dependencies and automating key processes. Finally, the Communication provides insights into its adaptability to other industries facing comparable supply chain challenges, presenting an approach focused on enhancing trust and reducing reliance on intermediaries. Full article

Traditional identity management (IdM) solutions based on centralised protocols, such as Lightweight Directory Access Protocol (LDAP) and Security Assertion Markup Language (SAML), are where a central authority manages all the processes. This risks a single point of failure and other vulnerabilities. In response, decentralised techniques like blockchain and decentralised identities (DIDs) are being explored. This review paper performs a comparison of popular decentralised identity management (DIM) protocols, such as self-sovereign identity (SSI), against traditional centralised approaches such as LDAP and SAML. These decentralised identity management systems are being developed, keeping users’ identity data as its highest priority. Additionally, this method eliminates the need for a central authority to manage and secure the system. To further explore the potential of decentralised identity management, this study delves into popular blockchain-based decentralised identity management systems such as uPort, Sovrin, EverID, Blockstack, ShoCard, and Hyperledger Indy. We analyse their underlying principles and compare them with the well-established centralised identity management solutions, focusing on key aspects such as scalability, security, and feasibility. However, despite their benefits and several worthy developments in this field, decentralised approaches are still not widely used. Through this study, we investigate both centralised and decentralised methods and review their strengths and weaknesses. By reviewing multiple research papers, this survey aims to provide an understanding and aid in selecting the most suitable identity management system for different use cases. Full article

Frequent user data breaches and misuse incidents highlight the flaws in current identity management systems. This study proposes a blockchain-based, peer-supervised self-sovereign identity (SSI) generation and privacy protection technology. Our approach creates unique digital identities on the blockchain, enabling secure cross-domain recognition and data sharing and satisfying the essential users’ requirements for SSI. Compared to existing SSI solutions, our approach has the practical advantages of less implementation cost, ease of users’ understanding and agreement, and better possibility of being soon adopted by current society and legal systems. The key innovative technical features include (1) using a zero-knowledge proof technology to ensure data remain “usable but invisible”, mitigating data breach risks; (2) introducing a peer review mechanism among service providers to prevent excessive data requests and misuse; and (3) implementing a comprehensive multi-party supervision system to audit all involved parties and prevent misconduct. Full article

The acceleration of the digital transformation process imposed by the pandemic in all the countries of the European Union, and in all sectors, has given way to a revolution that up until a couple of years ago would have been impossible even to imagine. Digital innovation has become a factor of competitiveness in all sectors. In this new scenario that has come to be, the Blockchain technology, the Self-Sovereign Identity paradigm, Internet of Things, and, in general, the new technologies that will emerge, will constitute enhancers of competitiveness and will have to aim for interoperability. In this context, this article develops and presents a model proposal in the healthcare field that aims to highlight how the combination of the Blockchain technology and the Self-Sovereign Identity paradigm restores full control over a person’s identity and information, while ensuring the integrity of all medical reports, enabling secure communications between personal medical devices and patient/doctor applications on devices exploiting peer Decentralized Identifiers and ensuring data privacy, exploiting Zero Knowledge Proofs. The proposal relies on the Veramo platform, treating all medical reports as verifiable credentials and storing them in digital wallets owned by the patient. The article concludes by presenting a prototype designed and implemented for managing medication prescriptions, their issuance, and their exchange. Full article

In Taiwan, traditional student assessments, covering academic and extracurricular achievements, have shifted from paper to electronic portfolios (e-portfolios). However, limited trust among institutions restricts students from freely sharing and using their educational data. This paper introduces a self-sovereign identity-based infrastructure aimed at enhancing personal data security within the e-portfolio ecosystem. The proposed system includes two core components: (1) a decentralized identity chain, aligning user identities across platforms and granting users full self-sovereign control; and (2) an e-portfolio application chain to manage user interactions and access permissions within the ecosystem. A trusted educational authority also audits data sources, ensuring data integrity and reliability. This infrastructure empowers users to control who can access their data, safeguarding their security, with the identity chain preventing unauthorized access and the application chain recording authorization statuses to restrict data visibility to approved parties only. Full article

In the digital age, data sovereignty has emerged as a critical concern due to the increasing demand for privacy, security, and user control. In this context, decentralized storage infrastructure is reshaping how data are stored and managed, leading the transition from traditional centralized models to a more decentralized and user-driven approach to data sovereignty, known as data self-sovereignty (DSS). This paper presents a systematic comparative analysis of decentralized storage systems, emphasizing their potential to enhance sustainable DSS. By highlighting the integral role of blockchain technology, this study critically examines various decentralized storage platforms, including Arweave, BitTorrent, Dat Protocol, Filecoin, Hypercore Protocol, IPFS, MaidSafe, Sia, Storj, and Swarm. The analysis covers the key architectural features of these systems, their performance metrics, and their contribution to user data sovereignty. This study aims to comprehensively explain how these decentralized storage solutions allow users to maintain complete control over their data, thus offering a viable alternative to traditional centralized storage methods. Therefore, This paper contributes to ongoing data sovereignty research and guides future developments in decentralized storage technologies. Full article