Abstract
Digital identity management functions as a critical infrastructure for various information and communications technologies. However, traditional centralized systems are raising security concerns due to their reliance on trusted intermediaries, which prompts the development of self-sovereign identity (SSI). However, SSI still face challenges regarding network pressures, blockchain costs, and security vulnerabilities. In this paper, we propose Coconut, a novel system leveraging a decentralized SSI management architecture to facilitate the establishment of secure, localized digital identity and credential verification mechanisms, while obviating the necessity for reliance on trusted intermediaries and blockchain technologies. Coconut reduces the storage overhead by minimizing the responsibility of data centers and enabling them to solely store public keys. On the end-user side, individuals retain the prerogative to store their verifiable credentials within local environments. Besides, we introduce a compact cancelable template generation algorithm to enhance security and efficiency. Additionally, our experiments demonstrate the effectiveness and performance of Coconut.
This research was partially supported by KAKENHI (Grant-in-Aid for JSPS Fellows) 21J21087.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Mühle, A., Grüner, A., Gayvoronskaya, T., Meinel, C.: A survey on essential components of a self-sovereign identity. Comput. Sci. Rev. 30, 80–86 (2018). ISBN 1574-0137
Ding, Y., Sato, H., Machizawa, M.G.: Leveraging self-sovereign identity in decentralized data aggregation. In: 2022 Ninth International Conference on Software Defined Systems (SDS), Paris, France, pp. 1–8. IEEE (2022)
Newman, G.R., McNally, M.M., et al.: Identity theft literature review (2005)
Willox, N.A., Regan, T.: Identity fraud: providing a solution. J. Econ. Crime Manage. 1(1), 1–15 (2002)
Anderson, K.B., Durbin, E., Salinger, M.A.: Identity theft. J. Econ. Perspect. 22(2), 171–192 (2008)
Ding, Y., Sato, H.: Self-sovereign identity as a service: architecture in practice. In: 2022 IEEE 46th Annual Computers, Software, and Applications Conference (COMPSAC), Los Alamitos, CA, USA, pp. 1536–1543. IEEE (2022)
Tobin, A., Reed, D.: The inevitable rise of self-sovereign identity. Sovrin Found. 29(2016), 18 (2016)
W3C: Decentralized identifiers (DIDs) v1.0. W3C Recommendation, May 2019. Accessed 12 Mar 2023
Lundkvist, C., Heck, R., Torstensson, J., Mitton, Z., Sena, M.: UPORT: a platform for self-sovereign identity (2017). https://whitepaper.uport.me/uPort_whitepaper_DRAFT20170221.pdf
Khovratovich, D., Law, J.: Sovrin: digital identities in the blockchain era. Github Commit by Jasonalaw October 17, 38–99 (2017)
Ali, M., Nelson, J., Shea, R., Freedman, M.J.: Blockstack: a global naming and storage system secured by blockchains. In: 2016 USENIX Annual Technical Conference (USENIX ATC 2016), pp. 181–194 (2016)
Microsoft ION. https://github.com/decentralized-identity/ion. Accessed Mar 2023
Sarier, N.D.: A new biometric identity based encryption scheme. In: 2008 the 9th International Conference for Young Computer Scientists, pp. 2061–2066. IEEE (2008)
Sahai, A., Waters, B.: Fuzzy identity-based encryption. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 457–473. Springer, Heidelberg (2005). https://doi.org/10.1007/11426639_27
Lee, C., Choi, J.-Y., Toh, K.-A., Lee, S., Kim, J.: Alignment-free cancelable fingerprint templates based on local minutiae information. IEEE Trans. Syst. Man Cybernet. B (Cybernet.) 37(4), 980–992 (2007)
Miao, F., Bao, S.-D., Li, Y.: Biometric key distribution solution with energy distribution information of physiological signals for body sensor network security. IET Inf. Secur. 7(2), 87–96 (2013)
Sitová, Z., et al.: HMOG: new behavioral biometric features for continuous authentication of smartphone users. IEEE Trans. Inf. Forensics Secur. 11(5), 877–892 (2015)
Evelyn Brindha, V., Natarajan, A.M.: Multi-modal biometric template security: fingerprint and palmprint based fuzzy vault. J. Biom. Biostat. 3(3), 100–150 (2012)
Zhang, L., Sun, Z., Tan, T., Hu, S.: Robust biometric key extraction based on iris cryptosystem. In: Tistarelli, M., Nixon, M.S. (eds.) ICB 2009. LNCS, vol. 5558, pp. 1060–1069. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-01793-3_107
Gomez-Barrero, M., Maiorana, E., Galbally, J., Campisi, P., Fierrez, J.: Multi-biometric template protection based on homomorphic encryption. Pattern Recogn. 67, 149–163 (2017)
Jain, A., Ross, A., Prabhakar, S.: Fingerprint matching using minutiae and texture features. In: Proceedings 2001 International Conference on Image Processing (Cat. No. 01CH37205), vol. 3, pp. 282–285. IEEE (2001)
Nandakumar, K., Jain, A.K.: Local correlation-based fingerprint matching. In: ICVGIP, pp. 503–508 (2004)
Cole, S.A.: History of fingerprint pattern recognition. Automatic fingerprint recognition systems, pp. 1–25 (2004)
Lindeberg, T.: Scale invariant feature transform (2012)
Lowe, D.G.: Distinctive image features from scale-invariant keypoints. Int. J. Comput. Vision 60, 91–110 (2004)
Patel, V.M., Ratha, N.K., Chellappa, R.: Cancelable biometrics: a review. IEEE Signal Process. Mag. 32(5), 54–65 (2015)
Sahai, A., Waters, B.: How to use indistinguishability obfuscation: deniable encryption, and more. In: Proceedings of the Forty-Sixth Annual ACM Symposium on Theory of Computing, pp. 475–484 (2014)
Pinkas, B., Sander, T.: Securing passwords against dictionary attacks. In: Proceedings of the 9th ACM Conference on Computer and Communications Security, pp. 161–170 (2002)
Florêncio, D., Herley, C., Coskun, B.: Do strong web passwords accomplish anything? HotSec 7(6), 159 (2007)
Gailly, J., Adler, M.: Zlib compression library (2004)
Vaidehi, M., Justus Rabi, B.: Design and analysis of AES-CBC mode for high security applications. In: Second International Conference on Current Trends In Engineering and Technology-ICCTET 2014, pp. 499–502. IEEE (2014)
Maio, D., Maltoni, D., Cappelli, R., Wayman, J.L., Jain, A.K.: FVC2004: third fingerprint verification competition. In: Zhang, D., Jain, A.K. (eds.) ICBA 2004. LNCS, vol. 3072, pp. 1–7. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-25948-0_1
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2024 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Yu, J., Li, S., Ding, Y., Sato, H. (2024). Decentralized Self-sovereign Identity Management System: Empowering Datacenters Through Compact Cancelable Template Generation. In: Tari, Z., Li, K., Wu, H. (eds) Algorithms and Architectures for Parallel Processing. ICA3PP 2023. Lecture Notes in Computer Science, vol 14493. Springer, Singapore. https://doi.org/10.1007/978-981-97-0862-8_18
Download citation
DOI: https://doi.org/10.1007/978-981-97-0862-8_18
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-97-0861-1
Online ISBN: 978-981-97-0862-8
eBook Packages: Computer ScienceComputer Science (R0)