Skip to main content

Security Aspects of Digital Identity

  • Conference paper
  • First Online:
Recent Challenges in Intelligent Information and Database Systems (ACIIDS 2024)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 2144))

Included in the following conference series:

  • 204 Accesses

Abstract

Information protection is an integral part of the communication in a modern society. Sharing sensitive data on social networks, easy to use services, increasingly sophisticated threats and vulnerabilities, increasing number of digital identities in e-commerce and digital banking and unmanaged global digitization during pandemics require active approach to data protection and research new options to minimize the impact of security incidents. The article describes security aspects in communication between the consumer and service provider during authentication and proposes procedures that can describe these factors, categorize, measure and evaluate their impact on authentication.

The output of the article is a description of the functionality of the web application, which, based on the user's inputs, will recommend optimal authentication mechanisms sorted by risk score. The following input data is required from the user: Data classification rate; Number of application architecture layers; Type of authentication mechanism or authentication framework; Description of the network location of the consumer and the provider; Required number of authentication factors, The required form of ensuring data integrity control, The required form of securing the secrecy of transmitted data (encryption) and Description of user application role permissions. All options for input data are predefined and therefore the application is also suitable for a user who does not have a deeper awareness of the risks associated with authentication mechanisms or system integration.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Williams, J.: OWASP risk rating methodology. https://owasp.org/www-community/OWASP_Risk_Rating_Methodology. Accessed 14 Mar 2023

  2. Czakon, W., Mania, K., Jedynak, M., et al.: Who are we? Analyzing the digital identities of organizations through the lens of micro-interactions on social media. Technol. Forecast. Soc. Change 198, 123012 (2024). https://doi.org/10.1016/J.TECHFORE.2023.123012

    Article  Google Scholar 

  3. Balogh, Z., Koprda, S., Francisti, J.: LAN security analysis and design. In: Proceedings of the IEEE 12th International Conference on Application of Information and Communication Technologies, AICT 2018 (2018). https://doi.org/10.1109/ICAICT.2018.8746912

  4. Sule, M.J., Zennaro, M., Thomas, G.: Cybersecurity through the lens of digital identity and data protection: issues and trends. Technol. Soc. 67, 101734 (2021). https://doi.org/10.1016/J.TECHSOC.2021.101734

    Article  Google Scholar 

  5. Molotokienė, E.: The transformation of narrative identity into digital identity: challenges and perspectives. Colloquium, 2 (2020). https://doi.org/10.34813/18coll2020

  6. Balogh, Z., Turcani, M.: Modeling of data security in cloud computing. In: Proceedings of the 10th Annual International Systems Conference, SysCon 2016 (2016). https://doi.org/10.1109/SYSCON.2016.7490658

  7. Balogh, Z., Magdin, M.: The problems of data security in cloud computing and its solution using petri nets. In: Ntalianis, K., Croitoru, A. (eds.) APSAC 2017. LNEE, vol. 428, pp. 123–135. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-53934-8_15

    Chapter  Google Scholar 

  8. Laurent, M., Denouël, J., Levallois-Barth, C., Waelbroeck, P.: Digital Identity. In: Digital Identity Management, pp. 1–45 (2015). https://doi.org/10.1016/B978-1-78548-004-1.50001-8

  9. Sullivan, C.: Digital citizenship and the right to digital identity under international law. Comput. Law Secur. Rev. 32, 474–481 (2016). https://doi.org/10.1016/J.CLSR.2016.02.001

    Article  Google Scholar 

  10. Sullivan, C.: Digital identity – from emergent legal concept to new reality. Comput. Law Secur. Rev. 34, 723–731 (2018). https://doi.org/10.1016/J.CLSR.2018.05.015

    Article  Google Scholar 

  11. Salleras, X., Rovira, S., Daza, V.: FORT: Right-proving and attribute-blinding self-sovereign authentication. Mathematics 10, 617 (2022). https://doi.org/10.3390/MATH10040617

  12. Schlatt, V., Sedlmeir, J., Feulner, S., Urbach, N.: Designing a framework for digital KYC processes built on blockchain-based self-sovereign identity. Inf. Manage. 59, 103553 (2022). https://doi.org/10.1016/J.IM.2021.103553

    Article  Google Scholar 

  13. Kiennert, C., Bouzefrane, S., Thoniel, P.: Authentication systems. Digit. Identity Manage., 95–135 (2015). https://doi.org/10.1016/B978-1-78548-004-1.50003-1

  14. Kemp, J., et al.: Authentication Context for the OASIS Security Assertion Markup Language (SAML) V2.0 (2005)

    Google Scholar 

  15. Hardt, D.: RFC 6749 - The OAuth 2.0 authorization framework (2015). https://datatracker.ietf.org/doc/html/rfc6749#section-4.2. Accessed 14 Mar 2023

  16. Jones, M.: JSON Web Algorithms (JWA) (2015). https://doi.org/10.17487/RFC7518

  17. Sermersheim, J.: RFC 4511 - Lightweight Directory Access Protocol (LDAP): The Protocol (2006). https://datatracker.ietf.org/doc/html/rfc4511. Accessed 14 Mar 2023

  18. Neuman: RFC 4120 – The Kerberos Network Authentication Service (V5) (2005). https://datatracker.ietf.org/doc/html/rfc4120. Accessed 14 Mar 2023

  19. Rigney, C.: RFC 2865 - Remote Authentication Dial In User Service (RADIUS) (2000). https://datatracker.ietf.org/doc/html/rfc2865. Accessed 14 Mar 2023

  20. Yoe, C.: Principles of Risk Analysis: Desicion Making Under Uncertainty, 2nd edn. CRC Press LLC (2019)

    Google Scholar 

Download references

Acknowledgments

This work was supported by the Scientific Grant Agency of the Ministry of Education of the Slovak Republic (ME SR) and of Slovak Academy of Sciences (SAS) under the contract No. VEGA 1/0385/23.

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Zoltán Balogh .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and permissions

Copyright information

© 2024 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Balogh, Z., Francisti, J., Hrabčák, M. (2024). Security Aspects of Digital Identity. In: Nguyen, N.T., et al. Recent Challenges in Intelligent Information and Database Systems. ACIIDS 2024. Communications in Computer and Information Science, vol 2144. Springer, Singapore. https://doi.org/10.1007/978-981-97-5937-8_1

Download citation

  • DOI: https://doi.org/10.1007/978-981-97-5937-8_1

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-97-5936-1

  • Online ISBN: 978-981-97-5937-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics