This paper explores some challenges that can arise in authentication and authorisation processes between holder and verifier in the paradigm of Self-Sovereign Identity (SSI). The authentication phase within the SSI framework is crucial in ensuring the integrity of secure and private data exchanges between the holder and verifier. In particular, we analyse the unauthorised use of credentials, which can be a source of privacy and protection concerns. For instance, sending data to unauthorised third parties could give them access to more information than necessary. We propose a prospective solution for monitoring access to users' personal information. The focus is on defining a Disclosure Policy (DP) within an Attribute-Based Access Control (ABAC) model based on the Originator Control (ORCON) paradigm.

Policy-based Credential Disclosure in SSI by Using ORCON-based Access Control

Bistarelli S.;Luchini C.
;
Santini F.
2024

Abstract

This paper explores some challenges that can arise in authentication and authorisation processes between holder and verifier in the paradigm of Self-Sovereign Identity (SSI). The authentication phase within the SSI framework is crucial in ensuring the integrity of secure and private data exchanges between the holder and verifier. In particular, we analyse the unauthorised use of credentials, which can be a source of privacy and protection concerns. For instance, sending data to unauthorised third parties could give them access to more information than necessary. We propose a prospective solution for monitoring access to users' personal information. The focus is on defining a Disclosure Policy (DP) within an Attribute-Based Access Control (ABAC) model based on the Originator Control (ORCON) paradigm.
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11391/1588188
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 0
  • ???jsp.display-item.citation.isi??? ND
social impact