This paper explores some challenges that can arise in authentication and authorisation processes between holder and verifier in the paradigm of Self-Sovereign Identity (SSI). The authentication phase within the SSI framework is crucial in ensuring the integrity of secure and private data exchanges between the holder and verifier. In particular, we analyse the unauthorised use of credentials, which can be a source of privacy and protection concerns. For instance, sending data to unauthorised third parties could give them access to more information than necessary. We propose a prospective solution for monitoring access to users' personal information. The focus is on defining a Disclosure Policy (DP) within an Attribute-Based Access Control (ABAC) model based on the Originator Control (ORCON) paradigm.
Policy-based Credential Disclosure in SSI by Using ORCON-based Access Control
Bistarelli S.;Luchini C.
;Santini F.
2024
Abstract
This paper explores some challenges that can arise in authentication and authorisation processes between holder and verifier in the paradigm of Self-Sovereign Identity (SSI). The authentication phase within the SSI framework is crucial in ensuring the integrity of secure and private data exchanges between the holder and verifier. In particular, we analyse the unauthorised use of credentials, which can be a source of privacy and protection concerns. For instance, sending data to unauthorised third parties could give them access to more information than necessary. We propose a prospective solution for monitoring access to users' personal information. The focus is on defining a Disclosure Policy (DP) within an Attribute-Based Access Control (ABAC) model based on the Originator Control (ORCON) paradigm.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.