This paper investigates the role of terms of use within the Self-Sovereign Identity (SSI) system, aiming to establish a model for managing verifiable credentials (VCs) in specific contexts. To this end, we use the termsOfUse field within VCs to formulate an access control policy based on the Attribute-Based Access Control (ABAC) framework, implemented via smart contracts. Furthermore, the paper introduces the concept of a self-generated VC to attest to users' acceptance of terms of use, offering verifiable proof to support users in legal disputes.
Controlling VC disclosure with Terms of Use and ABAC in SSI
Bistarelli S.
;Luchini C.
;Santini F.
2025
Abstract
This paper investigates the role of terms of use within the Self-Sovereign Identity (SSI) system, aiming to establish a model for managing verifiable credentials (VCs) in specific contexts. To this end, we use the termsOfUse field within VCs to formulate an access control policy based on the Attribute-Based Access Control (ABAC) framework, implemented via smart contracts. Furthermore, the paper introduces the concept of a self-generated VC to attest to users' acceptance of terms of use, offering verifiable proof to support users in legal disputes.File in questo prodotto:
Non ci sono file associati a questo prodotto.
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
