物联网安全与隐私的去中心化身份应用

IF 2 Q3 TELECOMMUNICATIONS

Journal of Computer Networks and Communications Pub Date : 2023-08-28 DOI:10.37256/cnc.1220233048

Chalima Dimitra Nassar Kyriakidou, Athanasia Maria Papathanasiou, G.C. Polyzos

{"title":"物联网安全与隐私的去中心化身份应用","authors":"Chalima Dimitra Nassar Kyriakidou, Athanasia Maria Papathanasiou, G.C. Polyzos","doi":"10.37256/cnc.1220233048","DOIUrl":null,"url":null,"abstract":"Decentralized Identity (dID) has brought to the forefront the advantages and importance of total user control over identity. Previous solutions delegate identity management to the responsibility of third-party applications or services, which may raise multiple privacy and security concerns regarding users' personal data. In this paper, we highlight the significance of dID and in particular Self-Sovereign Identity (SSI) for a rapidly evolving ecosystem with a plethora of interconnected devices with different characteristics, such as the Internet of Things (IoT). Specifically, we analyze the benefits of incorporating SSI principles and technologies in IoT environments, while also discussing the challenges that may be introduced when combining the complexity of SSI concepts with the diverse and large-scale IoT environment. In addition, we present a thorough overview of existing systems that integrate SSI components into IoT environments, in order to address the challenges of authentication, authorization, and access control even for constrained IoT devices. Finally, we provide a comprehensive analysis regarding the contributions of Decentralized Identifiers and Verifiable Credentials, the two main pillars of SSI, for enhanced privacy and security for the Internet at large and for the IoT in particular.","PeriodicalId":45621,"journal":{"name":"Journal of Computer Networks and Communications","volume":null,"pages":null},"PeriodicalIF":2.0000,"publicationDate":"2023-08-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Decentralized Identity With Applications to Security and Privacy for the Internet of Things\",\"authors\":\"Chalima Dimitra Nassar Kyriakidou, Athanasia Maria Papathanasiou, G.C. Polyzos\",\"doi\":\"10.37256/cnc.1220233048\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Decentralized Identity (dID) has brought to the forefront the advantages and importance of total user control over identity. Previous solutions delegate identity management to the responsibility of third-party applications or services, which may raise multiple privacy and security concerns regarding users' personal data. In this paper, we highlight the significance of dID and in particular Self-Sovereign Identity (SSI) for a rapidly evolving ecosystem with a plethora of interconnected devices with different characteristics, such as the Internet of Things (IoT). Specifically, we analyze the benefits of incorporating SSI principles and technologies in IoT environments, while also discussing the challenges that may be introduced when combining the complexity of SSI concepts with the diverse and large-scale IoT environment. In addition, we present a thorough overview of existing systems that integrate SSI components into IoT environments, in order to address the challenges of authentication, authorization, and access control even for constrained IoT devices. Finally, we provide a comprehensive analysis regarding the contributions of Decentralized Identifiers and Verifiable Credentials, the two main pillars of SSI, for enhanced privacy and security for the Internet at large and for the IoT in particular.\",\"PeriodicalId\":45621,\"journal\":{\"name\":\"Journal of Computer Networks and Communications\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":2.0000,\"publicationDate\":\"2023-08-28\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Journal of Computer Networks and Communications\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.37256/cnc.1220233048\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q3\",\"JCRName\":\"TELECOMMUNICATIONS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Computer Networks and Communications","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.37256/cnc.1220233048","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"TELECOMMUNICATIONS","Score":null,"Total":0}

引用次数: 0

摘要

去中心化身份(dID)将用户完全控制身份的优势和重要性带到了最前沿。以前的解决方案将身份管理委托给第三方应用程序或服务，这可能会引起有关用户个人数据的多重隐私和安全问题。在本文中，我们强调了dID，特别是自我主权身份(SSI)对于快速发展的生态系统的重要性，该生态系统具有大量具有不同特征的互联设备，例如物联网(IoT)。具体来说，我们分析了将SSI原理和技术纳入物联网环境的好处，同时也讨论了将SSI概念的复杂性与多样化和大规模物联网环境相结合时可能引入的挑战。此外，我们还全面概述了将SSI组件集成到物联网环境中的现有系统，以解决身份验证、授权和访问控制方面的挑战，即使对于受限的物联网设备也是如此。最后，我们对分散标识符和可验证凭据(SSI的两个主要支柱)的贡献进行了全面分析，以增强整个互联网(特别是物联网)的隐私和安全性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Decentralized Identity With Applications to Security and Privacy for the Internet of Things

Decentralized Identity (dID) has brought to the forefront the advantages and importance of total user control over identity. Previous solutions delegate identity management to the responsibility of third-party applications or services, which may raise multiple privacy and security concerns regarding users' personal data. In this paper, we highlight the significance of dID and in particular Self-Sovereign Identity (SSI) for a rapidly evolving ecosystem with a plethora of interconnected devices with different characteristics, such as the Internet of Things (IoT). Specifically, we analyze the benefits of incorporating SSI principles and technologies in IoT environments, while also discussing the challenges that may be introduced when combining the complexity of SSI concepts with the diverse and large-scale IoT environment. In addition, we present a thorough overview of existing systems that integrate SSI components into IoT environments, in order to address the challenges of authentication, authorization, and access control even for constrained IoT devices. Finally, we provide a comprehensive analysis regarding the contributions of Decentralized Identifiers and Verifiable Credentials, the two main pillars of SSI, for enhanced privacy and security for the Internet at large and for the IoT in particular.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Journal of Computer Networks and Communications TELECOMMUNICATIONS-

CiteScore

5.30

自引率

5.00%

发文量

审稿时长

15 weeks

期刊介绍： The Journal of Computer Networks and Communications publishes articles, both theoretical and practical, investigating computer networks and communications. Articles explore the architectures, protocols, and applications for networks across the full spectrum of sizes (LAN, PAN, MAN, WAN…) and uses (SAN, EPN, VPN…). Investigations related to topical areas of research are especially encouraged, including mobile and wireless networks, cloud and fog computing, the Internet of Things, and next generation technologies. Submission of original research, and focused review articles, is welcomed from both academic and commercial communities.