Visible to the public Enhancing the Security and Privacy of Self-Sovereign Identities on Hyperledger Indy Blockchain

TitleEnhancing the Security and Privacy of Self-Sovereign Identities on Hyperledger Indy Blockchain
Publication TypeConference Paper
Year of Publication2020
AuthorsBhattacharya, M. P., Zavarsky, P., Butakov, S.
Conference Name2020 International Symposium on Networks, Computers and Communications (ISNCC)
Date Publishedoct
Keywordsattribute sensitivity, attribute sensitivity score model, authorisation, blockchain, blockchains, Collaboration, composability, confidence level, credential exchange, credential exchanges, Data disclosure, data privacy, distributed ledger, Engines, Human Behavior, Hyperledger Indy, Hyperledger Indy blockchain, identity holders, identity operations, identity owners, information assurance, man-in-the-middle attack, man-in-the-middle attacks, Metrics, personal data disclosure, personally identifiable information, PII, policy-based governance, privacy, pubcrawl, python, Receivers, reputation, resilience, Resiliency, Scalability, Self-Sovereign Identity, self-sovereign identity agents, Sensitivity, user autonomy, user immutability
AbstractSelf-sovereign identities provide user autonomy and immutability to individual identities and full control to their identity owners. The immutability and control are possible by implementing identities in a decentralized manner on blockchains that are specially designed for identity operations such as Hyperledger Indy. As with any type of identity, self-sovereign identities too deal with Personally Identifiable Information (PII) of the identity holders and comes with the usual risks of privacy and security. This study examined certain scenarios of personal data disclosure via credential exchanges between such identities and risks of man-in-the-middle attacks in the blockchain based identity system Hyperledger Indy. On the basis of the findings, the paper proposes the following enhancements: 1) A novel attribute sensitivity score model for self-sovereign identity agents to ascertain the sensitivity of attributes shared in credential exchanges 2) A method of mitigating man-in-the-middle attacks between peer self-sovereign identities and 3) A novel quantitative model for determining a credential issuer's reputation based on the number of issued credentials in a window period, which is then utilized to calculate an overall confidence level score for the issuer.
Citation Keybhattacharya_enhancing_2020