Browse > Article
http://dx.doi.org/10.13089/JKIISC.2020.30.3.513

Proposal for a Custody and Federated Service Model for the Decentralized Identity  

Yeo, Kiho (Soonchunhyang University)
Park, Keundug (Seoul University of Foreign Studies)
Youm, Heung Youl (Soonchunhyang University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.30, no.3, 2020 , pp. 513-525 More about this Journal
Abstract
Until today, the personal information of subjects has been centralized in many companies or institutions. However, in recent days, the paradigm has gradually changed in the direction that subjects control their personal information and persue their self-sovereignty. Globally, individual data sovereignty is strengthened by the European Union's General Data Protection Regulation(GDPR) and the US California Consumer Privacy Act(CCPA). In Korea, a few alliances consist of various companies are creating technology research and service application cases for decentralized ID service model. In this paper, the current decentralized ID service model and its limitations are studied, and a improved decentralized ID service model that can solve them is proposed. The proposed model has a function of securely storing decentralized ID to the third party and a linkage function that can be interoperated even if different decentralized ID services are generated. In addition, a more secure and convenient model by identifying the security threats of the proposed model and deriving the security requirements, is proposed. It is expected that the decentralized ID technology will be applied not only to the proof of people but also to the device ID authentication management of the IoT in the future.
Keywords
Distributed Ledger Technology; Decentralized Identity; Self Sovereign Identity; Custody; Federation;
Citations & Related Records
Times Cited By KSCI : 4  (Citation Analysis)
연도 인용수 순위
1 S.R. Cho, D.S. Choi, S.H. Jin and H.H. Lee, "Passwordless authentication technology-FIDO," Electronics and Telecommunications Trends, 29(4), pp. 101-109, Aug. 2014
2 Erika McCallister and Richard Brackney, "Information technology - security techniques - Entity authentication assurance framework" ISO/IEC DIS 29115, Dec. 2011
3 Life With Alacrity, "The path to self-sovereign identity" http://www.lifewithalacrity.com/2016/04/the-path-to-self-soverein-identity.html, Feb. 2020
4 Hee-won Shim, "Domestic and overseas trends and implications of decentralized ID technology," Korea Financial Telecommunications & Clearings Institute, 73, Dec. 2019
5 W3C, "W3C homepage" https://www.w3c.org, Mar. 2020
6 DIF, "DIF hompage" https://identity.foundation, Mar. 2020
7 Sovrin, "Sovrin homepage" https://sovrin.org, Mar. 2020
8 P. Leach, M. Mealling and R. Salz, "A universally unique identifier (UUID) URN namespace," RFC 4122, July 2005
9 Decentralized identifiers (DIDs) v1.0, "W3C Decentralized identifiers" https://www.w3.org/TR/2019/WD-didcore-20191127/, Mar. 2020
10 Security Technology Research Team, "The concept and overseas technology trend of decentralized ID," e-Finance and Financial Security, 16, pp. 15-39, April 2019
11 Verifiable credentials data model 1.0, "Verifiable credentials" https://www.w3.org/TR/2019/REC-vc-data-model-20191119/, Mar. 2020
12 SSImeetup Identity Webinar, "Trust frameworks and SSI: An interview with CULedger on the credit union MyCUID trust framework," https://ssimeetup.org/blog/page/5/, Feb. 2020
13 Steve Fulling, Phil Windley, Jason Law and Nathan George, "Indy, HIP identifier," Hyperledger Improvement Project(HIP), Mar. 2017
14 KISA Press release, "Collaboration for DID ecosystem between KISA and financial security institute," https://www.kisa.or.kr/notice/press_List.jsp, Feb. 2020
15 SK telecom Press release, "KOREA DID initial DAY," https://www.sktelecom.com/advertise/press_detail.do?idx=5122, Feb. 2020
16 DID Alliance, "DID Alliance" http://www.didalliance.or.kr/, Mar. 2020
17 MyID Alliance, "MyID Alliance" https:// myidalliance.org/, Mar. 2020
18 D.S. Kwon, H. Lee and J.D. Park, "Digital identity trend for digital trust society," Electronics and Telecommunications Trends, 34(3), pp. 114-124, June 2019
19 Connneting Lab, Blockchain Trend 2020, Business Books, pp. 85-94, June 2019
20 RaonSecure Press release , "Raonsecure MMA Blockchain" https://www.raoncorp.com/ko/about/news_list/view/28, Jan. 2020
21 DPASS, "Decentralized Passport" https://www.dpass.io/, Feb. 2020
22 LG CNS Blog IT Solutions/Security, "Security threats of smart phone," https://blog.lgcns.com/1106, Feb. 2020
23 Keundug Park, DaeKyung Kim and Heung Youl Youm, "Security enhancement for distributed ledger technology system based on open source," Korea Institute of Information Security and Cryptology, 29(4), Aug. 2019
24 Keundug Park and Heung Youl Youm, "Security requirements for digital asset transaction service model based on distributed ledger technology," TTAK. KO-12.0352, Dec. 2019
25 Information Technology Laboratory National Institute of Standards and Technology, "Security requirements for cryptographic modules," FIPS PUB 140-2, May 2001
26 Bitcoin.org, "Bitcoin : A peer-to-peer electronic cash system" https://bitcoin.org/bitcoin.pdf, Mar. 2020