• International Journal of Computer Science & Network Security
• /
• v.23 no.12
• /
• pp.27-80
• /
• 2023

Nowadays usage of different applications of identity management IDM demands prime attention to clarify which is more efficient regarding preserve privacy as well as security to perform different operations concerning digital identity. Those operations represent the available interactions with identity during its lifecycle in the digital world e.g., create, update, delete, verify and so on. With the rapid growth in technology, this field has been evolving with a number of IDM models being proposed to ensure that identity lifecycle and face some significant issues. However, the control and ownership of data remines in the hand of identity service providers for central and federated approaches unlike in the self-sovereign identity management SSIM approach. SSIM is the recent IDM model were introduced to solve the issue regarding ownership of identity and storing the associated data of it. Thus, SSIM aims to grant the individual's ability to govern their identities without intervening administrative authorities or approval of any authority. Recently, we noticed that numerous IDM solutions enable individuals to own and control their identities in order to adapt with SSIM model. Therefore, we intend to make comparative study as much of these solutions that have proper technical documentation, reports, or whitepapers as well as provide an overview of IDM models. We will point out the existing research gaps and how this study will bridge it. Finally, the study will propose a technical enhancement, everKEY solution, to address some significant drawbacks in current SSIM solutions.

• Journal of Digital Convergence
• /
• v.19 no.8
• /
• pp.205-217
• /
• 2021

Decentralized SSI(Self Sovereign Identity) has become an alternative to a new digital identity solution, but an efficient de-identification technique has not been proposed due to the unique algorithmic characteristics of data transactions. In this study, to ensure the decentralized operation of SSI, we propose a de-identification technique that does not remove identifiers by restructuring the verification results of ZKP (Zero Knowledge Proof) into a form that can be provided to the outside by the verifier. In addition, it is possible to provide restructured de-identification data without the consent of data subject by proposing the concept of differential sovereignty management for each entity participating in verification. As a result, the proposed model satisfies the domestic personal information protection law in a decnetralized SSI, in addition provides secure and efficient de-identification processing and sovereignty management.

• Environmental and Resource Economics Review
• /
• v.15 no.5
• /
• pp.827-858
• /
• 2006

The paper presents game theoretic models for self-enforcing coalition formation in order to sustain effective international environmental agreements(IEAs). The model analyzes how the intrinsically strategic nature of a government's environmental policies(the emission allowance standard) calls for rules to sustain an IEA. Focusing on the recent theoretical developments in the infinitely repeated game, the paper introduces some mechanisms to show how self-interested sovereign countries are cooperatively able to maintain an IEA rather than defect to initially profit at the expense of a pollution heaven later on. For a more realistic case needed to sustain an IEA, an optimal international environmental policy with both signatories and non-signatories under imperfect monitoring is also explored. In this extension of the model, the derivation process for a critical discount factor, a trigger price level and the length of punishment period is briefly discussed.

• Journal of Information Processing Systems
• /
• v.17 no.5
• /
• pp.989-1003
• /
• 2021

With the recent increase in the types of services provided by Internet companies, collection of various types of data has become a necessity. Data collectors corresponding to web services profit by collecting users' data indiscriminately and providing it to the associated services. However, the data provider remains unaware of the manner in which the data are collected and used. Furthermore, the data collector of a web service consumes web resources by generating a large amount of web traffic. This traffic can damage servers by causing service outages. In this study, we propose a website search engine that employs a system that controls user information using blockchains and builds its database based on the recorded information. The system is divided into three parts: a collection section that uses proxy, a management section that uses blockchains, and a search engine that uses a built-in database. This structure allows data sovereigns to manage their data more transparently. Search engines that use blockchains do not use internet bots, and instead use the data generated by user behavior. This avoids generation of traffic from internet bots and can, thereby, contribute to creating a better web ecosystem.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.3
• /
• pp.513-525
• /
• 2020

Until today, the personal information of subjects has been centralized in many companies or institutions. However, in recent days, the paradigm has gradually changed in the direction that subjects control their personal information and persue their self-sovereignty. Globally, individual data sovereignty is strengthened by the European Union's General Data Protection Regulation(GDPR) and the US California Consumer Privacy Act(CCPA). In Korea, a few alliances consist of various companies are creating technology research and service application cases for decentralized ID service model. In this paper, the current decentralized ID service model and its limitations are studied, and a improved decentralized ID service model that can solve them is proposed. The proposed model has a function of securely storing decentralized ID to the third party and a linkage function that can be interoperated even if different decentralized ID services are generated. In addition, a more secure and convenient model by identifying the security threats of the proposed model and deriving the security requirements, is proposed. It is expected that the decentralized ID technology will be applied not only to the proof of people but also to the device ID authentication management of the IoT in the future.