Abstract
Cybersecurity in the Internet of Things (IoT), at its heart, relies on the digital identity concept to build security mechanisms such as authentication and authorization. However, current centralized identity management systems are built around third party identity providers, which raises privacy concerns and presents a single point of failure. In addition, IoT unconventional characteristics such as scalability, heterogeneity and mobility require new identity management systems to operate in distributed and trustless environments. In order to deal with these challenges, we present the Blockchain-based Identity Management System for the Internet of Things. By such, things and people are able to self-manage their identities and authenticate without relying on any third parties.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Telecommunication Standardization Sector, Overview of the Internet of things, ITU (2012). https://www.itu.int/rec/T-REC-Y.2060-201206-I. Accessed 20 Jan 2021
IDC, The Growth in Connected IoT Devices Is Expected to Generate 79.4ZB of Data in 2025, 2019, https://www.idc.com/getdoc.jsp?containerId=prUS45213219, Access 13 Feb 2021
Telecommunication Standardization Sector, NGN Identity Management Framework, ITU, 2009, https://www.itu.int/rec/T-REC-Y.2720-200901-I access 23 Jan 2021
Bertino, E., Takahashi, K.: Identity Management: Concepts, Technologies, and Systems, Artech House (2011)
Recordon, D., Reed, D.: OpenID 2.0: A Platform for User-centric Identity Management, Proceedings of the Second ACM Workshop on Digital Identity Management (2006)
Security Services Technical Committee of OASIS, Security Assertion Markup Language (SAML) v2.0, Available at http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=security (2005)
Cantor, S., Scavo, T.: Shibboleth Architecture, Protocols and Profiles (2005)
Torres, J., Nogueira, M., Pujolle, G.: A Survey on Identity Management for the Future Network, IEEE Communications Surveys (2013)
Alpar, G., Hoepman, J., Siljee, J.: The Identity Crisis Security. Privacy and Usability Issues in Identity Management, CoRR (2011)
Nakamoto, S.: Bitcoin: a Peer-to-Peer Electronic Cash System. 2008. [Online]. Available: https://bitcoin.org/bitcoin.pdf
Jøsang, A., Pope, S.: User Centric Identity Management, AusCERT Conference (2005)
Jøsang, A., Zomai, M., Suriadi, S.: Usability and Privacy in Identity Management Architectures, Australian Computer Society Inc (2007)
Maler, E., Reed, D.: The Venn of identity: Options and issues in federated identity management, IEEE Security & Privacy (2008)
Angin, P., et al.: An entity-centric approach for privacy and identity management in cloud computing, 29th IEEE Symposium on Reliable Distributed Systems (SRDS’10), pp. 177–183. New Delhi, India (2010)
Suriadi, S., Foo, E.: A. Jøsang A User-centric Federated Single Sign-on System. J. Netw. Comput. Appl. 32, 388–401 (2009)
PRIMELife, Privacy and Identity Management in Europe for Life, Available online: http://primelife.ercim.eu, Access Feb 2021
SWIFT, Secure Widespread Identities for Federated Telecommunications, Available online: https://www.swift.com, Access Feb 2021
DAIDALOS, Designing Advanced Network Interfaces for the Delivery and Administration of Location Independent, Optimised Personal Services, Available online: https://www.tssg.org/projects/daidalos/, Access Feb 2021
Kantara, Available online: http://kantarainitiative.org, Access Jan 2021
Liberty, The Liberty Alliance project, Available online: http://www.projectliberty.org, Access Jan 2021
FIDIS, Future of Identity in the Information Society, Available online: http://www.fidis.net, Access Jan 2021
Higgins, Higgins - open source identity framework, Available online: http://www.eclipse.org/higgins, Access Nov 2020
STORK, Secure idenTity acrOss boRders linKed, Available online: https://www.eid-stork.eu, Access Jan 2021
PICOS, Privacy and Identity Management for Community Services, Available online: http://www.picos-project.eu, Access Jan 2021
Zhu, X., Badr, Y.: Identity Management Systems for the Internet of Things: A Survey Towards Blockchain Solutions , Sensors 2018, 18, 4215
Bertocci, V., Serack, G., Baker, C.: Understanding Windows Cardspace: An Introduction to the Concepts and Challenges of Digital Identities, Addison Wesley Professional (2007)
Namecoin. Namecoin: The First Solution to Zooko’s Triangle, Available online: https://namecoin.org, Access Jan 2021
Fromknecht, C., Dragos, V., Sophia, Y.: CertCoin: A NameCoin Based Decentralized Authentication System 6.857 Class Project (2014)
Leiding, B., Cap, CH., Mundt, T., Samaneh, R.: Authcoin: Validation and Authentication in Decentralized Networks, arXiv preprint arXiv:1609.04955 (2016)
Muneeb, A., Nelson, J., Shea, R., Freedman, M.: Blockstack: A Global Naming and Storage System Secured by Blockchains. In USENIX Annual Technical Conference, pp. 181–194 (2016)
Mustafa, A.: "SCPKI: A Smart Contract-based PKI and Identity System." In Proceedings of the ACM Workshop on Blockchain, Cryptocurrencies and Contracts, pp. 35–40. ACM (2017)
Liu, Y., Zhao, Z.. Guo, G., Wang, X., Tan, Z., Wang, S.: An Identity Management System Based on Blockchain (2017)
Augot, D., Chabanne, H., Clémot, O., George, W.: Transforming face-to-face identity proofing into anonymous digital identity using the Bitcoin blockchain. arXiv preprint arXiv:1710.02951 (2017)
Augot, Daniel, Chabanne, Hervé, Chenevier, Thomas, George, William, Lambert, Laurent: A user-centric system for verified identities on the bitcoin blockchain. In: Garcia-Alfaro, Joaquin, Navarro-Arribas, Guillermo, Hartenstein, Hannes, Herrera-Joancomartí, Jordi (eds.) ESORICS/DPM/CBT - 2017. LNCS, vol. 10436, pp. 390–407. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-67816-0_22
Hardjono, T., Sandy Pentland, A.: "Verifiable Anonymous Identities and Access Control in Permissioned Blockchains."
Halpin, H.: "NEXTLEAP: Decentralizing Identity with Privacy for Secure Messaging." In Proceedings of the 12th International Conference on Availability, Reliability and Security, p. 92. ACM (2017)
Azouvi, Sarah, Al-Bassam, Mustafa, Meiklejohn, Sarah: Who am i? Secure identity registration on distributed ledgers. In: Garcia-Alfaro, Joaquin, Navarro-Arribas, Guillermo, Hartenstein, Hannes, Herrera-Joancomartí, Jordi (eds.) ESORICS/DPM/CBT -2017. LNCS, vol. 10436, pp. 373–389. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-67816-0_21
Gao, Z., et al.: "Blockchain-based identity management with mobile device." In Proceedings of the 1st Workshop on Cryptocurrencies and Blockchains for Distributed Systems, pp. 66–70 (2018)
Lee, J.: BIDaaS: blockchain based ID as a service. IEEE Access 6, 2274–2278 (2018)
Faber, B., et al.: BPDIMS: A Blockchain-Based Personal Data and Identity Management System. Proceedings of the 52nd Hawaii International Conference on System Sciences (2019)
Alsayed Kassem, J., Sayeed, S., Marco-Gisbert, H., Pervez, Z., Dahal, K.: DNS-IdM: a blockchain identity management system to secure personal data sharing in a network. Appl. Sci. 9(15), 2953 (2019)
Borse, Y., et al.: Anonymity: a secure identity management using smart contracts. Available at SSRN 3352370 (2019)
Hong, S., Kim, H. VaultPoint: a blockchain-based SSI model that complies with OAuth 2.0. Electronics, 9(8), 1231
Lin, C., He, D., Huang, X., Kumar, N., Choo, K.K.R.: BCPPA: a blockchain-based conditional privacy-preserving authentication protocol for vehicular ad hoc networks. IEEE Transactions on Intelligent Transportation Systems (2020)
Uport. A scalable DID method for Ethereum addresses enabling them to collect on-chain and off-chain data, Available online: https://www.uport.me, Access Feb 2021
Sovrin Foundation. Personally manage your digital IDs online with the Sovrin Network - an open source project creating a global public utility for self-sovereign identity. Available online: https://sovrin.org, Access Feb, 2021
Shocard. Secure Enterprise Identity Authentication, Available online: https://shocard.com/ access Feb 2021
Bitnation. Governance 2.0, Available online: https://bitnation.co/, Access Feb 2021
Civic. Secure Identity Ecosystem-Decentralized Identity Reusable KYC, Available online: https://www.civic.com/, Access Feb 2021
Jolocom. Decentralized Infrastructure for Self-Sovereign Identity, Available online: http://jolocom.io/, Access Feb 2021
Allen, C., et al.: Decentralized Public Key Infrastructure, https://danubetech.com/download/dpki.pdf, Access Feb 2021
Koblitz, N.: CM-curves with good cryptographic properties, Proc. Crypto’91, Springer-Verlag (1992)
Standards for Efficient Cryptography, SEC 2: Recommended Elliptic Curve Domain Parameters January 27 (2010) http://www.secg.org/sec2-v2.pdf
Antonopoulos, A.M.: Mastering Bitcoin: unlocking digital cryptocurrencies, O’Reilly Media (2014)
Burrows, M., Abadi, M., Needham, R.: A logic of authentication," in Proc. of the RSLA ’89, pp.233–271 (1989)
Ethereum Community, A Next-Generation Smart Contract and Decentralized Application Platform, https://github.com/ethereum/wiki/wiki/White-Paper, Access 20 Jan 2018
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2024 IFIP International Federation for Information Processing
About this paper
Cite this paper
Badr, Y., Zhu, X., Saad-Bouzefrane, S., Banerjee, S. (2024). A Bitcoin-Based Digital Identity Model for the Internet of Things. In: Bouzefrane, S., Sauveron, D. (eds) Information Security Theory and Practice. WISTP 2024. Lecture Notes in Computer Science, vol 14625. Springer, Cham. https://doi.org/10.1007/978-3-031-60391-4_9
Download citation
DOI: https://doi.org/10.1007/978-3-031-60391-4_9
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-60390-7
Online ISBN: 978-3-031-60391-4
eBook Packages: Computer ScienceComputer Science (R0)