short-paper

Open access

A Comparative Analysis Between SciTokens, Verifiable Credentials, and Smart Contracts: Novel Approaches for Authentication and Secure Access to Scientific Data

Authors:

Md Jobair Hossain Faruk,

Jim BasneyAuthors Info & Claims

PEARC '23: Practice and Experience in Advanced Research Computing 2023: Computing for the Common Good

Pages 302 - 305

https://doi.org/10.1145/3569951.3597566

Published: 10 September 2023 Publication History

All formats PDF

Abstract

Managing and exchanging sensitive information securely is a paramount concern for the scientific and cybersecurity community. The increasing reliance on computing workflows and digital data transactions requires ensuring that sensitive information is protected from unauthorized access, tampering, or misuse. This research paper presents a comparative analysis of three novel approaches for authenticating and securing access to scientific data: SciTokens, Verifiable Credentials, and Smart Contracts. The aim of this study is to investigate the strengths and weaknesses of each approach from trust, revocation, privacy, and security perspectives. We examine the technical features and privacy and security mechanisms of each technology and provide a comparative synthesis with the proposed model. Through our analysis, we demonstrate that each technology offers unique advantages and limitations, and the integration of these technologies can lead to more secure and efficient solutions for authentication and access to scientific data.

References

[1]

Alkhansaa Abuhashim and Chiu C. Tan. 2020. Smart Contract Designs on Blockchain Applications. In 2020 IEEE Symposium on Computers and Communications (ISCC). 1–4. https://doi.org/10.1109/ISCC50000.2020.9219622

[2]

Salman Ahmed and Qamar Mahmood. 2019. An authentication based scheme for applications using JSON web token. In 2019 22nd International Multitopic Conference (INMIC). 1–6. https://doi.org/10.1109/INMIC48123.2019.9022766

[3]

Information Association and Jaydip Sen. 2015. Security and Privacy Issues in Cloud Computing. 1585–1630. https: //doi.org/10.4018/978-1-4666-6539-2.ch074

[4]

EBSI: European Blockchain. [n. d.]. EBSI Verifiable Credentials Playbook. EBSI: European Blockchain ([n. d.]). https: //ec.europa.eu/digital-building-blocks/wikis/display/EBSIDOC/EBSI+Verifiable+Credentials+Playbook

[5]

John M Borky, Thomas H Bradley, John M Borky, and Thomas H Bradley. 2019. Protecting information with cyberse- curity. Effective Model-Based Systems Engineering (2019), 345–404.

[6]

David W. Chadwick, Romain Laborde, Arnaud Oglaza, Remi Venant, Samer Wazan, and Manreet Nijjar. 2019. Improved Identity Management with Verifiable Credentials and FIDO. IEEE Communications Standards Magazine 3, 4 (2019), 14–20. https://doi.org/10.1109/MCOMSTD.001.1900020

[7]

Meijuan Chen, Chen Tan, Xiaorong Zhu, and X. Zhang. 2020. A Blockchain-Based Authentication and Service Provision Scheme for Internet of Things. In IEEE Globecom Workshops. https://doi.org/10.1109/GCWkshps50303.2020.9367565

[8]

Cybersecurity and Infrastructure Security Agency. 2022. Russian State-Sponsored Cyber Actors Target Cleared Defense Contractor Networks to Obtain Sensitive U.S. Defense Information and Technology. https://www.cisa.gov/news-events/ cybersecurity-advisories/aa22-047a

[9]

Md Jobair Hossain Faruk, Santhiya Subramanian, Hossain Shahriar, Maria Valero, Xia Li, and Masrura Tasnim. 2022. Software Engineering Process and Methodology in Blockchain-Oriented Software Development: A Systematic Study. In 2022 IEEE/ACIS 20th International Conference on Software Engineering Research, Management and Applications (SERA). 120–127. https://doi.org/10.1109/SERA54885.2022.9806817

[10]

Md Jobair Hossain Faruk, Hossain Shahriar, Maria Valero, Sweta Sneha, Sheikh I. Ahamed, and Mohammad Rahman. 2021. Towards Blockchain-Based Secure Data Management for Remote Patient Monitoring. In 2021 IEEE International Conference on Digital Health (ICDH). 299–308. https://doi.org/10.1109/ICDH52753.2021.00054

[11]

Zakwan Jaroucheh and Iván Abellán Álvarez. 2021. Secretation: Toward a Decentralised Identity and Verifiable Credentials Based Scalable and Decentralised Secret Management Solution. In 2021 IEEE International Conference on Blockchain and Cryptocurrency (ICBC). 1–9. https://doi.org/10.1109/ICBC51069.2021.9461144

[12]

Seungjoo Lim, Min-Hyung Rhie, DongYeop Hwang, and Ki-Hyung Kim. 2021. A Subject-Centric Credential Manage- ment Method based on the Verifiable Credentials. In 2021 International Conference on Information Networking (ICOIN). 508–510. https://doi.org/10.1109/ICOIN50884.2021.9333857

[13]

Lu Lin and Baocheng Wang. 2021. Research on Authentication and Key Negotiation Based on Smart Water Environment. In 2021 IEEE 2nd International Conference on Information Technology, Big Data and Artificial Intelligence (ICIBA), Vol. 2. 268–272. https://doi.org/10.1109/ICIBA52610.2021.9688062

[14]

Bhabendu Kumar Mohanta, Soumyashree S Panda, and Debasish Jena. 2018. An Overview of Smart Contract and Use Cases in Blockchain Technology. In 2018 9th International Conference on Computing, Communication and Networking Technologies (ICCCNT). 1–4. https://doi.org/10.1109/ICCCNT.2018.8494045

[15]

Jaideep Kaur Mudhar, Sheetal Kalra, and Jyoteesh Malhotra. 2020. An Efficient Blockchain Based Authentication Scheme to Secure Fog Enabled IoT Devices. In 2020 Indo – Taiwan 2nd International Conference on Computing, Analytics and Networks (Indo-Taiwan ICAN). 75–80. https://doi.org/10.1109/Indo-TaiwanICAN48429.2020.9181356

[16]

Rahma Mukta, James Martens, Hye-young Paik, Qinghua Lu, and Salil S. Kanhere. 2020. Blockchain-Based Verifiable Credential Sharing with Selective Disclosure. In 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom). 959–966. https://doi.org/10.1109/TrustCom50675.2020.00128

[17]

Office of Scientific and Technical Information. 2021. Cybersecurity and Privacy for Scientific Computing Ecosystems. https://doi.org/10.2172/1843573

[18]

M Suvitha and R Subha. 2021. A Survey on Smart Contract Platforms and Features. In 2021 7th Int. Conf. on Advanced Computing and Communication Systems (ICACCS). https://doi.org/10.1109/ICACCS51430.2021.9441970

[19]

Anusha Vangala, Anil Kumar Sutrala, Ashok Kumar Das, and Minho Jo. 2021. Smart Contract-Based Blockchain- Envisioned Authentication Scheme for Smart Farming. IEEE Internet of Things Journal 8, 13 (2021), 10792–10806. https://doi.org/10.1109/JIOT.2021.3050676

[20]

W3C. 2022. Verifiable Credentials Data Model v1.1. W3C (2022). https://www.w3.org/TR/vc-data-model/

[21]

Alex Withers, Brian Bockelman, Derek Weitzel, Duncan Brown, Jeff Gaynor, Jim Basney, Todd Tannenbaum, and Zach Miller. 2018. SciTokens: Capability-Based Secure Access to Remote Scientific Data. In Proceedings of the Practice and Experience on Advanced Research Computing (Pittsburgh, PA, USA) (PEARC ’18). Association for Computing Machinery, New York, NY, USA, Article 24, 8 pages. https://doi.org/10.1145/3219104.3219135

Digital Library

[22]

Alex Withers, Brian Bockelman, Derek Weitzel, Duncan Brown, Jason Patton, Jeff Gaynor, Jim Basney, Todd Tannen- baum, You Alex Gao, and Zach Miller. 2019. SciTokens: Demonstrating Capability-Based Access to Remote Scientific Data Using HTCondor. In Proceedings of the Practice and Experience in Advanced Research Computing on Rise of the Machines (Learning) (Chicago, IL, USA) (PEARC ’19). Association for Computing Machinery, New York, NY, USA, Article 118, 4 pages. https://doi.org/10.1145/3332186.3333258

Digital Library

[23]

Kaiping Xue, Xinyi Luo, Yongjin Ma, Jian Li, Jianqing Liu, and David S. L. Wei. 2022. A Distributed Authentication Scheme Based on Smart Contract for Roaming Service in Mobile Vehicular Networks. IEEE Transactions on Vehicular Technology 71, 5 (2022), 5284–5297.

Cited By

Hossain Faruk MCheng J(2023)Integration of Blockchain in Computer Networking: Overview, Applications, and Future Perspectives for Software-defined Networking (SDN), Network Security, and Protocols2023 Tenth International Conference on Software Defined Systems (SDS)10.1109/SDS59856.2023.10329025(20-27)Online publication date: 23-Oct-2023
https://doi.org/10.1109/SDS59856.2023.10329025
Faruk MBasney JCheng J(2023)Blockchain-Based Decentralized Verifiable Credentials: Leveraging Smart Contracts for Privacy-Preserving Authentication Mechanisms to Enhance Data Security in Scientific Data Access2023 IEEE International Conference on Big Data (BigData)10.1109/BigData59044.2023.10386360(5493-5502)Online publication date: 15-Dec-2023
https://doi.org/10.1109/BigData59044.2023.10386360

Recommendations

DID and VC:Untangling Decentralized Identifiers and Verifiable Credentials for the Web of Trust
ICBTA '20: Proceedings of the 2020 3rd International Conference on Blockchain Technology and Applications

Decentralized identifiers and verifiable credentials have been proposed as a self-sovereign and privacy-friendly alternative to centralized and proprietary authentication services. Currently, a W3C standard exists that attempts to unify existing ...
Access with Fast Batch Verifiable Anonymous Credentials
Information and Communications Security
Abstract
An anonymous credential-based access control system allows the user to prove possession of credentials to a resource guard that enforce access policies on one or more resources, whereby interactions involving the same user are unlinkable by the ...
Towards Post-Quantum Verifiable Credentials
ARES '24: Proceedings of the 19th International Conference on Availability, Reliability and Security

Verifiable Credentials (VCs) allow users to assert claims about themselves in a cryptographically-verifiable way. In last the few years, several different VC schemes have emerged, offering varying levels of privacy through different cryptographic ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

PEARC '23: Practice and Experience in Advanced Research Computing 2023: Computing for the Common Good

July 2023

519 pages

ISBN:9781450399852

DOI:10.1145/3569951

Editors:
Robert Sinkovits
San Diego Supercomputer Center
,
Alana Romanella
University of Colorado Boulder
,
Shelley Knuth
University of Colorado Boulder
,
Ken Hackworth
Pittsburgh Supercomputing Center
,
Jeff Pummill
University of Arkansas

Copyright © 2023 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 10 September 2023

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Short-paper
Research
Refereed limited

Funding Sources

National Science Foundation

Conference

PEARC '23

Sponsor:

PEARC '23: Practice and Experience in Advanced Research Computing

July 23 - 27, 2023

OR, Portland, USA

Acceptance Rates

Overall Acceptance Rate 133 of 202 submissions, 66%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

2
Total Citations
View Citations
293
Total Downloads

Downloads (Last 12 months)256
Downloads (Last 6 weeks)54

Reflects downloads up to 19 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Hossain Faruk MCheng J(2023)Integration of Blockchain in Computer Networking: Overview, Applications, and Future Perspectives for Software-defined Networking (SDN), Network Security, and Protocols2023 Tenth International Conference on Software Defined Systems (SDS)10.1109/SDS59856.2023.10329025(20-27)Online publication date: 23-Oct-2023
https://doi.org/10.1109/SDS59856.2023.10329025
Faruk MBasney JCheng J(2023)Blockchain-Based Decentralized Verifiable Credentials: Leveraging Smart Contracts for Privacy-Preserving Authentication Mechanisms to Enhance Data Security in Scientific Data Access2023 IEEE International Conference on Big Data (BigData)10.1109/BigData59044.2023.10386360(5493-5502)Online publication date: 15-Dec-2023
https://doi.org/10.1109/BigData59044.2023.10386360

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

HTML Format

View this article in HTML Format.

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Table of Contents