This paper explores some challenges that can arise in authentication and authorisation processes between holder and verifier in the paradigm of Self-Sovereign Identity (SSI). The authentication phase within the SSI framework is crucial in ensuring the integrity of secure and private data exchanges between the holder and verifier. In particular, we analyse the unauthorised use of credentials, which can be a source of privacy and protection concerns. For instance, sending data to unauthorised third parties could give them access to more information than necessary. We propose a prospective solution for monitoring access to users’ personal information. The focus is on defining a Disclosure Policy (DP) within an Attribute-Based Access Control (ABAC) model based on the Originator Control (ORCON) paradigm.

Policy-based Credential Disclosure in SSI by Using ORCON-based Access Control / Stefano Bistarelli; Chiara Luchini; Francesco Santini. - ELETTRONICO. - (2024), pp. 0-0. (Intervento presentato al convegno 6th Distributed Ledger Technologies Workshop (DLT 2024) tenutosi a Turin, Italy nel May 14-15 2024).

Policy-based Credential Disclosure in SSI by Using ORCON-based Access Control

Chiara Luchini;
2024

Abstract

This paper explores some challenges that can arise in authentication and authorisation processes between holder and verifier in the paradigm of Self-Sovereign Identity (SSI). The authentication phase within the SSI framework is crucial in ensuring the integrity of secure and private data exchanges between the holder and verifier. In particular, we analyse the unauthorised use of credentials, which can be a source of privacy and protection concerns. For instance, sending data to unauthorised third parties could give them access to more information than necessary. We propose a prospective solution for monitoring access to users’ personal information. The focus is on defining a Disclosure Policy (DP) within an Attribute-Based Access Control (ABAC) model based on the Originator Control (ORCON) paradigm.
2024
Proceedings of the 6th Distributed Ledger Technologies Workshop (DLT2024), May 14-15 2024, Turin, Italy
6th Distributed Ledger Technologies Workshop (DLT 2024)
Turin, Italy
May 14-15 2024
Stefano Bistarelli; Chiara Luchini; Francesco Santini
4a - Articolo in atti di congresso
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in FLORE sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificatore per citare o creare un link a questa risorsa: https://hdl.handle.net/2158/1413694
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 0
  • ???jsp.display-item.citation.isi??? ND
social impact