SECURE IDENTITY MANAGEMENT ON THE BLOCKCHAIN
Adám Nágy Kwadjo Anobaah Nyante
Assistant Professor at ELTE Msc. Security & Privacy Advanced Cryptography
Andreas Peter
Assistant Professor / Study Coordi- nator – Cyber Security & Safety at University Of Twente
Zoltán Hattyasy
Senior PM & Architect Mission Critical Systems at E-GROUP
Budapest, 2018.
One major topical issue that has generated a lot of controversy in the cyber security land- scape is Secure Identity Management. So serious is this issue that many educationists and academicians have expressed varying concerns, proposals, and solutions about the subject.
Traditional Identity Management solutions delegate trusted centralized organizations / multiple centralized agencies (service providers) and task them with securely storing the private data of users and providing these users with identity tokens such as ID cards, cer- tificates, login credentials, hardware, and passports. With these identity tokens, users can uniquely access resources and services from the respective service providers. This approach has resulted in four main classes of problems namely: Individual user problems, Infor- mation Sharing problems, Governmental information coordination problems, and Privacy problems.
These problems are particular conspicuous in the banking sector when it comes to Know- Your-Customer Processes (KYC). It is expensive and time consuming to do the necessary background checks on customers and their transactions for compliance agencies. At the same time, these background checks have create severe privacy issues that need to be ad- dressed.
In this research, Distributed Ledger Technologies (blockchain) are used to solve these major problems. A hybrid solution is proposed, which is a combination of:
1. A blockchain Gateway Solution, which supports legal compliance and traditional Identity Management features that require strong authentication. This solution serves as a trust anchor that securely links Identity Data to the blockchain and is based on research of the EU’s Identity Network eIDAS.
12. A general blockchain Identity Framework, which serves as the fabric for maintaining, verifying and performing transactions using decentralized identities.
Together these two solutions provide a regulatable pseudonymous identity framework that can be used to solve various real world problems. Generalized formal definitions for an
1