Scribd Logo
Unggah

Selamat datang di Scribd!

  • Proposal On SSI

    Diunggah oleh

    Shubham Dhakal
    65 tayangan10 halaman

    Judul Asli

    proposal on SSI.docx

    Hak Cipta

    © © All Rights Reserved

    Format Tersedia

    DOCX, PDF, TXT atau baca online dari Scribd

    Apakah menurut Anda dokumen ini bermanfaat?

    Apakah konten ini tidak pantas?

    Laporkan Dokumen Ini

    Hak Cipta:

    © All Rights Reserved
    Unduh sebagai DOCX, PDF, TXT atau baca online dari Scribd
    Tandai sebagai konten tidak pantas
    65 tayangan10 halaman

    Proposal On SSI

    Diunggah oleh

    Shubham Dhakal

    Hak Cipta:

    © All Rights Reserved
    Unduh sebagai DOCX, PDF, TXT atau baca online dari Scribd
    Tandai sebagai konten tidak pantas
    dari 10

    Tribhuvan University

    Institute of Engineering

    Purwanchal Campus

    A PROJECT PROPOSAL ON

    SELF-SOVEREIGN IDENTITY USING BLOCKCHAIN

    Submitted by

    Kritish Bhattarai [073-BCT-012]

    Narayan Adhakari [073-BCT-015]

    Shubham Dhakal [073-BCT-041]

    Submitted to

    Department of Computer and Electronics Engineering

    July, 2019
    ABSTRACT
    Self-sovereign identity is a new paradigm, backed by blockchain technology. The field of
    identity management currently faces issues in multiple areas. Identity theft and data
    breaches are not uncommon, and are often the result of insecure identity management
    practices. The general public has to trust large corporations and governments to correctly
    handle their personal data. Currently the personal data are stored in the central databases
    due to which mass data breaches occurs often. But in Self-Sovereign Identity the individual
    owns the administration and the data is need not to be stored in the central database.
    Individual has right to decide whom to give access to their personal information. To
    facilitate a self-sovereign identity system, a decentralized information system is needed.
    Blockchain technology fulfil this need, as it makes use of a distributed ledger.
    Keywords: identity management, self-sovereign identity, blockchain, distributed ledger
    technology, verifiable claims.

    i
    TABLE OF CONTENTS
    LIST OF FIGURES …………………………………………………………………. iii
    CHAPTER1: INTRODUCTION ……………………………………………………… 1

    1.1 Background ……………………………………………………………………. 1


    1.2 Statement of Problem…………………………………………………………... 1
    1.3 Objectives ……………………………………………………………………... 1
    1.4 Application……………………………………………………………….......... 2
    1.5 Project Features………………………………………………………………... 2
    CHAPTER 2: LITERATURE REVIEW ……………………………………………… 3
    CHAPTER 3: METHODOLOGY ……………………………………………………. 4
    3.1 System Design ………………………………………………………………… 4
    3.2 Development Platform ………………………………………………………... 4

    LIST OF ABBREVIATIONS
    DID Decentralized Identifier
    SSI Self-Sovereign Identity
    P2P Peer to Peer
    KYC Know Your Customer
    IDE Integrated Design Environment

    ii
    LIST OF FIGURES
    FIGURE PAGE
    Figure 3.1 ………………………………………………………………………. 5
    Figure 3.2 ……………………………………………………………………… 6

    iii
    CHAPTER 1: INTRODUCTION
    1.1 Background
    We use the terminology of Self-Sovereign Identity, as the concept of individuals or
    organizations having sole ownership of their identities, and control over how their
    personal data is shared and used. This adds a layer of security and flexibility allowing
    the identity holder to only reveal the necessary data for any given transaction or
    interaction.

    Initially identity was siloed, then came federated identity, and now it is time for user
    centric identity, that is what self-sovereign identity is. So, when we talk about siloed
    identity, in early days of Internet we had separate credentials for every site that we use
    on the internet. Then came the era of Federated identity where websites enable
    authentication using our Facebook or Google account. And in Self-Sovereign Identity
    user is in control of their identity. In the future, we might not have to use centralized
    authorization services to access the Internet such as Twitter, Google or Facebook and
    instead we will use our Self Sovereign Identity to validate our identity without having
    to rely on third parties e.g. by using a mobile device.

    Blockchain is a technology that provides a decentralized “database” on a network that


    is scalable, secure, tamperproof, and accessible by each peer on the network.

    1.2 Statement of Problem

    Our lives have become increasingly digital and so has the vast amount of personal data
    traces that we leave behind. For most online transactions or surfing many sites that
    individuals discloses specific personal information before they can access services. For
    instance, before financial transactions can be carried out on platforms such as E-Sewa,
    Khalti, and among others, users are always required to input there financial and personal
    details. Thus, it gets stored on numerous internet databases. As such digital clone of
    same individual detail exists across these different platforms in a centralize databases.
    So, there is high risk of data breach such as Equifax hack in 2017, Cambridge Analytica
    scandal of misusing people’s personal information from Facebook to influence voters
    in the US Elections 2016. So, currently the personal data is not in control of individual
    users. The data is controlled and accessed by the service providers. Individuals do not
    have an idea of how many times their personal data has been shared or used without
    their consent.

    1.3 Objectives
    I. To be familiar with blockchain technology and cryptography.
    II. To make user the controller of his/her personal data.
    III. To learn process for project development
    IV. To create a secure channel to share the personal data between user and organization.

    1
    1.4 Applications
    Our system can be used to share the user’s personal information data to the different
    organization for many reasons like authenticating the users, verifying the KYC details.

    1.5 Project Features


    I. P2P connection to share the personal information.
    II. Cryptography to securely transfer the encrypted information.
    III. Blockchain’s ledger used for storing the identifier and the verified signature.
    IV. Store the personal information in user’s local storage in encrypted form.

    2
    CHAPTER 2: LITERATURE REVIEW
    Blockchain technology is still evolving and the number of applications using blockchain
    are slowly increasing. Self-Sovereign identity system enables the user to be the
    administrator of his/her own data. Thus, removing the data control of the big organizations.
    The Self-Sovereign identity can be implemented using blockchain technology. The self-
    sovereign identity using blockchain is the identity management system which will surely
    going to replace the current identity management system.

    We have spent a lot of time on researching about the self-sovereign identity management
    system using blockchain. We found out that this system is in its very initial phase of
    development. So, only very few projects related to self-sovereign identity are available in
    the market. We found out some research paper related to the self-sovereign identity and
    read them to know the deeper understanding of how the system works.

    3
    CHAPTER 3: METHODOLOGY
    3.1 System Design
    A unique decentralize identifier (DID) is generated for each user’s credentials. The user’s
    credential is verified by the Issuer. After verifying the credentials, a signature is generated
    cryptographically using the private key of the issuer. Thus, verified credential’s DID and
    signature is registered in the immutable ledger. Now the user can send the verified
    credentials to any receiver. The personal details are encrypted by using public key of the
    receiver and sent by a peer-to-peer network connection. The receiver decrypts the
    credentials using private key and then verify the credentials using the blockchain. We are
    using Ethereum blockchain as an immutable ledger for our projects for recording the
    decentralized identifier.
    For our project development the following aspects are used:

    3.1.1 Blockchain
    Blockchain is a distributed database. We are using Ethereum blockchain test network
    called Rinkeby as our blockchain ledger to store the decentralized identifier (DID) of
    user’s credentials and the verified signature of issuer.

    3.1.2 Cryptography
    We are using public key cryptography (asymmetric cryptography) for encryption and
    validation. Each user is assigned with the keypairs i.e. a public key and a private key.
    A public key can be shared by the user but the private key must be kept secret. The
    personal data are encrypted by public key cryptography and sent to the receiver end in
    a secure manner.

    3.1.3 Peer-to-Peer Connection


    We establish a peer-to-peer connection between a sender and a receiver and send the
    encrypted personal details to the receiver.

    3.2 Development Platform

    We are developing our project using JavaScript programming language. We are using Node.js,
    Express.js for back-end development and React.js for front-end development. Since our team
    has 3 members, we are developing our project using GitHub which makes it easier to contribute
    in the project. Also, the IDE we are using is visual studio code.

    4
    3.3 Block Diagram

    Presents
    Issue claims credentials

    Issuer Verifier
    Owner

    Signs
    Verifies
    credentials
    Signature

    Decentralized Identifiers (DIDs)

    Blockchain

    Figure 3.1: block diagram of verifiable credentials ecosystem

    5
    Use Case Diagram

    Figure: 3.2: Use Case Diagram

    Anda mungkin juga menyukai