Description
In today’s digital landscape, secure and efficient identity management is essential for protecting
resources and maintaining trust in any system. This thesis investigates decentralized
identity management systems (IdMS) within the framework of International Data Space
(IDS) to enhance data sovereignty and security. Traditional identity management approaches
rely on centralized authorities, which establish a stable and reliable trust chain. However,
this reliance can also introduce certain vulnerabilities and dependencies that may limit user
control and affect trust. This research proposes and evaluates a decentralized IdMS design,
leveraging Self-Sovereign Identity (SSI) principles, Decentralized Identifiers (DIDs), and
Verifiable Credentials (VCs) to mitigate these issues by allowing entities to manage their
identities independently.
The proposed architectures are evaluated on multiple fronts, including but not limited to
scalability, interoperability, and resilience. The proposed designs indicate that a decentralized
approach can provide greater control for users over their identity data, and improved
robustness against single points of failure (SPoF). However, challenges remain, particularly
in the lack of a fully decentralized natural trust anchor, scalability, and user-friendly key
management, highlighting areas for further development. This work demonstrates that,
although various decentralized authentication protocols have been proposed and developed,
a fully decentralized IdMS without reliance on any central authority has yet to be realized.
The findings suggest that further research is essential to address these limitations, advance
interoperability standards, and refine key management methods, paving the way for a truly
functional decentralized identity ecosystems.
|
Thesis topic in co-operation with the Fraunhofer Institute for Applied and Integrated Security AISEC, Garching