Identity management using blockchain

1. SECURE IDENTITY MANAGEMENT USING
BLOCKCHAIN TECHNOLOGY

2. Contents
 Introduction
 Security Goals
 Identity Management
 What is blockchain technology
 Literature Survey
 Proposal, Design and implementation of IdM
Architecture using Blockchain technology
 Conclusion & Future scope

3. Introduction
 Data is a valuable asset in our economy.
 Individuals have very low control over the data in this Big data
era.
 The privacy concern user face when dealing with third party is a
major issue.
 A lot of work has been done in the past for information security
and privacy.

4. SECURITY GOALS
 Confidentiality
 Availability
 Authentication
 Integrity
 Non-repudiation

5. What is an Identity?
 People are known by their identities
 Digital Identities are created in cyber space
 Digital identities can be different
 Example: for business purpose
 For social activities etc.
 So preserving digital identity is important

6. What is Identity Management(IdM)
 IdM comprises of all the processes and technologies within an organization
that are used to identify, authenticate and authorize someone to access
services.
 Example 1 : Customer/ employee accessing software or hardware inside an
organization.
 Level of access
 Level of privilege
 Level of restriction each user has
 Example 2 : In government
 Issue of birth certificate
 Id- card
 Driving License
 Passport

7. Current state of Identification
Management?
• People receive many identification certificates
• Example social security and medical Id cards
• Their personal data can be stored on may different locations like
banks, insurance company or any subscription software they use
like netflix
• Can be hacked leading to exploitation of user data

8. Current state of Identification
Management?(cont..)
• While we all enjoy the benefits of data driven society, there is a
need for user privacy.
• Centralized organizations ask for a lot of sensitive information
from the user.
• The reaction to the release of Ashley Madison’s dossier of
more than 30 million people seeking affairs was one of muted
resignation(Adee 2015)

9. Identity Management Models
Isolated IdM
Federated
IdM
Centralized
IdM

10. Isolated IdM
 In Isolated IdM, every user is
provided with a unique
identifier by the identity
provider so as to have an
access to the isolated service
requested by the user (example
a user name or a password).
 Isolated IdM is being used by
rarely now a day because of
the availability of the online
services in abundance.

11. Federated IdM
 In Federated IdM, there is a group
of service providers who define a
set of protocols and recognizes the
identifiers of the users.
 The services provided by all the
service providers in the group can
be accessed by an individual user
who is the part of that group.

12. Centralized IdM
 In Centralized IdM, there is only
one common Identity provider and
the same identifier and credential
are used by each service provider.
 The user has access to all the
services using the same
credentials.

13. Problem with Traditional IdM
 Paper Based
 People receive many identification certificates
 Weak and Outdated
 Stored on centralized servers
 No Control over Data Ownership
 Vulnerable to cybersecurity attacks.
 Reliance on Intermediaries
 Fraudulence
 According to (Dhamija and Dusseault, 2008) poorly designed IdM systems
can aggravate existing security problems and create opportunities to extract
personal information from users.

14. Vision for Secure Identity Management
 Identities need to be portable and verifiable
 Can be achieved using digitization
 But being digital is not enough, identities need to be private and secure.
 IdM in most cases is achieved with cryptography. However, cryptography as a tool in
general has its strength and weakness
 Blockchain with public/private key can solve the problems related to Security,
Availability.
 The technology pushes ownership of identity away from centralized servers to
individuals so that the identities themselves are in control.

15. What is Blockchain Technology
 A blockchain is a historical record of transactions, much like a database
 Blocks in a chain = pages in a book. Each page in a book contains:
 The text: the story
 Each page has information about itself: title of the book, chapter title, page number, etc.
(e.g. the “metadata”)
 Similarly, in a blockchain, each block has:
 A header which contains the data about the block: e.g. technical information, a reference
to the previous block, and a digital fingerprint (“hash”) of the data contained in this
block, among other things. This hash is important for ordering and block validation.
 The contents of the block, e.g. information about the transaction(s)

16. Types of blockchain
 The existing literature identifies blockchain into
three categories
Public
Private
Consortium

17. Blockchain Applications
 Due to the inherent definition, features and
structure, blockchain has countless number of
applications.
 If I utter the word blockchain to a group of people,
most of them will relate it to bitcoin which is a
financial application of blockchain.
 Initially, there were two prominent categories viz
financial and non-financial. The non-financial
application got hyped after blockchain 2.0 and
blockchain 3.0

18. THANK YOU