Your Identity is Yours: Take Back Control of Your Identity Using GDPR Compatible Self-Sovereign Identity

Abstract

Digital identity has importance in the digital world representing users in a comparable manner to that of the physical identity in the real world. Digital identity comprises certain personal and confidential attributes related to identity owners, managed through an Identity Management (IDM) system. In most IDM systems, identity owners do not control their own identity and its related personal data. However, Self-Sovereign Identity (SSI) is an emerging IDM system which offers users the ownership and full control over their personal data. In the European Union, General Data Protection Regulation (GDPR) is the basic regulatory environment for anyone involved in processing personal data, whilst SSI is concerned with the requirement of managing identity and its associated personal data. If an SSI system could comply with the key GDPR principles then it could become both a desirable and appropriate IDM solution legally and universally. This paper evaluates this aspect of SSI and analyses SSI compliance and alignment with the key principles of GDPR. Furthermore, it investigates two different types of SSI ecosystems public permissionless blockchain based SSI ecosystem uPort and public permissioned blockchain based SSI ecosystem Sovrin, according to the various defined roles and their compatibility with GDPR roles. Finally, this paper performs the comparative analysis of uPort and Sovrin to assess their compliance with the key principles of GDPR.

Publication DOI: https://doi.org/10.1109/BESC51023.2020.9348298
Divisions: College of Engineering & Physical Sciences
Aston University (General)
Additional Information: © 2020 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.
Event Title: 2020 7th International Conference on Behavioural and Social Computing (BESC)
Event Type: Other
Event Dates: 2020-11-05 - 2020-11-07
Uncontrolled Keywords: Self-Sovereign Identity,SSI,General Data Protection Regulation,GDPR,Distributed Ledger,Blockchain,Identity Management System,IDM,uPort/Serto,Sovrin,uPort,Safety, Risk, Reliability and Quality,Communication,Social Psychology,Computer Networks and Communications
ISBN: 978-1-7281-8606-1, 978-1-7281-8605-4
Last Modified: 01 Nov 2024 08:46
Date Deposited: 22 Feb 2021 12:05
Full Text Link:
Related URLs: https://ieeexpl ... ocument/9348298 (Publisher URL)
http://www.scop ... tnerID=8YFLogxK (Scopus URL)
PURE Output Type: Conference contribution
Published Date: 2021-02-16
Accepted Date: 2020-11-01
Authors: Naik, Nitin (ORCID Profile 0000-0002-0659-9646)
Jenkins, Paul

Download

[img]

Version: Accepted Version

| Preview

Export / Share Citation


Statistics

Additional statistics for this record