TY - GEN
T1 - Your Identity is Yours
T2 - 7th IEEE International Conference on Behavioural and Social Computing, BESC 2020
AU - Naik, Nitin
AU - Jenkins, Paul
N1 - Publisher Copyright:
© 2020 IEEE.
PY - 2020/11/5
Y1 - 2020/11/5
N2 - Digital identity has importance in the digital world representing users in a comparable manner to that of the physical identity in the real world. Digital identity comprises certain personal and confidential attributes related to identity owners, managed through an Identity Management (IDM) system. In most IDM systems, identity owners do not control their own identity and its related personal data. However, Self-Sovereign Identity (SSI) is an emerging IDM system which offers users the ownership and full control over their personal data. In the European Union, General Data Protection Regulation (GDPR) is the basic regulatory environment for anyone involved in processing personal data, whilst SSI is concerned with the requirement of managing identity and its associated personal data. If an SSI system could comply with the key GDPR principles then it could become both a desirable and appropriate IDM solution legally and universally. This paper evaluates this aspect of SSI and analyses SSI compliance and alignment with the key principles of GDPR. Furthermore, it investigates two different types of SSI ecosystems public permissionless blockchain based SSI ecosystem uPort and public permissioned blockchain based SSI ecosystem Sovrin, according to the various defined roles and their compatibility with GDPR roles. Finally, this paper performs the comparative analysis of uPort and Sovrin to assess their compliance with the key principles of GDPR.
AB - Digital identity has importance in the digital world representing users in a comparable manner to that of the physical identity in the real world. Digital identity comprises certain personal and confidential attributes related to identity owners, managed through an Identity Management (IDM) system. In most IDM systems, identity owners do not control their own identity and its related personal data. However, Self-Sovereign Identity (SSI) is an emerging IDM system which offers users the ownership and full control over their personal data. In the European Union, General Data Protection Regulation (GDPR) is the basic regulatory environment for anyone involved in processing personal data, whilst SSI is concerned with the requirement of managing identity and its associated personal data. If an SSI system could comply with the key GDPR principles then it could become both a desirable and appropriate IDM solution legally and universally. This paper evaluates this aspect of SSI and analyses SSI compliance and alignment with the key principles of GDPR. Furthermore, it investigates two different types of SSI ecosystems public permissionless blockchain based SSI ecosystem uPort and public permissioned blockchain based SSI ecosystem Sovrin, according to the various defined roles and their compatibility with GDPR roles. Finally, this paper performs the comparative analysis of uPort and Sovrin to assess their compliance with the key principles of GDPR.
KW - Blockchain
KW - Distributed Ledger
KW - GDPR
KW - General Data Protection Regulation
KW - IDM
KW - Identity Management System
KW - SSI
KW - Self-Sovereign Identity
KW - Sovrin
KW - uPort
UR - http://www.scopus.com/inward/record.url?scp=85098712633&partnerID=8YFLogxK
U2 - 10.1109/BESC51023.2020.9348298
DO - 10.1109/BESC51023.2020.9348298
M3 - Conference contribution
AN - SCOPUS:85098712633
T3 - Proceedings of 2020 7th IEEE International Conference on Behavioural and Social Computing, BESC 2020
BT - Proceedings of 2020 7th IEEE International Conference on Behavioural and Social Computing, BESC 2020
PB - Institute of Electrical and Electronics Engineers Inc.
Y2 - 5 November 2020 through 7 November 2020
ER -