A Middleware Architecture for Self-Sovereign Identity Authentication and Authorization

Felix Hoops, Florian Matthes

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

In the evolving digital identity landscape, the concept of Self-Sovereign Identity (SSI) has emerged as a paradigm shift, empowering individuals with the ownership and control of their personal information. This paper introduces a middleware architecture that leverages the principles of SSI, enabling application clients to authenticate and authorize users holding Verifiable Credentials via the OpenID Connect protocol. This architecture simplifies adoption for new and existing service providers by letting them build on established standards with proven tools. To further simplify configuration, we introduce a tailored login policy language based on JSON. We validate our architecture by implementing it and testing it with different services.

Original languageEnglish
Title of host publicationProceedings - 2024 IEEE International Conference on Decentralized Applications and Infrastructures, DAPPS 2024
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages79-85
Number of pages7
ISBN (Electronic)9798350362954
DOIs
StatePublished - 2024
Event6th IEEE International Conference on Decentralized Applications and Infrastructures, DAPPS 2024 - Shanghai, China
Duration: 15 Jul 202418 Jul 2024

Publication series

NameProceedings - 2024 IEEE International Conference on Decentralized Applications and Infrastructures, DAPPS 2024

Conference

Conference6th IEEE International Conference on Decentralized Applications and Infrastructures, DAPPS 2024
Country/TerritoryChina
CityShanghai
Period15/07/2418/07/24

Keywords

  • Identity and Access Management
  • OAuth
  • OpenID Connect
  • Self-Sovereign Identity
  • Verifiable Credentials

Fingerprint

Dive into the research topics of 'A Middleware Architecture for Self-Sovereign Identity Authentication and Authorization'. Together they form a unique fingerprint.

Cite this