Distributed Digital Identity Systems - Peer-to-peer perspective

Thumbnail Image

URL

Journal Title

Journal ISSN

Volume Title

Helsinki University of Technology | Master's thesis
Checking the digitized thesis and permission for publishing
Instructions for the author
Location:
P1 Ark Aalto

Authors

Date

2007

Department

Tietotekniikan osasto

Major/Subject

Tietokoneverkot

Mcode

T-110

Degree programme

Language

en

Pages

71

Series

Abstract

Many identity systems have emerged to answer the needs for identifying principals in the Internet. These systems allow principals to have identity providers asserting their identity properties to the communicating party. The communicating party is usually an entity providing access to information resources, such as WWW-pages, but requires the principals to be authenticated before they can be granted access. Identity systems remove the need for remembering multiple usernames and passwords for various sites, since the system takes care of the identification and authentication process. The principal is usually able to see the data which the identity provider asserts to the communicating party about the principal's identity properties. The identity and authenticity of the principal has to be verified once per session by the identity provider before this_ is possible. Therefore, these systems are also known as Single Sign-On systems. Distributed identity systems are not dependent on any centralized identity databases, which means that anybody could be an identity provider. However, it would not be feasible to-trust just anybody as the identity provider. The entity asserting identity should be trustworthy. To decide on the identity provider's trustworthiness, a trust framework is required. In this thesis we have researched different distributed identity systems and trust frameworks. We also researched the possibility of distributing the trust framework in a specific peer-to-peer manner. We also specified and implemented a proof-of-concept of a peer-to-peer based identity system that supposedly could work also as a multi-purpose secure Internet application protocol.

Description

Supervisor

Asokan, N.

Thesis advisor

Särs, Jonna

Keywords

identity systems, identiteettijärjestelmät, distributed, hajautettu, identification, tunnistus, authentication, todennus, access control, pääsynvalvonta, SSO, P2P

Other note

Citation

Permanent link to this item

https://urn.fi/URN:NBN:fi:aalto-2020120553300

Collections

[dipl] Teknillinen korkeakoulu / TKK