Conference paper Open Access

Disposable Yet Official Identities (DYOI) for Privacy-Preserving System Design - The case of COVID-19 digital document verification and credential-based access control in ad hoc outdoor and indoor settings (and beyond)

Petros Kavassalis; Nikos Triantafyllou; Panagiotis Georgakopoulos; Antonis Stasis; Rob van Kranenburg


DataCite XML Export

<?xml version='1.0' encoding='utf-8'?>
<resource xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://datacite.org/schema/kernel-4" xsi:schemaLocation="http://datacite.org/schema/kernel-4 http://schema.datacite.org/meta/kernel-4.1/metadata.xsd">
  <identifier identifierType="DOI">10.5281/zenodo.4016977</identifier>
  <creators>
    <creator>
      <creatorName>Petros Kavassalis</creatorName>
      <affiliation>University of the Aegean, Greece</affiliation>
    </creator>
    <creator>
      <creatorName>Nikos Triantafyllou</creatorName>
      <affiliation>University of the Aegean, Greece</affiliation>
    </creator>
    <creator>
      <creatorName>Panagiotis Georgakopoulos</creatorName>
      <affiliation>Athens University of Economics and Business, Greece</affiliation>
    </creator>
    <creator>
      <creatorName>Antonis Stasis</creatorName>
      <affiliation>University of the Aegean, Greece</affiliation>
    </creator>
    <creator>
      <creatorName>Rob van Kranenburg</creatorName>
      <affiliation>#IoT Council, Resonance Design BV, Netherlands</affiliation>
    </creator>
  </creators>
  <titles>
    <title>Disposable Yet Official Identities (DYOI) for Privacy-Preserving System Design - The case of COVID-19 digital document verification and credential-based access control in ad hoc outdoor and indoor settings (and beyond)</title>
  </titles>
  <publisher>Zenodo</publisher>
  <publicationYear>2020</publicationYear>
  <subjects>
    <subject>Disposable Identities, Self-Sovereign Identity, Verifiable Credentials, Digital Document Verification, Crede</subject>
    <subject>Self-Sovereign Identity</subject>
    <subject>Verifiable Credentials</subject>
    <subject>Digital Document Verification</subject>
    <subject>Credential-based Access Control</subject>
    <subject>Covid-19 certificates</subject>
    <subject>Covid-19</subject>
  </subjects>
  <dates>
    <date dateType="Issued">2020-09-06</date>
  </dates>
  <resourceType resourceTypeGeneral="ConferencePaper"/>
  <alternateIdentifiers>
    <alternateIdentifier alternateIdentifierType="url">https://zenodo.org/record/4016977</alternateIdentifier>
  </alternateIdentifiers>
  <relatedIdentifiers>
    <relatedIdentifier relatedIdentifierType="DOI" relationType="IsVersionOf">10.5281/zenodo.4016976</relatedIdentifier>
    <relatedIdentifier relatedIdentifierType="URL" relationType="IsPartOf">https://zenodo.org/communities/dfp17</relatedIdentifier>
  </relatedIdentifiers>
  <version>3.0</version>
  <rightsList>
    <rights rightsURI="https://creativecommons.org/licenses/by/4.0/legalcode">Creative Commons Attribution 4.0 International</rights>
    <rights rightsURI="info:eu-repo/semantics/openAccess">Open Access</rights>
  </rightsList>
  <descriptions>
    <description descriptionType="Abstract">&lt;p&gt;In this paper we report on the design of a service system to endow next-generation COVID-19 mobile applications with the capacity: a) to instantly manage and verify a wide range of possible COVID-19 digital documents (circulation attestations, work or travel permits based on approved COVID-19 tests, vaccination certificates, etc.) and, b) to provide credential-based access control, especially in cases where the Verifier is not a web entity but a human agent with a smartphone, or an IoT device -- mainly in ad hoc outdoor and indoor settings. The system has been designed as a response to the specific needs of a health emergency situation, but it may have a broader application in different cased and areas of control (such as airport and train stations checking points and board controls), where the verification process must exclude the possibility of a physical interaction between the controller and the subject of control, by maintaining a &amp;ldquo;safe distance&amp;rdquo; between them and while preserving a certain privacy for the subject of control. Our approach levers the potential of Disposable Identities, Self-Sovereign Identities technologies and Verifiable Credentials (VCs) to enable digital document verification and credential-based access control in ad hoc outdoor and indoor settings (and beyond). Towards this, we specifically introduce the concept of &amp;ldquo;Derivative&amp;rdquo; (i.e., transcoded/contextual) Verifiable Credentials. A Derivative VC is a derived bond contract guaranteeing the validity and ownership over the underlying contracts (VCs) whose: a) usability is restricted in a very specific context (that of the &amp;ldquo;local&amp;rdquo; and time-limited interaction between a Subject and a Service Provider) and, b) linking table points only to a specific &amp;ldquo;Pairwise DID&amp;rdquo;.&lt;/p&gt;</description>
    <description descriptionType="Other">This research has received partial funding from the European Commission (SEAL project funded by CEF Grant Agreement No INEA/CEF/ICT/A2018/1633170 &amp;amp; NGI Forward project funded by H2020 Grant Agreement number 825652), and from SIEMENS (SBchain project funded via Settlement Agreement with Hellenic Republic)</description>
  </descriptions>
</resource>
2,731
904
views
downloads
All versions This version
Views 2,7312,731
Downloads 904904
Data volume 1.5 GB1.5 GB
Unique views 2,2842,284
Unique downloads 850850

Share

Cite as