Conference paper Open Access

Disposable Yet Official Identities (DYOI) for Privacy-Preserving System Design - The case of COVID-19 digital document verification and credential-based access control in ad hoc outdoor and indoor settings (and beyond)

Petros Kavassalis; Nikos Triantafyllou; Panagiotis Georgakopoulos; Antonis Stasis; Rob van Kranenburg


JSON-LD (schema.org) Export

{
  "inLanguage": {
    "alternateName": "akh", 
    "@type": "Language", 
    "name": "Angal Heneng"
  }, 
  "description": "<p>In this paper we report on the design of a service system to endow next-generation COVID-19 mobile applications with the capacity: a) to instantly manage and verify a wide range of possible COVID-19 digital documents (circulation attestations, work or travel permits based on approved COVID-19 tests, vaccination certificates, etc.) and, b) to provide credential-based access control, especially in cases where the Verifier is not a web entity but a human agent with a smartphone, or an IoT device -- mainly in ad hoc outdoor and indoor settings. The system has been designed as a response to the specific needs of a health emergency situation, but it may have a broader application in different cased and areas of control (such as airport and train stations checking points and board controls), where the verification process must exclude the possibility of a physical interaction between the controller and the subject of control, by maintaining a &ldquo;safe distance&rdquo; between them and while preserving a certain privacy for the subject of control. Our approach levers the potential of Disposable Identities, Self-Sovereign Identities technologies and Verifiable Credentials (VCs) to enable digital document verification and credential-based access control in ad hoc outdoor and indoor settings (and beyond). Towards this, we specifically introduce the concept of &ldquo;Derivative&rdquo; (i.e., transcoded/contextual) Verifiable Credentials. A Derivative VC is a derived bond contract guaranteeing the validity and ownership over the underlying contracts (VCs) whose: a) usability is restricted in a very specific context (that of the &ldquo;local&rdquo; and time-limited interaction between a Subject and a Service Provider) and, b) linking table points only to a specific &ldquo;Pairwise DID&rdquo;.</p>", 
  "license": "https://creativecommons.org/licenses/by/4.0/legalcode", 
  "creator": [
    {
      "affiliation": "University of the Aegean, Greece", 
      "@type": "Person", 
      "name": "Petros Kavassalis"
    }, 
    {
      "affiliation": "University of the Aegean, Greece", 
      "@type": "Person", 
      "name": "Nikos Triantafyllou"
    }, 
    {
      "affiliation": "Athens University of Economics and Business, Greece", 
      "@type": "Person", 
      "name": "Panagiotis Georgakopoulos"
    }, 
    {
      "affiliation": "University of the Aegean, Greece", 
      "@type": "Person", 
      "name": "Antonis Stasis"
    }, 
    {
      "affiliation": "#IoT Council, Resonance Design BV, Netherlands", 
      "@type": "Person", 
      "name": "Rob van Kranenburg"
    }
  ], 
  "headline": "Disposable Yet Official Identities (DYOI) for Privacy-Preserving System Design - The case of COVID-19 digital document verification and credential-based access control in ad hoc outdoor and indoor settings (and beyond)", 
  "image": "https://zenodo.org/static/img/logos/zenodo-gradient-round.svg", 
  "datePublished": "2020-09-06", 
  "url": "https://zenodo.org/record/4016977", 
  "version": "3.0", 
  "@type": "ScholarlyArticle", 
  "keywords": [
    "Disposable Identities, Self-Sovereign Identity, Verifiable Credentials, Digital Document Verification, Crede", 
    "Self-Sovereign Identity", 
    "Verifiable Credentials", 
    "Digital Document Verification", 
    "Credential-based Access Control", 
    "Covid-19 certificates", 
    "Covid-19"
  ], 
  "@context": "https://schema.org/", 
  "identifier": "https://doi.org/10.5281/zenodo.4016977", 
  "@id": "https://doi.org/10.5281/zenodo.4016977", 
  "workFeatured": {
    "url": "https://dataforpolicy.org/data-for-policy-2020/", 
    "alternateName": "DfP2020", 
    "@type": "Event", 
    "name": "Data for Policy 2020"
  }, 
  "name": "Disposable Yet Official Identities (DYOI) for Privacy-Preserving System Design - The case of COVID-19 digital document verification and credential-based access control in ad hoc outdoor and indoor settings (and beyond)"
}
2,731
904
views
downloads
All versions This version
Views 2,7312,731
Downloads 904904
Data volume 1.5 GB1.5 GB
Unique views 2,2842,284
Unique downloads 850850

Share

Cite as