Conference paper Open Access

Disposable Yet Official Identities (DYOI) for Privacy-Preserving System Design - The case of COVID-19 digital document verification and credential-based access control in ad hoc outdoor and indoor settings (and beyond)

Petros Kavassalis; Nikos Triantafyllou; Panagiotis Georgakopoulos; Antonis Stasis; Rob van Kranenburg


MARC21 XML Export

<?xml version='1.0' encoding='UTF-8'?>
<record xmlns="http://www.loc.gov/MARC21/slim">
  <leader>00000nam##2200000uu#4500</leader>
  <datafield tag="041" ind1=" " ind2=" ">
    <subfield code="a">akh</subfield>
  </datafield>
  <datafield tag="653" ind1=" " ind2=" ">
    <subfield code="a">Disposable Identities, Self-Sovereign Identity, Verifiable Credentials, Digital Document Verification, Crede</subfield>
  </datafield>
  <datafield tag="653" ind1=" " ind2=" ">
    <subfield code="a">Self-Sovereign Identity</subfield>
  </datafield>
  <datafield tag="653" ind1=" " ind2=" ">
    <subfield code="a">Verifiable Credentials</subfield>
  </datafield>
  <datafield tag="653" ind1=" " ind2=" ">
    <subfield code="a">Digital Document Verification</subfield>
  </datafield>
  <datafield tag="653" ind1=" " ind2=" ">
    <subfield code="a">Credential-based Access Control</subfield>
  </datafield>
  <datafield tag="653" ind1=" " ind2=" ">
    <subfield code="a">Covid-19 certificates</subfield>
  </datafield>
  <datafield tag="653" ind1=" " ind2=" ">
    <subfield code="a">Covid-19</subfield>
  </datafield>
  <controlfield tag="005">20200908005925.0</controlfield>
  <datafield tag="500" ind1=" " ind2=" ">
    <subfield code="a">This research has received partial funding from the European Commission (SEAL project funded by CEF Grant Agreement No INEA/CEF/ICT/A2018/1633170 &amp;amp; NGI Forward project funded by H2020 Grant Agreement number 825652), and from SIEMENS (SBchain project funded via Settlement Agreement with Hellenic Republic)</subfield>
  </datafield>
  <controlfield tag="001">4016977</controlfield>
  <datafield tag="711" ind1=" " ind2=" ">
    <subfield code="d">15-17 September 2020</subfield>
    <subfield code="g">DfP2020</subfield>
    <subfield code="a">Data for Policy 2020</subfield>
    <subfield code="n">12</subfield>
  </datafield>
  <datafield tag="700" ind1=" " ind2=" ">
    <subfield code="u">University of the Aegean, Greece</subfield>
    <subfield code="a">Nikos Triantafyllou</subfield>
  </datafield>
  <datafield tag="700" ind1=" " ind2=" ">
    <subfield code="u">Athens University of Economics and Business, Greece</subfield>
    <subfield code="a">Panagiotis Georgakopoulos</subfield>
  </datafield>
  <datafield tag="700" ind1=" " ind2=" ">
    <subfield code="u">University of the Aegean, Greece</subfield>
    <subfield code="a">Antonis Stasis</subfield>
  </datafield>
  <datafield tag="700" ind1=" " ind2=" ">
    <subfield code="u">#IoT Council, Resonance Design BV, Netherlands</subfield>
    <subfield code="a">Rob van Kranenburg</subfield>
  </datafield>
  <datafield tag="856" ind1="4" ind2=" ">
    <subfield code="s">1636254</subfield>
    <subfield code="z">md5:a182a29173b2e5e176bd8130948efff3</subfield>
    <subfield code="u">https://zenodo.org/record/4016977/files/Disposable Yet Official Identities (DYOI) for Privacy-Preserving System Design _long paper version 3.0.pdf</subfield>
  </datafield>
  <datafield tag="542" ind1=" " ind2=" ">
    <subfield code="l">open</subfield>
  </datafield>
  <datafield tag="856" ind1="4" ind2=" ">
    <subfield code="y">Conference website</subfield>
    <subfield code="u">https://dataforpolicy.org/data-for-policy-2020/</subfield>
  </datafield>
  <datafield tag="260" ind1=" " ind2=" ">
    <subfield code="c">2020-09-06</subfield>
  </datafield>
  <datafield tag="909" ind1="C" ind2="O">
    <subfield code="p">openaire</subfield>
    <subfield code="p">user-dfp17</subfield>
    <subfield code="o">oai:zenodo.org:4016977</subfield>
  </datafield>
  <datafield tag="100" ind1=" " ind2=" ">
    <subfield code="u">University of the Aegean, Greece</subfield>
    <subfield code="a">Petros Kavassalis</subfield>
  </datafield>
  <datafield tag="245" ind1=" " ind2=" ">
    <subfield code="a">Disposable Yet Official Identities (DYOI) for Privacy-Preserving System Design - The case of COVID-19 digital document verification and credential-based access control in ad hoc outdoor and indoor settings (and beyond)</subfield>
  </datafield>
  <datafield tag="980" ind1=" " ind2=" ">
    <subfield code="a">user-dfp17</subfield>
  </datafield>
  <datafield tag="540" ind1=" " ind2=" ">
    <subfield code="u">https://creativecommons.org/licenses/by/4.0/legalcode</subfield>
    <subfield code="a">Creative Commons Attribution 4.0 International</subfield>
  </datafield>
  <datafield tag="650" ind1="1" ind2="7">
    <subfield code="a">cc-by</subfield>
    <subfield code="2">opendefinition.org</subfield>
  </datafield>
  <datafield tag="520" ind1=" " ind2=" ">
    <subfield code="a">&lt;p&gt;In this paper we report on the design of a service system to endow next-generation COVID-19 mobile applications with the capacity: a) to instantly manage and verify a wide range of possible COVID-19 digital documents (circulation attestations, work or travel permits based on approved COVID-19 tests, vaccination certificates, etc.) and, b) to provide credential-based access control, especially in cases where the Verifier is not a web entity but a human agent with a smartphone, or an IoT device -- mainly in ad hoc outdoor and indoor settings. The system has been designed as a response to the specific needs of a health emergency situation, but it may have a broader application in different cased and areas of control (such as airport and train stations checking points and board controls), where the verification process must exclude the possibility of a physical interaction between the controller and the subject of control, by maintaining a &amp;ldquo;safe distance&amp;rdquo; between them and while preserving a certain privacy for the subject of control. Our approach levers the potential of Disposable Identities, Self-Sovereign Identities technologies and Verifiable Credentials (VCs) to enable digital document verification and credential-based access control in ad hoc outdoor and indoor settings (and beyond). Towards this, we specifically introduce the concept of &amp;ldquo;Derivative&amp;rdquo; (i.e., transcoded/contextual) Verifiable Credentials. A Derivative VC is a derived bond contract guaranteeing the validity and ownership over the underlying contracts (VCs) whose: a) usability is restricted in a very specific context (that of the &amp;ldquo;local&amp;rdquo; and time-limited interaction between a Subject and a Service Provider) and, b) linking table points only to a specific &amp;ldquo;Pairwise DID&amp;rdquo;.&lt;/p&gt;</subfield>
  </datafield>
  <datafield tag="773" ind1=" " ind2=" ">
    <subfield code="n">doi</subfield>
    <subfield code="i">isVersionOf</subfield>
    <subfield code="a">10.5281/zenodo.4016976</subfield>
  </datafield>
  <datafield tag="024" ind1=" " ind2=" ">
    <subfield code="a">10.5281/zenodo.4016977</subfield>
    <subfield code="2">doi</subfield>
  </datafield>
  <datafield tag="980" ind1=" " ind2=" ">
    <subfield code="a">publication</subfield>
    <subfield code="b">conferencepaper</subfield>
  </datafield>
</record>
1,870
455
views
downloads
All versions This version
Views 1,8701,870
Downloads 455455
Data volume 744.5 MB744.5 MB
Unique views 1,5851,585
Unique downloads 422422

Share

Cite as