This paper proposes an approach that combines the Federated Identity Management (FIM) framework with blockchain technology to support decentralized Single Sign-On (SSO). Using Self-Sovereign Identity (SSI) for privacy and interoperability alongside smart contracts and a permissioned blockchain operating under the Practical Byzantine Fault Tolerance (PBFT) consensus algorithm the framework enhances the scope of security. As a proof of concept, with a modest three permissioned nodes using a simple Python implementation, the system performs with an authentication latency of 1.2 s and a throughput of 50 transactions per second at 1,000 users. FIM, paired with our protocol, greatly improves the security and auditing functionalities when compared to SAML and OAuth, yet falls behind in scalability. During testing, the system proved to withstand brute-force and distributed denial-of-service attacks. Its implementation might span across various industries, including healthcare and education, maintaining the specifications of the General Data Protection Regulation (GDPR) framework. The framework will be strengthened by the deployment of zero-knowledge proofs (ZKPs); scalability enhancements will be evaluated using layer-2 solutions; and validations from pilot implementations will shape the future direction of the project.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Decentralized Identity Federation Using Blockchain for Cross-Organizational Access

  • Jayesh J. Gamar

摘要

This paper proposes an approach that combines the Federated Identity Management (FIM) framework with blockchain technology to support decentralized Single Sign-On (SSO). Using Self-Sovereign Identity (SSI) for privacy and interoperability alongside smart contracts and a permissioned blockchain operating under the Practical Byzantine Fault Tolerance (PBFT) consensus algorithm the framework enhances the scope of security. As a proof of concept, with a modest three permissioned nodes using a simple Python implementation, the system performs with an authentication latency of 1.2 s and a throughput of 50 transactions per second at 1,000 users. FIM, paired with our protocol, greatly improves the security and auditing functionalities when compared to SAML and OAuth, yet falls behind in scalability. During testing, the system proved to withstand brute-force and distributed denial-of-service attacks. Its implementation might span across various industries, including healthcare and education, maintaining the specifications of the General Data Protection Regulation (GDPR) framework. The framework will be strengthened by the deployment of zero-knowledge proofs (ZKPs); scalability enhancements will be evaluated using layer-2 solutions; and validations from pilot implementations will shape the future direction of the project.