%0 Conference Proceedings
%T SSI-AWARE: Self-sovereign Identity Authenticated Backup with Auditing by Remote Entities
%+ University of Twente
%+ Nedap Security Management [Groenlo]
%A Jakubeit, Philipp
%A Dercksen, Albert
%A Peter, Andreas
%Z Part 5: Cybersecurity
%< avec comité de lecture
%( Lecture Notes in Computer Science
%B 13th IFIP International Conference on Information Security Theory and Practice (WISTP)
%C Paris, France
%Y Maryline Laurent
%Y Thanassis Giannetsos
%I Springer International Publishing
%3 Information Security Theory and Practice
%V LNCS-12024
%P 202-219
%8 2019-12-11
%D 2019
%R 10.1007/978-3-030-41702-4_13
%Z Computer Science [cs]Conference papers
%X The self-sovereign identity (SSI) model entails the full responsibility and sovereignty of a user regarding his identity data. This identity data can contain private data which is solely known to the user. The user himself is therefore required to manage the whole lifecycle of his private data, including the backup and restore. We show that prior work on how to backup and restore the user’s identity data does not meet the requirements of the SSI setting, and we present the first solution which does meet the requirements. Authenticated backup with auditing by remote entities (AWARE) combines SSI sustaining aspects and extends them to create a truly self-sovereign backup-and-restore protocol. In AWARE, trusted, physically met humans, called custodians, hold a secure device. Custodians with a secure device offer an offline backup possibility and a secure channel. The backup and restore are audited by commits on a publicly accessible distributed ledger. These commits are answered by auditing services which are required during restore. Only some auditing services hold relevant data for a restore. The self sovereignty of the user lies in the exclusive information which auditing services hold relevant data. AWARE  is the first backup-and-restore mechanism that fully complies with the SSI model. We perform an in-depth security-risk analysis of AWARE, showing a risk rating which is comparable to the best risk rating o related non-SSI-compliant backup-and-restore mechanisms. We instantiate the AWARE protocol with cryptographic primitives providing a high security level of 256-bit. We show its implementation feasibility by providing a simulation of AWARE, and conclude with an estimated performance analysis on a microcontoller architecture based on our simulation and implementation results in the literature.
%G English
%Z TC 11
%Z WG 11.2
%2 https://inria.hal.science/hal-03173901/document
%2 https://inria.hal.science/hal-03173901/file/492809_1_En_13_Chapter.pdf
%L hal-03173901
%U https://inria.hal.science/hal-03173901
%~ IFIP-LNCS
%~ IFIP
%~ IFIP-TC
%~ IFIP-TC11
%~ IFIP-WISTP
%~ IFIP-WG11-2
%~ IFIP-LNCS-12024