SICRAC - Self-Sovereign Identity Collaborative Credentials for Access Control in IoT (PID2020-114495RB-I00)
Access control systems aim to authenticate and authorize individuals or objects to grant or deny their access to services. Users asking for access must present certain credentials to demonstrate that they can be accepted by the policies implemented in these systems. In this context, the management of credentials is known as the identity management problem. For this problem, three main models exist: siloed, federated and self-sovereign identity (SSI), the latter being the one that is gaining the race in recent years.
In this project, we plan to apply the SSI model to IoT scenarios. Although there are some approaches that permit the use of SSI in IoT, we identify a specific scenario that is not covered by state-of-the-art solutions, i.e., that in which there exist interdependency among objects and people so that they need to form groups before authenticating and being authorized. Thus, this project suggests a solution based on the development of a collaborative credentials model applicable to IoT scenarios.
This solution is expected to have an important impact for several reasons. First, the functionalities and use cases currently covered by SSI solutions will be considerably extended. Specifically, this opens a door for solutions in which there is a need to impose restrictions for groups in real time. Second, the possibility to enforce restrictions for groups of objects and persons in a dynamic way will have an important economic impact on those markets that are affected by risks, e.g., insurances, security, travel, etc.
Started: Sept. 2021
End of project: Aug. 2024
Funding: 43.800 Euros