Date Published:



Loïc Lesavre (NIST), Priam Varin (NIST), Peter Mell (NIST), Michael Davidson (NIST), James Shook (NIST)

Abstract

Identity management systems (IDMSs) are widely used to provision user identities while managing authentication, authorization, and data sharing within organizations and on the web. Traditional identity systems typically suffer from single points of failure, lack of interoperability, and privacy issues, such as enabling mass data collection and user tracking. Blockchain technology has the potential to alleviate these concerns: it can support the ability for users to control the custody of their own identifiers and credentials, enabling novel data ownership and governance models with built-in control and consent mechanisms. Hence, blockchain-based IDMSs, which could benefit both users and businesses, are beginning to proliferate. This work categorizes these systems into a taxonomy based on differences in blockchain architectures, governance models, and other salient features. Context is provided for the taxonomy through the description of related terms, emerging standards, and use cases while highlighting relevant security and privacy considerations.

Identity management systems (IDMSs) are widely used to provision user identities while managing authentication, authorization, and data sharing within organizations and on the web. Traditional identity systems typically suffer from single points of failure, lack of interoperability, and privacy... See full abstract

Hide full abstract Identity management systems (IDMSs) are widely used to provision user identities while managing authentication, authorization, and data sharing within organizations and on the web. Traditional identity systems typically suffer from single points of failure, lack of interoperability, and privacy issues, such as enabling mass data collection and user tracking. Blockchain technology has the potential to alleviate these concerns: it can support the ability for users to control the custody of their own identifiers and credentials, enabling novel data ownership and governance models with built-in control and consent mechanisms. Hence, blockchain-based IDMSs, which could benefit both users and businesses, are beginning to proliferate. This work categorizes these systems into a taxonomy based on differences in blockchain architectures, governance models, and other salient features. Context is provided for the taxonomy through the description of related terms, emerging standards, and use cases while highlighting relevant security and privacy considerations.

Keywords