Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

White Paper (Draft)

A Taxonomic Approach to Understanding Emerging Blockchain Identity Management Systems

Date Published: July 9, 2019
Comments Due: August 9, 2019 (public comment period is CLOSED)
Email Questions to: blockchain-idms-paper@nist.gov

Author(s)

Loïc Lesavre (NIST), Priam Varin (NIST), Peter Mell (NIST), Michael Davidson (NIST), James Shook (NIST)

Announcement

Traditional identity management has typically involved the storing of user credentials (e.g., passwords) by organizations and third parties, which often results in concerns over interoperability, security, and privacy. However, a possible solution has emerged through the use of blockchain technology to create novel identity management approaches with built-in control and consent mechanisms. This can potentially transform data governance and ownership models by enabling users to control their data and share select personal information, while helping businesses streamline operations by relying on verified user information without having to maintain the infrastructure themselves.

This Draft NIST Cybersecurity White Paper provides an overview of the standards, building blocks, and system architectures that support emerging blockchain-based identity management systems and selective disclosure mechanisms. The document considers the full spectrum of top-down versus bottom-up governance models for both identifier and credential management and addresses some of the risks and security concerns that may arise. The terminology, concepts, properties, and architectures introduced in this work can facilitate understanding and communications amongst business owners, software developers, cybersecurity professionals within an organization, and individuals who are or will be using such systems.

When submitting your comments, we encourage you to use our comment template.

Abstract

Keywords

blockchain; credential; data ownership; decentralized identifier; distributed ledger; identity management; public key infrastructure; self-sovereign identity; smart contract; user-controlled identity wallet; zero-knowledge proof
Control Families

None selected

Documentation

Publication:
White Paper (DOI)

Supplemental Material:
Local Download (pdf)
Comment template (xls)