Self-sovereign Identity Management Framework using Smart Contracts

In centralized infrastructures, users are not capable of authenticating themselves, in identity management systems, beyond their application’s domain. Users are forced to trust their service providers for identification and data management. Such solutions have experienced large-scale data breaches and are cumbersome for users to remember the credentials for multiple sites. Furthermore, users have very little control over their data. The concept of decentralized identity has raised the possibility of better managing these concerns. It allows users to share only the relevant part of their personal information with a service provider to verify their digital identity. We propose OrgID, a decentralized identity and user-centric data management platform including identity registration and authorization procedures. Our approach supports self-sovereign identity architecture leveraged by blockchain. This method consists of a one-time proof-verification mechanism that facilitates the secure access and credibility of digital information. Moreover, users can maintain their identities associated with specific attributes and rely on a proof mechanism using smart contracts. It deploys a platform where user registration and authorization no longer involve a central service provider. We implemented the proposed solution using smart contracts on a private Ethereum blockchain. We further analyzed the performance of these processes regarding the system’s scalability to evaluate how they manage latency and the number of users. The results state that the system is highly scalable to manage a large number of users and the system’s latency is adjustable based on the application needs.