Projekte pro Jahr
Abstract
In an era where the Internet plays an ever-expanding role, trust is the cornerstone of secure and seamless digital interactions. Trust verification is critical in diverse electronic transactions within our increasingly interconnected digital landscape. This thesis enhances trust verification in diverse electronic transactions within a heterogeneous context.
We address challenges arising from complex electronic transactions covering various trust aspects.
More specifically, we consider transactions consisting of multiple digital credentials issued by different entities under varying trust schemes. To simplify trust establishment across schemes, we propose a trust management infrastructure based on the Domain Name System (DNS). This infrastructure enables verifiers to establish trust in new schemes using human-readable identifiers instead of manually configuring trust anchors and cryptographic material. We also introduce support for global trust scheme recognition and automated trust translations. By doing so, we establish interoperability between trust schemes that use different understandings (or encodings) of trust.
To address the verifier's individual trust perspectives, we introduce an expressive trust policy system, facilitating verifiers to define trust criteria tailored to their use case. Our system's extensibility accommodates future needs and integrates with DNS-based and distributed ledger-based trust management, such as in self-sovereign identity models.
Dealing with diverse credential formats is common in a global context, resulting in interoperability issues.
To mitigate those issues, we introduce a framework for trustworthy credential transformations. Our framework allows verifiers to automatically transform data from unknown schemata into a schema they can parse.
This thesis also considers privacy aspects regarding transaction content and user behavior.
We extend expressive access control systems with privacy features, enabling seamless integration of privacy-preserving technologies. By introducing a ledger state attestation system, we enhance distributed ledger-based registries to ensure data provenance without compromising user privacy.
We address challenges arising from complex electronic transactions covering various trust aspects.
More specifically, we consider transactions consisting of multiple digital credentials issued by different entities under varying trust schemes. To simplify trust establishment across schemes, we propose a trust management infrastructure based on the Domain Name System (DNS). This infrastructure enables verifiers to establish trust in new schemes using human-readable identifiers instead of manually configuring trust anchors and cryptographic material. We also introduce support for global trust scheme recognition and automated trust translations. By doing so, we establish interoperability between trust schemes that use different understandings (or encodings) of trust.
To address the verifier's individual trust perspectives, we introduce an expressive trust policy system, facilitating verifiers to define trust criteria tailored to their use case. Our system's extensibility accommodates future needs and integrates with DNS-based and distributed ledger-based trust management, such as in self-sovereign identity models.
Dealing with diverse credential formats is common in a global context, resulting in interoperability issues.
To mitigate those issues, we introduce a framework for trustworthy credential transformations. Our framework allows verifiers to automatically transform data from unknown schemata into a schema they can parse.
This thesis also considers privacy aspects regarding transaction content and user behavior.
We extend expressive access control systems with privacy features, enabling seamless integration of privacy-preserving technologies. By introducing a ledger state attestation system, we enhance distributed ledger-based registries to ensure data provenance without compromising user privacy.
Originalsprache | englisch |
---|---|
Qualifikation | Doktor der Technik |
Gradverleihende Hochschule |
|
Betreuer/-in / Berater/-in |
|
Datum der Bewilligung | 30 Nov. 2023 |
DOIs | |
Publikationsstatus | Veröffentlicht - 30 Nov. 2023 |
-
EU - ERATOSTHENES - Sichere Verwaltung des Lebenszyklus von IoT-Geräten durch Identitäten, Vertrauen und verteilte Ledger
Tauber, A. (Teilnehmer (Co-Investigator))
1/10/21 → 31/03/25
Projekt: Forschungsprojekt
-
EU - KRAKEN - Vermittlungs- und Marktplattform für personenbezogene Daten
Tauber, A. (Teilnehmer (Co-Investigator))
1/12/19 → 30/11/22
Projekt: Forschungsprojekt
-
EU - LIGHTest - Leichtgewichtige Infrastruktur für globales, heterogenes Vertrauens-Management, die ein offenes Ökosystem für verschiedene Akteure und Vertrauens-Modelle bietet
Lipp, P. (Teilnehmer (Co-Investigator))
1/09/16 → 30/11/19
Projekt: Forschungsprojekt