Verifiable Credentials enable subjects to make claims about one another whose integrity and authenticity can be securely verified. Nevertheless, verifying an issuer's trustworthiness is not possible from the credential alone. Trusted Issuer Registries (TIRs) were created to address this issue. However, the existing designs do not fully meet the needs of Self-Sovereign Identity. This thesis aims to design a novel decentralized, general-purpose Trusted Issuer Registry architecture. To that end, we analyzed existing TIR designs and gathered user requirements from an actual use case using interviews with five experts from the Gaia-X project. The findings indicated, among others, the necessity for issuer identification, authorization, and hierarchical sub-registries, alongside a focus on availability, scalability, security, and flexibility. From that, we inferred an improved TIR design, which was implemented as a prototype. The design leverages Decentralized Identifiers to reference TIRs and leaves implementation-specific details unspecified, specifying only a data model to which every TIR must resolve. The TIR's implementation proves the concept and demonstrates its capabilities. Ultimately, this thesis proposes an improved Trusted Issuer Registry design, contributing to the enhancement of issuer verification in Self-Sovereign Identity.
Name | Type | Size | Last Modification | Last Editor |
---|---|---|---|---|
231016 Schmidmaier Kick-off Presentation.pdf | 952 KB | 05.02.2024 | ||
231215 Michael Schmidmaier Bachelor Thesis.pdf | 986 KB | 05.02.2024 | ||
240115 Schmidmaier Final Presentation.pdf | 1,86 MB | 05.02.2024 |