Identity management enables users to access services around the globe. The user information is managed in some sort of identity management system. With the proposed shift to self-sovereign identities, self-sovereign control is shifted to the individual user. However, this also includes responsibilities, for example, in case of incidents. This is the case although they typically do not have the capability to do so. In order to provide users with more control and less responsibilities, we unite identity management systems with public key infrastructures. This consolidation allows more flexible and customized trust relationships to be created and validated. This paper explains, analyzes, and validates our novel design for a Distributed Identity Information Network (DistIN) that allows a high degree of decentralization while aiming for high security, privacy, usability, scalability, and sovereignty. The primary advantage of the system lies in its flexibility and ease of use, which also enables smaller organizations or even private individuals to participate in the network with a service. This work compiles categorized requirements from the literature and analyzes the verification and authentication data flows. On this basis, the security analysis and validation are following. This work is an essential step to reach the goal of the final web-based DistIN protocol and application.
«Identity management enables users to access services around the globe. The user information is managed in some sort of identity management system. With the proposed shift to self-sovereign identities, self-sovereign control is shifted to the individual user. However, this also includes responsibilities, for example, in case of incidents. This is the case although they typically do not have the capability to do so. In order to provide users with more control and less responsibilities, we unite id...
»