Qiuyun Lyu,Shaopeng Cheng,Hao Li,Junliang Liu,Yanzhao Shen,Zhen Wang

DOI: https://doi.org/10.1155/2022/1607996

IF: 1.968

2022-09-07

Security and Communication Networks

Abstract:Self-sovereign identity (SSI) is a new distributed method for identity management, commonly used to address the problem that users are lack of control over their identities. However, the excessive pursuit of self-sovereignty in the most existing SSI schemes hinders sanctions against attackers. To deal with the malicious behavior, a few SSI schemes introduce accountability mechanisms, but they sacrifice users' privacy. In addition, the digital identities (static strings or updatable chains) in the existing SSI schemes are as inputs to a third-party executable program (mobile app, smart contract, etc.) to achieve identity reading, storing and proving, and users' self-sovereignty are weakened. To solve the above problems, we present a new self-sovereign identity scheme to strike a balance between privacy and accountability and get rid of the dependence on the third-party program. In our scheme, one and only individual-specific executable code is generated as a digital avatar-i for each human to interact with others in cyberspace without a third-party program, in which the embedding of biometrics enhances uniqueness and user control over their identity. In addition, a joint accountability mechanism, which is based on the shamir (t, n) threshold algorithm and a consortium blockchain, is designed to restrict the power of each regulatory authority and protect users' privacy. Finally, we analyze the security, SSI properties and conduct detailed experiments in terms of the cost of computation, storage, and blockchain gas. The analysis results indicate that our scheme resists the known attacks and fulfills all the six SSI properties. Compared with the state-of-the-art schemes, the extensive experiment results show that the cost is larger in server storage, blockchain storage, and blockchain gas, but is still low enough for practical situations.

computer science, information systems,telecommunications

Le Gao,Jiaxin Yu,Junzhe Zhang,Yin Tang,Quansi Wen

DOI: https://doi.org/10.1109/access.2024.3391423

IF: 3.9

2024-04-30

IEEE Access

Abstract:The concern and opposition to centralized management of user identities by third-party authorities have led to the emergence of Self-Sovereign Identity (SSI). With the help of blockchain, SSI effectively restore users' control over their own identities, but privacy concerns due to blockchain transparency, coupled with the absence of accountability like Know Your Customer (KYC) and Anti-Money Laundering (AML), have cast uncertainties upon the viability of SSI. In this paper, we bridge this gap by introducing AASSI, a pioneering SSI protocol meticulously designed to balance the twin imperatives of privacy and accountability. Specifically, AASSI extends support for anonymity, self-derivation, fine-grained tracing and selective revocation. In the realm of anonymity and self-derivation, AASSI introduces redactable signatures, which empowers users to autonomously derive distinctive credentials for each user-service-provider interaction, effectively improving privacy protection and self-management capabilities. Pertaining to fine-grained tracing, the protocol employs a dual-tag system that facilitates tracing users' real identities as well as a granular historical records of derived credentials. For selective revocation, AASSI leverages dynamic accumulators as a building block to enable the revocation of offending users. Ultimately, we provide functional comparison, which shows that AASSI has robust features, in particular, it supports novel self-derived features that further increase user control over their identity, and fine-grained tracking, which provides more flexibility for tracers. We demonstrate protocol efficiency through off-chain time-consuming comparison, which show that AASSI dramatically reduces the time overhead of credential verification. Moreover, We test the on-chain communication overhead and experimentally prove the feasibility of AASSI.

computer science, information systems,telecommunications,engineering, electrical & electronic

Aboulfazl Dayyani,Maghsoud Abbaspour

DOI: https://doi.org/10.1002/cpe.8201

2024-08-06

Concurrency and Computation Practice and Experience

Abstract:Summary The Social Internet of Things (SIoT) allows for more efficient and intelligent communication between entities (humans and objects). Managing the digital identity of objects, protecting the owner's privacy, and resisting impersonation attacks are crucial challenges in SIoT. On the other hand, the classic centralized identity provider servers contain valuable information for hackers and malicious parties. Effective solutions can be presented using decentralized technologies such as blockchains. This paper proposes a decentralized identity management system for SIoT based on smart contract technology. This system drives object identity control; conversely, a zero‐knowledge‐based protocol and double‐spend prevention ideas are proposed for privacy preservation and Sybil attack resistance, respectively. The central idea is to implement self‐sovereign identity (SSI) so that even certifiers are not privy to object‐sensitive information. Additionally, it attempts to prevent the owner from creating Sybil objects using the web of trust method. The method's scalability and convergence can be proven by considering all acknowledgment nodes and different paths. This method was compared with the most novel available methods; the results from this comparison depict the scalability and effectiveness of the proposed method for large networks.

computer science, theory & methods, software engineering

Morgan Reece,Sudip Mittal

DOI: https://doi.org/10.48550/arXiv.2209.11647

2022-09-23

Cryptography and Security

Abstract:Self-Sovereign Identity (SSI) is projected to become part of every person's life in some form. The ability to verify and authenticate that an individual is the actual person they are purported to be along with securing the personal attributes could have wide spread implications when engaging with third party organizations. Utilizing blockchains and other decentralized technologies, SSI is a growing area of research. The aspect of securing personal information within a decentralized structure has possible benefits to the public and private sectors. In this paper, we describe the SSI framework architecture as well as possible use cases across domains like healthcare, finance, retail, and government. The paper also contrasts SSI and its decentralized architecture with the current widely adopted model of Public Key Infrastructure (PKI).

Daniel Slamanig,Sebastian Ramacher,Reyhaneh Rabaninejad,A. Michalas,B. Abdolmaleki

Abstract:. Self-sovereign identity (SSI) systems empower users to (anony-mously) establish and verify their identity when accessing both digital and real-world resources, emerging as a promising privacy-preserving so-lution for user-centric identity management. Recent work by Maram et al. proposes the privacy-preserving Sybil-resistant decentralized SSI sys-tem CanDID (IEEE S&P 2021). While this is an important step, notable shortcomings undermine its efficacy. The two most significant among them being the following: First, unlinkability breaks in the presence of a single malicious issuer. Second, it introduces interactiveness, as the users are required to communicate each time with issuers to collect cre-dentials intended for use in interactions with applications. This contra-dicts the goal of SSI, whose aim is to give users full control over their identities. This paper first introduces the concept of publicly verifiable attribute-based threshold anonymous counting tokens (tACT). Unlike recent approaches confined to centralized settings (Benhamouda et al., ASIACRYPT 2023), tACT operates in a distributed-trust environment. Accompanied by a formal security model and a provably secure instantiation, tACT introduces a novel dimension to token issuance, which, we believe, holds independent interest. Next, the paper leverages the proposed tACT scheme to construct an efficient Sybil-resistant SSI sys-tem. This system supports various functionalities, including threshold issuance, unlinkable multi-show selective disclosure, and non-interactive, non-transferable credentials that offer constant-size credentials. The proposed construction is backed by rigorous security definitions and proofs. Finally, our benchmark results show an efficiency improvement in our construction when compared to CanDID all while accommodating a greater number of issuers and additionally reducing to a one-round protocol that can be run in parallel with all issuers.

Computer Science

Fan Zhang,Philip Daian,Iddo Bentov

2018-01-01

Abstract:Conventional (M,N )-threshold signature schemes leave users with a painful choice. SettingM = N offers maximum resistance to key compromise. With this choice, though, loss of a single key renders the signing capability unavailable, creating paralysis in systems that use signatures for access control. Lower M improves availability, but at the expense of security. For example, a (3, 3)-multisignature cryptocurrency wallet experiences access-control paralysis upon loss of a single key, but a (2, 3)-multisig allows any two players to collude and steal funds from the third. In this paper, we introduce techniques that address this impasse by making general cryptographic access structures dynamic. Our schemes permit, e.g., a (3, 3)-multisig, to be downgraded to a (2, 3)multisig if a player goes missing. This downgrading is secure in the sense that it occurs only if a player is provably unavailable. Our main tool is what we call a Paralysis Proof, evidence that players, i.e., key holders, are unavailable or incapacitated. Using Paralysis Proofs, we show how to construct a Dynamic Access Structure System, which can securely and flexibly update target access structures without a trusted third party such as a system administrator. We present DASS constructions that combine a trust anchor (a trusted execution environment or smart contract) with a censorshipresistant channel in the form of a blockchain. We offer a formal framework for specifying DASS policies, and define and show how to achieve critical security and usability properties (safety, liveness, and paralysis-freeness) in a DASS. Paralysis Proofs can help address pervasive key-management challenges in many different settings. We present DASS schemes for three important example use cases: recovery of cryptocurrency funds should players become unavailable, returning funds to users when cryptocurrency custodians fail, and remediating critical smartcontract failures such as frozen funds. We report on practical implementations for Bitcoin and Ethereum.

Rowdy Chotkan,Jérémie Decouchant,Johan Pouwelse

DOI: https://doi.org/10.48550/arXiv.2208.05339

2022-08-10

Distributed, Parallel, and Cluster Computing

Abstract:Self-Sovereign Identity (SSI) aspires to create a standardised identity layer for the Internet by placing citizens at the centre of their data, thereby weakening the grip of big tech on current digital identities. However, as millions of both physical and digital identities are lost annually, it is also necessary for SSIs to possibly be revoked to prevent misuse. Previous attempts at designing a revocation mechanism typically violate the principles of SSI by relying on central trusted components. This lack of a distributed revocation mechanism hampers the development of SSI. In this paper, we address this limitation and present the first fully distributed SSI revocation mechanism that does not rely on specialised trusted nodes. Our novel gossip-based propagation algorithm disseminates revocations throughout the network and provides nodes with a proof of revocation that enables offline verification of revocations. We demonstrate through simulations that our protocol adequately scales to national levels.

Yepeng Ding,Hiroyuki Sato

DOI: https://doi.org/10.1109/COMPSAC54236.2022.00244

2022-06-02

Abstract:Self-sovereign identity (SSI) has gained a large amount of interest. It enables physical entities to retain ownership and control of their digital identities, which naturally forms a conceptual decentralized architecture. With the support of the distributed ledger technology (DLT), it is possible to implement this conceptual decentralized architecture in practice and further bring technical advantages such as privacy protection, security enhancement, high availability. However, developing such a relatively new identity model has high costs and risks with uncertainty. To facilitate the use of the DLT-based SSI in practice, we formulate Self-Sovereign Identity as a Service (SSIaaS), a concept that enables a system, especially a system cluster, to readily adopt SSI as its identity model for identification, authentication, and authorization. We propose a practical architecture by elaborating the service concept, SSI, and DLT to implement SSIaaS platforms and SSI services. Besides, we present an architecture for constructing and customizing SSI services with a set of architectural patterns and provide corresponding evaluations. Furthermore, we demonstrate the feasibility of our proposed architecture in practice with Selfid, an SSIaaS platform based on our proposed architecture.

Software Engineering

Evan Krul,Hye-young Paik,Sushmita Ruj,Salil S. Kanhere

DOI: https://doi.org/10.56553/popets-2024-0079

2024-06-27

Abstract:Digital identity is evolving from centralized systems to a decentralized approach known as Self-Sovereign Identity (SSI). SSI empowers individuals to control their digital identities, eliminating reliance on third-party data custodians and reducing the risk of data breaches. However, the concept of trust in SSI remains complex and fragmented. This paper systematically analyzes trust in SSI in light of its components and threats posed by various actors in the system. As a result, we derive three distinct trust models that capture the threats and mitigations identified across SSI literature and implementations. Our work provides a foundational framework for future SSI research and development, including a comprehensive catalogue of SSI components and design requirements for trust, shortcomings in existing SSI systems and areas for further exploration.

Cryptography and Security

Weichu Deng,Jin Li,Hongyang Yan,Arthur Sandor Voundi Koe,Teng huang,Jianfeng Wang,Cong Peng

DOI: https://doi.org/10.1016/j.jisa.2024.103885

IF: 4.96

2024-09-14

Journal of Information Security and Applications

Abstract:In the Internet of Things, access control and identity management rely on centralized platforms. However, centralized platforms will compromise user privacy with identity leakage. Self-sovereign identity (SSI) is a novel model for identity management that does not require third-party centralized authority. Thus, SSI is a potential solution to the identity management problem in IoT access control. This paper's motivation is to address the problems of lack of identity sovereignty, centralized authorization, and high computational overhead for IoT access control. We propose a novel access control scheme for IoT that decentralizes identity management and tackles single-point-of-failure issues. This scheme leverages ciphertext policy attribute-based encryption (CP-ABE) and SSI to achieve the overall goal. Specifically, Our scheme eliminates the central authority and empowers users to manage their identity, allowing users to decide what attributes they disclose. Regarding the distribution of roles in the architecture, this paper follows the generic SSI model (ISSUER–HOLDER—VERIFIER) that allows a user to access a service from a service provider. To enable real-world deployment of our scheme, we establish an attribute authorization authority(such as the government) as a trusted identity point of entry. Users generate decentralized identifiers to enjoy services of interest in a privacy-preserving manner. The analysis demonstrates the practicality and superiority of our scheme. Our scheme requires less computation and is suitable for resource-constrained IoT scenarios.

computer science, information systems

Alexander Mühle,Andreas Grüner,Tatiana Gayvoronskaya,Christoph Meinel

DOI: https://doi.org/10.48550/arXiv.1807.06346

2018-07-17

Cryptography and Security

Abstract:This paper provides an overview of the Self-Sovereign Identity (SSI) concept, focusing on four different components that we identified as essential to the architecture. Self-Sovereign Identity is enabled by the new development of blockchain technology. Through the trustless, decentralised database that is provided by a blockchain, classic Identity Management registration processes can be replaced. We start off by giving a simple overview of blockchain based SSI, introducing an architecture overview as well as relevant actors in such a system. We further distinguish two major approaches, namely the Identifier Registry Model and its extension the Claim Registry Model. Subsequently we discuss identifiers in such a system, presenting past research in the area and current approaches in SSI in the context of Zooko's Triangle. As the user of an SSI has to be linked with his digital identifier we also discuss authentication solutions. Most central to the concept of an SSI are the verifiable claims that are presented to relying parties. Resources in the field are only losely connected. We will provide a more coherent view of verifiable claims in regards to blockchain based SSI and clarify differences in the used terminology. Storage solutions for the verifiable claims, both on- and off-chain, are presented with their advantages and disadvantages.

Efat Samir,Hongyi Wu,Mohamed Azab,Chunsheng Xin,Qiao Zhang,Chun Sheng Xin

DOI: https://doi.org/10.1109/jiot.2021.3112537

IF: 10.6

2021-01-01

IEEE Internet of Things Journal

Abstract:In a ubiquitous environment enclosing cooperative Internet-of-Things (IoT) devices, individuals, and entities, digital identity management (DIM) becomes critical and challenging. DIM pertains to device identities authentication and verification to enable trustworthy service exchange, data collection, and decision making. DIM is the supporting pillar for all online services and the foundation for security and authentication mechanisms. Due to the extreme heterogeneity, scale, and configuration complexity of such environments, enabling trustworthy DIM is crucial and seriously challenging. In an IoT context, devices use local digital identities stored within a tamper-proof unit and verified by a centralized authority for authentication. The recent attacks on IoT systems showed how vulnerable such a design is. It is also an inherent problem that influences humans. From that, self-sovereign identity (SSI) has emerged as a decentralized DIM approach embracing the concept of portable self-possession identity. SSI was presented to couple the digital identity from the owner to enable large-scale cooperation. However, digital identity storage and verification still occur on the device and in a centralized manner. Utilizing a local single-point-of-failure storage memory for verifiable credentials is one of the considerable drawbacks in contemporary SSI. In this regard, this article introduces decentralized trustworthy-self-sovereign identity management (DT-SSIM), a novel decentralized trustworthy SSI management framework. DT-SSIM integrates the secret share scheme with the blockchain-based smart contracts technologies to provide transparent and trustworthy SSI-based DIM services for IoT. Storing IoT identity credentials outside the devices' local storage preserves the identity credentials from being tampered with or misused. Evaluations and discussions show the resiliency assessment of the system and the cost and estimated running times for verification pro-esses in DT-SSIM.

computer science, information systems,telecommunications,engineering, electrical & electronic

Siem Ghirmai,Daniel Mebrahtom,Moayad Aloqaily,Mohsen Guizani,Merouane Debbah

2023-03-01

Abstract:With the advancement in computing power and speed, the Internet is being transformed from screen-based information to immersive and extremely low latency communication environments in web 3.0 and the Metaverse. With the emergence of the Metaverse technology, more stringent demands are required in terms of connectivity such as secure access and data privacy. Future technologies such as 6G, Blockchain, and Artificial Intelligence (AI) can mitigate some of these challenges. The Metaverse is now on the verge where security and privacy concerns are crucial for the successful adaptation of such disruptive technology. The Metaverse and web 3.0 are to be decentralized, anonymous, and interoperable. Metaverse is the virtual world of Digital Twins and non-fungible tokens (NFTs). The control and possession of users' data on centralized servers are the cause of numerous security and privacy concerns. This paper proposes a solution for the security and interoperability challenges using Self-Sovereign Identity (SSI) integrated with blockchain. The philosophy of Self-Sovereign Identity, where the users are the only holders and owners of their identity, comes in handy to solve the questions of decentralization, trust, and interoperability in the Metaverse. This work also discusses the vision of a single, open standard, trustworthy, and interoperable Metaverse with initial design and implementation of SSI concepts.

Cryptography and Security

Mohammed Shuaib,Noor Hafizah Hassan,Sahnius Usman,Shadab Alam,Surbhi Bhatia,Parul Agarwal,Mohammad Idrees,Sheikh Mohammad Idrees

DOI: https://doi.org/10.3390/su14095400

IF: 3.9

2022-05-01

Sustainability

Abstract:Providing a system user with a unique and secure identity is a prerequisite for authentication and authorization aspects of a security system. It is generally understood that the existing digital identity systems store the identity details in centralized databases, and users store the identity details in centralized databases in which users do not have any control over them. These vulnerabilities in the traditional digital identities make them susceptible to various malicious assaults and modifications. Users' personally identifiable information (PII) may leak through these identity solutions that can consequently affect other applications being used by the users, and they have no control over them. Land registration is a major domain of governance that defines civilians' well-being and needs to be handled properly to avoid conflict and to support Environmental Sustainability. These traditional land registry applications also lack identity parameters due to weaknesses in identity solutions. A secure and reliable digital identity solution is the need of the hour. Self-sovereign identity (SSI), a new concept, is becoming more popular as a secure and reliable identity solution for users based on identity principles. SSI provides users with a way to control their personal information and consent for it to be used in various ways. In addition, the user's identity details are stored in a decentralized manner, which helps to overcome the problems with digital identity solutions. This article reviews existing SSI solutions and analyzes them using SSI principles. It also assesses the SSI components required for constructing SSI frameworks that adhere to the SSI principles. Furthermore, it defines the procedures for establishing an SSI ecosystem, explores the laws governing digital identity that governments have adopted, and identifies SSI applications in several fields. Finally, a review of SSI applications in the domain of land registry systems is given in order to propose an SSI-based land registry framework for a secure and reliable land registry system.

environmental sciences,environmental studies,green & sustainable science & technology

Quinten Stokkink,Johan Pouwelse

DOI: https://doi.org/10.1109/cybermatics_2018.2018.00230

2018-07-01

Abstract:Digital identity is unsolved: after many years of research there is still no trusted communication over the Internet. To provide identity within the context of mutual distrust, this paper presents a blockchain-based digital identity solution. Without depending upon a single trusted third party, the proposed solution achieves passport-level legally valid identity. This solution for making identities Self-Sovereign, builds on a generic provable claim model for which attestations of truth from third parties need to be collected. The claim model is then shown to be both blockchain structure and proof method agnostic. Four different implementations in support of these two claim model properties are shown to offer sub-second performance for claim creation and claim verification. Through the properties of Self-Sovereign Identity, legally valid status and acceptable performance, our solution is considered to be fit for adoption by the general public.

Rahma Mukta,Rue C. Teh,Hye-young Paik,Qinghua Lu,Salil S. Kanhere

2023-08-03

Abstract:Self Sovereign Identity (SSI) is an emerging identity system that facilitates secure credential issuance and verification without placing trust in any centralised authority. To bypass central trust, most SSI implementations place blockchain as a trusted mediator by placing credential transactions on-chain. Yet, existing SSI platforms face trust issues as all credential issuers in SSI are not supported with adequate trust. Current SSI solutions provide trust support to the officiated issuers (e.g., government agencies), who must follow a precise process to assess their credentials. However, there is no structured trust support for individuals of SSI who may attempt to issue a credential (e.g., letter of consent) in the context of business processes. Therefore, some risk-averse verifiers in the system may not accept the credentials from individual issuers to avoid carrying the cost of mishaps from potentially inadmissible credentials without reliance on a trusted agency. This paper proposes a trust propagation protocol that supports individual users to be trusted as verifiable issuers in the SSI platform by establishing a trust propagation credential template in the blockchain. Our approach utilises (i) the sanitizable signature scheme to propagate the required trust to an individual issuer, (ii) a voting mechanism to minimises the possibility of collusion. Our implementation demonstrates that the solution is both practical and performs well under varying system loads.

Cryptography and Security

Khaled A. M. Ahmed,Sabry F. Saraya,John F. Wanis,Amr M. T. Ali-Eldin

DOI: https://doi.org/10.3390/fi15060208

2023-06-08

Future Internet

Abstract:Open finance is evolving and extending open banking. This creates a large context that implies a financial and identity data exchange paradigm, which faces challenges to balance customer experience, security, and the self-control over personal identity information. We propose Self-Sovereign Banking Identity (SSBI), a Blockchain-based self-sovereign identity (SSI) to secure private data sharing by utilizing trusted customer's banking cards as a key storage and identity transaction-signing enclave. The design and implementation of the SSI framework is based on the Veramo SDK and Ethereum to overcome the limitation of signing curve availability on the current banking Java Cards needed for Hyperledger Indy. SSBI uses the elliptic curve SECP256K1 for transaction signing, which exists for several payment cards in the market. SSBI enables automated financial services and trust in the service provider communication. This work analyzes the flow and framework components, and evaluates the usability, integration, and performance in terms of throughput, latency, security, and complexity. Furthermore, the proposed approach is compared with related solutions. The presented prototype implementation is based on a test Ethereum network and signing transactions on the banking card. The preliminary results show that SSBI provides an effective solution for integrating the customer's banking cards to secure open banking identity exchange. Furthermore, it allows the integration of several scenarios to support trusted open banking. The Blockchain layer settings need to be scaled and improved before real-world implementation.

Faisal Fiaz,Syed Muhammad Sajjad,Zafar Iqbal,Muhammad Yousaf,Zia Muhammad

DOI: https://doi.org/10.3390/fi16050176

2024-05-19

Future Internet

Abstract:The Metaverse brings together components of parallel processing computing platforms, the digital development of physical systems, cutting-edge machine learning, and virtual identity to uncover a fully digitalized environment with equal properties to the real world. It possesses more rigorous requirements for connection, including safe access and data privacy, which are necessary with the advent of Metaverse technology. Traditional, centralized, and network-centered solutions fail to provide a resilient identity management solution. There are multifaceted security and privacy issues that hinder the secure adoption of this game-changing technology in contemporary cyberspace. Moreover, there is a need to dedicate efforts towards a secure-by-design Metaverse that protects the confidentiality, integrity, and privacy of the personally identifiable information (PII) of users. In this research paper, we propose a logical substitute for established centralized identity management systems in compliance with the complexity of the Metaverse. This research proposes a sustainable Self-Sovereign Identity (SSI), a fully decentralized identity management system to mitigate PII leaks and corresponding cyber threats on all multiverse platforms. The principle of the proposed framework ensures that the users are the only custodians and proprietors of their own identities. In addition, this article provides a comprehensive approach to the implementation of the SSI principles to increase interoperability and trustworthiness in the Metaverse. Finally, the proposed framework is validated using mathematical modeling and proved to be stringent and resilient against modern-day cyber attacks targeting Metaverse platforms.

Vincent Schlatt,Johannes Sedlmeir,Simon Feulner,Nils Urbach

DOI: https://doi.org/10.48550/arXiv.2112.01237

2021-11-11

Computers and Society

Abstract:Know your customer (KYC) processes place a great burden on banks, because they are costly, inefficient, and inconvenient for customers. While blockchain technology is often mentioned as a potential solution, it is not clear how to use the technology's advantages without violating data protection regulations and customer privacy. We demonstrate how blockchain-based self-sovereign identity (SSI) can solve the challenges of KYC. We follow a rigorous design science research approach to create a framework that utilizes SSI in the KYC process, deriving nascent design principles that theorize on blockchain's role for SSI.

Engin Zeydan,Josep Mangues-Bafalluy,Suayb Arslan,Yekta Turk

DOI: https://doi.org/10.1016/j.vehcom.2024.100759

IF: 6.7

2024-03-03

Vehicular Communications

Abstract:Identity and access management frameworks address user access rights and data governance for organizations, vendors and users. In response to the problems associated with centralized authorities (e.g. single point of failure, limited scalability, lack of user control), new identity management models have emerged, such as Self-Sovereign Identity (SSI), which relies on verifiable data registers to validate Decentralized Identifier (DIDs) and can be achieved in many different ways, e.g. through Distributed Ledger Technology (DLT), distributed databases or other decentralized systems. The main goal of SSI is to enable users to take control of managing their data shared with different services. In this paper, we examine a possible application of the SSI concept to aerial base station (ABS)- integrated networks. The paper presents the effective use of DID implementation to provide a secure and decentralized way to create, associate and verify credentials and identities of ABSs, ensuring secure communication between Ground Base stations (GBSs) and other nodes in the network in a multi-operator scenario. In the numerical results, the average values of various metrics (namely, the average credential presentation time, the average credential offer time, the average DIDcomm connection creation time, the average DIDcomm signing time, and the average DIDcomm revoke credential time) related to credential operations in a DID management system are given for three different number of requests (50 K, 75 K, and 100 K). We have also provided the values of the different status codes that occurred in 100 K operations in the same DID management system. Towards the end of the paper, a comparison is made between SSI-based and Non-fungible token (NFT)-based blockchain solutions, also discussing the challenges and future directions of SSI solutions in the context of ABS-integrated networks.

telecommunications,transportation science & technology