Trust Me If You Can: Trusted Transformation Between (JSON) Schemas to Support Global Authentication of Education Credentials

@inproceedings{More2021TrustMI,
  title={Trust Me If You Can: Trusted Transformation Between (JSON) Schemas to Support Global Authentication of Education Credentials},
  author={Stefan More and Peter Grassberger and Felix Horandner and Andreas Abraham and Lukas Daniel Klausner},
  booktitle={SEC},
  year={2021}
}
Recruiters and institutions around the world struggle with the verification of diplomas issued in a diverse and global education setting. Firstly, it is a nontrivial problem to identify bogus institutions selling education credentials. While institutions are often accredited by qualified authorities on a regional level, there is no global authority fulfilling this task. Secondly, many different data schemas are used to encode education credentials, which represents a considerable challenge to… 

Adapting the TPL Trust Policy Language for a Self-Sovereign Identity World

TLDR
It is demonstrated that SSI concepts can be integrated into TPL without changing the syntax and semantics of TPL itself and have to add new formats and introduce a new built-in predicate for interacting with the DL.

Offline-verifiable Data from Distributed Ledger-based Registries

TLDR
This paper extends existing ledger APIs to support results that are trustworthy even in an offline setting by introducing attestations of the ledger’s state, issued by ledger nodes, aggregatable into a collective attestation by all nodes.

YOU SHALL NOT COMPUTE on my Data: Access Policies for Privacy-Preserving Data Marketplaces and an Implementation for a Distributed Market using MPC

TLDR
This work proposes a flexible access control architecture for private data marketplaces, which can be applied to existing data markets, and provides an implementation for the KRAKEN marketplace, a distributed data market using MPC.

References

SHOWING 1-10 OF 37 REFERENCES

Adapting the TPL Trust Policy Language for a Self-Sovereign Identity World

TLDR
It is demonstrated that SSI concepts can be integrated into TPL without changing the syntax and semantics of TPL itself and have to add new formats and introduce a new built-in predicate for interacting with the DL.

Revocable and Offline-Verifiable Self-Sovereign Identities

TLDR
The Self-Sovereign Identity model is extended to support both revocation as well as offline-verification, and an implementation that includes an efficient and privacy-preserving showing of credentials using noninteractive zero-knowledge proofs, all while being offline is developed.

TPL: A Trust Policy Language

TLDR
The idea is that for any decision, the system can generate a proof that can be checked by a prover that is formally verified, in Isabelle/HOL, to be sound with respect to a first-order logic semantics.

GTPL: A Graphical Trust Policy Language

TLDR
GTPL is presented as an easy-to-use interface for the Trust Policy Language TPL proposed by the LIGHTest project, which closes the gap between languages on a logical-technical level such as TPL that require expertise to use, and interfaces like the Lightest Graphical-Layer that allow only for very basic patterns.

Towards Quantitative Analysis of Proofs of Authorization: Applications, Framework, and Techniques

  • Adam J. LeeTing Yu
  • Computer Science
    2010 23rd IEEE Computer Security Foundations Symposium
  • 2010
TLDR
A formal model is developed that allows for quantitatively reason about the outcomes of the policy enforcement process in both absolute and relative terms, and can be extended to quantify how close unauthorized users are to satisfying policies, which can be a useful risk metric for decision making under unexpected circumstances.

Usability of Policy Authoring Tools: A Layered Approach

TLDR
This paper identifies three categories of such users and introduces a three-layered approach to cater to each user group and intuitively reduces the functionalities available based on the capability of each group of users and therefore making policy creation more usable.

An Overview of Cloud Identity Management-Models

TLDR
An overview of different cloud identity management-models that have already emerged up to now is given and these models are compared based on selected criteria, e.g. on practicability and privacy aspects.

Blockchain for Education: Lifelong Learning Passport

TLDR
This paper presents the Blockchain for Education platform as a practical solution for issuing, validating and sharing of certificates, including management of certification authorities and certificates, smart contracts as well as services for certifiers, learners and third parties such as employers.

The Trust over IP Stack

TLDR
A four-layer architectural stack for establishing trust between peers over the Internet and other digital networks, patterned after the TCP/IP stack that standardized packet exchange and created the Internet, the ToIP stack is a decentralized architecture that encompasses business, legal, and technological requirements.

Beyond the Hype: On Using Blockchains in Trust Management for Authentication

TLDR
This analysis is the first to formally model and argue about the security of TM systems for authentication, based on blockchain technology, and shows how this model can be conceptually encoded in a blockchain, by expressing it as a series of state transitions.