Return to search

SSASy: A Self-Sovereign Authentication Scheme

Amidst the wild west of user authentication, this study introduces a new sheriff in town: the Self-Sovereign Authentication Scheme (SSASy). Traditional authentication methods, like passwords, are often fraught with usability and security concerns, leading users to find workaround ways that compromise the intended security. Federated Identities (FI) offer a convenient alternative, yet, they infringe on users' sovereignty over their identity and lead to privacy concerns. To address these challenges, this study proposes SSASy, which leverages cryptography and browser technology to provide a sovereign, usable, and secure alternative to the existing user authentication schemes. The proposal, which is a proof-of-concept, is comprised of a core library, which provides the authentication protocol to developers, and a browser extension that simplifies the authentication process for users. SSASy is available as an open-source project on GitHub for practical demonstration on multiple browser stores, bringing our theoretical study into the realm of tangible, real-world application. SSASy is evaluated and compared to existing authentication schemes using the "Usability-Deployability-Security" (UDS) framework. The results demonstrate that, although other authentication schemes may excel in a specific dimension, SSASy delivers a more balanced performance across the three dimensions which makes it a promising alternative.

Identiferoai:union.ndltd.org:UPSALLA1/oai:DiVA.org:ltu-99248
Date January 2023
CreatorsManzi, Olivier
PublisherLuleå tekniska universitet, Institutionen för system- och rymdteknik
Source SetsDiVA Archive at Upsalla University
LanguageEnglish
Detected LanguageEnglish
TypeStudent thesis, info:eu-repo/semantics/bachelorThesis, text
Formatapplication/pdf
Rightsinfo:eu-repo/semantics/openAccess

Page generated in 0.0143 seconds