Distributed, Secure, Self-Sovereign Identity for IoT Devices
Samson Kahsay Gebresilassie, Joseph Rafferty, Philip Morrow, Liming Chen, Mamun Abu-Tair, Zhan Cui
Abstract
The growth of Internet use due to the emergence of new paradigms including social media and the Internet of Things (IoT) has presented several challenges. Within the IoT paradigm, there are several domain-specific challenges, among which security is crucial. Billions of devices in the IoT ecosystem have the responsibility of generating, processing, and analyzing large volumes of data. This data may connect with organizations, services, billions of people and other devices. This high level of interconnectivity creates a complex and heterogeneous network which is challenging to adequately secure the IoT system. IoT devices are smart, diverse, portable, interoperable, often autonomous and deployed in distributed topology. Properly managing the identities of these IoT devices plays a critical role in achieving the security of the overall IoT ecosystem. Notably, existing identity management systems fail to satisfy the requirements of identity management for IoT devices. We present a novel solution for IoT devices identity management based on self-sovereign identity and underpinned by proven security offered by distributed ledger technology. This novel approach provides a secure, portable, decentralized, persistent, unique, interoperable, self-owned and self-controlled identity for IoT devices. A Device's identity with all its relationships in the IoT system are securely managed throughout its entire lifecycle.