Improved Identity Management with Verifiable Credentials and FIDO
Document Type
Article
Source of Publication
IEEE Communications Standards Magazine
Publication Date
12-1-2019
Abstract
© 2017 IEEE. We describe how FIDO and W3C VCs can overcome the problems of existing identity management systems. We describe our conceptual model and architecture, and the protocol we used by extending FIDO's UAF in order to provide both strong authentication and strong authorization. We built a pilot implementation for U.K. NHS patients to validate our implementation. Patients were able to use a mobile phone with a fingerprint reader to access restricted NHS sites in order to make and cancel appointments and order repeat prescription drugs. Our initial user trials with 10 U.K. NHS patients found the system to be easy to use, and fingerprints to be preferable to using usernames and passwords for authentication.
DOI Link
ISSN
Publisher
Institute of Electrical and Electronics Engineers Inc.
Volume
3
Issue
4
First Page
14
Last Page
20
Disciplines
Computer Sciences
Keywords
Global system for mobile communications, Network architecture, Conceptual model, Fingerprint reader, Identity management, Identity management systems, Pilot implementation, Prescription drugs, Strong authentication, Authentication
Scopus ID
Recommended Citation
Chadwick, David W.; Laborde, Romain; Oglaza, Arnaud; Venant, Remi; Wazan, Samer; and Nijjar, Manreet, "Improved Identity Management with Verifiable Credentials and FIDO" (2019). All Works. 1967.
https://zuscholars.zu.ac.ae/works/1967
Indexed in Scopus
yes
Open Access
yes
Open Access Type
Green: A manuscript of this publication is openly available in a repository