Table of Contents
Fetching ...

Decentralized Identifiers and Self-sovereign Identity in 6G

Sandro Rodriguez Garzon, Hakan Yildiz, Axel Küpper

TL;DR

The paper addresses identity management challenges in 6G's multi-stakeholder, cross-domain environment by advocating Decentralized Identifiers (DIDs) and Self-Sovereign Identity (SSI) as a privacy-preserving alternative to centralized PKIs. It maps DIDs and SSI to both the management/access and application planes, proposing a distributed ledger as a tamper-evident, cross-domain source of verification data while keeping personal data off-ledger. Key contributions include practical use cases for cross-domain roaming, network slices, and NF authorization, illustrating CA-free key management and VC-based authorizations that reduce reliance on centralized authorities. The work highlights significant potential for improved security, privacy by design, and operational efficiency in 6G, while outlining governance, standardization, and scalability challenges that warrant further research.

Abstract

A key challenge for mobile network operators in 6G is to bring together and orchestrate a variety of new emerging players of today's mobile ecosystems in order to provide economically viable and seamless mobile connectivity in form of a multi-stakeholder service. With each new player, be it a cloud, edge or hardware provider, the need for interfaces with secure authentication and authorization mechanisms increases, as does the complexity and operational costs of the public key infrastructures required for the identity and key management. While today's centralized public key infrastructures have proven to be technically feasible in confined and trusted spaces, they do not provide the required security for access control once centralized identity providers must be avoided because of limited cross-domain interoperability, national data protection legislation, or geopolitical-strategic reasons. Recent decentralized identity management concepts, such as the W3C recommendation of Decentralized Identifiers, provide a secure, tamper-proof, and cross-domain identity management alternative for future multi-stakeholder 6G networks without relying on centralized identity provider or certification authorities. This article introduces the concept of Decentralized Identifiers together with the principles of Self-sovereign Identity and discusses opportunities and potential benefits of their application and usage for cross-domain and privacy-preserving identity and key management in 6G networks.

Decentralized Identifiers and Self-sovereign Identity in 6G

TL;DR

The paper addresses identity management challenges in 6G's multi-stakeholder, cross-domain environment by advocating Decentralized Identifiers (DIDs) and Self-Sovereign Identity (SSI) as a privacy-preserving alternative to centralized PKIs. It maps DIDs and SSI to both the management/access and application planes, proposing a distributed ledger as a tamper-evident, cross-domain source of verification data while keeping personal data off-ledger. Key contributions include practical use cases for cross-domain roaming, network slices, and NF authorization, illustrating CA-free key management and VC-based authorizations that reduce reliance on centralized authorities. The work highlights significant potential for improved security, privacy by design, and operational efficiency in 6G, while outlining governance, standardization, and scalability challenges that warrant further research.

Abstract

A key challenge for mobile network operators in 6G is to bring together and orchestrate a variety of new emerging players of today's mobile ecosystems in order to provide economically viable and seamless mobile connectivity in form of a multi-stakeholder service. With each new player, be it a cloud, edge or hardware provider, the need for interfaces with secure authentication and authorization mechanisms increases, as does the complexity and operational costs of the public key infrastructures required for the identity and key management. While today's centralized public key infrastructures have proven to be technically feasible in confined and trusted spaces, they do not provide the required security for access control once centralized identity providers must be avoided because of limited cross-domain interoperability, national data protection legislation, or geopolitical-strategic reasons. Recent decentralized identity management concepts, such as the W3C recommendation of Decentralized Identifiers, provide a secure, tamper-proof, and cross-domain identity management alternative for future multi-stakeholder 6G networks without relying on centralized identity provider or certification authorities. This article introduces the concept of Decentralized Identifiers together with the principles of Self-sovereign Identity and discusses opportunities and potential benefits of their application and usage for cross-domain and privacy-preserving identity and key management in 6G networks.
Paper Structure (8 sections, 5 figures, 1 table)

This paper contains 8 sections, 5 figures, 1 table.

Figures (5)

  • Figure 1: Centralized (today) vs. decentralized IDM with DIDs in 6G (vision). [iPhone is a registered trademark of Apple Inc.; T-Mobile is a registered trademark of Deutsche Telekom AG; Vodafone is a registered trademark of Vodafone Group PLC.; Lissi: https://lissi.id]
  • Figure 2: Exemplary DID document
  • Figure 3: Cross-slice and cross-PLMN decentralized PKI with DIDs
  • Figure 4: Self-sovereign Identity methodology with DIDs
  • Figure 5: Decoupled centralized IDM (today) vs. unified decentralized IDM according to SSI principles (vision)