Identity Management and Access Control mechanisms are present in practically every digital application. Companies, public administrations or universities have deployed these mechanisms to ensure that appropriate users access to the services that are entitled to them. The main objective of this integration is to protect private personal and professional information from malicious actors.Digital services have grown exponentially, forcing Identity Management models to move from a centralised to a federated approach to improve the user experience and bridge some security loopholes. Nowadays, federated identity management systems are still in use but giving users a little more control over their data. Their design and implementation poses a number of challenges that depend on the characteristics of each environment and the privacy's level required. However, people still have little control over their identity and how their information is shared between organizations. In recent years, a new paradigm in identity management has been emerging to give people autonomy over their digital identities: Self Sovereign Identity. It is at an early stage and opens up a number of opportunities and challenges.Nowadays, an increasing number of businesses are exploiting data obtained from a variety of sources. In this sense, due to the Industry 4.0 paradigm new spaces are emerging for data sharing between companies to improve production chains, and with it, new ways of controlling access to data. Traditional access control mechanisms does not fulfil the trust, governance and usage requirements that these cases need, giving rise to new challenges to be addressed. This thesis proposes a set of architectures, models and mechanisms to address the challenges identified in the scope of identity and access management and contribute to improve the security and privacy of that field. The starting point of the thesis is the design and evaluation of delegated authentication systems for non-interface and resource-constrained devices. These systems aim to improve the security of devices in these contexts and even improve their efficiency. The next step is to implement an Industry 4.0 standard for data sharing between organizations which allows to guarantee trust, data governance and secure data exchange. In this context, a model for enabling data usage control is presented. This model allows the management and definition of both access and usage control policies.Subsequently, a number of contributions are proposed in relation with European electronic IDentification and the eIDAS regulation. They enrich and simplify the authentication process for service providers and citizens. The first one extends the number of attributes of the eIDAS profile. The second extends the eIDAS basic architecture to obtain these attributes. Finally, another architecture is proposed for facilitating the integration of service providers into the eIDAS infrastructure.Finally, the new Self Sovereign Identity paradigm is approached. A study of opportunities and challenges is...
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
customersupport@researchsolutions.com
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Copyright © 2025 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.