Date Published: July 9, 2019
Comments Due: August 9, 2019 (public comment period is CLOSED)
Email Questions to:
blockchain-idms-paper@nist.gov
Traditional identity management has typically involved the storing of user credentials (e.g., passwords) by organizations and third parties, which often results in concerns over interoperability, security, and privacy. However, a possible solution has emerged through the use of blockchain technology to create novel identity management approaches with built-in control and consent mechanisms. This can potentially transform data governance and ownership models by enabling users to control their data and share select personal information, while helping businesses streamline operations by relying on verified user information without having to maintain the infrastructure themselves.
This Draft NIST Cybersecurity White Paper provides an overview of the standards, building blocks, and system architectures that support emerging blockchain-based identity management systems and selective disclosure mechanisms. The document considers the full spectrum of top-down versus bottom-up governance models for both identifier and credential management and addresses some of the risks and security concerns that may arise. The terminology, concepts, properties, and architectures introduced in this work can facilitate understanding and communications amongst business owners, software developers, cybersecurity professionals within an organization, and individuals who are or will be using such systems.
When submitting your comments, we encourage you to use our comment template.
None selected
Publication:
https://doi.org/10.6028/NIST.CSWP.9.ipd
Download URL
Supplemental Material:
Local Download (pdf)
Comment template (xlsx)
Document History:
07/09/19: CSWP 9 (Draft)
01/14/20: CSWP 9 (Final)
authentication, digital signatures, key management, privacy, public key infrastructure
Technologies