Date of Award
Summer 2024
Document Type
Thesis
Degree Name
Master of Science (MS)
Department/Program
Digital Forensics and Cybersecurity
Language
English
First Advisor or Mentor
Shweta Jain
Second Reader
Adam Wandt
Third Advisor
Hunter Johnson
Abstract
In the era of digital transformation, ensuring secure and privacy-preserving access control mechanisms is of paramount importance. Traditional identity-based access control systems often fall short in providing granular control and user autonomy over digital identities. This thesis presents a novel approach to access control by leveraging the power of verifiable credentials and attribute-based access control. The proposed system introduces a decentralized and user-centric framework that enables fine-grained access control based on specific attributes encapsulated within verifiable credentials. These tamper-evident digital credentials, stored in a user's digital wallet, contain a rich set of attributes that can be selectively disclosed to grant or deny access to resources and services. The proposed decentralized solution utilizes decentralized identifiers (DIDs), verifiable credentials (VCs), and zero-knowledge proofs (ZKPs) to overcome these limitations. The system is built on Polygon ID, integrating blockchain for secure Verifiable Credential management. The proposed system empowers users with control over digital identities, ensures credential authenticity, supports selective disclosure for privacy, and enables context-aware access restrictions based on location, time, or other attributes. It aims to establish a trustworthy and standardized decentralized identity ecosystem suitable for sectors like finance, healthcare, and government services.
Recommended Citation
Dumpa, Srinivasa, "Attribute-Based fine-grained Access Control using Verifiable Credentials" (2024). CUNY Academic Works.
https://academicworks.cuny.edu/jj_etds/324