Identity and Access Management for the Computing Continuum

• URL: http://arxiv.org/abs/2506.09559v1
• Date: Wed, 11 Jun 2025 09:45:25 GMT
• Title: Identity and Access Management for the Computing Continuum
• Authors: Chalima Dimitra Nassar Kyriakidou, Athanasia Maria Papathanasiou, Vasilios A. Siris, Nikos Fotiou, George C. Polyzos, Eduardo Cánovas Martínez, Antonio Skarmeta,
• Abstract summary: We propose a Zero-Trust (ZT) access control solution that leverages decentralized identification and authentication mechanisms.<n>We employ Relationship-Based Access Control (ReBAC) to define policies that capture the evolving trust relationships inherent in the continuum.
• Score: 3.27091747384484
• License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
• Abstract: The computing continuum introduces new challenges for access control due to its dynamic, distributed, and heterogeneous nature. In this paper, we propose a Zero-Trust (ZT) access control solution that leverages decentralized identification and authentication mechanisms based on Decentralized Identifiers (DIDs) and Verifiable Credentials (VCs). Additionally, we employ Relationship-Based Access Control (ReBAC) to define policies that capture the evolving trust relationships inherent in the continuum. Through a proof-of-concept implementation, we demonstrate the feasibility and efficiency of our solution, highlighting its potential to enhance security and trust in decentralized environments.

Related papers

• Endorsement-Driven Blockchain SSI Framework for Dynamic IoT Ecosystems [0.39462888523270856]
  Self-Sovereign Identity (SSI) offers significant potential for managing identities in the Internet of Things (IoT)<n>Existing SSI frameworks limit issuance credential and revocation to trusted entities, such as IoT manufacturers.<n>We propose a blockchain-based SSI framework that allows any individual with a verifiable trust linkage to act as a credential issuer.
  arXiv  Detail & Related papers  (2025-07-14T02:03:14Z)
• Next Generation Authentication for Data Spaces: An Authentication Flow Based On Grant Negotiation And Authorization Protocol For Verifiable Presentations (GNAP4VP) [0.0]
  This paper presents an identity verification protocol tailored for shared data environments within Data Spaces.<n>The proposed solution adheres to the principles of Self-Sovereign Identity (SSI) to facilitate decentralized, user-centric identity management.
  arXiv  Detail & Related papers  (2025-05-30T15:20:39Z)
• Zero-Trust Foundation Models: A New Paradigm for Secure and Collaborative Artificial Intelligence for Internet of Things [61.43014629640404]
  Zero-Trust Foundation Models (ZTFMs) embed zero-trust security principles into the lifecycle of foundation models (FMs) for Internet of Things (IoT) systems.<n>ZTFMs can enable secure, privacy-preserving AI across distributed, heterogeneous, and potentially adversarial IoT environments.
  arXiv  Detail & Related papers  (2025-05-26T06:44:31Z)
• A Novel Zero-Trust Identity Framework for Agentic AI: Decentralized Authentication and Fine-Grained Access Control [7.228060525494563]
  This paper posits the imperative for a novel Agentic AI IAM framework.<n>We propose a comprehensive framework built upon rich, verifiable Agent Identities (IDs)<n>We also explore how Zero-Knowledge Proofs (ZKPs) enable privacy-preserving attribute disclosure and verifiable policy compliance.
  arXiv  Detail & Related papers  (2025-05-25T20:21:55Z)
• SLVC-DIDA: Signature-less Verifiable Credential-based Issuer-hiding and Multi-party Authentication for Decentralized Identity [21.498265818902464]
  Verifiable Credential techniques are used to facilitate decentralized DID-based access control across multiple entities.<n>Existing DID schemes generally rely on a distributed public key infrastructure that also causes challenges.<n>This paper proposes a Permanent-Hiding (PIH)-based DID-based multi-party authentication framework with a signature-less VC model, named SLVC-DIDA.
  arXiv  Detail & Related papers  (2025-01-19T13:58:01Z)
• Distributed Identity for Zero Trust and Segmented Access Control: A Novel Approach to Securing Network Infrastructure [4.169915659794567]
  This study assesses security improvements achieved when distributed identity is employed with ZTA principle.<n>The study suggests adopting distributed identities can enhance overall security postures by an order of magnitude.<n>The research recommends refining technical standards, expanding the use of distributed identity in practice, and its applications for the contemporary digital security landscape.
  arXiv  Detail & Related papers  (2025-01-14T00:02:02Z)
• Protocol Learning, Decentralized Frontier Risk and the No-Off Problem [56.74434512241989]
  We identify a third paradigm - Protocol Learning - where models are trained across decentralized networks of incentivized participants.<n>This approach has the potential to aggregate orders of magnitude more computational resources than any single centralized entity.<n>It also introduces novel challenges: heterogeneous and unreliable nodes, malicious participants, the need for unextractable models to preserve incentives, and complex governance dynamics.
  arXiv  Detail & Related papers  (2024-12-10T19:53:50Z)
• A Survey and Comparative Analysis of Security Properties of CAN Authentication Protocols [92.81385447582882]
  The Controller Area Network (CAN) bus leaves in-vehicle communications inherently non-secure. This paper reviews and compares the 15 most prominent authentication protocols for the CAN bus. We evaluate protocols based on essential operational criteria that contribute to ease of implementation.
  arXiv  Detail & Related papers  (2024-01-19T14:52:04Z)
• Combining Decentralized IDentifiers with Proof of Membership to Enable Trust in IoT Networks [44.99833362998488]
  The paper proposes and discusses an alternative (mutual) authentication process for IoT nodes under the same administration domain. The main idea is to combine the Decentralized IDentifier (DID)-based verification of private key ownership with the verification of a proof that the DID belongs to an evolving trusted set.
  arXiv  Detail & Related papers  (2023-10-12T09:33:50Z)
• Networked Communication for Decentralised Agents in Mean-Field Games [59.01527054553122]
  We introduce networked communication to the mean-field game framework.<n>We prove that our architecture has sample guarantees bounded between those of the centralised- and independent-learning cases.<n>We show that our networked approach has significant advantages over both alternatives in terms of robustness to update failures and to changes in population size.
  arXiv  Detail & Related papers  (2023-06-05T10:45:39Z)
• Privacy-Preserving Joint Edge Association and Power Optimization for the Internet of Vehicles via Federated Multi-Agent Reinforcement Learning [74.53077322713548]
  We investigate the privacy-preserving joint edge association and power allocation problem. The proposed solution strikes a compelling trade-off, while preserving a higher privacy level than the state-of-the-art solutions.
  arXiv  Detail & Related papers  (2023-01-26T10:09:23Z)
• Regulation conform DLT-operable payment adapter based on trustless - justified trust combined generalized state channels [77.34726150561087]
  Economy of Things (EoT) will be based on software agents running on peer-to-peer trustless networks. We give an overview of current solutions that differ in their fundamental values and technological possibilities. We propose to combine the strengths of the crypto based, decentralized trustless elements with established and well regulated means of payment.
  arXiv  Detail & Related papers  (2020-07-03T10:45:55Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.