Design And Implementation Of Digital Identity Management System Based On Blockchain

With the continuous development of Internet technology,the network data resources are increasingly rich,which brings all kinds of conveniences to people's lives,and it also spawns information security issues that need to be resolved.Identity authentication is the first checkpoint to protect user data resources in the network.The existing identity management system has some shortcomings:(1)The standard of the identity management mechanism is not uniform,there is a strong trust relationship between organizations,and it is not easy to integrate different application services;(2)Identity management relies on a third-party authoritative central agency,identity information is easily leaked and misused;(3)The user data access control mechanism is incomplete,users lack autonomy over their own data,and user data is easily stolen.Therefore,how to manage the identities of different systems and corresponding user data resources has become a challenging problem.In view of the above requirements,this thesis proposes and implements a blockchain-based digital identity management system Wise Identity.The system is based on the decentralized identity DID standard proposed by the World Wide Web Consortium,and provides a unified decentralized identity for users' digital identities and data resources.On this basis,users can manage their personal digital identities and data access rights.The main work of this thesis includes:(1)Aiming at the needs and characteristics of decentralized identity identification and management,the overall design scheme of the digital identity management system Wise Identity is proposed,including the design of main functional modules such as identity selective disclosure,data access authorization,data query and their interfaces.(2)Based on the W3C's DID standard,a DID document format Wise DID is proposed,which can decentralize user identification and data without relying on any centralized identity management organization.(3)A method of constructing identity credentials based on the Merkle tree algorithm and blockchain is proposed.Based on the Merkle tree,a digest calculation method that represents identity credentials is designed.The initiative to disclose identity credentials is handed over to users,and user disclosure is verified through smart contracts The legitimacy of the solution solves the problem that the user's identity information is controlled and traded by various platform service providers under the current Internet environment,but the user is powerless.(4)A fine-grained access control mechanism for user data based on the ciphertext policy attribute encryption algorithm(CP-ABE)and blockchain is proposed,including an authorization method and a permission authentication method.While ensuring that access control data cannot be tampered with,safe and reliable,users can perform attribute-based and user-based fine-grained authorization on data accessors,effectively avoiding the problem of user data being stolen.(5)On the basis of the above research,the prototype system of Wise Identity was designed and implemented,and experimental tests were carried out.The test results show that the solution in this paper is effective,can achieve the user's independent management of personal digital identity and data access rights,and performs well in terms of security and performance,reaching the expected goal.