Doctor of Philosophy (PhD)
First Committee Member
Second Committee Member
Third Committee Member
Fourth Committee Member
Fifth Committee Member
Number of Pages
The sharing of private information is a daunting, multifaceted, and expensive undertaking. Furthermore, identity management is an additional challenge that poses significant technological, operational, and legal obstacles. Present solutions and their accompanying infrastructures rely on centralized models that are susceptible to hacking and can hinder data control by the rightful owner. Consequently, blockchain technology has generated interest in the fields of identity and access control. This technology is viewed as a potential solution due to its ability to offer decentralization, transparency, provenance, security, and privacy benefits. Nevertheless, a completely decentralized and private solution that enables data owners to control their private data has yet to be presented.In this dissertation, we introduce DeA2uth, a novel decentralized, authentication and authorization scheme for secure private data transfer. DeA2uth combines blockchain, smart-contracts, decentralized identity, and distributed peer-to-peer (P2P) storage to give users more control of their private data, and permissioning power to share without third party services. For this scheme, identity is proven using decentralized identifiers and verifiable credentials, while authorization to share data is performed using the blockchain. A prototype was developed using the Ethereum Blockchain and the InterPlanetary Files System, a P2P file sharing protocol. We evaluated DeA2uth through use-case studies and metrics such as security, performance, and cost. Our findings indicate DeA2uth to be viable alternative to using centralized services; however, the underlying technologies are still in its infancies and requires more testing before it can supplant traditional services. Overall, this dissertation provides a comprehensive examination of current decentralized technologies and con- tributes to a possible future where users have complete control over their data.
blockchain; decentralization; decentralized identity; InterPlanetary File System; IPFS; smart contracts
University of Nevada, Las Vegas
Austria, Phillipe, "Dea2uth: A Decentralized Authentication and Authorization Scheme for Secure Private Data Transfer" (2023). UNLV Theses, Dissertations, Professional Papers, and Capstones. 4636.
IN COPYRIGHT. For more information about this rights statement, please visit http://rightsstatements.org/vocab/InC/1.0/