Abstract: Online services, particularly those aimed at a specific user base such as a company’s employees, face the problem of identity management. Especially when the service constitutes some kind of social network, i.e., the validity of the users’ identities matters, secure and reliable means for identity verification and authentication are required. In this paper, predicated on our previous work, we propose an identity management concept based on a) verification through physical presence and b) authentication through ownership. Our approach being a hybrid solution between a centralized authority and decentralized trust management is settled on a sweet spot between security and convenience for the users. In this extended version, we present the newly proposed Tree of Trust structure in more detail, and provide a thourough explanation how the system can be used in a technically more distributed manner, even supporting offline operation.
Journal: International Journal On Advances in Life Sciences