|
Work item:
|
X.2310 (ex X.srdidm)
|
|
Subject/title:
|
Security requirements for decentralized identity management systems using distributed ledger technology
|
|
Status:
|
Consented on 2025-12-11 [Issued from previous study period]
|
|
Approval process:
|
AAP
|
|
Type of work item:
|
Recommendation
|
|
Version:
|
New
|
|
Equivalent number:
|
-
|
|
Timing:
|
2025-12 (No priority specified)
|
|
Liaison:
|
ISO/TC 307, ISO/IEC JTC 1/SC 27
|
|
Supporting members:
|
Korea (Republic of); KISA; Soonchunhyang University
|
|
Summary:
|
This Recommendation defines decentralized identity management models (such as basic model, custody and delegation model and self-issue model) and assurance levels (such as AL1 (Low), AL2 (Substantial) and AL3 (High)) accordingly, which are based on use cases of decentralized identity management systems using distributed ledger technology (DLT). For example, the basic model can be applied to AL2 or AL3. The custody and delegation model can be applied to AL2 or AL3. Also, the self-issue model can be applied to AL1; for example, aspects of claims, a driving licence can be applied to AL3. A vaccination certificate can be applied to AL2, and a digital business card can be applied to AL1.
This Recommendation identifies security threats to decentralized identity management systems using DLT, which are related to confidentiality, integrity and availability (CIA). Additionally, this Recommendation specifies security requirements against the identified security threats.
|
|
Comment:
|
-
|
|
Reference(s):
|
|
|
Historic references:
|
|
Contact(s):
|
|
| ITU-T A.5 justification(s): |
|
|
|
|
First registration in the WP:
2021-09-06 16:24:44
|
|
Last update:
2026-01-14 13:55:23
|
