Digital Identity Management: Technology and Applications

Jump to content

BAN444 Digital Identity Management: Technology and Applications

Autumn 2024

Spring 2025

  • Topics

    Effective identity management is essential for secure organizational processes, but many organizations do not approach it strategically. Instead, they rely on usernames and passwords, which are often tedious and insecure. New technological solutions try to solve these issues, either narrowly focusing on authentication (e.g., passkeys), identification (e.g., national eIDs), or with a much broader scope (e.g., the European digital identity wallets). In this course, we unpack the limitations of traditional digital identity management and discuss the opportunities and challenges of these emerging technological solutions, with a focus on digital identity wallets.

    The purpose of this course is to introduce students to the key questions of modern digital identity management. It will begin with an introduction to the technical building blocks of modern digital identity management. We will then identify end user and organizational requirements, and map today’s identity management solutions against those requirements. The second half of the course will then focus on European digital identity wallets. By extracting their key benefits and challenges, students will learn where and how they can create value. The course will answer questions such as:

    • What is the feature scope of digital identity management solutions?
    • What are the core technical building blocks of digital identity management solutions?
    • What are the benefits and challenges of today’s digital identity management solutions?
    • Where can digital identity wallets make a difference and how?
    • What are zero-knowledge proofs and how can they improve data protection in digital identity wallets?

  • Learning outcome

    Upon successful completion of the course, the students

    Knowledge:

    • Understand the core features of digital identity management solutions
    • Understand the role of public key cryptography and in particular digital signatures in modern digital identity management
    • Understand the key requirements for digital identity management solutions in the private and public sector
    • Understand the limitations of existing digital identity management solutions
    • Understand the economic potential of improved digital identity management solutions in general and of digital identity wallets in particular
    • Understand deployment challenges for digital identity wallets
    • Understand privacy requirements of modern digital identity solutions and how zero-knowledge proofs can address them
    • Understand the relationship between digital identity management and other emerging technologies:
    • Understand how artificial intelligence (AI) can benefit from digital identity management,
    • Understand how digital identity wallets can contribute to combatting (AI-generated) disinformation on social media platforms
    • Understand the impact of digital identity management solutions on the Internet of Things (IoT)
    • Understand the impact of quantum computing on today’s digital identity management solutions
    • Understand the role of blockchain technology for digital identity management and vice versa

    Skills:

    • Can recognize misconceptions about technical, economic, and organizational aspects of digital identity management solutions
    • Can identify use cases that can benefit from digital identity wallets
    • Can identify the key opportunities and challenges associated with digital identity wallets

    General competencies:

    • Understand the role of digital identity management for secure organizational processes
    • Can map different identity management solutions to the specific requirements of different application contexts

  • Teaching

    This course combines lectures and tutorials on using digital signatures and digital identity wallets. Students are encouraged to have a laptop running Adobe Acrobat Reader and a mobile phone running Android or iOS.

  • Credit reduction due to overlap

    None.

  • Compulsory Activity

    None.

  • Assessment

    Term paper (3000-3500 words) written in groups of 2-3 students within one month after the final lecture.

  • Computer tools

    Adobe Acrobat Reader.

  • Literature

    • Anderson, Ross (2011). "Can we fix the security economics of federated authentication?" In: Proceedings of the 19th International Workshop on Security Protocols, pp. 25-32. https://www.doi.org/10.1007/978-3-642-25867-1_4https://www.doi.org/10.1007/978-3-642-25867-1_4
    • Feulner, Simon, Johannes Sedlmeir, Vincent Schlatt, and Nils Urbach (2022). Exploring the use of self-sovereign identity for event ticketing systems. Electronic Markets, 32(3), 1759-1777. https://doi.org/10.1007/s12525-022-00573-9https://doi.org/10.1007/s12525-022-00573-9
    • Glöckler, Jana, Johannes Sedlmeir, Muriel Frank, and Gilbert Fridgen (2023). "A systematic review of identity and access management requirements in enterprises and potential contributions of self-sovereign identity". Business & Information Systems Engineering. https://doi.org/10.1007/s12599-023-00830-xhttps://doi.org/10.1007/s12599-023-00830-x

    Lacity, Mary and Erran Carmel (2022). "Self-sovereign identity and verifiable credentials

    in your digital Wallet". In: MIS Quarterly Executive 21 (3). https://doi.org/10.17705/2msqe.00068https://doi.org/10.17705/2msqe.00068

    • Lacity, Mary, Erran Carmel, Amber Grace Young, and Tamara Roth (2023). "The quiet corner of Web3 that means business". MIT Sloan Management Review 64 (3). https://sloanreview.mit.edu/article/the-%20quiet-%20corner-%20of-%20web3-that-means-business/https://sloanreview.mit.edu/article/the- quiet- corner- of- web3-that-means-business/
    • Lassak, Leona, Elleen Pan, Blase Ur, and Maximilian Golla (2024). "Why aren’t we using Passkeys? Obstacles companies face deploying FIDO2 passwordless authentication". In: USENIX Security Symposium. https://www.usenix.org/system/files/sec24summer-prepub-618-lassak.pdfhttps://www.usenix.org/system/files/sec24summer-prepub-618-lassak.pdf
    • Maler, Eve and Drummond Reed (2008). The venn of identity: Options and issues in federated identity management. IEEE Security & Privacy, 6(2), 16-23. https://doi.org/10.1109/MSP.2008.50https://doi.org/10.1109/MSP.2008.50
    • McKinsey & Company (2020). Digital ID: The opportunities and the risks. https://www.mckinsey.com/industries/financial-services/our-insights/banking-matters/digital-id-the-opportunities-and-the-riskshttps://www.mckinsey.com/industries/financial-services/our-insights/banking-matters/digital-id-the-opportunities-and-the-risks
    • Miebach, Michael (2023). "The crucial role of ID verification in the digital economy". Harvard Business Review. https://hbr.org/2023/09/the-crucial-role-of-id-verification-in-the-digital-economyhttps://hbr.org/2023/09/the-crucial-role-of-id-verification-in-the-digital-economy
    • Preukschat, Alex, and Drummond Reed. (2021). Self-Sovereign Identity: Decentralized digital identity and verifiable credentials. Manning Publications Co.
    • Rieger, Alexander, Tamara Roth, Johannes Sedlmeir, Linda Weigl, and Gilbert Fridgen (2022). "Not yet another digital identity". Nature Human Behaviour 6 (1), p. 3. https://doi.org/10.1038/s41562-021-01243-0https://doi.org/10.1038/s41562-021-01243-0
    • Schlatt, Vincent, Johannes Sedlmeir, Simon Feulner, and Nils Urbach (2022). "Designing a framework for digital KYC processes built on blockchain-based self-sovereign identity". Information & Management 59 (7). https://doi.org/10.1016/j.im.2021.103553https://doi.org/10.1016/j.im.2021.103553
    • Sedlmeir, Johannes, Tom Barbereau, Jasmin Huber, Linda Weigl, and Tamara Roth (2022). Transition pathways towards design principles of self-sovereign identity. In: Proceedings of the 43rd International Conference on Information Systems. https://aisel.aisnet.org/icis2022/is_implement/is_implement/4/https://aisel.aisnet.org/icis2022/is_implement/is_implement/4/
    • Sedlmeir, Johannes, Reilly Smethurst, Alexander Rieger, and Gilbert Fridgen (2021). Digital identities and verifiable credentials. Business & Information Systems Engineering, 63, 603-613. https://doi.org/10.1007/s12599-021-00722-yhttps://doi.org/10.1007/s12599-021-00722-y
    • Sedlmeir, Johannes, Alexander Rieger, Tamara Roth, and Gilbert Fridgen (2023). Battling disinformation with cryptography. Nature Machine Intelligence 5, 1056-1057. https://doi.org/10.1038/s42256-023-00733-2https://doi.org/10.1038/s42256-023-00733-2
    • Whitley, Edgar A, Uri Gal, and Annemette Kjaergaard (2014). "Who do you think you are? A review of the complex interplay between information systems, identification and identity". European Journal of Information Systems 23 (1), pp. 17-35. https://doi.org/10.1057/ejis.2013.34https://doi.org/10.1057/ejis.2013.34

Overview

ECTS Credits
2.5
Teaching language
English.
Semester

Spring. Offered spring 2025 (first time - first week of the semester).

Course responsible

Dr. Alexander Rieger, Sam M. Walton College of Business, University of Arkansas.

Dr. Johannes Sedlmeir, FINATRAX Research Group, Interdisciplinary Center for Security, Reliability, and Trust, University of Luxembourg (Main course responsible).

Associate Professor Iver Bragelien, Department of Business and Management Science (contact person).