Master's Thesis Carsten Sehlke
Abstract
In the physical world, we are pretty used to identity management. We receive, keep, and share our ID cards and paper-based certificates on many occasions in our life.
Moving this credential life-cycle into the digital world while keeping it tamper-proofed, privacy-enabling, and putting the holder in complete control of the credential has not been easy. Therefore, many people came up with various approaches to tackle this issue.
This thesis develops a proof of concept integrated into the student information management system CAMPUSonline for issuing digitally verifiable credentials based on the ELMO data structure and transferring them to a student’s wallet. Further, we collect requirements specific to this CAMPUSonline integration and analyze currently available wallet software for verifiable credentials and their approaches for transferring these credentials from an organization’s application to the end-user’s wallet.
The result serves as a proof of concept implementation for issuing university degree certificates as digital credentials with self-sovereign identity ideals in mind. Furthermore, it highlights possible adaptions for a production-ready implementation and the limitations this prototype still has.
Keywords: Self-Sovereign Identity; Decentralized Identifier; Verifiable Credential; Digital Credential; ELMO; European Learning Model; CAMPUSonline; Student Information Management System; University Diploma Issuance Process
Research Questions
- What implementation-specific requirements emerge from the process-specific ones for transforming the local student information system?
- What is the current state of the art for issuing digitally verifiable credentials to clients?
- What protocols for transferring verifiable credentials exist?
- What kind of wallet software to store and manage verifiable credentials exists?
- What data in the student information system CAMPUSonline is relevant, where is it located, and how can it be accessed?
- What does it need to develop a module for the existing student information systems CAMPUSonline to issue verifiable credentials?
- What kind of additional hardware is necessary for this transformation?
- What kind of additional software is necessary for this transformation?
- Which configuration changes to the existing system are necessary, e.g., to the firewall or network settings?
- How is the verifiable credential delivered to the student's wallet?
- To what extent does the implemented solution enable the automated issuance process of university degrees as verifiable credentials?
- What are the limitations of the prototype system?
| Attribute | Value |
|---|---|
| Title (de) | Transformation der digitalen Zeugniserstellung einer Universität zur Unterstützung selbstbestimmter Identitäten |
| Title (en) | Transforming a Digital University Degree Issuance Process Towards Self-Sovereign Identity |
| Project | Digital Credentials for Higher Education Institutions (DiBiHo) |
| Type | Master's Thesis |
| Status | completed |
| Student | Carsten Sehlke |
| Advisor | Felix Hoops |
| Supervisor | Prof. Dr. Florian Matthes |
| Start Date | 15.03.2022 |
| Sebis Contributor Agreement signed on | 25.02.2022 |
| Checklist filled | Yes |
| Submission date | 15.09.2022 |