{"id":"https://openalex.org/W4207015874","doi":"https://doi.org/10.1109/ssci50451.2021.9659929","title":"An Attack Tree Based Risk Analysis Method for Investigating Attacks and Facilitating Their Mitigations in Self-Sovereign Identity","display_name":"An Attack Tree Based Risk Analysis Method for Investigating Attacks and Facilitating Their Mitigations in Self-Sovereign Identity","publication_year":2021,"publication_date":"2021-12-05","ids":{"openalex":"https://openalex.org/W4207015874","doi":"https://doi.org/10.1109/ssci50451.2021.9659929"},"language":"en","primary_location":{"id":"doi:10.1109/ssci50451.2021.9659929","is_oa":false,"landing_page_url":"https://doi.org/10.1109/ssci50451.2021.9659929","pdf_url":null,"source":{"id":"https://openalex.org/S4363604921","display_name":"2021 IEEE Symposium Series on Computational Intelligence (SSCI)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2021 IEEE Symposium Series on Computational Intelligence (SSCI)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5089628794","display_name":"Nitin Naik","orcid":"https://orcid.org/0000-0002-0659-9646"},"institutions":[{"id":"https://openalex.org/I169199633","display_name":"Aston University","ror":"https://ror.org/05j0ve876","country_code":"GB","type":"education","lineage":["https://openalex.org/I169199633"]}],"countries":["GB"],"is_corresponding":true,"raw_author_name":"Nitin Naik","raw_affiliation_strings":["School of Informatics and Digital Engineering, Aston University, United Kingdom"],"affiliations":[{"raw_affiliation_string":"School of Informatics and Digital Engineering, Aston University, United Kingdom","institution_ids":["https://openalex.org/I169199633"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5008753868","display_name":"Paul Grace","orcid":"https://orcid.org/0000-0003-2363-0630"},"institutions":[{"id":"https://openalex.org/I169199633","display_name":"Aston University","ror":"https://ror.org/05j0ve876","country_code":"GB","type":"education","lineage":["https://openalex.org/I169199633"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Paul Grace","raw_affiliation_strings":["School of Informatics and Digital Engineering, Aston University, United Kingdom"],"affiliations":[{"raw_affiliation_string":"School of Informatics and Digital Engineering, Aston University, United Kingdom","institution_ids":["https://openalex.org/I169199633"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5064994129","display_name":"Paul Jenkins","orcid":"https://orcid.org/0000-0002-9854-9450"},"institutions":[{"id":"https://openalex.org/I8408910","display_name":"Cardiff Metropolitan University","ror":"https://ror.org/00bqvf857","country_code":"GB","type":"education","lineage":["https://openalex.org/I8408910"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Paul Jenkins","raw_affiliation_strings":["Cardiff School of Technologies, Cardiff Metropolitan University, United Kingdom"],"affiliations":[{"raw_affiliation_string":"Cardiff School of Technologies, Cardiff Metropolitan University, United Kingdom","institution_ids":["https://openalex.org/I8408910"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5089628794"],"corresponding_institution_ids":["https://openalex.org/I169199633"],"apc_list":null,"apc_paid":null,"fwci":2.1566,"has_fulltext":false,"cited_by_count":24,"citation_normalized_percentile":{"value":0.904511,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":97,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"8"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10237","display_name":"Cryptography and Data Security","score":0.9993000030517578,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10237","display_name":"Cryptography and Data Security","score":0.9993000030517578,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11614","display_name":"Cloud Data Security Solutions","score":0.9991000294685364,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":0.9973999857902527,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.7589508891105652},{"id":"https://openalex.org/keywords/identity","display_name":"Identity (music)","score":0.6596167683601379},{"id":"https://openalex.org/keywords/identity-theft","display_name":"Identity theft","score":0.6392633318901062},{"id":"https://openalex.org/keywords/digital-identity","display_name":"Digital identity","score":0.5988811254501343},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.5773797035217285},{"id":"https://openalex.org/keywords/denial-of-service-attack","display_name":"Denial-of-service attack","score":0.45153433084487915},{"id":"https://openalex.org/keywords/security-controls","display_name":"Security controls","score":0.44477128982543945},{"id":"https://openalex.org/keywords/security-analysis","display_name":"Security analysis","score":0.4405524730682373},{"id":"https://openalex.org/keywords/identity-management","display_name":"Identity management","score":0.43115025758743286},{"id":"https://openalex.org/keywords/internet-privacy","display_name":"Internet privacy","score":0.3981552720069885},{"id":"https://openalex.org/keywords/control","display_name":"Control (management)","score":0.3750282824039459},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.3424527645111084},{"id":"https://openalex.org/keywords/access-control","display_name":"Access control","score":0.2004868984222412},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.08147168159484863},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.07701048254966736}],"concepts":[{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.7589508891105652},{"id":"https://openalex.org/C2778355321","wikidata":"https://www.wikidata.org/wiki/Q17079427","display_name":"Identity (music)","level":2,"score":0.6596167683601379},{"id":"https://openalex.org/C522325796","wikidata":"https://www.wikidata.org/wiki/Q471880","display_name":"Identity theft","level":2,"score":0.6392633318901062},{"id":"https://openalex.org/C2779813694","wikidata":"https://www.wikidata.org/wiki/Q528053","display_name":"Digital identity","level":3,"score":0.5988811254501343},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.5773797035217285},{"id":"https://openalex.org/C38822068","wikidata":"https://www.wikidata.org/wiki/Q131406","display_name":"Denial-of-service attack","level":3,"score":0.45153433084487915},{"id":"https://openalex.org/C178148461","wikidata":"https://www.wikidata.org/wiki/Q1632136","display_name":"Security controls","level":3,"score":0.44477128982543945},{"id":"https://openalex.org/C38369872","wikidata":"https://www.wikidata.org/wiki/Q7445009","display_name":"Security analysis","level":2,"score":0.4405524730682373},{"id":"https://openalex.org/C555379026","wikidata":"https://www.wikidata.org/wiki/Q977772","display_name":"Identity management","level":3,"score":0.43115025758743286},{"id":"https://openalex.org/C108827166","wikidata":"https://www.wikidata.org/wiki/Q175975","display_name":"Internet privacy","level":1,"score":0.3981552720069885},{"id":"https://openalex.org/C2775924081","wikidata":"https://www.wikidata.org/wiki/Q55608371","display_name":"Control (management)","level":2,"score":0.3750282824039459},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.3424527645111084},{"id":"https://openalex.org/C527821871","wikidata":"https://www.wikidata.org/wiki/Q228502","display_name":"Access control","level":2,"score":0.2004868984222412},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.08147168159484863},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.07701048254966736},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.0},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.0},{"id":"https://openalex.org/C24890656","wikidata":"https://www.wikidata.org/wiki/Q82811","display_name":"Acoustics","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/ssci50451.2021.9659929","is_oa":false,"landing_page_url":"https://doi.org/10.1109/ssci50451.2021.9659929","pdf_url":null,"source":{"id":"https://openalex.org/S4363604921","display_name":"2021 IEEE Symposium Series on Computational Intelligence (SSCI)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2021 IEEE Symposium Series on Computational Intelligence (SSCI)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16","score":0.800000011920929}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":11,"referenced_works":["https://openalex.org/W2064241518","https://openalex.org/W2398150108","https://openalex.org/W2528263535","https://openalex.org/W2705431144","https://openalex.org/W3041001166","https://openalex.org/W3110872243","https://openalex.org/W3113133964","https://openalex.org/W3129248668","https://openalex.org/W3210082821","https://openalex.org/W3210428544","https://openalex.org/W6812742317"],"related_works":["https://openalex.org/W4308433763","https://openalex.org/W3035518953","https://openalex.org/W3110872243","https://openalex.org/W2898512050","https://openalex.org/W4402073113","https://openalex.org/W4236961386","https://openalex.org/W4386213623","https://openalex.org/W4385282342","https://openalex.org/W2150958676","https://openalex.org/W4246096667"],"abstract_inverted_index":{"Self-Sovereign":[0],"Identity":[1,116],"(SSI)":[2],"is":[3,8,113,213],"a":[4,11,121,165],"digital":[5,27],"identity":[6,20,40,81,196],"that":[7,174],"managed":[9],"in":[10,152],"decentralized":[12],"manner":[13],"utilising":[14],"an":[15,39,63,114,133],"underlying":[16,64],"blockchain.":[17],"It":[18],"allows":[19],"owners":[21,82],"to":[22,41,45,89,102,170,178],"manage":[23],"and":[24,49,77,86,119,148,167,198,215],"store":[25],"their":[26,149,154,217],"identities":[28],"without":[29],"relying":[30],"on":[31,106,144,188],"centralised":[32],"third-party":[33],"providers.":[34],"Providing":[35],"full":[36],"control":[37,76],"of":[38,51,56,124,201],"its":[42,125],"owner":[43],"seeks":[44],"enhance":[46],"the":[47,52,57,90,107,145,189,207],"security":[48,87],"privacy":[50],"individual.":[53],"The":[54,110],"utilisation":[55],"decentralised":[58],"trust":[59],"model":[60,112,169],"provided":[61],"by":[62],"blockchain":[65],"realises":[66],"this":[67,71,130,183],"user-centred":[68],"control.":[69],"However,":[70],"operational":[72],"change":[73],"towards":[74],"greater":[75],"responsibility":[78],"placed":[79],"upon":[80],"poses":[83],"new":[84],"challenges":[85],"threats":[88],"SSI":[91,108,111,146,190],"system.":[92,109],"Heretofore,":[93],"there":[94],"have":[95],"been":[96],"no":[97],"significant":[98],"research":[99],"studies":[100],"performed":[101],"assess":[103],"potential":[104,126,142,186],"attacks":[105,143,187],"emerging":[115],"Management":[117],"model,":[118],"requires":[120],"meticulous":[122],"study":[123],"attack":[127,134,158,172,208],"surfaces.":[128],"Therefore,":[129],"paper":[131],"proposes":[132],"tree":[135,159,209],"based":[136,160,210],"risk":[137,161,180,211],"analysis":[138,162,212],"method":[139,163],"for":[140],"investigating":[141],"system":[147,191],"associated":[150],"risks":[151],"facilitating":[153],"mitigations.":[155],"This":[156],"proposed":[157],"presents":[164],"systematic":[166],"generalised":[168],"generate":[171],"trees":[173],"can":[175],"be":[176],"used":[177],"perform":[179],"analysis.":[181],"In":[182],"investigation,":[184],"three":[185],"are":[192,219],"focused:":[193],"faking":[194],"identity,":[195],"theft":[197],"distributed":[199],"denial":[200],"service":[202],"attacks.":[203],"For":[204],"each":[205],"attack,":[206],"performed;":[214],"subsequently,":[216],"mitigations":[218],"proposed.":[220]},"counts_by_year":[{"year":2026,"cited_by_count":2},{"year":2025,"cited_by_count":5},{"year":2024,"cited_by_count":6},{"year":2023,"cited_by_count":6},{"year":2022,"cited_by_count":5}],"updated_date":"2026-04-06T07:47:59.780226","created_date":"2025-10-10T00:00:00"}