{"id":"https://openalex.org/W7125608982","doi":"https://doi.org/10.1145/3778360","title":"A Passwordless Authentication Mechanism for the Web Using Self-Sovereign Identity","display_name":"A Passwordless Authentication Mechanism for the Web Using Self-Sovereign Identity","publication_year":2026,"publication_date":"2026-01-22","ids":{"openalex":"https://openalex.org/W7125608982","doi":"https://doi.org/10.1145/3778360"},"language":"en","primary_location":{"id":"doi:10.1145/3778360","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3778360","pdf_url":null,"source":{"id":"https://openalex.org/S131231701","display_name":"ACM Transactions on the Web","issn_l":"1559-1131","issn":["1559-1131","1559-114X"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ACM Transactions on the Web","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5074132400","display_name":"Md Sadek Ferdous","orcid":"https://orcid.org/0000-0002-8361-4870"},"institutions":[{"id":"https://openalex.org/I47508984","display_name":"Imperial College London","ror":"https://ror.org/041kmwe10","country_code":"GB","type":"education","lineage":["https://openalex.org/I47508984"]},{"id":"https://openalex.org/I5518804","display_name":"BRAC University","ror":"https://ror.org/00sge8677","country_code":"BD","type":"education","lineage":["https://openalex.org/I5518804"]}],"countries":["BD","GB"],"is_corresponding":false,"raw_author_name":"Md Sadek Ferdous","raw_affiliation_strings":["Computer Science and Engineering, BRAC University","Imperial College Business School, Imperial College London"],"raw_orcid":"https://orcid.org/0000-0002-8361-4870","affiliations":[{"raw_affiliation_string":"Computer Science and Engineering, BRAC University","institution_ids":["https://openalex.org/I5518804"]},{"raw_affiliation_string":"Imperial College Business School, Imperial College London","institution_ids":["https://openalex.org/I47508984"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5028729916","display_name":"Md. Yeasin Ali","orcid":"https://orcid.org/0000-0002-7789-9945"},"institutions":[{"id":"https://openalex.org/I5518804","display_name":"BRAC University","ror":"https://ror.org/00sge8677","country_code":"BD","type":"education","lineage":["https://openalex.org/I5518804"]}],"countries":["BD"],"is_corresponding":false,"raw_author_name":"Md Yeasin Ali","raw_affiliation_strings":["BRAC University"],"raw_orcid":"https://orcid.org/0000-0002-7789-9945","affiliations":[{"raw_affiliation_string":"BRAC University","institution_ids":["https://openalex.org/I5518804"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5113348998","display_name":"Fairuz Rahaman Chowdhury","orcid":null},"institutions":[{"id":"https://openalex.org/I4210166452","display_name":"21c Consultancy (United Kingdom)","ror":"https://ror.org/05qkm5r52","country_code":"GB","type":"company","lineage":["https://openalex.org/I4210166452"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Fairuz Rahaman Chowdhury","raw_affiliation_strings":["Cryptic Consultancy Limited"],"raw_orcid":"https://orcid.org/0009-0004-9745-4099","affiliations":[{"raw_affiliation_string":"Cryptic Consultancy Limited","institution_ids":["https://openalex.org/I4210166452"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5123759785","display_name":"Masum Alam Nahid","orcid":null},"institutions":[{"id":"https://openalex.org/I4210166452","display_name":"21c Consultancy (United Kingdom)","ror":"https://ror.org/05qkm5r52","country_code":"GB","type":"company","lineage":["https://openalex.org/I4210166452"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Masum Alam Nahid","raw_affiliation_strings":["Cryptic Consultancy Limited"],"raw_orcid":"https://orcid.org/0009-0003-9829-4720","affiliations":[{"raw_affiliation_string":"Cryptic Consultancy Limited","institution_ids":["https://openalex.org/I4210166452"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5015730689","display_name":"Andrei Ionita","orcid":null},"institutions":[{"id":"https://openalex.org/I4210110507","display_name":"Fraunhofer Institute for Applied Information Technology","ror":"https://ror.org/01ak24c12","country_code":"DE","type":"facility","lineage":["https://openalex.org/I4210110507","https://openalex.org/I4923324"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Andrei Ionita","raw_affiliation_strings":["Fraunhofer Institute for Applied Information Technology FIT"],"raw_orcid":"https://orcid.org/0000-0002-9781-5657","affiliations":[{"raw_affiliation_string":"Fraunhofer Institute for Applied Information Technology FIT","institution_ids":["https://openalex.org/I4210110507"]}]},{"author_position":"last","author":{"id":null,"display_name":"Wolfgang Prinz","orcid":"https://orcid.org/0000-0001-6846-5945"},"institutions":[{"id":"https://openalex.org/I4210110507","display_name":"Fraunhofer Institute for Applied Information Technology","ror":"https://ror.org/01ak24c12","country_code":"DE","type":"facility","lineage":["https://openalex.org/I4210110507","https://openalex.org/I4923324"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Wolfgang Prinz","raw_affiliation_strings":["Fraunhofer Institute for Applied Information Technology FIT"],"raw_orcid":"https://orcid.org/0000-0001-6846-5945","affiliations":[{"raw_affiliation_string":"Fraunhofer Institute for Applied Information Technology FIT","institution_ids":["https://openalex.org/I4210110507"]}]}],"institutions":[],"countries_distinct_count":3,"institutions_distinct_count":6,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.07400035,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":"20","issue":"2","first_page":"1","last_page":"43"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":0.3199999928474426,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":0.3199999928474426,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.21860000491142273,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":0.13009999692440033,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/credential","display_name":"Credential","score":0.8102999925613403},{"id":"https://openalex.org/keywords/identity-management","display_name":"Identity management","score":0.7159000039100647},{"id":"https://openalex.org/keywords/authentication","display_name":"Authentication (law)","score":0.6890000104904175},{"id":"https://openalex.org/keywords/identity","display_name":"Identity (music)","score":0.5426999926567078},{"id":"https://openalex.org/keywords/authentication-protocol","display_name":"Authentication protocol","score":0.5083000063896179},{"id":"https://openalex.org/keywords/web-service","display_name":"Web service","score":0.48240000009536743},{"id":"https://openalex.org/keywords/identifier","display_name":"Identifier","score":0.427700012922287},{"id":"https://openalex.org/keywords/password","display_name":"Password","score":0.41990000009536743},{"id":"https://openalex.org/keywords/protocol","display_name":"Protocol (science)","score":0.38519999384880066}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8138999938964844},{"id":"https://openalex.org/C2777810591","wikidata":"https://www.wikidata.org/wiki/Q16861606","display_name":"Credential","level":2,"score":0.8102999925613403},{"id":"https://openalex.org/C555379026","wikidata":"https://www.wikidata.org/wiki/Q977772","display_name":"Identity management","level":3,"score":0.7159000039100647},{"id":"https://openalex.org/C148417208","wikidata":"https://www.wikidata.org/wiki/Q4825882","display_name":"Authentication (law)","level":2,"score":0.6890000104904175},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.5734000205993652},{"id":"https://openalex.org/C2778355321","wikidata":"https://www.wikidata.org/wiki/Q17079427","display_name":"Identity (music)","level":2,"score":0.5426999926567078},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.531499981880188},{"id":"https://openalex.org/C21564112","wikidata":"https://www.wikidata.org/wiki/Q4825885","display_name":"Authentication protocol","level":3,"score":0.5083000063896179},{"id":"https://openalex.org/C35578498","wikidata":"https://www.wikidata.org/wiki/Q193424","display_name":"Web service","level":2,"score":0.48240000009536743},{"id":"https://openalex.org/C154504017","wikidata":"https://www.wikidata.org/wiki/Q853614","display_name":"Identifier","level":2,"score":0.427700012922287},{"id":"https://openalex.org/C109297577","wikidata":"https://www.wikidata.org/wiki/Q161157","display_name":"Password","level":2,"score":0.41990000009536743},{"id":"https://openalex.org/C2780385302","wikidata":"https://www.wikidata.org/wiki/Q367158","display_name":"Protocol (science)","level":3,"score":0.38519999384880066},{"id":"https://openalex.org/C2779231336","wikidata":"https://www.wikidata.org/wiki/Q7534724","display_name":"Sketch","level":2,"score":0.37119999527931213},{"id":"https://openalex.org/C59241245","wikidata":"https://www.wikidata.org/wiki/Q4781497","display_name":"Web application security","level":4,"score":0.3666999936103821},{"id":"https://openalex.org/C527821871","wikidata":"https://www.wikidata.org/wiki/Q228502","display_name":"Access control","level":2,"score":0.3513999879360199},{"id":"https://openalex.org/C207828512","wikidata":"https://www.wikidata.org/wiki/Q1060131","display_name":"Challenge-Handshake Authentication Protocol","level":4,"score":0.33230000734329224},{"id":"https://openalex.org/C118643609","wikidata":"https://www.wikidata.org/wiki/Q189210","display_name":"Web application","level":2,"score":0.3206999897956848},{"id":"https://openalex.org/C194699767","wikidata":"https://www.wikidata.org/wiki/Q7878662","display_name":"Multi-factor authentication","level":4,"score":0.31869998574256897},{"id":"https://openalex.org/C2129575","wikidata":"https://www.wikidata.org/wiki/Q54837","display_name":"Semantic Web","level":2,"score":0.31279999017715454},{"id":"https://openalex.org/C2779813694","wikidata":"https://www.wikidata.org/wiki/Q528053","display_name":"Digital identity","level":3,"score":0.2824000120162964},{"id":"https://openalex.org/C98045186","wikidata":"https://www.wikidata.org/wiki/Q205663","display_name":"Process (computing)","level":2,"score":0.28220000863075256},{"id":"https://openalex.org/C174953433","wikidata":"https://www.wikidata.org/wiki/Q5532650","display_name":"Generic Bootstrapping Architecture","level":5,"score":0.28119999170303345},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.2648000121116638},{"id":"https://openalex.org/C167169670","wikidata":"https://www.wikidata.org/wiki/Q1824705","display_name":"Lightweight Extensible Authentication Protocol","level":4,"score":0.2619999945163727},{"id":"https://openalex.org/C108827166","wikidata":"https://www.wikidata.org/wiki/Q175975","display_name":"Internet privacy","level":1,"score":0.25850000977516174}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1145/3778360","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3778360","pdf_url":null,"source":{"id":"https://openalex.org/S131231701","display_name":"ACM Transactions on the Web","issn_l":"1559-1131","issn":["1559-1131","1559-114X"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ACM Transactions on the Web","raw_type":"journal-article"},{"id":"pmh:oai:publica.fraunhofer.de:publica/517763","is_oa":false,"landing_page_url":"https://publica.fraunhofer.de/handle/publica/517763","pdf_url":null,"source":{"id":"https://openalex.org/S4306400318","display_name":"Fraunhofer-Publica (Fraunhofer-Gesellschaft)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I4923324","host_organization_name":"Fraunhofer-Gesellschaft","host_organization_lineage":["https://openalex.org/I4923324"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"journal article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","score":0.6886082291603088,"display_name":"Peace, Justice and strong institutions"}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":38,"referenced_works":["https://openalex.org/W2010939995","https://openalex.org/W2029693536","https://openalex.org/W2030112111","https://openalex.org/W2054702684","https://openalex.org/W2112995928","https://openalex.org/W2116560806","https://openalex.org/W2150426251","https://openalex.org/W2339802317","https://openalex.org/W2585617674","https://openalex.org/W2741727270","https://openalex.org/W2754866430","https://openalex.org/W2884325794","https://openalex.org/W2897038802","https://openalex.org/W2935841625","https://openalex.org/W2936467198","https://openalex.org/W2948425916","https://openalex.org/W2962751135","https://openalex.org/W2963802391","https://openalex.org/W2965782153","https://openalex.org/W2997359889","https://openalex.org/W3011602156","https://openalex.org/W3015349823","https://openalex.org/W3046886267","https://openalex.org/W3109697829","https://openalex.org/W3133367416","https://openalex.org/W3133843004","https://openalex.org/W3154021468","https://openalex.org/W3184825632","https://openalex.org/W4200456863","https://openalex.org/W4224950170","https://openalex.org/W4237371123","https://openalex.org/W4367046672","https://openalex.org/W4378768630","https://openalex.org/W4378874435","https://openalex.org/W4388483098","https://openalex.org/W4392986112","https://openalex.org/W4396757506","https://openalex.org/W4401990478"],"related_works":[],"abstract_inverted_index":{"The":[0,11,65],"traditional":[1,53],"protected":[2],"web":[3,138,160,169],"services":[4,170],"rely":[5],"on":[6,186],"a":[7,39,104,114,149,154,163,187,218],"user":[8,33,60,174],"authentication":[9,34,135,156],"process.":[10],"combination":[12],"of":[13,43,47,59,67,124],"an":[14],"identifier":[15],"(e.g.,":[16,25],"username,":[17],"email":[18],"address":[19],"and":[20,23,57,85,109,117,176,190,197,222,226],"so":[21],"on)":[22],"credential":[24],"password)":[26],"still":[27],"remains":[28,140],"the":[29,44,55,137,159],"most":[30],"widely":[31],"deployed":[32],"process,":[35],"even":[36],"though":[37],"such":[38],"process":[40],"is":[41,63,69,184],"one":[42],"major":[45],"sources":[46],"security":[48,214],"breaches.":[49],"Moreover,":[50],"in":[51,113,126],"this":[52,68,143],"setting,":[54],"management":[56],"sharing":[58],"identity":[61,79,93,111],"information":[62,112],"cumbersome.":[64],"consequence":[66],"that":[70],"users":[71],"increasingly":[72],"find":[73],"it":[74],"difficult":[75],"to":[76],"manage":[77],"their":[78,91],"data":[80],"scattered":[81],"across":[82],"multiple":[83],"sites":[84],"they":[86],"have":[87],"limited":[88],"controls":[89],"over":[90],"own":[92],"data.":[94],"In":[95,142,206],"recent":[96],"times,":[97],"Self-sovereign":[98],"Identity":[99],"(SSI)":[100],"has":[101],"emerged":[102],"as":[103],"new":[105],"mechanism":[106,157],"for":[107,133,136,158,167],"managing":[108],"exchanging":[110],"more":[115,173],"user-centric":[116],"privacy-friendly":[118],"way.":[119],"There":[120],"are":[121],"many":[122],"explorations":[123],"SSI":[125,165],"different":[127],"application":[128],"domains,":[129],"however,":[130],"its":[131,181,194,200,210,213,224],"utility":[132],"passwordless":[134,155],"mostly":[139],"unexplored.":[141],"article,":[144],"we":[145,208],"present":[146,180],"SSI4Web":[147],",":[148,217],"framework":[150],"which":[151,183],"can":[152],"facilitate":[153],"by":[161],"employing":[162],"state-of-the-art":[164,219],"technology":[166],"providing":[168],"with":[171,203],"much":[172],"control":[175],"greater":[177],"flexibility.":[178],"We":[179],"architecture":[182],"based":[185],"threat":[188],"model":[189],"requirement":[191],"analysis,":[192],"discuss":[193,223],"implementation":[195],"details":[196],"sketch":[198],"out":[199],"use-cases":[201],"along":[202],"protocol":[204,220],"flows.":[205],"addition,":[207],"analyse":[209],"performance,":[211],"evaluate":[212],"using":[215],"ProVerif":[216],"verifier":[221],"advantages":[225],"limitations.":[227]},"counts_by_year":[],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2026-01-25T00:00:00"}