Towards Decentralized Identity Management in Multi-stakeholder 6G Networks

TL;DR

This paper proposes a decentralized identity management framework for 6G networks to enable secure, trust-based interactions among diverse stakeholders without relying on centralized third-party authorities.

Contribution

It introduces a reference model for decentralized identity management in 6G, facilitating secure mutual authentication and trust exchange across multiple trust domains.

Findings

Decentralized identity management enhances security and independence in multi-stakeholder 6G networks.

The proposed model supports secure mutual authentication without trusted third parties.

Empowers network entities to establish and strengthen cross-domain trust relationships.

Abstract

Trust-building mechanisms among network entities of different administrative domains will gain significant importance in 6G because a future mobile network will be operated cooperatively by a variety of different stakeholders rather than by a single mobile network operator. The use of trusted third party issued certificates for initial trust establishment in multi-stakeholder 6G networks is only advisable to a limited extent, as trusted third parties not only represent single point of failures or attacks, but they also cannot guarantee global independence due to national legislation and regulatory or political influence. This article proposes to decentralize identity management in 6G networks to enable secure mutual authentication between network entities of different trust domains without relying on a trusted third party and to empower network entities with the ability to shape and strengthen cross-domain trust relationships by the exchange of verifiable credentials. A reference model for decentralized identity management in 6G is given as an initial guide for the fundamental design of a common identity management system whose operation and governance are distributed equally across multiple trust domains of interconnected and multi-stakeholder 6G ecosystems.