References of "Sedlmeir, Johannes 50043932"
     in
Bookmark and Share    
Full Text
See detailBringing data minimization to digital wallets at scale with general-purpose zero-knowledge proofs
Babel, Matthias; Sedlmeir, Johannes UL

E-print/Working paper (2023)

Today, digital identity management for individuals is either inconvenient and error-prone or creates undesirable lock-in effects and violates privacy and security expectations. These shortcomings inhibit ... [more ▼]

Today, digital identity management for individuals is either inconvenient and error-prone or creates undesirable lock-in effects and violates privacy and security expectations. These shortcomings inhibit the digital transformation in general and seem particularly concerning in the context of novel applications such as access control for decentralized autonomous organizations and identification in the Metaverse. Decentralized or self-sovereign identity (SSI) aims to offer a solution to this dilemma by empowering individuals to manage their digital identity through machine-verifiable attestations stored in a "digital wallet" application on their edge devices. However, when presented to a relying party, these attestations typically reveal more attributes than required and allow tracking end users' activities. Several academic works and practical solutions exist to reduce or avoid such excessive information disclosure, from simple selective disclosure to data-minimizing anonymous credentials based on zero-knowledge proofs (ZKPs). We first demonstrate that the SSI solutions that are currently built with anonymous credentials still lack essential features such as scalable revocation, certificate chaining, and integration with secure elements. We then argue that general-purpose ZKPs in the form of zk-SNARKs can appropriately address these pressing challenges. We describe our implementation and conduct performance tests on different edge devices to illustrate that the performance of zk-SNARK-based anonymous credentials is already practical. We also discuss further advantages that general-purpose ZKPs can easily provide for digital wallets, for instance, to create "designated verifier presentations" that facilitate new design options for digital identity infrastructures that previously were not accessible because of the threat of man-in-the-middle attacks. [less ▲]

Full Text
Peer Reviewed
See detailHarmonizing sensitive data exchange and double-spending prevention through blockchain and digital wallets: The case of e-prescription management
Schlatt, Vincent; Sedlmeir, Johannes UL; Traue, Janina et al

in Distributed Ledger Technologies: Research and Practice (2022)

The digital transformation of the medical sector requires solutions that are convenient and efficient for all stakeholders while protecting patients’ sensitive data. One example that has already attracted ... [more ▼]

The digital transformation of the medical sector requires solutions that are convenient and efficient for all stakeholders while protecting patients’ sensitive data. One example that has already attracted design-oriented research are medical prescriptions. However, current implementations of electronic prescription management systems typically create centralized data silos, leaving user data vulnerable to cybersecurity incidents and impeding interoperability. Research has also proposed decentralized solutions based on blockchain technology, but privacy-related challenges have often been ignored. We conduct design science research to develop and implement a system for the exchange of electronic prescriptions that builds on two blockchains and a digital wallet app. Our solution combines the bilateral, verifiable, and privacy-focused exchange of information between doctors, patients, and pharmacies through verifiable credentials with a token-based, anonymized double-spending check. Our qualitative and quantitative evaluations as well as a security analysis suggest that this architecture can improve existing approaches to electronic prescription management by offering patients control over their data by design, a high level of security, sufficient performance and scalability, and interoperability with emerging digital identity management solutions for users, businesses, and institutions. We also derive principles on how to design decentralized, privacy-oriented information systems that require both the exchange of sensitive information and double-usage protection. [less ▲]

Full Text
Peer Reviewed
See detailAn in-depth investigation of the performance characteristics of Hyperledger Fabric
Guggenberger, Tobias; Sedlmeir, Johannes UL; Fridgen, Gilbert UL et al

in Computers and Industrial Engineering (2022), 173

Private permissioned blockchains are deployed in ever greater numbers to facilitate cross-organizational processes in various industries, particularly in supply chain management. One popular example of ... [more ▼]

Private permissioned blockchains are deployed in ever greater numbers to facilitate cross-organizational processes in various industries, particularly in supply chain management. One popular example of this trend is Hyperledger Fabric. Compared to public permissionless blockchains, it promises improved performance and provides certain features that address key requirements of enterprises. However, also permissioned blockchains are still not as scalable as centralized systems, and due to the scarcity of theoretical results and empirical data, their real-world performance cannot be predicted with the necessary precision. We intend to address this issue by conducting an in-depth performance analysis of Hyperledger Fabric. The paper presents a detailed compilation of various performance characteristics using an enhanced version of the Distributed Ledger Performance Scan (DLPS). Researchers and practitioners alike can use the various performance properties identified and discussed as guidelines to better configure and implement their Hyperledger Fabric network. Likewise, they are encouraged to use the DLPS framework to conduct their measurements. [less ▲]

Detailed reference viewed: 21 (0 UL)
Full Text
Peer Reviewed
See detailDesigning a framework for digital KYC processes built on blockchain-based self-sovereign identity
Schlatt, Vincent; Sedlmeir, Johannes UL; Feulner, Simon et al

in Information and Management (2022), 59(7),

Know your customer (KYC) processes place a great burden on banks, because they are costly, inefficient, and inconvenient for customers. While blockchain technology is often mentioned as a potential ... [more ▼]

Know your customer (KYC) processes place a great burden on banks, because they are costly, inefficient, and inconvenient for customers. While blockchain technology is often mentioned as a potential solution, it is not clear how to use the technology’s advantages without violating data protection regulations and customer privacy. We demonstrate how blockchain-based self-sovereign identity (SSI) can solve the challenges of KYC. We follow a rigorous design science research approach to create a framework that utilizes SSI in the KYC process, deriving nascent design principles that theorize on blockchain’s role for SSI. [less ▲]

Full Text
Peer Reviewed
See detailRevealing the landscape of privacy-enhancing technologies in the context of data markets for the IoT: A systematic literature review
Garrido, Gonzalo Munilla; Sedlmeir, Johannes UL; Uludag, Ömer et al

in Journal of Network and Computer Applications (2022), 207

IoT data markets in public and private institutions have become increasingly relevant in recent years because of their potential to improve data availability and unlock new business models. However ... [more ▼]

IoT data markets in public and private institutions have become increasingly relevant in recent years because of their potential to improve data availability and unlock new business models. However, exchanging data in markets bears considerable challenges related to disclosing sensitive information. Despite considerable research focused on different aspects of privacy-enhancing data markets for the IoT, none of the solutions proposed so far seems to find a practical adoption. Thus, this study aims to organize the state-of-the-art solutions, analyze and scope the technologies that have been suggested in this context, and structure the remaining challenges to determine areas where future research is required. To accomplish this goal, we conducted a systematic literature review on privacy enhancement in data markets for the IoT, covering 50 publications dated up to July 2020, and provided updates with 24 publications dated up to May 2022. Our results indicate that most research in this area has emerged only recently, and no IoT data market architecture has established itself as canonical. Existing solutions frequently lack the required combination of anonymization and secure computation technologies. Furthermore, there is no consensus on the appropriate use of blockchain technology for IoT data markets and a low degree of leveraging existing libraries or reusing generic data market architectures. We also identified significant challenges remaining, such as the copy problem and the recursive enforcement problem that - while solutions have been suggested to some extent - are often not sufficiently addressed in proposed designs. We conclude that privacy-enhancing technologies need further improvements to positively impact data markets so that, ultimately, the value of data is preserved through data scarcity and users' privacy and businesses-critical information are protected. [less ▲]

Full Text
Peer Reviewed
See detailEnabling end-to-end digital carbon emission tracing with shielded NFTs
Babel, Matthias; Gramlich, Vincent; Körner, Marc-Fabian et al

in Energy Informatics (2022), 5

In the energy transition, there is an urgent need for decreasing overall carbon emissions. Against this background, the purposeful and verifiable tracing of emissions in the energy system is a crucial key ... [more ▼]

In the energy transition, there is an urgent need for decreasing overall carbon emissions. Against this background, the purposeful and verifiable tracing of emissions in the energy system is a crucial key element for promoting the deep decarbonization towards a net zero emission economy with a market-based approach. Such an effective tracing system requires end-to-end information flows that link carbon sources and sinks while keeping end consumers’ and businesses’ sensitive data confidential. In this paper, we illustrate how non-fungible tokens with fractional ownership can help to enable such a system, and how zero-knowledge proofs can address the related privacy issues associated with the fine-granular recording of stakeholders’ emission data. Thus, we contribute to designing a carbon emission tracing system that satisfies verifiability, distinguishability, fractional ownership, and privacy requirements. We implement a proof-of-concept for our approach and discuss its advantages compared to alternative centralized or decentralized architectures that have been proposed in the past. Based on a technical, data privacy, and economic analysis, we conclude that our approach is a more suitable technical backbone for end-to-end digital carbon emission tracing than previously suggested solutions. [less ▲]

Full Text
Peer Reviewed
See detailTowards verifiable differentially-private polling
Munilla-Garrido, Gonzalo; Sedlmeir, Johannes UL; Babel, Matthias

in Proceedings of the International Conference on Availability, Reliability and Security (2022, August)

Analyses that fulfill differential privacy provide plausible deniability to individuals while allowing analysts to extract insights from data. However, beyond an often acceptable accuracy tradeoff, these ... [more ▼]

Analyses that fulfill differential privacy provide plausible deniability to individuals while allowing analysts to extract insights from data. However, beyond an often acceptable accuracy tradeoff, these statistical disclosure techniques generally inhibit the verifiability of the provided information, as one cannot check the correctness of the participants’ truthful information, the differentially private mechanism, or the unbiased random number generation. While related work has already discussed this opportunity, an efficient implementation with a precise bound on errors and corresponding proofs of the differential privacy property is so far missing. In this paper, we follow an approach based on zero-knowledge proofs (ZKPs), in specific succinct non-interactive arguments of knowledge, as a verifiable computation technique to prove the correctness of a differentially private query output. In particular, we ensure the guarantees of differential privacy hold despite the limitations of ZKPs that operate on finite fields and have limited branching capabilities. We demonstrate that our approach has practical performance and discuss how practitioners could employ our primitives to verifiably query individuals’ age from their digitally signed ID card in a differentially private manner. [less ▲]

Full Text
See detailHow to make users adopt more sustainable cryptocurrencies: Evidence from Nigeria
Platt, Moritz; Ojeka, Stephen; Dragnoiu, Andreea-Elena et al

E-print/Working paper (2022)

Some of the most popular decentralised cryptocurrency networks have drawn widespread criticism for consuming vast amounts of electricity and have thus become targets of regulatory interest. Attempts to ... [more ▼]

Some of the most popular decentralised cryptocurrency networks have drawn widespread criticism for consuming vast amounts of electricity and have thus become targets of regulatory interest. Attempts to influence cryptocurrency network operations via policy in the pursuit of sustainability in the past, however, have been widely unsuccessful. Some were abandoned out of fear of jeopardising innovation while others failed due to the highly globalised nature of decentralised systems. Considering Bitcoin as an archetype for cryptocurrencies with high energy demand, this study takes a bottom-up approach by analysing statements made by Nigerian cryptocurrency users (N = 158) concerning their perception of sustainability issues. Three main findings emerged: 1) Despite self-reporting as highly knowledgeable, most participants significantly underestimate the energy demand of Bitcoin. 2) Those who accurately assess the energy demand of Bitcoin are more likely to support measures targeting its energy demand than those who misestimate it. 3) Those who support measures predominantly hold private actors responsible. In light of these findings, it is concluded that the primary task of policy makers in the context of cryptocurrency sustainability is to enforce consumer education. [less ▲]

Full Text
Peer Reviewed
See detailWe need a broader debate on the sustainability of blockchain
Rieger, Alexander UL; Roth, Tamara UL; Sedlmeir, Johannes UL et al

in Joule (2022), 6(6), 1137-1141

Detailed reference viewed: 34 (6 UL)
Full Text
Peer Reviewed
See detailExploring the use of self-sovereign identity for event ticketing systems
Feulner, Simon; Sedlmeir, Johannes UL; Schlatt, Vincent et al

in Electronic Markets (2022), 32

This position paper discusses the challenges of blockchain applications in businesses and the public sector related to an excessive degree of transparency. We first point out the types of sensitive data ... [more ▼]

This position paper discusses the challenges of blockchain applications in businesses and the public sector related to an excessive degree of transparency. We first point out the types of sensitive data involved in different patterns of blockchain use cases. We then argue that the implications of blockchains’ information exposure caused by replicated transaction storage and execution go well beyond the often-mentioned conflicts with the GDPR’s “right to be forgotten” and may be more problematic than anticipated. In particular, we illustrate the trade-off between protecting sensitive information and increasing process efficiency through smart contracts. We also explore to which extent permissioned blockchains and novel applications of cryptographic technologies such as self-sovereign identities and zero-knowledge proofs can help overcome the transparency challenge and thus act as catalysts for blockchain adoption and diffusion in organizations. [less ▲]

Full Text
See detailAddressing the sustainability of distributed ledger technology
Gola, Carlo; Sedlmeir, Johannes UL

E-print/Working paper (2022)

The work proposes policies to improve the environmental sustainability of distributed ledger technology (DLT). While the proof-of-work (PoW) consensus protocol requires large amounts of electricity ... [more ▼]

The work proposes policies to improve the environmental sustainability of distributed ledger technology (DLT). While the proof-of-work (PoW) consensus protocol requires large amounts of electricity, several DLT protocols consume much less, while still being sufficiently reliable and decentralized. To move from a PoW protocol to a greener system, such as proof-of-stake (PoS) or proof-of-authority (PoA), the consensus of the majority of miners (measured by their computing power) is required during the transition period to preserve the security requirements. Given that miners have an incentive to maintain the status quo, this paper illustrates various policies designed to bring about the transition. We aim to show that the current policy approach adopted by banking and financial regulators, based on the principle of technological neutrality, may need a reappraisal in order to consider the ‘sustainability’ criterion. Policymakers should not stifle financial innovation; nevertheless they should intervene if technology is a source of negative externalities. [less ▲]

Full Text
See detailDecentralised Finance's Unregulated Governance: Minority Rule in the Digital Wild West
Barbereau, Tom Josua UL; Smethurst, Reilly UL; Papageorgiou, Orestis UL et al

E-print/Working paper (2022)

Decentralised finance (DeFi) is a category of unlicensed, unregulated, and non-custodial financial services that utilise public, distributed ledgers like Ethereum. The Bloomberg Galaxy DeFi Index ... [more ▼]

Decentralised finance (DeFi) is a category of unlicensed, unregulated, and non-custodial financial services that utilise public, distributed ledgers like Ethereum. The Bloomberg Galaxy DeFi Index, launched in August 2021, includes nine Ethereum-based projects – non-custodial exchanges as well as lending and derivatives platforms. Each project is governed, at least in part, by a community of unregistered individuals that hold tradable voting rights tokens (also known as governance tokens). Voting rights tokens allow holders to vote on proposed changes to a DeFi project’s features, parameters, or rules. DeFi’s governance power is thus linked to the distribution and exercise of tokenised voting rights. Since DeFi projects are typically not managed by companies or public institutions, not much is known about DeFi’s governance. Regulators and law-makers from the United States recently asked if DeFi’s governance entails a new class of “shadowy” elites. In response, we conducted an exploratory, multiple-case study that focuses on the voting rights tokens issued by the nine projects from Bloomberg’s Galaxy DeFi index. Our mixed methods approach draws on Ethereum-based data about the distribution, trading, and staking of voting rights tokens, as well as project documentation and archival records. Our findings contribute knowledge about the entitlements of DeFi’s voting rights tokens, the initial distribution strategies, and the actual voting and delegation activity. Our principal finding is that DeFi’s voting rights are highly concentrated, and the exercise of these rights is very low. Our theoretical contribution is descriptive: minority rule is the probable consequence of tradable voting rights plus the lack of applicable anti-concentration or anti-monopoly laws. We interpret DeFi’s minority rule as timocratic and acknowledge its possible transition to oligarchy. [less ▲]

Detailed reference viewed: 20 (0 UL)
Full Text
Peer Reviewed
See detailFairness, integrity, and privacy in a scalable blockchain-based federated learning system
Rückel, Timon; Sedlmeir, Johannes UL; Hofmann, Peter

in Computer Networks (2022), 202

Federated machine learning (FL) allows to collectively train models on sensitive data as only the clients’ models and not their training data need to be shared. However, despite the attention that ... [more ▼]

Federated machine learning (FL) allows to collectively train models on sensitive data as only the clients’ models and not their training data need to be shared. However, despite the attention that research on FL has drawn, the concept still lacks broad adoption in practice. One of the key reasons is the great challenge to implement FL systems that simultaneously achieve fairness, integrity, and privacy preservation for all participating clients. To contribute to solving this issue, our paper suggests a FL system that incorporates blockchain technology, local differential privacy, and zero-knowledge proofs. Our implementation of a proof-of-concept with multiple linear regressions illustrates that these state-of-the-art technologies can be combined to a FL system that aligns economic incentives, trust, and confidentiality requirements in a scalable and transparent system. [less ▲]

Full Text
Peer Reviewed
See detailYes, I do: Marrying blockchain applications with GDPR
Schellinger, Benjamin; Völter, Fabiane; Urbach, Nils et al

in Proceedings of the 55th Hawaii International Conference on System Sciences (2022, January 04)

Due to blockchains’ intrinsic transparency and immutability, blockchain-based applications are challenged by privacy regulations, such as the EU General Data Protection Regulation. Hence, scaling ... [more ▼]

Due to blockchains’ intrinsic transparency and immutability, blockchain-based applications are challenged by privacy regulations, such as the EU General Data Protection Regulation. Hence, scaling blockchain use cases to production often fails to owe to a lack of compliance with legal constraints. As current research mainly focuses on specific use cases, we aim to offer comprehensive guidance regarding the development of blockchain solutions that comply with privacy regulations. Following the action design research method, we contribute a generic framework and design principles to the research domain. In this context, we also emphasize the need for distinguishing between applications based on blockchains’ data integrity and computational integrity guarantees. [less ▲]

Full Text
Peer Reviewed
See detailA serverless distributed ledger for enterprises
Sedlmeir, Johannes UL; Wagner, Tim; Djerekarov, Emil et al

in Proceedings of the 55th Hawaii International Conference on System Sciences (2022, January 04)

Enterprises have been attracted by the capability of blockchains to provide a single source of truth for workloads that span companies, geographies, and clouds while retaining the independence of each ... [more ▼]

Enterprises have been attracted by the capability of blockchains to provide a single source of truth for workloads that span companies, geographies, and clouds while retaining the independence of each party’s IT operations. However, so far production applications have remained rare, stymied by technical limitations of existing blockchain technologies and challenges with their integration into enterprises’ IT systems. In this paper, we collect enterprises’ requirements on distributed ledgers for data sharing and integration from a technical perspective, argue that they are not sufficiently addressed by available blockchain frameworks, and propose a novel distributed ledger design that is “serverless”, i.e., built on cloud-native resources. We evaluate its qualitative and quantitative properties and give evidence that enterprises already heavily reliant on cloud service providers would consider such an approach acceptable, particularly if it offers ease of deployment, low transactional cost structure, and a combination of latency and scalability aligned with real-time IT application needs. [less ▲]

Full Text
Peer Reviewed
See detailWith or Without Blockchain? Towards a Decentralized, SSI-based eRoaming Architecture
Höß, Alexandra UL; Roth, Tamara UL; Sedlmeir, Johannes UL et al

in Proceedings of the 55th Hawaii International Conference on System Sciences (HICSS) (2022)

Fragmentation and limited accessibility of charging infrastructure impede the adoption of electric vehicles. To improve the availability of charging infrastructure independent of providers, eRoaming ... [more ▼]

Fragmentation and limited accessibility of charging infrastructure impede the adoption of electric vehicles. To improve the availability of charging infrastructure independent of providers, eRoaming offers a promising solution. Yet, current eRoaming systems are typically centralized, which raises concerns of market power concentration. While the use of blockchain technology can obviate such concerns, it comes with significant privacy challenges. To address these challenges, we explore a combination of blockchain with self-sovereign identity. Specifically, we apply a design science research approach, which helps us to identify requirements, derive a conceptual architecture, and deduce design principles for decentralized eRoaming and beyond. We find that blockchain may best leverage its benefits when it takes a backseat as a public registry for legal entities. Moreover, we find that the use of self-sovereign identities could improve compliance with privacy regulations, but they should not be overused. [less ▲]

Detailed reference viewed: 190 (14 UL)
Full Text
Peer Reviewed
See detailThe transparency challenge of blockchain in organizations
Sedlmeir, Johannes UL; Lautenschlager, Jonathan; Fridgen, Gilbert UL et al

in Electronic Markets (2022), 32(3), 1779--1794

This position paper discusses the challenges of blockchain applications in businesses and the public sector related to an excessive degree of transparency. We first point out the types of sensitive data ... [more ▼]

This position paper discusses the challenges of blockchain applications in businesses and the public sector related to an excessive degree of transparency. We first point out the types of sensitive data involved in different patterns of blockchain use cases. We then argue that the implications of blockchains’ information exposure caused by replicated transaction storage and execution go well beyond the often-mentioned conflicts with the GDPR’s “right to be forgotten” and may be more problematic than anticipated. In particular, we illustrate the trade-off between protecting sensitive information and increasing process efficiency through smart contracts. We also explore to which extent permissioned blockchains and novel applications of cryptographic technologies such as self-sovereign identities and zero-knowledge proofs can help overcome the transparency challenge and thus act as catalysts for blockchain adoption and diffusion in organizations. [less ▲]

Full Text
Peer Reviewed
See detailLove at First Sight? A User Experience Study of Self-Sovereign Identity Wallets
Sartor, Sebastian; Sedlmeir, Johannes UL; Rieger, Alexander UL et al

in 30th European Conference on Information Systems (ECIS 2022) (2022)

Today’s systems for digital identity management exhibit critical security, efficiency, and privacy issues. A new paradigm, called Self-Sovereign Identity (SSI), addresses these shortcomings by equipping ... [more ▼]

Today’s systems for digital identity management exhibit critical security, efficiency, and privacy issues. A new paradigm, called Self-Sovereign Identity (SSI), addresses these shortcomings by equipping users with mobile wallets and empowering them to manage their digital identities. Various companies and governments back this paradigm and promote its development and diffusion. User experience often plays a subordinate role in these efforts, even though it is crucial for user satisfaction and adoption. We thus conduct a comprehensive user experience study of four prominent SSI wallets using a mixed-method approach that involves moderated and remote interviews and the User Experience Questionnaire (UEQ). We find that the examined wallets already provide a decent level of user experience, yet further improvements need to be done. In particular, the examined wallets do not make their novelty and benefits sufficiently apparent to users. Our analysis contributes to user experience research and offers guidance for SSI practitioners. [less ▲]

Detailed reference viewed: 76 (3 UL)
Full Text
Peer Reviewed
See detailSystemic risks in electricity systems: A perspective on the potential of digital technologies
Körner, Marc-Fabian; Sedlmeir, Johannes UL; Weibelzahl, Martin et al

in Energy Policy (2022), 164

In the last decades, several developments have transformed electricity systems in Europe towards liberalized and decentralized systems that are coupled inter-sectorally and inter-regionally. These ... [more ▼]

In the last decades, several developments have transformed electricity systems in Europe towards liberalized and decentralized systems that are coupled inter-sectorally and inter-regionally. These developments have yielded various significant benefits, such as increased efficiency and robustness. However, we argue that they have also caused new interdependencies and complexity with a corresponding increase in associated systemic risks, e.g., local failures may spread faster and more extensively throughout the system. In this paper, we illustrate how systemic risks may arise in European electricity systems by discussing three exemplary developments. We also discuss the decisive role of the digital transformation that, on the one hand, speeds up the transition of electricity systems and challenges electricity systems’ stability through rapid change, but on the other hand may also provide solutions to tackle systemic risks. We argue that, especially in a strongly interconnected world, policymakers must implement a global perspective on these critical and increasingly complex systems, requiring adequate cooperation with respect to data. Using an exemplary case from Germany, we finally illustrate how an intensified data exchange may help to address systemic risks. In this context, we draw a perspective on the potential of emerging digital technologies, like self-sovereign identities, blockchains, and privacy-enhancing technologies. [less ▲]

Full Text
Peer Reviewed
See detailNot yet another digital identity
Rieger, Alexander UL; Roth, Tamara UL; Sedlmeir, Johannes UL et al

in Nature Human Behaviour (2021)

Detailed reference viewed: 114 (25 UL)