A trustworthy architecture for Web3 service

Abstract

Read online

This paper presents a trustworthy architecture for Web3 service that establishes self-sovereign services. This architecture leverages decentralized identifiers (DID) and resource access control based on user trust scores and policies. By transitioning from centrally managed ID to DID, it will be possible to move towards ID management that does not rely on service providers. Trust scores are calculated by analyzing the social network generated from the history of past transactions between users stored in the blockchain. The degree of trust is quantified using measures of centrality and similarity. Centrality is measured by the number of user achievements and the extent of their connections. Similarity is calculated by estimating the communities they belong to using node embedding. These trust scores are clustered to generate policy based on role-based access control (RBAC). The authorization function is programmatically realized based on user credibility by comparing the results of the distribution of accessible resources by policy. In addition, a Web3 service broker acts as an intermediary between multiple service providers and users to provide optimal services through smart contracts. A Web3 service broker programmatically select services without intermediary agencies. A trustworthy architecture for Web3 service is shown as a case study of a home delivery service. In this scenario, Web3 service brokers offer optimal services for private companies and small and medium-sized businesses. This paper is an extended version of ”A Web3 Service Architecture with Self-Sovereign Identity” presented at iDECON/MS2023.

Keywords

• self-sovereignty
• social network analysis
• trust scoring
• digital identity
• role-based access control(rbac) policy
• web3 service broker