{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,9,24]],"date-time":"2025-09-24T00:06:57Z","timestamp":1758672417025,"version":"3.44.0"},"publisher-location":"Cham","reference-count":55,"publisher":"Springer Nature Switzerland","isbn-type":[{"value":"9783032061546","type":"print"},{"value":"9783032061553","type":"electronic"}],"license":[{"start":{"date-parts":[[2025,9,24]],"date-time":"2025-09-24T00:00:00Z","timestamp":1758672000000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2025,9,24]],"date-time":"2025-09-24T00:00:00Z","timestamp":1758672000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2026]]},"DOI":"10.1007\/978-3-032-06155-3_1","type":"book-chapter","created":{"date-parts":[[2025,9,23]],"date-time":"2025-09-23T05:21:54Z","timestamp":1758604914000},"page":"3-22","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Toward Secure and\u00a0Trustworthy Identity Management Systems: A Knowledge-Base Driven Approach"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0009-0006-2239-1913","authenticated-orcid":false,"given":"Gianluca","family":"Sassetti","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-6290-3588","authenticated-orcid":false,"given":"Amir","family":"Sharif","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-2853-4269","authenticated-orcid":false,"given":"Roberto","family":"Carbone","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7269-9285","authenticated-orcid":false,"given":"Silvio","family":"Ranise","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2025,9,24]]},"reference":[{"key":"1_CR1","doi-asserted-by":"crossref","unstructured":"Ahmadjee, S., Mera-G\u00f3mez, C., Bahsoon, R., Kazman, R.: A study on blockchain architecture design decisions and their security attacks and threats. Association for Computing Machinery (2022)","DOI":"10.1145\/3502740"},{"key":"1_CR2","doi-asserted-by":"crossref","unstructured":"Beduschi, A.: Digital identity: Contemporary challenges for data protection, privacy and non-discrimination rights. Big Data & Society (2019)","DOI":"10.1177\/2053951719855091"},{"key":"1_CR3","unstructured":"Bisztray, T., Gruschka, N.: Privacy impact assessment: Comparing methodologies with a focus on practicality. CoRR (2021)"},{"key":"1_CR4","unstructured":"Blanco, F.J., Fern\u00e1ndez-Villamor, J.I., Iglesias, C.A.: Vulnerapedia: security knowledge management with an ontology. In: ICAART (1) (2012)"},{"key":"1_CR5","unstructured":"Center for Human Rights and Global Justice (CHRGJ), NYU: Chased away and left to die: New report by chrgj and ugandan partners documents mass exclusion from uganda\u2019s digital id system and blames national security obsession (2021). https:\/\/chrgj.org\/wp-content\/uploads\/2021\/06\/CHRGJ-Report-Chased-Away-and-Left-to-Die.pdf. Accessed 13 Feb 2024"},{"key":"1_CR6","unstructured":"Center for Human Rights and Global Justice (CHRGJ), NYU: Paving a digital road to hell? (2022). https:\/\/chrgj.org\/wp-content\/uploads\/2022\/06\/Report_Paving-a-Digital-Road-to-Hell.pdf"},{"key":"1_CR7","doi-asserted-by":"crossref","unstructured":"Chikh, A., Abulaish, M., Nabi, S.I., Alghathbar, K.: An ontology based information security requirements engineering framework. In: Secure and Trust Computing, Data Management and Applications (2011)","DOI":"10.1007\/978-3-642-22339-6_17"},{"key":"1_CR8","unstructured":"Cioffi, K.: Human rights and the gateway keeper: Digital ids in uganda. Open Global Rights (2023). https:\/\/www.openglobalrights.org\/human-rights-gateway-gatekeeper-digital-ids-uganda\/"},{"key":"1_CR9","unstructured":"Commission, E.: Eu digital identity wallet (2024). https:\/\/github.com\/eu-digital-identity-wallet. Accessed 02 Feb 2024"},{"key":"1_CR10","doi-asserted-by":"crossref","unstructured":"Davis, M.C., Challenger, R., Jayewardene, D.N., Clegg, C.W.: Advancing socio-technical systems thinking: A call for bravery. Applied Ergonomics (2014)","DOI":"10.1016\/j.apergo.2013.02.009"},{"key":"1_CR11","unstructured":"Digital ID and Authentication Council of Canada (DIACC): Making sense of identity networks (2020). https:\/\/diacc.ca\/2020\/05\/13\/making-sense-of-identity-networks\/. Accessed 13 Feb 2024"},{"key":"1_CR12","unstructured":"Digital ID and Authentication Council of Canada (DIACC): Universal digital identity policy principles to maximize benefits for people: a shared european and canadian perspective (2022). https:\/\/diacc.ca\/2022\/11\/02\/policy-design-principles-to-maximize-people-centered-benefits-of-digital-identity\/. Accessed 13 Feb 2024"},{"key":"1_CR13","unstructured":"Ehrlinger, L., W\u00f6\u00df, W.: Towards a definition of knowledge graphs. In: International Conference on Semantic Systems (2016). https:\/\/api.semanticscholar.org\/CorpusID:8536105"},{"key":"1_CR14","doi-asserted-by":"publisher","DOI":"10.21236\/ADA421683","volume-title":"Common concepts underlying safety, security, and survivability engineering","author":"D Firesmith","year":"2003","unstructured":"Firesmith, D.: Common concepts underlying safety, security, and survivability engineering. Carnegie Mellon University, Tech. rep. (2003)"},{"key":"1_CR15","doi-asserted-by":"publisher","DOI":"10.1007\/978-94-007-7844-3_4","volume-title":"Value Sensitive Design and Information Systems","author":"B Friedman","year":"2013","unstructured":"Friedman, B., Kahn, P.H., Borning, A., Huldtgren, A.: Value Sensitive Design and Information Systems. Springer, Netherlands (2013)"},{"key":"1_CR16","doi-asserted-by":"crossref","unstructured":"Goluch, G., Ekelhart, A., Fenz, S., Jakoubi, S., Tjoa, S., Muck, T.: Integration of an ontological information security concept in risk aware business process management. In: Proceedings of the 41st Annual Hawaii International Conference on System Sciences (HICSS 2008) (2008)","DOI":"10.1109\/HICSS.2008.211"},{"key":"1_CR17","unstructured":"Guo, M.: Ontology-based approach to software engineering. In: Proceedings of the 2009 American Society for Engineering Education (ASEE) Southeast Section Conference (2009)"},{"key":"1_CR18","unstructured":"Hamza Waqas and Amna Khan, Open Global Rights: Privacy and digital identity: The case of Pakistan\u2019s NADRA (2022). https:\/\/www.openglobalrights.org\/privacy-and-digital-identity-the-case-of-pakistans-nadra\/. Accessed 15 Feb 2024"},{"key":"1_CR19","doi-asserted-by":"crossref","unstructured":"Herzog, A., Shahmehri, N., Duma, C.: An ontology of information security. Int. J. Inf. Secur. Privacy (2007)","DOI":"10.4018\/jisp.2007100101"},{"key":"1_CR20","volume-title":"Design for Values: An Introduction","author":"J van den Hoven","year":"2015","unstructured":"van den Hoven, J., Vermaas, P.E., van de Poel, I.: Design for Values: An Introduction. Springer, Netherlands (2015)"},{"key":"1_CR21","doi-asserted-by":"crossref","unstructured":"Islam, C., Babar, M.A., Nepal, S.: An ontology-driven approach to automating the process of integrating security software systems. In: 2019 IEEE\/ACM International Conference on Software and System Processes (ICSSP) (2019)","DOI":"10.1109\/ICSSP.2019.00017"},{"key":"1_CR22","unstructured":"Jensen, M., Santos, N., Assis, L., Wuyts, M.: Linddun: A privacy threat analysis framework for software architectures. In: Proceedings of the 27th IEEE\/ACM International Conference on Automated Software Engineering (ASE \u201912) (2012)"},{"key":"1_CR23","unstructured":"Khera, R.: Dissent on Aadhaar: Big Data Meets Big Brother. Orient BlackSwan (2019)"},{"key":"1_CR24","doi-asserted-by":"crossref","unstructured":"Kim, B.G., Cho, Y.S., Kim, S.H., Kim, H., Woo, S.S.: A security analysis of blockchain-based did services. IEEE Access (2021)","DOI":"10.1109\/ACCESS.2021.3054887"},{"key":"1_CR25","doi-asserted-by":"crossref","unstructured":"Masiero, S., Arvidsson, V.: Degenerative outcomes of digital identity platforms for development. Inf. Syst. J. (2021)","DOI":"10.1111\/isj.12351"},{"key":"1_CR26","doi-asserted-by":"crossref","unstructured":"Mavroeidis, V., Bromander, S.: Cyber threat intelligence model: An evaluation of taxonomies, sharing standards, and ontologies within cyber threat intelligence. In: 2017 European Intelligence and Security Informatics Conference (EISIC) (2017)","DOI":"10.1109\/EISIC.2017.20"},{"key":"1_CR27","unstructured":"Microsoft Corporation: Stride threat model. https:\/\/docs.microsoft.com\/en-us\/previous-versions\/commerce-server\/ee823878(v=cs.20) (2005). developed by Microsoft for threat modeling"},{"key":"1_CR28","unstructured":"Ministero dell\u2019Interno: Carta di identit\u00e0 elettronica - caratteristiche del documento (2015). https:\/\/www.cartaidentita.interno.gov.it\/cose-la-carta\/caratteristiche-del-documento\/. Accessed 20 Nov 2024"},{"key":"1_CR29","unstructured":"Ministero dell\u2019Interno: Carta d\u2019identit\u00e0 elettronica cie 3.0 \u2013 specifiche chip (2015). https:\/\/www.cartaidentita.interno.gov.it\/downloads\/2021\/03\/cie_3.0_-_specifiche_chip.pdf"},{"key":"1_CR30","unstructured":"National Institute of Standards and Technology (NIST): NIST Computer Security Resource Center (CSRC) Cybersecurity Glossary. https:\/\/csrc.nist.gov\/glossary (2025)"},{"key":"1_CR31","unstructured":"OpenID Foundation, Elizabeth Garber and Mark Haine (editors): Human-centric digital identity: for government officials (2023). https:\/\/openid.net\/wp-content\/uploads\/2023\/10\/Human-Centric_Digital_Identity_Final-v1.1.pdf. Accessed 12 Sept 2024"},{"key":"1_CR32","doi-asserted-by":"crossref","unstructured":"P.\u00a0Salini, S.K.: A knowledge-oriented approach to security requirements engineering for e-voting system. Int. J. Comput. Appl. (2012)","DOI":"10.5120\/7671-0953"},{"key":"1_CR33","unstructured":"Page, M.J., et al.: The prisma 2020 statement: an updated guideline for reporting systematic reviews. BMJ (2021)"},{"key":"1_CR34","unstructured":"Pali, I., Krishania, L., Chadha, D., Kandar, A., Varshney, G., Shukla, S.: A comprehensive survey of aadhar and security issues (2020)"},{"key":"1_CR35","unstructured":"Pereira, T., Santos, H.: An ontology approach in designing security information systems to support organizational security risk knowledge. In: Proceedings of the International Conference on Knowledge Engineering and Ontology Development (IC3K 2012) - SSEO (2012)"},{"key":"1_CR36","doi-asserted-by":"crossref","unstructured":"P\u00f6hn, D., Grabatin, M., Hommel, W.: Analyzing the threats to blockchain-based self-sovereign identities by conducting a literature survey. Appl. Sci. 14 (2024)","DOI":"10.3390\/app14010139"},{"key":"1_CR37","volume-title":"Database Management Systems","author":"R Ramakrishnan","year":"2000","unstructured":"Ramakrishnan, R., Gehrke, J.: Database Management Systems, 2nd edn. McGraw-Hill Inc, USA (2000)","edition":"2"},{"key":"1_CR38","unstructured":"Ria Singh Sawney: Busting the dangerous myths of big id programs: Cautionary lessons from india (2021). https:\/\/www.accessnow.org\/wp-content\/uploads\/2021\/10\/BigID-Mythbuster.pdf. Accessed 23 Feb 2024"},{"key":"1_CR39","unstructured":"Sakimura, N., Bradley, J., Jones, M., De\u00a0Medeiros, B., Mortimore, C.: Openid connect core 1.0 incorporating errata set 2. Tech. rep., The OpenID Foundation (2023). https:\/\/openid.net\/specs\/openid-connect-4-identity-assurance-1_0.html"},{"key":"1_CR40","unstructured":"Sassetti, G.: IdM Knowledge Base (2025). https:\/\/github.com\/ImGilbes\/NDID_knowledge_base"},{"key":"1_CR41","unstructured":"Sassetti, G.: Toward Secure and Trustworthy Identity Management Systems: a Knowledge-base Driven Approach (2025). https:\/\/st.fbk.eu\/complementary\/STM2025"},{"key":"1_CR42","doi-asserted-by":"crossref","unstructured":"Sassetti, G., Sharif, A., Sciarretta, G., Carbone, R., Ranise, S.: Assurance, consent and access control for privacy-aware oidc deployments. In: IFIP Annual Conference on Data and Applications Security and Privacy, pp. 203\u2013222. Springer (2023)","DOI":"10.1007\/978-3-031-37586-6_13"},{"key":"1_CR43","doi-asserted-by":"crossref","unstructured":"Sharif, A., et al.: Protecting digital identity wallet: a threat model in the age of eidas 2.0. In: International Conference on Risks and Security of Internet and Systems, pp. 89\u2013106. Springer (2024)","DOI":"10.1007\/978-3-031-89350-6_6"},{"key":"1_CR44","doi-asserted-by":"crossref","unstructured":"Sharif, A., Carbone, R., Ranise, S., Sciarretta, G., et\u00a0al.: A wizard-based approach for secure code generation of single sign-on and access delegation solutions for mobile native apps. In: Proceedings of the 16th International Joint Conference on e-Business and Telecommunications-Volume 2: SECRYPT, vol.\u00a02, pp. 268\u2013275 (2019)","DOI":"10.5220\/0007930502680275"},{"key":"1_CR45","volume":"65","author":"A Sharif","year":"2022","unstructured":"Sharif, A., Carbone, R., Sciarretta, G., Ranise, S.: Best current practices for oauth\/oidc native apps: a study of their adoption in popular providers and top-ranked android clients. J. Inf. Secur. Appl. 65, 103097 (2022)","journal-title":"J. Inf. Secur. Appl."},{"key":"1_CR46","doi-asserted-by":"crossref","unstructured":"Sharif, A., Marino, F.A., Sciarretta, G., De\u00a0Marco, G., Carbone, R., Ranise, S.: Cross-domain sharing of user claims: a design proposal for openid connect attribute authorities. In: Proceedings of the 18th International Conference on Availability, Reliability and Security, pp. 1\u201311 (2023)","DOI":"10.1145\/3600160.3600183"},{"key":"1_CR47","doi-asserted-by":"crossref","unstructured":"Singhal, A., Wijesekera, D.: Ontologies for modeling enterprise level security metrics. In: Proceedings of the Sixth Annual Workshop on Cyber Security and Information Intelligence Research (2010)","DOI":"10.1145\/1852666.1852731"},{"key":"1_CR48","doi-asserted-by":"crossref","unstructured":"Souag, A., Salinesi, C., Wattiau, I., Mouratidis, H.: Using security and domain ontologies for security requirements analysis. In: Proceedings of the 2013 IEEE 37th Annual Computer Software and Applications Conference Workshops (2013)","DOI":"10.1109\/COMPSACW.2013.124"},{"key":"1_CR49","doi-asserted-by":"crossref","unstructured":"Syed, R.: Cybersecurity vulnerability management: a conceptual ontology and cyber intelligence alert system. Inf. Manage. (2020)","DOI":"10.1016\/j.im.2020.103334"},{"key":"1_CR50","doi-asserted-by":"crossref","unstructured":"Tsoumas, B., Gritzalis, D.: Towards an ontology-based security management. In: 20th International Conference on Advanced Information Networking and Applications - Volume 1 (AINA\u201906) (2006)","DOI":"10.1109\/AINA.2006.329"},{"key":"1_CR51","unstructured":"W3C OWL Working Group: OWL 2 Web Ontology Language Document Overview (Second Edition). W3C Recommendation REC-owl2-overview-20121211, World Wide Web Consortium (December 2012), https:\/\/www.w3.org\/TR\/owl2-overview\/"},{"key":"1_CR52","doi-asserted-by":"crossref","unstructured":"Weitzberg, K., Cheesman, M., Martin, A., Schoemaker, E.: Between surveillance and recognition: Rethinking digital identity in aid. Big Data & Society (2021)","DOI":"10.1177\/20539517211006744"},{"key":"1_CR53","doi-asserted-by":"crossref","unstructured":"Whitworth, B.: A brief introduction to sociotechnical systems. In: Encyclopedia of Information Science and Technology, Second Edition (2009)","DOI":"10.4018\/978-1-60566-026-4.ch066"},{"key":"1_CR54","unstructured":"World Bank Group, Identification for Development (ID4D) Initiative: Principles on identification for sustainable development toward the digital age (2021). https:\/\/documents1.worldbank.org\/curated\/en\/213581486378184357\/pdf\/Principles-on-Identification-for-Sustainable-Development-Toward-the-Digital-Age.pdf"},{"key":"1_CR55","unstructured":"World Economic Forum: Digital identity ecosystems - unlocking new value (2021). https:\/\/www3.weforum.org\/docs\/WEF_Guide_Digital_Identity_Ecosystems_2021.pdf. Accessed 13 Sept 2024"}],"container-title":["Lecture Notes in Computer Science","Security and Trust Management"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-032-06155-3_1","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,9,23]],"date-time":"2025-09-23T05:22:20Z","timestamp":1758604940000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-032-06155-3_1"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,9,24]]},"ISBN":["9783032061546","9783032061553"],"references-count":55,"URL":"https:\/\/doi.org\/10.1007\/978-3-032-06155-3_1","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025,9,24]]},"assertion":[{"value":"24 September 2025","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"STM","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Workshop on Security and Trust Management","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Toulouse","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"France","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2025","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"22 September 2025","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"26 September 2025","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"21","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"stm2025","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/www.nics.uma.es\/stm2025\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}