Abstract
Electronic identity (eID) schemes are key enablers of secure digital services. eIDs have been adopted in several European countries using smart-cards for secure authentication and authorization. Towards achieving a European digital single market where European citizens can seamlessly access cross-border public services using their national eIDs, the European Union (EU) developed the electronic IDentification, Authentication and trust Services (eIDAS) regulation. eIDAS creates an interoperable framework that integrates the eIDs adopted in the EU Member States (MS). It is also an enabler of a cross-border operation, harmonized with the General Data Protection Regulation (GDPR) regulation by protecting the privacy of personal data. If one can use the same procedure for authentication and authorization abroad, one can better understand new services that use eIDs. This paper provides a comparative analysis of eID cards adopted in EU MS and their privacy features in preparedness for eIDs cross-border interoperation. © Springer Nature Switzerland AG 2019.

Abstract
The growth in Internet usage has increased the use of electronic services requiring users to register their identity on each service they subscribe to. This has resulted in the prevalence of redundant users data on different services. To protect and regulate access by users to these services identity management systems (IdMs) are put in place. IdMs uses frameworks and standards e.g SAML, OAuth and Shibboleth to manage digital identities of users for identification and authentication process for a service provider. However, current IdMs have not been able to address privacy issues (unauthorised and fine-grained access) that relate to protecting users identity and private data on web services. Many implementations of these frameworks are only concerned with the identification and authentication process of users but not authorisation. They mostly give full control of users digital identities and data to identity and service providers with less or no users participation. This results in a less privacy enhanced solutions that manage users available data in the electronic space. This article proposes a user-centred mandate representation system that empowers resource owners to take full of their digital data; determine and delegate access rights using their mobile phone. Thereby giving users autonomous powers on their resources to grant access to authenticated entities at their will. Our solution is based on the OpenID Connect framework for authorisation service. To evaluate the proposal, we've compared it with some related works and the privacy requirements yardstick outlined in GDPR regulation [1] and [2]. Compared to other systems that use OAuth 2.0 or SAML our solution uses an additional layer of security, where data owner assumes full control over the disclosure of their identity data through an assertion issued from their mobile phones to authorisation server (AS), which in turn issues an access token. This would enable data owners to assert the authenticity of a request, while service providers and requestors also benefit from the correctness and freshness of identity data disclosed to them.

Abstract
The evolutionary growth of information technology has enabled us with platforms that eases access to a wide range of electronic services. Typically, access to these services requires users to authenticate their identity, which involves the release, dissemination and processing of personal data by third parties such as service and identity providers. The involvement of these and other entities in managing and processing personal identifiable data has continued to raise concerns on privacy of personal information. Identity management systems (IdMs) emerged as a promising solution to address major access control and privacy issues, however most research works are focused on securing service providers (SPs) and the services provided, with little emphases on users privacy. In order to optimise users privacy and ensure that personal information are used only for intended purposes, there is need for authorisation systems that controls who may access what and under what conditions. However, for adoption data owners perspective must not be neglected. To address these issues, this paper introduces the concept of IdM and access control framework which operates with RESTful based services. The proposal provides a new level of abstraction and logic in access management, while giving data owner a decisive control over access to personal data using smartphone. The framework utilises Attribute based access control (ABAC) method to authenticate and authorise users, Open ID Connect (OIDC) protocol for data owner authorisation and Public-key cryptography to achieve perfect forward secrecy communication. The solution enables data owner to attain the responsibility of granting or denying access to their data, from a secured communication with an identity provider using a digitally signed token.

Abstract
Since its first introduction in late 90s, the use of marketplaces has continued to grow, today virtually everything from physical assets to services can be purchased on digital marketplaces, real estate is not an exception. Some marketplaces allow acclaimed asset owners to advertise their products, to which the services gets commission/percentage from proceeds of sale/lease. Despite the success recorded in the use of the marketplaces, they are not without limitations which include identity and property fraud, impersonation and the use of centralised technology with trusted parties that are prone to single point of failures (SPOF). Being one of the most valuable assets, real estate has been a target for marketplace fraud as impersonators take pictures of properties they do not own, upload them on marketplace with promising prices that lures innocent or naive buyers. This paper addresses these issues by proposing a self sovereign identity (SSI) and smart contract based framework for identity verification and verified transaction management on secure digital marketplaces. First, the use of SSI technology enable methods for acquiring verified credential (VC) that are verifiable on a decentralised blockchain registry to identify both real estate owner(s) and real estate property. Second, the smart contracts are used to negotiate the secure transfer of real estate property deeds on the marketplace. To assess the viability of our proposal we define an application scenario and compare our work with other approaches.