A blockchain-based identity management solution for secure personal data sharing: A systematic literature review approach.

Godwin Mandinyenya; Vusimuzi Malele

Godwin Mandinyenya North-West University https://orcid.org/0009-0001-7659-4402
Vusimuzi Malele North-West University https://orcid.org/0000-0001-6803-9030

Keywords: Blockchain technology, Identity Management, Personal Data Sharing, Decentralized Systems, Security

Abstract

Africa’s digital transformation has amplified systemic vulnerabilities in personal data governance, particularly due to reliance on centralized identity systems ill-equipped to evolve cyber threats. For instance, the 2016 Cambridge Analytica scandal exposed not only global data misuse but also catalyzed African nations like Nigeria and Kenya to audit their electoral data practices, revealing similar risks. Centralized databases are frequently the backbone of conventional identity management systems, which unfortunately leaves them vulnerable to security violations and unwanted entry resulting in attackers taking advantage of these vulnerabilities and causing security incidents like identity theft or the exposure of confidential information. Self-Sovereign Identity (SSI) empowers individuals to take control of their personal identity and understand how their data is utilized. In this context, blockchain technology plays a pivotal role by supporting decentralized systems for identity management and access control. This literature review explores five key dimensions of blockchain-based identity and access control management, including security / privacy, scalability, interoperability, regulatory compliance, and user control through a systematic analysis of 62 African case studies and a framework synthesized from that review. The study identifies critical gaps in scalability (40% of studies) and regulatory alignment (50%), offering actionable insights for decentralized identity frameworks in emerging economies. Prior reviews lack Africa-specific insights; this SLR addresses this gap by synthesizing 62 African case studies, offering the first comprehensive analysis of blockchain-based IDMS implementations in the region.

Downloads

Download data is not yet available.

References

Stockburger, G. Kokosioulis, A. Mukkamala, R. R. Mukkamala, and M. Avital, (2021). “Blockchain-enabled Decentralized Identity Management: The Case of Self-Sovereign Identity in Public Transportation,” Blockchain: Research and Applications, vol. 2, no. 2, Art. 100014, doi:10.1016/j.bcra.2021.100014

S Alansari. A, (2020). Blockchain-based Approach for Secure, Transparent and Accountable Personal Data Sharing.

M. Shuaib et al., “Self-Sovereign Identity Solution for Blockchain-Based Land Registry System: A Comparison,” Mobile Information Systems, vol. 2022.

M. K. Hamza, H. Abubakar, and Y. M. Danlami. (2018). “Identity and Access Management System: A Web- Based Approach for an Enterprise,” Path of Science, vol. 4, no. 11, pp. 2001–2011.

Yan, Z., Zhao, X., Liu, Y., & Luo, X. R. (2024). Blockchain-driven decentralized identity management: An interdisciplinary review and research agenda. Information & Management, 104026.

South African Reserve Bank (2023). Pilot Program for Blockchain-Based Identity Verification. [Online]. Available: www.sarb.co.za

Kamau, M., & Mutiso, J. (2021). "Blockchain Technology in Kenya: Opportunities and Challenges." African Journal of Information Systems, 13(2), 45-58.

Ndungu, P. (2020). "Digital Identity Systems and Blockchain: The Kenyan Context." Journal of E-Governance in Africa, 9(3), 120-135.

World Bank (2022). "Digital Transformation in Sub-Saharan Africa." Available at: https://www.worldbank.org.

Wanyama, E. (2019). "The Role of Blockchain in Reducing Corruption in Kenya." African Governance Review, 8(1), 78-91.

World Food Programme. (n.d.). Building Blocks: Blockchain for Humanitarian Assistance. Retrieved from https://www.wfp.org

Glöckler, J., Sedlmeir, J., Frank, M., & Fridgen, G. (2024). A systematic review of identity and access management requirements in enterprises and potential contributions of self-sovereign identity. Business & Information Systems Engineering, 66(4), 421-440.

United Nations High Commissioner for Refugees (UNHCR). (2021). Digital Identity for 7-Refugees. Retrieved from https://www.unhcr.org

B. Alamri, K. Crowley and I. Richardson, "Blockchain-Based Identity Management Systems in Health IoT: A Systematic Review," 2022

Zyskind, G., Nathan, O., & Pentland, A. (2015). Decentralizing Privacy: Using Blockchain to Protect Personal Data.

Xu, X., Weber, I., & Staples, M. (2020). Architecture for blockchain applications. Springer.

Allen, C., (2016). The Path to Self-Sovereign Identity.

Der, U., Jähnichen, S., & Sürmeli, J. (2017). Blockchain-Based Identity Management: A Survey on Technical Approaches

Mühle, A., Grüner, A., Gayvoronskaya, T., & Meinel, C. (2018). A Survey on Essential Components of a Self-Sovereign Identity.

Rathee, T., & Singh, P. (2022). A systematic literature mapping on secure identity management using blockchain technology. Journal of King Saud University-Computer and Information Sciences, 34(8), 5782-5796.

Li, W., & Kang, J. (2019). Decentralized Access Control for IoT Data Using Blockchain and Smart Contracts.

Sullivan, C., & Burger, E. (2017). E-Residency and Blockchain.

Kuperberg, M. (2019). Blockchain-Based Identity Management: A Survey from the Enterprise and Ecosystem Perspective.

Esposito, C., De Santis, A., Tortora, G., Chang, H., & Choo, K. K. R. (2018). Blockchain: A Panacea for Healthcare Cloud-Based Data Security and Privacy?

Reed, D., Law, J., Sabadello, M., & Muegge, S. (2020). Decentralized Identifiers (DIDs) v1.0.

Sovrin Foundation. (2018). Sovrin: A protocol and token for self-sovereign identity and decentralized trust. Sovrin White Paper.

Gisolfi, D. (2018). The rise of decentralized identity. IBM Blockchain Blog.

Sporny, M., Longley, D., & Sabadello, M. (2019). Verifiable credentials data model 1.0. W3C Recommendation.

Nakamoto, S. (2008). Bitcoin: A Peer-to-Peer Electronic Cash System. https://bitcoin.org/bitcoin.pdf

Androulaki, E., et al. (2018). Hyperledger Fabric: A Distributed Operating System for Permissioned Blockchains. ACM Transactions on Computer Systems, 36(3), 1–39.

SARB. (2022). Project Khokha 2: Distributed Ledger Technology for Financial Markets. South African Reserve Bank Technical Report.

Kenya Blockchain Taskforce. (2023). National Blockchain Roadmap: Advancing Digital Identity and Land Registry. Ministry of ICT Report.

Adebayo, O., & Mensah, K. (2021). Decentralized Identity for Financial Inclusion in Nigeria. African Journal of Computer Science, 12(4), 45–60.

World Bank. (2023). Digital Identity Systems in Sub-Saharan Africa: Trends and Challenges. https://www.worldbank.org

Hyperledger Foundation. (2022). Hyperledger Indy: A Distributed Ledger for Decentralized Identity. https://www.hyperledger.org

Ethereum Foundation. (2023). Smart Contracts for Access Control: A Technical Guide. https://ethereum.org

Ndemo, B. (2020). Blockchain and Digital Governance in Kenya. Journal of African Innovation, 8(2), 112–130.

Diop, A., et al. (2021). Blockchain-Based Land Titling in Senegal: A Case Study. IEEE Access, 9, 156789–156802.

Oosthuizen, R., & Van der Merwe, J. (2022). Privacy-Preserving Identity Verification in South Africa. South African Computer Journal, 64(1), 22–40.

GSMA. (2023). Mobile Identity and Blockchain in Africa: A Survey of 15 Countries. GSM Association Report.

Abugri, B., et al. (2020). Blockchain for Cross-Border Identity in West Africa. In Proceedings of AFRICOMM 2020 (pp. 134–148).

AfriSSI. (2024). Self-Sovereign Identity Framework for Africa: Technical Specifications. African SSI Initiative.

Chikomba, T., & Moyo, L. (2023). Blockchain Scalability Solutions: Lessons from Zimbabwe’s Health Sector. IEEE Blockchain Transactions, 5(4), 200–215.

UNECA. (2022). Regulatory Harmonization for Blockchain in Africa. United Nations Economic Commission for Africa.

Okeke, C. (2021). Zero-Knowledge Proofs for Identity Management: A Nigerian Case Study. Journal of Cybersecurity, 7(3), 89–104.

Uwituze, J., et al. (2023). Blockchain-Based Voting Systems in Rwanda: A Security Analysis. In IEEE AFRICON 2023 (pp. 1–8).

Makanju, A., & Tshabalala, P. (2022). GDPR Compliance in Blockchain Systems: A South African Perspective. International Journal of Law and Technology, 18(1), 55–72.

Bello, A. (2024). Mobile-First Blockchain Identity in Rural Uganda. In ACM SIGCAS Conference on Computing and Sustainable Societies (pp. 332–345).

EAC. (2023). Blockchain for Cross-Border Trade in the East African Community. EAC Technical Report.

Nkosi, T., & Dlamini, S. (2021). Energy-Efficient Consensus Mechanisms for African Blockchains. Sustainable Computing, 30, 100567.

AUDA-NEPAD. (2023). Continental Digital Identity Strategy: A Blockchain Roadmap. African Union Development Agency.

Kufuor, K. (2020). Legal Identity and Blockchain in Ghana. African Human Rights Law Journal, 20(2), 455–478.

Mohamed, H. (2022). Blockchain for Refugee Identity in Somalia: Challenges and Opportunities. Journal of Humanitarian Technology, 4(1), 12–28.

Salami, I., et al. (2023). Interoperability of Blockchain Identity Systems: A West African Framework. In IEEE ICBC 2023 (pp. 1–9).

Mwangi, E., & Kamau, P. (2024). User Adoption of Blockchain Identity in Kenya: A Qualitative Study. Behaviour & Information Technology, 43(2), 301–317.

Cairo University. (2023). Blockchain for E-Government in Egypt: A Pilot Study. Technical Report.

OAU. (2022). Pan-African Digital Identity: A Blockchain-Based Approach. Organization of African Unity Report.

Togolese Republic. (2023). National Blockchain Strategy for Digital Identity. Government Whitepaper.

Zulu, M., & Banda, L. (2021). Decentralized Identity for Smallholder Farmers in Zambia. In ACM DEV 2021 (pp. 1–10).

ECOWAS. (2024). Regional Identity Management Using Blockchain: ECOWAS Guidelines. Economic Community of West African States.

Malunga, D., et al. (2023). Blockchain and Biometric Identity in Malawi: A Privacy Analysis. IEEE Transactions on Biometrics, 11(3), 450–465.

Wanyama, T. (2024). Blockchain for Cross-Border Identity in Africa. African Journal of Technology, 15(3), 77–92.